清空历史安装包
yum -y remove nginx # 尝试卸载NGINX
whereis nginx
find / -name '*nginx*' # 查询nginx相关目录并删除
依赖安装
yum install yum-utils # 安装先决条件
yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel # 安装依赖
本地压缩包安装
下载地址:https://nginx.org/en/download.html
安装说明:https://nginx.org/en/linux_packages.html#RHEL-CentOS
cd /usr/local && mkdir nginx && cd nginx && wget https://nginx.org/download/nginx-1.20.1.tar.gz # 下载安装包
tar -zxvf nginx-1.20.1.tar.gz && mv nginx-1.20.1 nginx-install # 解压缩安装包
cd nginx-install && ./configure --prefix=/usr/local/nginx/nginx-1.20.1 # 自定义安装目录
make && make install # 安装
设置软链接
ln -s /usr/local/nginx/nginx-1.20.1/sbin/nginx /usr/local/bin/nginx
自定义配置文件
user root;
# 当前系统的cpu线程数
worker_processes 8;
# 错误日志
error_log /usr/local/nginx/nginx-1.20.1/logs/error.log;
#error_log /usr/local/nginx/nginx-1.20.1/logs/error.log notice;
#error_log /usr/local/nginx/nginx-1.20.1/logs/error.log info;
pid /usr/local/nginx/nginx-1.20.1/logs/nginx.pid;
events {
# 连接数
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# 自定义日志格式
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# 访问日志
access_log /usr/local/nginx/nginx-1.20.1/logs/access.log main;
# 开启高效文件传输模式
sendfile on;
#tcp_nopush on;
# 开启高效文件传输模式
keepalive_timeout 65;
# 开启高效文件传输模式
#gzip on;
# 用于定义服务,可以有多个server块
#HTTPS server
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
server {
listen 80;
server_name 127.0.0.1;
charset utf-8;
# 访问日志
access_log /usr/local/nginx/nginx-1.20.1/logs/80.access.log main;
#### 全局变量 ####
set $nginx_root /usr/local/nginx/nginx-1.20.1/html;
set $static_root /usr/local/nginx/nginx-1.20.1/static;
#### location优先级从高到底:(location =) > (location 完整路径) > (location ^~ 路径) > (location ~,~* 正则顺序) > (location 部分起始路径) > (/)
# 【精确匹配】
# /
location = / {
root $nginx_root;
index index.html index.htm;
}
# /baidu
location = /baidu {
return 301 http://www.baidu.com;
}
# /404.html
error_page 404 /404.html;
location = /404.html {
root $nginx_root;
}
# /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root $nginx_root;
}
# 【模糊匹配】
# 匹配所有以 /pdf 开头的表达式,匹配成功则停止匹配
location ^~ /pdf {
root $static_root;
}
# 匹配所有以"指定字符"结尾的请求
location ~* \.(gif|jpg|jpeg|png|bmp|ico|swf)$ {
root $static_root/images;
}
location ~* \.(css)$ {
root $static_root/css;
}
location ~* \.(js)$ {
root $static_root/js;
}
# 【反向代理】
# 作用在正则匹配之前,匹配以 /springBootAdminServer 开头的请求。http://lixingclub.xyz/springBootAdminServer/
location ^~ /springBootAdminServer {
proxy_pass http://springBootAdminServer;
proxy_redirect default;
proxy_connect_timeout 10s;
proxy_read_timeout 10s;
proxy_send_timeout 10s;
proxy_set_header Host $host:$server_port;
}
# 作用在正则匹配之前,匹配以 /eurekaDemo 开头的请求。http://lixingclub.xyz/eurekaDemo/gatewayAuth/auth/getUserPwd
location ^~ /eurekaDemo {
proxy_pass http://eurekaDemo;
proxy_redirect default;
proxy_connect_timeout 10s;
proxy_read_timeout 10s;
proxy_send_timeout 10s;
proxy_set_header Host $host:$server_port;
}
# 作用在正则匹配之前,匹配以 /nacos 开头的请求。http://lixingclub.xyz/nacos/index.html
location ^~ /nacos {
proxy_pass http://nacos;
proxy_redirect default;
proxy_connect_timeout 10s;
proxy_read_timeout 10s;
proxy_send_timeout 10s;
proxy_set_header Host $host:$server_port;
}
# 匹配所有以 / 开头的请求
# 但是如果有更长的同类型的表达式,则选择更长的表达式
# 如果有正则表达式可以匹配,则优先匹配正则表达式
location / {
root $nginx_root;
index index.html index.htm;
}
}
# 反向代理服务器列表
upstream springBootAdminServer {
server 172.17.0.8:8760;
}
upstream eurekaDemo {
server 172.17.0.8:8763 weight=1 max_fails=2 fail_timeout=20s;
}
upstream nacos {
server 172.17.0.8:8841;
server 172.17.0.8:8843;
server 172.17.0.8:8845;
}
}
配置ssl证书【阿里云】
1、域名-基本信息-免费开启SS证书-设置为【当前域名】-返回证书控制台-下载证书for Nginx
2、在Nginx安装目录下创建cert目录,并且将下载的全部文件拷贝到cert目录中。如果申请证书时是自己创建的CSR文件,请将对应的私钥文件放到cert目录下并且命名为1538280667716.key
3、打开Nginx安装目录nginx.conf文件进行配置,配置文件如下
#HTTPS server
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
4、nginx -t # 刷新配置文件
5、systemctl restart nginx.service # 重启nginx
注意:nginx反向代理tomcat提示13 permission denied 需要 执行setsebool -P httpd_can_network_connect 1
相关指令
nginx -t # 查看配置文件是否正确
nginx # 开启
nginx -s stop # 停止
nginx -s reload # 重启