原创

Centos7编译安装Nginx

安装Nginx前,建议先做系统优化:点击跳转系统优化

安装文件:

链接:https://pan.baidu.com/s/1-m9FKTWFEz0X45y_xxGXVw
提取码:83qh

一、安装依赖

# 安装的版本可能比较低,可以安装比较高的稳定版本,以及适配的依赖包

1、yum安装依赖

yum clean all
yum makecache
yum update -y $(cat <<EOF
kernel
kernel-firmware
kernel-headers
kernel-tools
kernel-tools-libs
python-perf
openssh
openssh-clients
openssh-server
EOF
)
yum install -y $(cat <<EOF
autoconf
epel-release
EOF
)

yum install -y $(cat <<EOF
automake
bash-completion
bind-utils
binutils
bison
blktrace
byacc
bzip2
bzip2-devel
c-ares-devel
git
cmake
crontabs
cyrus-sasl-devel
db4-devel
db4-utils
dos2unix
dstat
elinks
expect
file
flex
gcc
gcc-c++
glibc-devel
gnupg2
iotop
iptraf
jwhois
lftp
python-devel
libicu-devel
libaio-devel
libcurl-devel
libevent-devel
libmcrypt-devel
libnl-devel
libstdc++-devel
libtool
libtool-ltdl-devel
libxml2-devel
libxslt-devel
logrotate
lrzsz
lsof
make
man
man-pages
man-pages-overrides
mlocate
mtr
ntp
ntpdate
openssh-clients
openssl-devel
patch
patchutils
pciutils
pcre-devel
popt-devel
protobuf-c-devel
protobuf-devel
puppet
readline-devel
rsync
screen
nc
strace
iftop
sudo
sysstat
tcpdump
telnet
time
traceroute
tree
unzip
tmpwatch
vim-enhanced
wget
which
xz-devel
zip
zlib-devel
libXpm-devel
libXpm-devel.i686
gd-devel
libjpeg-devel
openjpeg-devel
openjpeg-devel.i686
freetype-devel
fontconfig-devel
libpng-devel
libpng-devel.i686
libtiff-devel
perl-DBD-MySQL
perl-Time-HiRes
expect
graphviz
GeoIP
GeoIP-data
GeoIP-devel
ImageMagick
ImageMagick-devel
rrdtool-devel
libuuid-devel
uuid-devel
libyaz-devel
gmp-devel
EOF
)


2、创建常用目录

# 多数情况下,数据盘我是挂载/data目录的,根据使用习惯创建一下目录

mkdir -p /data/env /data/soft /data/www /data/logs /data/backup /data/codebase /data/etc /data/script /data/src /data/core_files

3、编译pcre

cd /data/src
tar xf pcre-8.41.tar.gz
cd pcre-8.41
./configure --prefix=/data/env/pcre-8.41
make
make install

4 、编译zlib

cd /data/src
tar xf zlib-1.2.11.tar.gz
cd zlib-1.2.11
./configure --prefix=/data/env/zlib-1.2.11
make
make install

5、编译openssl

cd /data/src
tar xf openssl-1.1.0g.tar.gz
cd openssl-1.1.0g
./config --prefix=/data/env/openssl-1.1.0g
make
make install

二、编译安装Nginx

1、软链编辑后的软件目录

ln -s /data/env/pcre-8.41 /data/soft/pcre
ln -s /data/env/zlib-1.2.11 /data/soft/zlib
ln -s /data/env/openssl-1.1.0g /data/soft/openssl

2、软链解压后的软件

ln -s /data/src/pcre-8.41 /data/src/pcre
ln -s /data/src/zlib-1.2.11 /data/src/zlib
ln -s /data/src/openssl-1.1.0g /data/src/openssl

3、编译安装nginx

cd /data/src
tar xf nginx-1.12.1.tar.gz
cd nginx-1.12.1

./configure --prefix=/data/env/nginx-1.12.1 \
--pid-path=/var/run/nginx.pid \
--error-log-path=/data/logs/nginx/error.log \
--http-log-path=/data/logs/nginx/access.log \
--with-file-aio \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-http_flv_module \
--with-http_mp4_module \
--without-http_userid_module \
--without-http_split_clients_module \
--without-http_uwsgi_module \
--without-http_scgi_module \
--without-http_memcached_module \
--without-mail_pop3_module \
--without-mail_imap_module \
--without-mail_smtp_module \
--http-client-body-temp-path=/data/soft/nginx/var/tmp/client_body \
--http-proxy-temp-path=/data/soft/nginx/var/tmp/proxy \
--http-fastcgi-temp-path=/data/soft/nginx/var/tmp/fastcgi \
--with-pcre=/data/src/pcre \
--with-zlib=/data/src/zlib \
--with-openssl=/data/src/openssl \
--with-stream \
--with-stream_ssl_module # 编译 make # 编译安装 make install

4、软链Nginx

ln -sf /data/env/nginx-1.12.1 /data/soft/nginx

三、配置Nginx

1、添加nginx的www用户

id www >/dev/null 2>&1 || useradd www -u 1001 -s /bin/bash -d /data/www/wwwroot

2、创建Nginx的wwwroot目录、日志目录、证书文件目录和vhosts目录

[ ! -d "/data/www/wwwroot" ] && mkdir -m 0755 -p /data/www/wwwroot
[ ! -d "/data/logs/nginx" ] && mkdir -m 0755 -p /data/logs/nginx
[ ! -d "/data/soft/nginx/cert" ] && mkdir -m 0755 -p /data/soft/nginx/cert
[ ! -d "/data/soft/nginx/conf/vhosts" ] && mkdir -m 0755 -p /data/soft/nginx/conf/vhosts

