compile and install nginx
nginx.org download source packages
And to install the corresponding module is provided in accordance with the relative path, refer to the official installation notes nginx.org
1 ~]# yum groupinstall "Development Tools" "Server Platform Development" 2 ~]# yum install pcre-devel openssl-devel zlib-devel 3 ~]# useradd -r nginx 4 ~]# ./configure --prefix=/usr/local/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module --with-http_dav_module --with-http_stub_status_module --with-threads --with-file-aio 5# The make && the make the install . 6 . 7 Note: nginx need to manually create user profiles and specified PATH compiled installed; . 8 the useradd -s / sbin / nologin -M - R & lt nginx . 9 nginx -C / etc / nginx / nginx.conf 10 nginx - S reopen (nginx port is reopened after listening) . 11 nginx command PATH: / usr / local / nginx / sbin / nginx, need the PATH variable added to the command;
Configuration file format:
Composition plus the instruction value, and each of instruction; No. end;
Variables can be used, with the module into nginx variables and custom variable set value_name value
/etc/nginx/nginx.conf
http { Common log_format ' $ REMOTE_ADDR - $ REMOTE_USER time_local $ "$ Request" $ S Tatus body_bytes_sent $ " $ HTTP_REFERER " " $ HTTP_USER_AGENT "' ; (custom log format name and content) # PID / var / RUN / nginx.pid; ( nginxpid specify the location of the file storage) # User nginx nginx; (startup configuration of users and groups nginx woker process) Loca_module # / etc / Nginx / Module1; (file path module configured to be loaded) The include # /etc/nginx/conf.d/ ; (designated profile path included) Worker_processes # 4 ; (specify the number of child processes to start, generally configured as a number of cores of the CPU) # Worker_cpu_affinity auto; (designate corresponding binding relationship between the CPU and nginx woker process, usually auto) Worker_priority # 19 ; (nginx_worker specified priority process running nice -20 ~ 19 100 ~ 139, maximum 19) Worker_rlimit_nofile # 65535 ; (nginx process specified maximum number of files allowed access, up to 65536) # Daemon off; (specify whether to run in daemon mode, generally used for debugging) # Master_process on; (if specified in master / worker working mode, the default is On) # error_log /var/log/nginx/error_log; (指明error_log file path) # Events {(event-driven configuration) Worker_connections # 10240 ; (configuration of each worker process up to respond to the number of requests, nginx maximum capacity is worker_process * worker_connection) # Use epoll; (IO scheduling specified, typically the epoll) # Accept_mutex off; (process worker specifies a new connection request, off to a new request is sent to all the worker, on assigning a sequential mode)
}
server { the listen 192.168 . 20.243 : 80 the default_server backlog = 1024 rcvbuf = 100m sndbuf = 100m; (specified listening port, default_server: configured as the default response service backlog: Configure nginx request queue maximum queue number rcvbuf: receiving packet buffer to the size sndbuf: send the message buffer size listen 192.168.20.243:443 ssl; : server_name www.ilinuc.com (specify the name of the service) tcp_nodelay off; (specify whether multiple small resource request as one large unified message is sent, usually off, after opening the Client Access display rate may be slower) tcp_nopush on; (specify whether to send along with packet header and content) sendfile on; (Specifies whether to turn on when the scheduling request resource to disk by the kernel, the kernel directly sent to the protocol stack, without the application server program) the root / DATE / vhosts; (specified URL path map root) location / { the allow 192.168 . 15.0 / 24- ; (URL set root access) deny all; } LOCATION / videos {(modified root directory path specified by the location, when client access / videos, converted to the left of the root / date / vhosts1 directory; is accessed at this time / date / videos directory under vhosts1;) root /date/vhosts1/; allow 192.168.15.0/24; } LOCATION / ADMIN {(alias designated access when client access / admin / directory, the root directory of the contents of the right / date / vhosts1 / contents of the directory;) alias /date/vhosts2/; allow 192.168.15.0/24; deny all; } index index.html index.php index.html; (when the client does not specify a particular access path, back to the main business of the client document page;) error_page 404 / notfound.html; (custom specified error code and returns the page file path) LOCATION / notfound.html {(error code indicating the position of the file) root /date/code/; allow 192.168.15.0/24; deny all; } location /index.html { URI $ try_files / huawei.html @finish; (when the client requested page does not exist, attempts to find other designated page back to the client, here designated priority try to find the content requested