Linux學習總結(四十)lnmp之nginx安裝 用戶認證 域名重定向
Nginx官網 nginx.org,最新版1.13,最新穩定版1.12
Nginx應用場景:web服務、反向代理、負載均衡
Nginx著名分支,淘寶基於Nginx開發的Tengine,使用上和Nginx一致,服務名,配置文件名都一樣,和Nginx的最大區別在於Tenging增加了一些定制化模塊,在安全限速方面表現突出,另外它支持對js,css合並
Nginx核心+lua相關的組件和模塊組成了一個支持lua的高性能web容器openresty
2 nginx 安裝
cd /usr/local/src
wget http://nginx.org/download/nginx-1.12.1.tar.gz
./configure --prefix=/usr/local/nginx
make && make install
vim /etc/init.d/nginx 寫入以下內容
#!/bin/bash . /etc/init.d/functions Nginx Settings NGINX_SBIN="/usr/local/nginx/sbin/nginx" NGINX_CONF="/usr/local/nginx/conf/nginx.conf" NGINX_PID="/usr/local/nginx/logs/nginx.pid" RETVAL=0 prog="Nginx" start() { echo -n $"Starting $prog: " mkdir -p /dev/shm/nginx_temp daemon $NGINX_SBIN -c $NGINX_CONF RETVAL=$? echo return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc -p $NGINX_PID $NGINX_SBIN -TERM rm -rf /dev/shm/nginx_temp RETVAL=$? echo return $RETVAL } reload() { echo -n $"Reloading $prog: " killproc -p $NGINX_PID $NGINX_SBIN -HUP RETVAL=$? echo return $RETVAL } restart() { stop start } configtest() { $NGINX_SBIN -c $NGINX_CONF -t return 0 } case "$1" in start) start ;; stop) stop ;; reload) reload ;; restart) restart ;; configtest) configtest ;; *) echo $"Usage: $0 {start|stop|reload|restart|configtest}" RETVAL=1 esac exit $RETVAL
chmod 755 /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
cd /usr/local/nginx/conf/; mv nginx.conf nginx.conf.bak
vim nginx.conf
user nobody nobody; worker_processes 2; error_log /usr/local/nginx/logs/nginx_error.log crit; pid /usr/local/nginx/logs/nginx.pid; worker_rlimit_nofile 51200; events { use epoll; worker_connections 6000; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 3526; server_names_hash_max_size 4096; log_format combined_realip ‘$remote_addr $http_x_forwarded_for [$time_local]‘ ‘ $host "$request_uri" $status‘ ‘ "$http_referer" "$http_user_agent"‘; sendfile on; tcp_nopush on; keepalive_timeout 30; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 8 4k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; client_max_body_size 10m; client_body_buffer_size 256k; client_body_temp_path /usr/local/nginx/client_body_temp; proxy_temp_path /usr/local/nginx/proxy_temp; fastcgi_temp_path /usr/local/nginx/fastcgi_temp; fastcgi_intercept_errors on; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_types text/plain application/x-javascript text/css text/htm application/xml; server { listen 80; server_name localhost; index index.html index.htm index.php; root /usr/local/nginx/html; location ~ \.php$ { include fastcgi_params; fastcgi_pass unix:/tmp/php-fcgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/nginx/html$fastcgi_script_name; } } }
/usr/local/nginx/sbin/nginx -t
/etc/init.d/nginx start
ps aux |grep 80
3 默認虛擬主機
vim /usr/local/nginx/conf/nginx.conf //增加
include vhost/*.conf; //在主配置文件中打開虛擬主機配置文件功能
mkdir /usr/local/nginx/conf/vhost
cd !$; vim default.conf //加入如下內容
server
{
listen 80 default_server; // 有這個標記的就是默認虛擬主機
server_name aaa.com;
index index.html index.htm index.php;
root /data/wwwroot/default;
}
mkdir -p /data/wwwroot/default/
echo “This is a default site.”>/data/wwwroot/default/index.html
/usr/local/nginx/sbin/nginx -t
/usr/local/nginx/sbin/nginx -s reload
curl localhost
curl -x127.0.0.1:80 123.com
4 用戶認證:
vim /usr/local/nginx/conf/vhost/test.com.conf//寫入如下內容
server
{
listen 80;
server_name test.com;
index index.html index.htm index.php;
root /data/wwwroot/test.com;
location /
{
auth_basic "Auth"; //打開認證
auth_basic_user_file /usr/local/nginx/conf/htpasswd; //指定用戶密碼文件
}
}
創建訪問賬號密碼
這裏我們可以yum install -y httpd 安裝這個htpasswd工具,也可以用apache自帶的
/usr/local/apache2.4/bin/htpasswd -c /usr/local/nginx/conf/htpasswd lv ,根據提示輸入兩次密碼。
-t 和 -s reload //測試配置並重新加載
創建測試目錄
mkdir /data/wwwroot/test.com
創建頁面
echo "test.om" > /data/wwwroot/test.com/index.html
curl 測試
curl -x127.0.0.1:80 test.com/index.html 401
curl -u lv:123 -x127.0.0.1:80 test.com/index.html
針對目錄用戶認證,繼續編輯test.com.conf 配置文件
location 那裏的根目錄 更改為其他目錄即可
locatiion / 改為 location /admin/
cd /data/wwwroot/test.com/
mkdir admin
cp index.html /admin/
繼續測試 -t ,-s reload
curl -x127.0.0.1:80 test.com/index.html
curl -x127.0.0.1:80 test.com/admin/index.html
curl -u lv:123 -x127.0.0.1:80 test.com/admin/index.html
針對文件的用戶認證
改為: location ~/admin/admin.php
測試方法同上
5 域名重定向
更改test.com.conf
server
{
listen 80;
server_name test.com test1.com test2.com; //可以認為域名跟域名別名放在一起
index index.html index.htm index.php; //指定默認索引頁
root /data/wwwroot/test.com;
if ($host != ‘test.com‘ ) {
rewrite ^/(.*)$ http://test.com/$1 permanent;
}
}
對比下apache 的rewrite
RewriteCond %{HTTP_HOST} !^www.123.com$ //定義rewrite的條件,主機名(域名)不是www.123.com滿足條件
RewriteRule ^/(.*)$ http://www.123.com/$1 [R=301,L] //定義rewrite規則,當滿足上面的條件時,這條規則才會執行
我們發現nginx的重定向條件語句使用了if 顯得更簡單。
-t -s reload
curl -x127.0.0.1:80 test1.com
server_name後面支持寫多個域名,這裏要和httpd的做一個對比
permanent為永久重定向,狀態碼為301,如果寫redirect則為302
最後原諒我貼了兩大段shell腳本,剛開始感覺要學的東東太多了。shell腳本還很陌生。
Linux學習總結(四十)lnmp之nginx安裝 用戶認證 域名重定向