资讯

精准传达 • 有效沟通

从品牌网站建设到网络营销策划,从策略到执行的一站式服务

Nginx部署和配置

1. 安装
[root@localhost ~]# yum -y install gcc wget pcre-devel openssl-devel
# sticky 第三方扩展的模块用于 session 绑定, 比 nginx 默认实现的 session 绑定模块更加强大
[root@localhost ~]# wget https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/master.tar.gz
[root@localhost ~]# wget http://nginx.org/download/nginx-1.14.2.tar.gz
[root@localhost ~]# tar xvf nginx-1.14.2.tar.gz 
[root@localhost ~]# tar xvf master.tar.gz
[root@localhost ~]# cd nginx-1.14.2
[root@localhost ~]# ./configure --prefix=/opt/nginx-1.14.2 --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module \
--add-module=../nginx-goodies-nginx-sticky-module-ng-08a395c66e42/
[root@localhost ~]# make -j $(cat /proc/cpuinfo | grep -c processor) && make install
[root@localhost ~]# ln -s /opt/nginx-1.14.2/ /opt/nginx
[root@localhost ~]# echo 'PATH=${PATH}:/opt/nginx/sbin/' > /etc/profile.d/nginx.sh
[root@localhost ~]# useradd -M -s /sbin/nologin nginx
2. 配置
user  nginx;
worker_processes  6;
worker_cpu_affinity 000001 000010 000100 001000 010000 100000;

pid        logs/nginx.pid;

events {
    worker_connections  10240;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    server_names_hash_bucket_size 512;
    server_names_hash_max_size 512 ;

    log_format  main  '$http_x_real_ip $remote_addr $http_host - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';

    sendfile        on;
    keepalive_timeout  120;

    client_max_body_size 15m;

    proxy_store off;
    proxy_redirect off;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Real-IP $http_x_real_ip;
    proxy_set_header Host $http_host;
    proxy_connect_timeout 120;
    proxy_read_timeout 120;
    proxy_send_timeout 120;

    upstream test {
        sticky expires=30d name=test1;
        server 192.168.1.1:80;
        server 192.168.1.2:80;
        server 192.168.1.3:80;
    }

    # 强制 http 跳转到 https
    # if ($server_port = 80) {
    #     return 301 https://$host$request_uri;
    # }

    server {
        listen       80;
        server_name  http.test.com;

        access_log  logs/access.log  main;

        location / {
            proxy_pass    https://test;
        }
    }

    server {
        listen       443 ssl;
        server_name  https.test.com;

        access_log  logs/access.log  main;

        ssl_certificate "/PATH/xxxxx.crt";
        ssl_certificate_key "/PATH/xxxxx.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;

        location / {
            proxy_pass    https://test;
        }
    }
}
3. 创建 UnitFile 文件
[root@localhost ~]# cat > /usr/lib/systemd/system/nginx.service << EOF
[unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
ExecStart=/opt/nginx/sbin/nginx
ExecReload=/opt/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target
EOF
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl start nginx

当前标题:Nginx部署和配置
链接地址:http://cdkjz.cn/article/jceioe.html
多年建站经验

多一份参考,总有益处

联系快上网,免费获得专属《策划方案》及报价

咨询相关问题或预约面谈,可以通过以下方式与我们联系

大客户专线   成都:13518219792   座机:028-86922220