# Nginx安装
# Nginx版本
常用版本分为四大阵营
- Nginx开源版
http://nginx.org/ (opens new window)
- Nginx plus 商业版
https://www.nginx.com
- openresty
http://openresty.org/cn/
- Tengine
*Tengine (opens new window)*是由淘宝网发起的Web服务器项目。它在Nginx的基础上,针对大访问量网站的需求,添加了很多高级功能和特性。它的目的是打造一个高效、安全的Web平台。
# 编译安装
# 安装说明
安装系统:CentOS Linux release 7.4.1708 (Core)
Nginx版本:nginx-1.21.6.tar.gz
# 解压安装包
tar -xzvf nginx-1.21.6.tar.gz
# 编译安装
以root用户进行编译、安装。
cd nginx-1.21.6
./configure --prefix=/usr/local/nginx #将nginx安装到/usr/local/nginx
make && make install #编译并安装
2
3
安装成功后
cd /usr/local/nginx
ll
总用量 4
drwxr-xr-x. 2 root root 4096 6月 13 14:56 conf
drwxr-xr-x. 2 root root 40 6月 13 14:56 html
drwxr-xr-x. 2 root root 6 6月 13 14:56 logs
drwxr-xr-x. 2 root root 19 6月 13 14:56 sbin
2
3
4
5
6
7
# 编译错误解决
错误提示1
checking for OS
+ Linux 3.10.0-693.el7.x86_64 x86_64
checking for C compiler ... not found
./configure: error: C compiler cc is not found
2
3
4
5
解决方案:安装gcc yum install -y gcc
错误提示2
./configure: error: the HTTP rewrite module requires the PCRE library.
You can either disable the module by using --without-http_rewrite_module
option, or install the PCRE library into the system, or build the PCRE library
statically from the source with nginx by using --with-pcre=<path> option.
2
3
4
解决方案:安装perl库 yum install -y pcre pcre-devel
错误提示3
./configure: error: the HTTP gzip module requires the zlib library.
You can either disable the module by using --without-http_gzip_module
option, or install the zlib library into the system, or build the zlib library
statically from the source with nginx by using --with-zlib=<path> option.
2
3
4
解决方案:安装zlib库 yum install -y zlib zlib-devel
# 启动Nginx
# root用户运行
进入安装目录 /usr/local/nginx/sbin
./nginx #启动
./nginx -s stop #快速停止
./nginx -s quit #优雅关闭,在退出前完成已经接受的连接请求
./nginx -s reload #重新加载配置
2
3
4
# 普通用户运行
Linux机制不允许普通用户启用1024以下端口,一般情况下nginx默认采用80端口、https方式访问端口默认是443,由于root权限太大,采用root用户启动nginx会带来安全隐患,因此我们需要把nginx以root权限运行改为普通用户权限运行。
进入nginx安装目录:/usr/local/nginx, 查看权限:
总用量 4
drwxr-xr-x. 2 root root 4096 6月 13 14:56 conf
drwxr-xr-x. 2 root root 40 6月 13 14:56 html
drwxr-xr-x. 2 root root 6 6月 13 14:56 logs
drwxr-xr-x. 2 root root 19 6月 13 14:56 sbin
2
3
4
5
修改nginx所属组和用户:
chown -R aotuxx:aotuxx /usr/local/nginx
ll
总用量 4
drwxr-xr-x. 2 aotuxx aotuxx 4096 6月 13 14:56 conf
drwxr-xr-x. 2 aotuxx aotuxx 40 6月 13 14:56 html
drwxr-xr-x. 2 aotuxx aotuxx 6 6月 13 14:56 logs
drwxr-xr-x. 2 aotuxx aotuxx 19 6月 13 14:56 sbin
2
3
4
5
6
7
由于在 linux 下,只有以 root 启动的进程才能监听小于 1024 的端口。nginx 如果设置了监听 80 或 443 端口,必须得以 root 用户启动,所以为了让普通用户下启动nginx,需允许普通用户可以启动小于1024端口的进程
setcap cap_net_bind_service=+ep /usr/local/nginx/sbin/nginx
# 关于防火墙
# 关闭防火墙
systemctl stop firewalld.service
# 禁止防火墙开机启动
systemctl disable firewalld.service
# 放行端口
firewall-cmd --zone=public --add-port=80/tcp --permanent
# 指定端口和IP访问
添加
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.1.100" port protocol="tcp" port="8080" accept"
移除
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.1.100" port port="8080" protocol="tcp" accept"
# 查看防火墙规则
firewall-cmd --list-all
# 重启防火墙
firewall-cmd --reload
# Nginx安装成系统服务
创建脚本
vi /usr/lib/systemd/system/nginx.service
服务脚本内容
[Unit]
Description=nginx - web server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t -c /usr/local/nginx/conf/nginx.conf
ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
ExecQuit=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true
[Install]
WantedBy=multi-user.target
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
重新加载系统服务
systemctl daemon-reload
启动服务
systemctl start nginx.service #启动
systemctl reload nginx.service #重新加载配置
systemctl stop nginx.service #快速停止
systemctl quit nginx.service #优雅关闭,在退出前完成已经接受的连接请求
2
3
4
开机启动
systemctl enable nginx.service
Nginx基础 →