环境:centos6/7
安装
(1)安装更新所需组件工具
# yum update
# yum install gcc gcc-c++ autoconf automake
(2)准备安装包
tengine-2.2.1.tar.gz
pcre2-10.21.tar.gz
openssl-1.0.2n.tar.gz
jemalloc-5.0.1.tar.bz2
zlib-1.2.11.tar.gz
相关软件包:https://download.csdn.net/download/weixin_42575806/15534410
(3)统一解压至/usr/local/src目录下
#tar -zxvf tengine-2.2.1.tar.gz -C /usr/local/src
#tar -zxvf pcre2-10.21.tar.gz -C /usr/local/src
#tar -zxvf openssl-1.0.2n.tar.gz -C /usr/local/src
#tar -jxvf jemalloc-5.0.1.tar.bz2 -C /usr/local/src
#tar -zxvf zlib-1.2.11.tar.gz -C /usr/local/src
(4)安装 pcre
进入目录
#cd pcre2-10.21/
执行命令
#./configure --prefix=/usr/local/pcre
#make
#make install
(5)安装 openssl
进入目录
#cd openssl-1.0.2n
执行命令
#./config --prefix=/usr/local/openssl
#make
#make install
(6)安装 jemalloc
进入目录
#cd jemalloc-5.0.1
执行命令
#./configure --prefix=/usr/local/jemalloc
#make
#make install
(7)安装 zlib
进入目录
#cd zlib-1.2.11
执行命令
#./configure --prefix=/usr/local/zlib
#make
#make install
(8)开始安装tengine
进入目录
#cd tengine-2.2.1
#./configure
#make
#make install
./configure 报错①
解决:#yum -y install pcre-devel
./configure 报错②
解决:#yum -y install openssl openssl-devel
启动nginx
(1)开放80端口
firewall-cmd --zone=public --add-port=80/tcp --permanent
(2)启动服务
#cd /usr/local/nginx/sbin
#./nginx
看到该界面,表示已经安装启动成功。
配置nginx代理
反向代理配置
API接口代理
server {
listen 33333;#监听端口
server_name www.zhang.com;#监听域名
ssl on;#使用ssl认证;https
ssl_certificate /usr/local/src/myssl/www.zhang.com.crt;#证书地址
ssl_certificate_key /usr/local/src/myssl/www.zhang.com.key;#密匙地址
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://192.168.1.97:443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}站点代理
server {
listen 9089;
server_name www.aaasslaaa.com;
ssl on;
ssl_certificate /usr/local/src/myssl/www.aaasslaaa.com.crt;
ssl_certificate_key /usr/local/src/myssl/www.aaasslaaa.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://192.168.1.236:9089;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
#为图片做缓存
location ~.*\.(js|css|ico|gif|jpg|jpeg|png|mp3|)$ {
proxy_pass http://192.168.1.236:9089;
expires 30d;
proxy_cache nuget-cache;
proxy_cache_key $host$uri$is_args$args;
proxy_cache_valid 200 30d;
proxy_cache_valid 304 30d;
proxy_cache_valid any 1h;
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
}
}
维护相关
cd /usr/local/nginx/sbin
启动:./nginx
关闭:killall nginx
重启:./nginx -s reload
检测:./nginx -t