当前位置:首页 > Nginx
在 Linux 系统下安装和配置 Nginx·下篇
来源:靑龍一笑的博客  作者:靑龍一笑  发布时间:2017-01-06 13:02:47  点击量:2497  评论:0

三、配置 nginx

    1、备份原 nginx.conf 配置文件

[root@RicenOS nginx-1.10.2]# cd /opt/nginx/conf/
[root@RicenOS conf]# mv nginx.conf nginx.conf_bak

    2、创建 nginx 的配置文件

[root@RicenOS conf]# vi nginx.conf

    内容如下:

user daemon daemon;
worker_processes  auto;
error_log  logs/error.log  crit;
pid        logs/nginx.pid;
worker_rlimit_nofile 51200;
events {
    use epoll;
    multi_accept on;
    accept_mutex on;
    worker_connections  51200;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    log_format    main '[$time_local] - $remote_addr $http_host $http_x_forwarded_for '
            '"$request" $status $body_bytes_sent '
            '"$http_referer" "$http_user_agent" $request_time';
    access_log off;
    #server_tokens off;

    sendfile       on;
    tcp_nopush     on;
    tcp_nodelay    on;

    keepalive_timeout  15;
    client_header_timeout 15;
    client_body_timeout 15;
    reset_timedout_connection on;
    send_timeout 15;

    server_names_hash_bucket_size  512;
    client_header_buffer_size    128k;
    large_client_header_buffers  4 128k;
    client_max_body_size  2000M;
    client_body_buffer_size  128K;    
    types_hash_max_size 2048;

    fastcgi_intercept_errors on;
    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 128k;
    fastcgi_buffers 8 128k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;
 
    include vhosts/*.conf;
 
    gzip  on;
    gzip_disable "msie6";
    gzip_proxied any;
    gzip_min_length  1k;
    gzip_buffers  16  64k;
    gzip_http_version  1.1;
    gzip_comp_level  6;
    gzip_types text/plain text/css application/javascript text/javascript application/json application/x-javascript text/xml application/xml application/xml+rss;
    gzip_vary  on;
 
    server {
        listen  80  default;
        server_name  _;
        return 444;
    }
}

    3、创建 proxy.conf 文件

[root@RicenOS conf]# vi proxy.conf

    内容如下:

proxy_redirect    off;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_hide_header    Vary;
proxy_set_header    Accept-Encoding '';
proxy_set_header    Host $host:$proxy_port;
proxy_set_header    Referer $http_referer;
proxy_set_header    Cookie $http_cookie;
proxy_set_header    X-Real-IP $remote_addr;
proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header    X-Forwarded-Proto $scheme;
proxy_connect_timeout    600;
proxy_read_timeout    600;
proxy_send_timeout    600;
proxy_buffer_size    64k;
proxy_buffers    4 64k;
proxy_busy_buffers_size    128k;
proxy_temp_file_write_size 1024M;
[root@RicenOS conf]# vi fastcgi.conf

    修改以下一处为:

fastcgi_param  SERVER_SOFTWARE    RicenOS;

    4、创建虚拟主机配置文件存放目录

[root@RicenOS conf]# mkdir -pv vhosts

    5、配置虚拟主机

[root@RicenOS conf]# cd vhosts/
[root@RicenOS vhosts]# vi www.ricen.net.conf

    内容如下:

upstream bbscluster{
    sticky;
    server 10.18.16.101:8080;
    server 10.18.16.102:8080;
    # 每 3 秒检测 1 次,2 次请求正常,则 realserver 为 up
    # 如果请求 5 次都失败,则 realserver 为 down
    check interval=3000 rise=2 fall=5 timeout=1000;
}
server{
    listen 80;
    server_name www.ricen.net;
    rewrite ^(.*) https://$server_name$1 permanent;
}
server {
    listen 443 ssl;
    ssl_certificate /opt/webca/ca.crt;
    ssl_certificate_key /opt/webca/ca_nopass.key;
    ssl_protocols TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE:!3DES;
    add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
    server_name www.ricen.net;
    charset  utf-8;
    access_log  logs/www.ricen.net_access.log  main;
    error_log  logs/www.ricen.net_error.log  crit;
    error_page 403 = /403.html;
    error_page 404 = /404.html;
 
    location / {
        index  index.htm index.html;
        root  /opt/website/;
    }
 
    location /403.html {
        root /opt/website/;
        allow all;
    }
 
    location /404.html {
        root /opt/website/;
    }
 
    location /bbs/ {
        proxy_pass http://bbscluster;
        include proxy.conf;
    }
 
