文章目錄
1.下載nginx安裝包
wget http://q0udgfsc3.bkt.clouddn.com/nginx-1.16.1.tar.gz
tar -zxvf nginx-1.16.1.tar.gz
如果地址失效,請下載官方下載1.16.1穩定版本
2.進入nginx.1.16.1.tar.gz目錄下
./configure --prefix=/usr/local/nginx/ --with-http_stub_status_module --with-http_ssl_module
如果有error報錯,應該是系統問題
yum update // 更新
yum install -y gcc pcre pcre-devel openssl openssl-devel gd gd-devel //安裝前置庫
最後重新執行./configure命令
./configure --prefix=/usr/local/nginx/ --with-http_stub_status_module --with-http_ssl_module
3.執行編譯
make && make install
4.查看安裝情況
/usr/local/nginx/sbin/nginx -v
5.啓動nginx
cd /usr/local/nginx/sbin/ // 進入/usr/local/nginx/sbin/目錄下
./nginx //啓動
./nginx -s stop // 停止
瀏覽器輸入ip地址,如果瀏覽器提示無法連接,建議開發階段直接開啓防火牆,生產再給防火牆添加端口訪問
systemctl status firewalld // 查看防火牆是否運行
systemctl stop firewalld // 禁用防火牆
systemctl disabled firewalld // 禁止防火牆開啓自啓
firewall-cmd --query-port=666/tcp 提示no表示未開
firewall-cmd --add-port=666/tcp --permanent 提示 success 表示成功
firewall-cmd --reload 比如添加規則之後,需要執行此命令
firewall-cmd --query-port=666/tcp 提示yes表示成功
firewall-cmd --permanent --remove-port=666/tcp
```java
>看到nginx歡迎頁面,說明nginx能夠訪問了
# 6.生成證書nginx.crt和nginx.key
```java
openssl req -x509 -nodes -days 36500 -newkey rsa:2048 -keyout /usr/local/nginx/nginx.key -out /usr/local/nginx/nginx.crt
7.修改nginx配置文件
vim nginx.conf
編輯完成如下:
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream dynamic {
server 10.0.5.78:8080 weight=2;
server 10.0.5.75:8080 weight=1;
}
server {
listen 8080;
server_name 10.0.5.70;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://dynamic/;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 8443 ssl;
server_name 10.211.55.5;
ssl_certificate /usr/local/nginx/nginx.crt;
ssl_certificate_key /usr/local/nginx/nginx.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://dynamic/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_next_upstream off;
}
}
}
這裏有個坑,被代理的服務集羣一定要加上輪訓權重的參數,不然部分js加載不出來。
8.重新加載nignx.conf文件
./usr/local/nginx/sbin/.nginx -s reload
9.瀏覽器訪問測試
https://10.0.5.41:8443/ //10.0.5.41爲nginx服務器ip