文章目录
1.下载nginx安装包2.进入nginx.1.16.1.tar.gz目录下3.执行编译4.查看安装情况5.启动nginx7.修改nginx配置文件8.重新加载nignx.conf文件9.浏览器访问测试1.下载nginx安装包
wget http://q0udgfsc3./nginx-1.16.1.tar.gztar -zxvf nginx-1.16.1.tar.gz
如果地址失效,请下载官方下载1.16.1稳定版本
2.进入nginx.1.16.1.tar.gz目录下
./configure --prefix=/usr/local/nginx/ --with-http_stub_status_module --with-http_ssl_module
如果有error报错,应该是系统问题
yum update // 更新yum install -y gcc pcre pcre-devel openssl openssl-devel gd gd-devel //安装前置库
最后重新执行./configure命令
./configure --prefix=/usr/local/nginx/ --with-http_stub_status_module --with-http_ssl_module
3.执行编译
make && make install
4.查看安装情况
/usr/local/nginx/sbin/nginx -v
5.启动nginx
cd /usr/local/nginx/sbin/ // 进入/usr/local/nginx/sbin/目录下./nginx //启动./nginx -s stop // 停止
浏览器输入ip地址,如果浏览器提示无法连接,建议开发阶段直接开启防火墙,生产再给防火墙添加端口访问
systemctl status firewalld // 查看防火墙是否运行systemctl stop firewalld // 禁用防火墙systemctl disabled firewalld // 禁止防火墙开启自启firewall-cmd --query-port=666/tcp 提示no表示未开firewall-cmd --add-port=666/tcp --permanent 提示 success 表示成功firewall-cmd --reload 比如添加规则之后,需要执行此命令firewall-cmd --query-port=666/tcp 提示yes表示成功firewall-cmd --permanent --remove-port=666/tcp```java>看到nginx欢迎页面,说明nginx能够访问了# 6.生成证书nginx.crt和nginx.key```javaopenssl req -x509 -nodes -days 36500 -newkey rsa:2048 -keyout /usr/local/nginx/nginx.key -out /usr/local/nginx/nginx.crt
7.修改nginx配置文件
vim nginx.conf
编辑完成如下:
#user nobody;worker_processes 1;#error_log logs/error.log;#error_log logs/error.log notice;#error_log logs/error.log info;#pid logs/nginx.pid;events {worker_connections 1024;}http {include mime.types;default_type application/octet-stream;#log_format main '$remote_addr - $remote_user [$time_local] "$request" '# '$status $body_bytes_sent "$http_referer" '# '"$http_user_agent" "$http_x_forwarded_for"';#access_log logs/access.log main;sendfile on;#tcp_nopushon;#keepalive_timeout 0;keepalive_timeout 65;#gzip on;upstream dynamic {server 10.0.5.78:8080 weight=2;server 10.0.5.75:8080 weight=1;}server {listen 8080;server_name 10.0.5.70;#charset koi8-r;#access_log logs/host.access.log main;location / {proxy_pass http://dynamic/;}#error_page 404 /404.html;# redirect server error pages to the static page /50x.html#error_page 500 502 503 504 /50x.html;location = /50x.html {root html;}}server {listen 8443 ssl;server_name 10.211.55.5;ssl_certificate/usr/local/nginx/nginx.crt;ssl_certificate_key /usr/local/nginx/nginx.key;ssl_session_timeout 5m;ssl_protocols TLSv1;ssl_ciphers HIGH:!aNULL:!MD5;ssl_prefer_server_ciphers on;location / {proxy_pass http://dynamic/;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto https;proxy_next_upstreamoff;}}}
这里有个坑,被代理的服务集群一定要加上轮训权重的参数,不然部分js加载不出来。
8.重新加载nignx.conf文件
./usr/local/nginx/sbin/.nginx -s reload
9.浏览器访问测试
https://10.0.5.41:8443/ //10.0.5.41为nginx服务器ip