安装
yum方式安装
编辑 /etc/yum.repos.d/nginx.repo
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
| [nginx-stable] name=nginx stable repo baseurl=http://mirrors.ustc.edu.cn/nginx/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true
[nginx-mainline] name=nginx mainline repo baseurl=http://mirrors.ustc.edu.cn/nginx/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true
|
安装
1 2
| yum -y install yum-utils yum install -y nginx
|
RPM方式安装
1 2 3 4 5 6
| cd ~/download wget https://nginx.org/packages/rhel/7/x86_64/RPMS/nginx-1.20.2-1.el7.ngx.x86_64.rpm
sudo yum -y localinstall nginx-1.20.2-1.el7.ngx.x86_64.rpm rpm -qa |grep nginx rpm -ql nginx
|
源码安装
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
| yum install -y gcc pcre pcre-devel openssl openssl-devel gd gd-devel
依赖:pcre, zlib
wget https://nginx.org/download/nginx-1.12.2.tar.gz tar xzvf nginx-1.12.2.tar.gz cd nginx-1.12.2
./configure \ --prefix=/usr/local/nginx/nginx1.12 \ --with-pcre=../pcre-8.40 \ --with-zlib=../zlib-1.2.11 \ --with-http_ssl_module
make && make install
|
运行
查看版本
日志统计
1 2 3 4 5 6 7 8 9 10 11 12 13 14
| 根据访问IP统计UV awk '{print $1}' access.log|sort | uniq -c |wc -l
统计访问URL统计PV awk '{print $7}' access.log|wc -l
查询访问最频繁的URL awk '{print $7}' access.log|sort | uniq -c |sort -n -k 1 -r|more
查询访问最频繁的IP awk '{print $1}' access.log|sort | uniq -c |sort -n -k 1 -r|more
根据时间段统计查看日志 cat access.log| sed -n '/14\/Mar\/2015:21/,/14\/Mar\/2015:22/p'|more
|
配置
纯文本服务
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
| user sharefile; http { charset UTF-8; include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; # autoindex on; 不建议开启
server { listen 80; server_name localhost; rewrite_log on;
root /home/sharefile; index index.html;
location / { # 启用账号认证 # auth_basic "auth"; # auth_basic_user_file passwd/default; }
location ~ \.txt { add_header Content-Type text/plain; } } }
|
配合Tomcat
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
| server { listen 80; server_name localhost;
proxy_read_timeout 300; proxy_connect_timeout 300; proxy_send_timeout 300;
location / { proxy_pass http://localhost:8080/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }
location /upload/ { root /home/deploy/; } }
|
PHP 服务
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
| server { listen 80; server_name example.org www.example.org; root /data/www;
location / { index index.html index.php; }
location ~* \.(gif|jpg|png)$ { expires 30d; }
location ~ \.php$ { fastcgi_pass localhost:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } }
|
proxy 服务
1 2 3 4 5 6 7 8 9 10 11
| server { listen 80; server_name app1.xiongjiaxuan.com;
location / { proxy_pass http://localhost:8080/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
|
负载服务
1 2 3 4 5 6 7 8 9 10 11 12 13
| upstream appsite { server 192.168.137.110:8080; server 192.168.137.111:8080; }
server { listen 80; server_name app1.xiongjiaxuan.com;
location / { proxy_pass http://appsite/; } }
|
Virtual Hosts
1 2 3 4
| http { include /etc/nginx/sites-enabled/*.conf; server_names_hash_bucket_size 64; }
|
编辑 sites-enabled/blog.xiongjiaxuan.com.conf
1 2 3 4 5 6 7 8 9 10 11 12
| server { listen 80; server_name blog.xiongjiaxuan.com; access_log /var/log/nginx/blog-access.log; error_log /var/log/nginx/blog-error.log;
root /webapp/blog/public;
location / { index index.html; } }
|
安全
禁止通过IP访问
1 2 3 4 5
| server { listen 80 default_server; server_name x; return 404; }
|
异常排查
413 Request Entity Too Large
加大提交数据大小
1
| client_max_body_size 100m;
|
参考