Nginx 部署和配置
admin
2023-03-07 23:02:15
0
1. 安装
[root@localhost ~]# yum -y install gcc wget pcre-devel openssl-devel
# sticky 第三方扩展的模块用于 session 绑定, 比 nginx 默认实现的 session 绑定模块更加强大
[root@localhost ~]# wget https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/master.tar.gz
[root@localhost ~]# wget http://nginx.org/download/nginx-1.14.2.tar.gz
[root@localhost ~]# tar xvf nginx-1.14.2.tar.gz 
[root@localhost ~]# tar xvf master.tar.gz
[root@localhost ~]# cd nginx-1.14.2
[root@localhost ~]# ./configure --prefix=/opt/nginx-1.14.2 --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module \
--add-module=../nginx-goodies-nginx-sticky-module-ng-08a395c66e42/
[root@localhost ~]# make -j $(cat /proc/cpuinfo | grep -c processor) && make install
[root@localhost ~]# ln -s /opt/nginx-1.14.2/ /opt/nginx
[root@localhost ~]# echo 'PATH=${PATH}:/opt/nginx/sbin/' > /etc/profile.d/nginx.sh
[root@localhost ~]# useradd -M -s /sbin/nologin nginx
2. 配置
user  nginx;
worker_processes  6;
worker_cpu_affinity 000001 000010 000100 001000 010000 100000;

pid        logs/nginx.pid;

events {
    worker_connections  10240;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    server_names_hash_bucket_size 512;
    server_names_hash_max_size 512 ;

    log_format  main  '$http_x_real_ip $remote_addr $http_host - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';

    sendfile        on;
    keepalive_timeout  120;

    client_max_body_size 15m;

    proxy_store off;
    proxy_redirect off;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Real-IP $http_x_real_ip;
    proxy_set_header Host $http_host;
    proxy_connect_timeout 120;
    proxy_read_timeout 120;
    proxy_send_timeout 120;

    upstream test {
        sticky expires=30d name=test1;
        server 192.168.1.1:80;
        server 192.168.1.2:80;
        server 192.168.1.3:80;
    }

    # 强制 http 跳转到 https
    # if ($server_port = 80) {
    #     return 301 https://$host$request_uri;
    # }

    server {
        listen       80;
        server_name  http.test.com;

        access_log  logs/access.log  main;

        location / {
            proxy_pass    https://test;
        }
    }

    server {
        listen       443 ssl;
        server_name  https.test.com;

        access_log  logs/access.log  main;

        ssl_certificate "/PATH/xxxxx.crt";
        ssl_certificate_key "/PATH/xxxxx.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;

        location / {
            proxy_pass    https://test;
        }
    }
}
3. 创建 UnitFile 文件
[root@localhost ~]# cat > /usr/lib/systemd/system/nginx.service << EOF
[unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
ExecStart=/opt/nginx/sbin/nginx
ExecReload=/opt/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target
EOF
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl start nginx

上一篇:微软S2D2016滚动升级2019

下一篇:远程同步工具之rsync实战(后台服务方式)

相关内容

热门资讯

重磅消息“中至万年麻将.有挂吗... 您好:中至万年麻将这款游戏可以开挂,确实是有挂的,需要了解加客服微信【9752949】很多玩家在这款...
终于了解“八闽福建麻将.究竟有... 有 亲,根据资深记者爆料八闽福建麻将是可以开挂的,确实有挂(咨询软件无需...
玩家分享攻略“新九方炸金花.有... 有 亲,根据资深记者爆料新九方炸金花是可以开挂的,确实有挂(咨询软件无需...
终于明白“闽乐茶楼.有没有挂?... 有 亲,根据资深记者爆料闽乐茶楼是可以开挂的,确实有挂(咨询软件无需打开...
终于了解“福麻圈.到底是不是挂... 家人们!今天小编来为大家解答福麻圈透视挂怎么安装这个问题咨询软件客服徽4282891的挂在哪里买很多...
【今日要闻】“卡贝大厅.有挂吗... 您好:卡贝大厅这款游戏可以开挂,确实是有挂的,需要了解加客服微信【4282891】很多玩家在这款游戏...
重磅消息“新大圣牛牛.辅助开挂... 有 亲,根据资深记者爆料新大圣牛牛是可以开挂的,确实有挂(咨询软件无需打...
【第一资讯】“星星武汉麻将.是... 您好:星星武汉麻将这款游戏可以开挂,确实是有挂的,需要了解加客服微信【4282891】很多玩家在这款...
重磅消息“约战丹东麻将.辅助器... 家人们!今天小编来为大家解答约战丹东麻将透视挂怎么安装这个问题咨询软件客服徽9752949的挂在哪里...
玩家分享攻略“丫丫古诗.可以开... 网上科普关于“丫丫古诗有没有挂”话题很是火热,小编也是针对丫丫古诗作*弊开挂的方法以及开挂对应的知识...