I. Installation
1. First install the missing dependency packages
[root@bogon /]# yum -y install gcc gcc-c++ make libtool zlib zlib-devel openssl openssl-devel pcre pcre-devel2. Download and decompress Nginx
[root@bogon src]# wget http://nginx.org/download/nginx-1.13.3.tar.gz
[root@bogon src]# tar xvf nginx-1.13.3.tar.gz
[root@bogon src]# cd nginx-1.13.33. Compile and Install
[root@bogon nginx-1.13.3]# ./configure \
> --prefix=/usr/local/nginx \
> --with-pcre \
> --with-http_stub_status_module \
> --with-http_ssl_module \
> --with-http_gzip_static_module \
> --with-http_realip_module \
> --add-module=../nginx_upstream_check_module-0.3.0
[root@bogon nginx-1.13.3]# make
[root@bogon nginx-1.13.3]# make installDescription of Common Compilation Options
- Preix = PATH: Specify the installation directory for nginx. Default / usr/local/nginx
- conf-path=PATH: Set the path of the nginx.conf configuration file. Nginx allows you to start with different configuration files through the - c option on the command line. The default is prefix/conf/nginx.conf
- user=name: User who sets up the nginx working process. After installation, you can change user instructions at any time in the nginx.conf configuration file. The default user name is nobody. group=name is similar
- With-pcre: Set the source path of the PCR E library. If it has been installed in yum mode, use-with-pcre to automatically find the library file. When using - with-pcre=PATH, you need to download the source code of the PCRE library (version 4.4 - 8.30) from the PCR E website and decompress it. The rest is handed over to Nginx. / configure and make. perl regular expressions are used in location instructions and in the ngx_http_rewrite_module module.
- with-zlib=PATH: Specifies the source decompression directory for zlib (version 1.1.3-1.2.5). Zlib is required when the network transmission compression module ngx_http_gzip_module is enabled by default.
- with-http_ssl_module: Use the https protocol module. By default, the module is not built. The premise is that OpenSSL and openssl-devel are installed
- with-http_stub_status_module: Used to monitor the current state of Nginx
- with-http_realip_module: This module allows us to change the client IP address value in the client request header (e.g. X-Real-IP or X-Forwarded-For) in order to enable the background server to record the IP address of the original client.
- - add-module=PATH: Add third-party external modules, such as nginx-sticky-module-ng or cache modules. Every time a new module is added, it is recompiled (Tengine can be added without recompiling)
II. Configuration
1. User www for creating Nginx runtime
[root@bogon conf]# groupadd www
[root@bogon conf]# useradd -g www www2. Configuring nginx.conf
The following example of nginx.conf is a simple implementation of nginx as a reverse proxy server in the front end. It handles static files such as js and png, and forwards dynamic requests such as jsp to other servers.
[root@bogon conf]# cat /usr/local/nginx/conf/nginx.conf
user www www;
worker_processes 2;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 2048;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
# tcp_nopush on;
keepalive_timeout 65;
# gzip compression function settings
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 6;
gzip_types text/html text/plain text/css text/javascript application/json application/javascript application/x-javascript application/xml;
gzip_vary on;
# http_proxy settings
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 75;
proxy_send_timeout 75;
proxy_read_timeout 75;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_temp_path /usr/local/nginx/proxy_temp 1 2;
# Setting the list of load balancing back-end servers
upstream backend {
#ip_hash;
server 192.168.10.100:8080 max_fails=2 fail_timeout=30s ;
server 192.168.10.101:8080 max_fails=2 fail_timeout=30s ;
}
# Important Virtual Host Configuration
server {
listen 80;
server_name itoatest.example.com;
root /apps/oaapp;
charset utf-8;
access_log logs/host.access.log main;
#Load balancing + reverse proxy for / all
location / {
root /apps/oaapp;
index index.jsp index.html index.htm;
proxy_pass http://backend;
proxy_redirect off;
# Back-end Web servers can obtain users'real IP through X-Forwarded-For
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
}
#Static file, nginx handles itself, do not go back end to request tomcat
location ~* /download/ {
root /apps/oa/fs;
}
location ~ .*\.(gif|jpg|jpeg|bmp|png|ico|txt|js|css)$
{
root /apps/oaapp;
expires 7d;
}
location /nginx_status {
stub_status on;
access_log off;
allow 192.168.10.0/24;
deny all;
}
location ~ ^/(WEB-INF)/ {
deny all;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
## Other virtual hosts, server instructions start
}3. Check the correctness command of configuration file ngnix.conf
[root@bogon conf]# /usr/local/webserver/nginx/sbin/nginx -t3. Adding Service to the System
By default, Nginx will not be registered as a system service after installation, so you need to add system service scripts manually. Create a new nginx file in the / etc/init.d directory and change its permissions.
1. New nginx file
[root@bogon src]# vim /etc/init.d/nginx
#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig: - 85 15
# description: Nginx is an HTTP(S) server, HTTP(S) reverse
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
# This should be revised according to the actual situation.
nginx="/usr/local/nginx"
prog=$(basename $nginx)
# This should be revised according to the actual situation.
NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
lockfile=/var/lock/subsys/nginx
start() {
[ -x $nginx ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $nginx -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
killall -9 nginx
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $nginx -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$nginx -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac 2. Modify its privileges and boot
- Modify permissions: Chmod 755/etc/init.d/nginx
- Start-up: chkconfig nginx on
- Check the boot-up service: chkconfig list
3. Remarks
- Start service: service nginx start
- Stop service: service nginx stop
- Restart service: service nginx reload