Foreword
Nginx (engine x) is a high performance HTTP and reverse proxy server is a IMAP / POP3 / SMTP server. . Install and configure the basic steps of the present example demonstrates Nginx CentOS 7.
Environment Description
CentOS 7(Minimal Install)
$ cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
step
Step 1: Add yum Source
Nginx source not in the default yum, yum source may be used or epel official website, yum source of the present embodiment using the official website.
$ sudo rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
After installing yum source, you can look at.
$ sudo yum repolist
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
repo id repo name status
base/7/x86_64 CentOS-7 - Base 9,911
extras/7/x86_64 CentOS-7 - Extras 368
nginx/x86_64 nginx repo 108
updates/7/x86_64 CentOS-7 - Updates 1,041
repolist: 11,428
It can be found nginx repo
already installed to this machine.
Step 2: mounting
yum install Nginx, it is very simple, a command.
$ sudo yum install nginx
Step 3: Configure Nginx Service
Set boot
$ sudo systemctl enable nginx
Start Service
$ sudo systemctl start nginx
Out of service
$ sudo systemctl restart nginx
Reload, because after the general reconfiguration, do not want to restart the service, then you can use the reload.
$ sudo systemctl reload nginx
Step 4: open firewall ports
CentOS7 use the default firewall firewalld is closed http service (open 80 ports).
$ sudo firewall-cmd --zone=public --permanent --add-service=http success $ sudo firewall-cmd --reload success
After opening, you can look at all the services of the firewall to open
$ sudo sudo firewall-cmd --list-service
ssh dhcpv6-client http
You can see, the system has opened the http service.
Reverse Proxy
Is a very convenient Nginx reverse proxy, the reverse proxy configuration can refer Module1 ngx_http_proxy_module . This article does not tired.
It should be noted that CentOS SELinux 7, the use of reverse proxy need to open network access.
$ sudo setsebool httpd_can_network_connect 1
After opening the network permissions, you can use a reverse proxy.
Binding other ports
Port Nginx default binding is the default port, the port number for the http protocol: 80
If need to bind other ports, you need to pay attention to SELinux configuration
For example: the binding 8081 port, but you will find it impossible to start, generally given as follows
YYYY/MM/DD hh:mm:ss [emerg] 46123#0: bind() to 0.0.0.0:8081 failed (13: Permission denied)
At this point we need to change SELinux settings. We use SELinux management tools semanage
to operate more convenient.
Installation semanage
using the following command
$ sudo yum install policycoreutils-python
Then see if there are other types of protocols used this port
$ sudo semanage port -l | grep 8081
transproxy_port_t tcp 8081
The results returned, indicating that has been occupied other type, type transproxy_port_t
.
We also look at the type of Nginx in SELinux is http_port_t
bound to port
$ sudo semanage port -l | grep http_port_t
http_port_t tcp 80, 81, 443, 488, 8008, 8009, 8443, 9000 pegasus_http_port_t tcp 5988
The first line http_port_t
is not included in 8081
this port. It is necessary to modify 8081
the port to the http_port_t
type.
$ sudo semanage port -m -p tcp -t http_port_t 8081
If no other protocol type to use the port you want to bind, like 8001
, we just added to SELinux can be.
$ sudo semanage port -l | grep 8001
$ sudo semanage port -a -p tcp -t http_port_t 8001
At this point, you can restart Nginx.
in conclusion
This article demonstrates CentOS under 7 yum install Nginx, configuration services.
Reference material
Install Nginx Binary Releases
Module ngx_http_proxy_module
Using NGINX and NGINX Plus with SELinux