    # 查看负载均衡状态
    location /web_status {
        check_status;
        access_log off;
    }
 
    location ~ [^/].php(/|$) {
        root /opt/websites/default/;
        try_files $uri =404;
        fastcgi_pass  unix:/tmp/php-cgi.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }
}

    6、配置系统服务

[root@RicenOS vhosts]# vi /etc/rc.d/init.d/nginx

    内容如下:

#! /bin/sh
# chkconfig: 35 78 32
# Description: Startup script for nginx webserver on Debian. Place in /etc/init.d and
# run 'update-rc.d -f nginx defaults', or use the appropriate command on your
# distro. For CentOS/Redhat run: 'chkconfig --add nginx'

### BEGIN INIT INFO
# Provides:          nginx
# Required-Start:    $all
# Required-Stop:     $all
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: starts the nginx web server
# Description:       starts nginx using start-stop-daemon
### END INIT INFO

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
NAME=nginx
NGINX_BIN=/opt/nginx/sbin/$NAME
CONFIGFILE=/opt/nginx/conf/$NAME.conf
PIDFILE=/opt/nginx/logs/$NAME.pid

case "$1" in
    start)
        echo -n "Starting $NAME... "
        if netstat -tnpl | grep -q nginx;then
            echo "$NAME (pid `pidof $NAME`) already running."
            exit 1
        fi
        $NGINX_BIN -c $CONFIGFILE
        if [ "$?" != 0 ] ; then
            echo " failed"
            exit 1
        else
            echo " done"
        fi
        ;;
    stop)
        echo -n "Stoping $NAME... "
        if ! netstat -tnpl | grep -q nginx; then
            echo "$NAME is not running."
            exit 1
        fi
        $NGINX_BIN -s stop
        if [ "$?" != 0 ] ; then
            echo " failed. Use force-quit"
            exit 1
        else
            echo " done"
        fi
        ;;
    status)
        if netstat -tnpl | grep -q nginx; then
            PID=`pidof nginx`
            echo "$NAME (pid $PID) is running..."
        else
            echo "$NAME is stopped"
            exit 0
        fi
        ;;
    restart)
        $0 stop
        sleep 1
        $0 start
        ;;
    reload)
        echo -n "Reload service $NAME... "
        if netstat -tnpl | grep -q nginx; then
            $NGINX_BIN -s reload
            echo " done"
        else
            echo "$NAME is not running, can't reload."
            exit 1
        fi
        ;;
    configtest)
        echo -n "Test $NAME configure files... "
        $NGINX_BIN -t
        ;;
    *)
        echo "Usage: $0 {start|stop|restart|reload|status|configtest}"
        exit 1
        ;;
esac

    配置开机启动:

[root@RicenOS vhosts]# chmod +x /etc/rc.d/init.d/nginx
[root@RicenOS vhosts]# chkconfig --level 35 nginx on

    7、配置日志切割

[root@RicenOS vhosts]# vi /etc/logrotate.d/nginx

    内容如下:

/opt/nginx/logs/*.log {
    daily
    rotate 180
    missingok
    notifempty
    dateext
    compress
    olddir /opt/nginx/logs/history
    sharedscripts
    postrotate
      if [ -f /opt/nginx/logs/nginx.pid ];then
        kill -USR1 `cat /opt/nginx/logs/nginx.pid`
      fi
    endscript
}

    创建保存历史日志的目录:

[root@RicenOS vhosts]# mkdir -pv /opt/nginx/logs/history

    创建计划任务:

[root@RicenOS vhosts]# crontab -e

    添加如下内容:

0 0 * * * /sbin/logrotate -f /etc/logrotate.d/nginx

    运行结果:

版权所有 © 2005-2023 靑龍一笑的博客  Powered by C.S.Ricen
Copyright © 2005-2023 by www.ricensoftwares.com.cn  All Rights Reserved.

欢迎光临本站,这里是靑龍一笑的博客。

因资金匮乏,本站已迁到国外的免费空间,可能导致本站的访问速度较慢,由此给您带来的不便,敬请谅解。

您可以通过下方的“支持本站建设”链接,给本站提供资金支持。

Free Web Hosting