1、安装 gcc
先检查系统环境下是否安装了gcc:
gcc -v
如果提示找不到命令就表示还未安装gcc环境。用下面命令安装gcc:
yum -y install gcc
2、安装 pcre、pcre-devel
pcre是一个perl库,包括perl兼容的正则表达式库,nginx的http模块使用pcre来解析正则表达式,所以需要安装pcre库。安装命令如下:
yum install -y pcre pcre-devel
3、安装 zlib
zlib库提供了很多种压缩和解压缩方式nginx使用zlib对http包的内容进行gzip,所以需要安装。安装命令如下:
yum install -y zlib zlib-devel
4、安装openssl
openssl是web安全通信的基石,https必备。安装命令如下:
yum install -y openssl openssl-devel
5、安装 nginx
1. 下载nginx
可以离线下载:http://nginx.org/en/download.html
也可以在线下载:
wget http://nginx.org/download/nginx-1.18.0.tar.gz
2. 解压文件
tar -zxvf nginx-1.18.0.tar.gz
3. 配置
cd xxx/nginx-1.18.0/
./configure --with-http_ssl_module #记得添加这个ssl模块
4. 编译
make
5. 安装
make install
到此nginx安装完毕!
6、配置nginx负载与SSL 证书,同时支持http与https
cd /usr/local/nginx #nginx安装完后默认在此目录下
vim /conf/nginx.conf
修改以下部分:
#user nobody;
worker_processes 2; #工作进程数 (双核4线程,可以设置为4)
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 10240; #单个工作进程可以允许同时建立外部连接的数量
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream gateways {
server 192.168.0.40:8080 weight=1;
server 192.168.0.40:8081 weight=1;
}
server {
listen 88;
server_name localhost;
charset utf8;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://gateways;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
server {
listen 443 ssl;
server_name www.xxx.com;
charset utf8;
#ssl on; #同时支持http与https时,不要配置此参数
ssl_certificate /usr/local/ssl/xxxxxxx.pem; #证书文件可以自己定义存放路径
ssl_certificate_key /usr/local/ssl/xxxxxxx.key; #证书文件可以自己定义存放路径
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://gateways;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
}
7、nginx 启动停止查看
./nginx #启动nginx
./nginx -s quit #此方式停止步骤是待nginx进程处理任务完毕进行停止。
./nginx -s stop #此方式相当于先查出nginx进程id再使用kill命令强制杀掉进程。
./nginx -s reload #重新加载配置
ps -ef|grep nginx
8、指定路径及配置文件启动
/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
