俄罗斯“黑科技”——Nginx安装和配置

俄罗斯“黑科技”——Nginx安装和配置

Scroll Down

Nginx安装和配置

1.安装

Nginx是基于C++的,所以需要相关环境:

yum -y install gcc gcc-c++
yum install -y pcre pcre-devel
yum install -y zlib zlib-devel
yum install -y openssl openssl-devel

解压后:
创建Nginx临时目录:

mkdir /var/temp/nginx -p

在Nginx目录 输入如下命令配置创建makefile文件:

./configure
make
make install

也可以带模块安装,需要修改--prefix的Nginx位置 和创建文件夹/var/log/nginx /var/temp/nginx,下面这个带了fastfds的安装,需要指向fastdfs的Nginx模块

 ./configure \--prefix=/usr/soft/nginx-1.16.1  \--pid-path=/var/run/nginx/nginx.pid \--lock-path=/var/lock/nginx.lock \--error-log-path=/var/log/nginx/erro.log \--http-log-path=/var/log/nginx/access.log \--with-http_gzip_static_module \--http-client-body-temp-path=/var/temp/nginx/client  \--http-proxy-temp-path=/var/temp/nginx/proxy \--http-fastcgi-temp-path=/var/temp/nginx/fastcgi \--http-uwsgi-temp-path=/var/temp/nginx/uwsgi \--http-scgi-temp-path=/var/temp/nginx/scgi \--add-module=/usr/local/fastdfs/fastdfs-nginx-module-1.22/src/
然后:
make
make install

启动:

在sbin目录下:
./nginx

注意防火墙

2.结构详解Nginx.conf


#user  nobody; Nginx的进程用户
# 后台运行worker的个数 最好与CPU核心数一致
worker_processes  1;
# 日志位置 等级
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
# 进程号
#pid        logs/nginx.pid;

#默认使用epoll
#1024  每个worker客户端最大连接数量
events {
    worker_connections  1024;
}


http {
    # 请求头的类型	
    include       mime.types;
    default_type  application/octet-stream;
     #日志输出格式
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    # 发生文件 与tcp_nopush结合	
    sendfile        on;
    #tcp_nopush     on;
    #连接的存活时间
    #keepalive_timeout  0;
    keepalive_timeout  65;
    #内容压缩	
    #gzip  on;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}


    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}

3.日志切割

1.切割脚本

1.在sbin目录创脚本cut_my_log.sh

#!/bin/bash
LOGS_PATH=/usr/local/nginx/logs
RECORD_TIME=$(date -d "yesterday" +%Y-%m-%d+%H:%M)
PID=/usr/local/nginx/logs/nginx.pid
# 移动日志并改名
mv ${LOGS_PATH}/error.log ${LOGS_PATH}/error_${RECORD_TIME}.log
mv ${LOGS_PATH}/access.log ${LOGS_PATH}/access_${RECORD_TIME}.log
#向Nginx主进程发送信号,用于重新打开日志文件
kill -USR1 `cat  $PID`

2.增加权限

chmod +x 文件名

2.增加定时任务

1.安装定时任务

yum install crontabs

2.添加任务

crontab -e编辑并且添加一行新的任务
01***  /usr/local/nginx/sbin/cut_my_log.sh

3.重启定时任务

service crond restart
//打开定时任务
crontab -e
//进入编辑模式
i
//添加定时任务
00 00 * * * /bin/sh  /usr/local/nginx/sbin/cut_nginx_logs.sh
//保存退出
:wq!
//重启crontab服务
/etc/init.d/crond restart
//查看定时任务,就会看到你添加的内容了
crontab -l

4.跨域处理

在server里面配置:

add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';

5.防盗链配置
在server里面配置

valid_referers none blocked  *.xp.com;
if ($invalid_referer) {
 retuen 404;
}