1 2 | yum install screen -y && screen -S nginx sudo yum -y groupinstall "Development Tools" && yum -y epel-release wget gc autoconf automake pcre-devel zlib-devel openssl-devel |
———————-yum安装nginx(默认未编译stream模块,如果需要用按下面方法编译)——————————
安装nginx
1 | sudo yum install nginx -y |
设置nginx开机启动
1 | sudo systemctl enable nginx |
———————–通过编译安装nginx(开启stream模块 动态加载方式)—————————–
编译安装nginx
1 2 3 4 5 6 7 8 9 10 11 12 13 | sudo yum check-update || sudo yum update -y yum groupinstall -y 'Development Tools' yum install -y epel-release yum install -y wget perl perl-devel perl-ExtUtils-Embed libxslt libxslt-devel libxml2 libxml2-devel gd gd-devel GeoIP GeoIP-devel wget https://nginx.org/download/nginx-1.13.2.tar.gz && tar zxvf nginx-1.13.2.tar.gz wget https://ftp.pcre.org/pub/pcre/pcre-8.40.tar.gz && tar xzvf pcre-8.40.tar.gz wget https://www.zlib.net/zlib-1.2.11.tar.gz && tar xzvf zlib-1.2.11.tar.gz wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz && tar xzvf openssl-1.1.0f.tar.gz rm -rf *.tar.gz cd ~/nginx-1.13.2 cp ~/nginx-1.13.2/man/nginx.8 /usr/share/man/man8 gzip /usr/share/man/man8/nginx.8 man nginx |
1 | ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --user=nginx --group=nginx --build=CentOS --builddir=nginx-1.13.2 --with-select_module --with-poll_module --with-threads --with-file-aio --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_auth_request_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_slice_module --with-http_stub_status_module --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --with-mail=dynamic --with-mail_ssl_module --with-stream=dynamic --with-stream_ssl_module --with-stream_realip_module --with-stream_geoip_module=dynamic --with-stream_ssl_preread_module --with-compat --with-pcre=../pcre-8.40 --with-pcre-jit --with-zlib=../zlib-1.2.11 --with-openssl=../openssl-1.1.0f --with-openssl-opt=no-nextprotoneg --with-debug |
1 2 3 | make make install ln -s /usr/lib64/nginx/modules /etc/nginx/modules |
1 | nginx -V |
useradd –system –home /var/cache/nginx –shell /sbin/nologin –comment “nginx user” –user-group nginx
1 2 | nginx -t mkdir -p /var/cache/nginx && sudo nginx -t |
1 | vi /usr/lib/systemd/system/nginx.service |
写入以下内容
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | [Unit] Description=nginx - high performance web server Documentation=https://nginx.org/en/docs/ After=network-online.target remote-fs.target nss-lookup.target Wants=network-online.target [Service] Type=forking PIDFile=/var/run/nginx.pid ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf ExecReload=/bin/kill -s HUP $MAINPID ExecStop=/bin/kill -s TERM $MAINPID [Install] WantedBy=multi-user.target |
启动nginx 设置开机启动nginx
1 | systemctl start nginx.service && sudo systemctl enable nginx.service |
检查nginx是否开机启动
1 | systemctl is-enabled nginx.service |
检查nginx是否正常运行
1 2 3 | sudo systemctl status nginx.service ps aux | grep nginx curl -I 127.0.0.1 |
重启服务器
1 | shutdown -r now |
1 2 3 4 | rm /etc/nginx/koi-utf /etc/nginx/koi-win /etc/nginx/win-utf mkdir ~/.vim/ cp -r ~/nginx-1.13.2/contrib/vim/* ~/.vim/ rm /etc/nginx/*.default |
——————————-nginx编译安装完毕——————————————
———————–防火墙管理(未设置nginx 80端口可能无法访问)—————————–
启动防火墙
1 | systemctl start firewalld.service |
添加防火墙规则(添加80 443端口)–刚编译的 若未添加 可能无法访问
1 2 3 | sudo firewall-cmd --permanent --zone=public --add-service=http sudo firewall-cmd --permanent --zone=public --add-service=https sudo firewall-cmd --reload |
如需要可关闭防火墙
1 | systemctl stop firewalld.service |
关闭防火墙开机启动
1 | systemctl disable firewalld.service |
设置防火墙开机启动
1 | systemctl enable firewalld.service |
Centos7 防火墙 相关控制命令
1 2 3 4 5 6 7 8 9 | systemctl is-enabled nginx.service #查询nginx是否开机启动 systemctl enable nginx.service #开机运行nginx systemctl disable nginx.service #取消开机运行nginx systemctl start nginx.service #启动nginx systemctl stop nginx.service #停止nginx systemctl restart nginx.service #重启nginx systemctl reload nginx.service #重新加载nginx配置文件 systemctl status nginx.service #查询nginx运行状态 systemctl --failed #显示启动失败的服务 |
#查看端口监听情况
1 | ss -tlnp|grep :80 |
nginx服务器默认root路径
1 | /usr/share/nginx/html |
nginx服务器默认配置文件
1 | /etc/nginx/nginx.conf |
追加配置文件路径(会自动加载.conf结尾的文件)
1 | /etc/nginx/conf.d |
—————————负载均衡配置——————————
清空nginx配置
1 2 | cp /etc/nginx/nginx.conf /etc/nginx/nginx.confbackup cat /dev/null > /etc/nginx/nginx.conf |
1 | vi /etc/nginx/nginx.conf |
根据实际情况添加负载均衡配置
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | worker_processes 1; load_module "modules/ngx_stream_module.so"; events { worker_connections 1024; } stream { upstream backend { hash $remote_addr consistent; server 176.58.111.12:80 weight=5 max_fails=3 fail_timeout=30s; server 178.79.163.35:80 weight=5 max_fails=3 fail_timeout=30s; } server { listen 80; proxy_connect_timeout 1s; proxy_timeout 3s; proxy_pass backend; } } |
原文链接:https://xiaohost.com/2754.html,转载请注明出处。
评论0