Nginx

• Linux 中 Nginx 默认配置
• Windows 中运行 Nginx

安装

yum方式安装

编辑 /etc/yum.repos.d/nginx.repo

[nginx-stable]
name=nginx stable repo
baseurl=http://mirrors.ustc.edu.cn/nginx/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://mirrors.ustc.edu.cn/nginx/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

安装

yum -y install yum-utils
yum install -y nginx

RPM方式安装

cd ~/download
wget https://nginx.org/packages/rhel/7/x86_64/RPMS/nginx-1.20.2-1.el7.ngx.x86_64.rpm

sudo yum -y localinstall nginx-1.20.2-1.el7.ngx.x86_64.rpm
rpm -qa |grep nginx
rpm -ql nginx

源码安装

yum install -y gcc pcre pcre-devel openssl openssl-devel gd gd-devel

依赖：pcre, zlib

wget https://nginx.org/download/nginx-1.12.2.tar.gz
tar xzvf nginx-1.12.2.tar.gz
cd nginx-1.12.2

./configure \
  --prefix=/usr/local/nginx/nginx1.12 \
  --with-pcre=../pcre-8.40 \
  --with-zlib=../zlib-1.2.11 \
  --with-http_ssl_module

make && make install

运行

查看版本

nginx -V

日志统计

根据访问IP统计UV
awk '{print $1}'  access.log|sort | uniq -c |wc -l

统计访问URL统计PV
awk '{print $7}' access.log|wc -l

查询访问最频繁的URL
awk '{print $7}' access.log|sort | uniq -c |sort -n -k 1 -r|more

查询访问最频繁的IP
awk '{print $1}' access.log|sort | uniq -c |sort -n -k 1 -r|more

根据时间段统计查看日志
cat access.log| sed -n '/14\/Mar\/2015:21/,/14\/Mar\/2015:22/p'|more

配置

纯文本服务

user  sharefile;
http {
  charset UTF-8;
  include  mime.types;
  default_type  application/octet-stream;
  sendfile  on;
  keepalive_timeout  65;
  # autoindex on; 不建议开启

  server {
    listen  80;
    server_name  localhost;
    rewrite_log  on;

    root  /home/sharefile;
    index  index.html;

    location / {
	  # 启用账号认证
      # auth_basic           "auth";
      # auth_basic_user_file  passwd/default;
    }

    location ~ \.txt {
      add_header Content-Type text/plain;
    }
  }
}

配合Tomcat

server {
	listen 80;
	server_name localhost;

	proxy_read_timeout 300;
	proxy_connect_timeout 300;
	proxy_send_timeout 300; 

	location / {
		proxy_pass http://localhost:8080/;
		proxy_set_header Host $host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}

	location /upload/ {
		root  /home/deploy/;
	}
}

PHP 服务

server {
  listen    80;
  server_name example.org www.example.org;
  root    /data/www;

  location / {
    index   index.html index.php;
  }

  location ~* \.(gif|jpg|png)$ {
    expires 30d;
  }

  location ~ \.php$ {
    fastcgi_pass  localhost:9000;
    fastcgi_param SCRIPT_FILENAME
            $document_root$fastcgi_script_name;
    include     fastcgi_params;
  }
}

proxy 服务

server {
  listen 80;
  server_name app1.xiongjiaxuan.com;

  location / {
    proxy_pass http://localhost:8080/;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}

负载服务

upstream appsite {
  server 192.168.137.110:8080;
  server 192.168.137.111:8080;
}

server {
  listen 80;
  server_name app1.xiongjiaxuan.com;

  location / {
    proxy_pass http://appsite/;
  }
}

Virtual Hosts

http {
   include /etc/nginx/sites-enabled/*.conf;
   server_names_hash_bucket_size 64;
}

编辑 sites-enabled/blog.xiongjiaxuan.com.conf

server {
  listen 80;
  server_name blog.xiongjiaxuan.com;
  access_log /var/log/nginx/blog-access.log;
  error_log /var/log/nginx/blog-error.log;

  root /webapp/blog/public;

  location / {
    index index.html;
  }
}

安全

禁止通过IP访问

server {
  listen 80 default_server;
  server_name x;
  return 404;
}

异常排查

413 Request Entity Too Large

加大提交数据大小

client_max_body_size 100m;

参考

• How nginx processes a request
• A Regular Expression Tester for NGINX and NGINX Plus
• Using Nginx as a Forward Proxy