3、创建Nginx临时目录

[ ! -d "/data/soft/nginx/var/tmp/client_body" ] && mkdir -m 0755 -p /data/soft/nginx/var/tmp/client_body
[ ! -d "/data/soft/nginx/var/tmp/fastcgi" ] && mkdir -m 0755 -p /data/soft/nginx/var/tmp/fastcgi
[ ! -d "/data/soft/nginx/var/tmp/proxy" ] && mkdir -m 0755 -p /data/soft/nginx/var/tmp/proxy

4、相关目录授权www用户

chown -R www.www /data/logs/nginx
chown -R www:www /data/www
chown -R www:www /data/core_files

5、修改Nginx配置

vim /data/soft/nginx/conf/nginx.conf

user www www;
error_log /data/logs/nginx/error.log error;
pid /var/run/nginx.pid;
lock_file /var/lock/nginx;

worker_rlimit_nofile 102400;
worker_processes auto;


events {

worker_connections 65535;
use epoll;
multi_accept on;

}

http {

#core
ssi on;
ssi_silent_errors on;
ssi_types text/shtml;
include mime.types;
default_type application/octet-stream;
connection_pool_size 1024;
client_body_buffer_size 16k;
client_body_temp_path /data/soft/nginx/var/tmp/client_body 1 2;
client_body_timeout 30;
client_header_buffer_size 4k;
large_client_header_buffers 4 4k;
client_header_timeout 30;
client_max_body_size 50m;
#k3eepalive_disable msie6 safari;
keepalive_timeout 60;
tcp_nodelay on;
send_timeout 10;
sendfile on;
tcp_nopush on;
server_names_hash_max_size 512;
server_names_hash_bucket_size 128;
server_tokens off;
open_file_cache off;
#index

index index.php index.html index.htm;

#fastcgi
fastcgi_connect_timeout 60;
fastcgi_read_timeout 60;
fastcgi_send_timeout 60;
fastcgi_temp_path /data/soft/nginx/var/tmp/fastcgi 1 2;
fastcgi_buffer_size 4k;
fastcgi_buffers 16 4k;
fastcgi_busy_buffers_size 8k;
fastcgi_temp_file_write_size 8k;
fastcgi_max_temp_file_size 256k;
fastcgi_intercept_errors on;
fastcgi_index index.php;
#proxy
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 30;
proxy_temp_path /data/soft/nginx/var/tmp/proxy;
proxy_buffer_size 4k;
proxy_buffering on;
proxy_buffers 256 4k;
proxy_busy_buffers_size 8k;
proxy_intercept_errors on;

#gzip
gzip on;
gzip_buffers 16 4k;
gzip_comp_level 1;
gzip_http_version 1.1;
gzip_min_length 1024;
gzip_types text/css text/xml text/plain text/vnd.wap.wml application/x-javascript application/javascript application/rss+xml application/xhtml+xml;
#realip module
#set_real_ip_from 127.0.0.1;
#set_real_ip_from 192.168.0.0/16;
#real_ip_header X-Real-IP;
#real_ip_header X-Forwarded-For;

## 如果有CDN,这里取得原始用户的IP地址

map $http_x_forwarded_for $clientRealIp {

"" $remote_addr;

~^(?P<firstAddr>[0-9\.]+),?.*$ $firstAddr;

}


### 针对原始用户 IP 地址做限制

#limit_conn_zone $clientRealIp zone=TotalConnLimitZone:20m ;
#limit_conn TotalConnLimitZone 50;
#limit_conn_log_level notice;

#
### 针对原始用户 IP 地址做限制
#limit_req_zone $clientRealIp zone=ConnLimitZone:20m rate=10r/s;
##limit_req zone=ConnLimitZone burst=10 nodelay; #如果开启此条规则,burst=10的限制将会在nginx全局生效
#limit_req_log_level notice;


#log module
log_format main '$remote_addr - $remote_user [$time_local] $request '

'"$status" $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

log_format ext '$remote_addr | $http_x_forwarded_for | $remote_user | [$time_local] |'

' "$request" | $status | $body_bytes_sent |'

' "$http_referer" | "$http_user_agent" | "$request_body" | $request_time | $upstream_response_time | $upstream_addr';

#virtualhost
include vhosts/*.conf;

#black ip list

# include blackip.list;

}

6、创建模板文件

# 创建一个测试模板
vim /data/soft/nginx/conf/vhosts/test.conf

server {

listen 80;
server_name test;

charset utf-8;
access_log /data/logs/nginx/test.access.log ext;
error_log /data/logs/nginx/test.error.log error;

root /data/www/wwwroot/test/;
location / {
index index.shtml index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
concat on;
concat_max_files 20;
concat_unique off;
concat_types text/css application/javascript;
}


#if (!-e $request_filename) {
# rewrite ^(.*) /index.php?$1 last;
#}


location = /50x.html {
root /usr/share/nginx/html;
}

location ~ \.php$ {
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/dev/shm/fpm-cgi.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}


创建Nginx启动文件,Centos7

vim /usr/lib/systemd/system/nginx.service

[Unit]

Description=nginx - high performance web server
Documentation=http://nginx.org/en/docs
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStartPre=/data/soft/nginx/sbin/nginx -t -c /data/soft/nginx/conf/nginx.conf
ExecStart=/data/soft/nginx/sbin/nginx -c /data/soft/nginx/conf/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true

[Install]

WantedBy=multi-user.target


# 启动前检查配置文件
/data/soft/nginx/sbin/nginx -t

# 加入开机启动
systemctl enable nginx
# 启动nginx
systemctl start nginx




正文到此结束
评论

登录后才能发表评论 登录/注册

0评论
  • 还没有评论,快来抢沙发吧!