by the client, find / huawei absence. html back to the client, the search path defined @finish absence; } location @finish {(lookup circuit path is defined @finish) try_files /cisco.html = 399 ; (here when /cisco.html file does not exist, an error feedback to the client 399;) } keepalive_timeout 65s; (configure client connection time) keepalive_requests 256 ; (configuration page number of each client connection resource request up and reaches or exceeds the upper limit specified connection often disconnect the connection automatically re-establish a new connection request) keepalive_disable msie6; (designated not allowed to remain a browser connection) send_timeout 60s; (the client sends an overtime often refers to the interval between two write operations between two packets often) client_body_buffer_size 16k; (designated client request message body portion allows the size of the cache memory;) client_body_temp_path / DATE / Nginx / TEMP / 2 . 1 . 1 ; (designated body portion of a client exceeds the allowed memory size, location content stored in the disk path, designated 211 is a storage directory structure, a subdirectory is 2, and so on , it allows up to a subdirectory of subdirectory two subdirectories * * three subdirectories;) limit_rate 4096 ; (specify individual client access rate in bytes) location ~ /.*$ { limit_except GET {(designated mode request allows the client to use, for other than the designated mode request method is not allowed, is generally not allowed to use the client delete, and other dangerous request operation) allow 192.168.15.0/24; deny all; : } } aio on; (asynchronous io designated work mode is enabled) directio 1m; (when the size of the resource sent to the client than the specified size, the contents of the request sent by the kernel directly to the stack without passing through the application layer, the same as this and the sendfile) max open_file_cache = 256 inactive = 60s; descriptor file and metadata information (specified cache is allowed to read the file. (date read by the cache access path directly next visit) the maximum cache entries, and time-out events often ) open_file_cache_valid 30 ; (check entries specified time interval, s) open_file_cache_min_uses . 1 ; (when disposed within a specified timeout inactive, matched to the time of checking by the checking each cache entry time interval the number of visits, when the number is less than the specified value, then the entry is deleted from the cache entry) open_file_cache_errors on; (Configure whether to open a cache error log) Rewrite # /(.*)$ HTTPS: // www.ilinuc.com/$1; (configuration page redirects here when the client access to all content URL path, redirected to https://www.ilinux.com / page $ 1, $ 1 (page path) within) LOCATION / the auth {(designated access path configuration, user authentication required) auth_basic "This is manager directory ,please input your grant"; auth_basic_user_file / etc / Nginx /. the passwd ; (file path to specify the storage of the user account, a user account generation tools typically use htpasswd) } LOCATION / basic_status {(designated client when accessing basic_status, stub_status feedback to content client, stub_status information as the current operating state of the server nginx) stub_status; } access_log / var / log / Nginx / access_log Common Buffer = 8M the flush = 60s; (specify the path and the access log file and log buffer to log format region size configuration) LOCATION / log {(arranged separate log file for the specified URL path) access_log /var/log/nginx/log_access common; } gzip ON; (whether to open a response packet compression resource advantages: saving bandwidth, Disadvantages: consume host CPU resources) gzip_comp_level . 6 ; (1-9 configure the compression level, the highest 9) gzip_min_length 2m; (compressed configuration response threshold packet size, the packet size exceeding compression) gzip_buffers 32 4K; (the number of buffers and size of each buffer when it is configured to support the compression function implemented;) gzip_proxied any; (nginx as a proxy server, receiving a response packet to the rear end, enable compression under what circumstances, all of the any) text gzip_types / CSS text / xml the Application / JavaScript; (supports compressed resource file format;) ssl_certificate / etc / PKI / CA / nginx.crt; (using the file path indicates the site public certificate issued by the CA when the site is https) ssl_certificate_key / etc / PKI / the CA / Private / cakey.pem; (specify the private key file generated public certificate path) . ssl_protocols TLSv1 TLSv1 . 1 . TLSv1 2 SSLv3; (encryption protocol supported) ssl_session_cache shared: ssl: 10M; (https session is designated for preservation buffer mode and shared mode name and size for the worker processes share a buffer, ssl for the buffer memory under the name, 10M buffer size;) ssl_session_timeout 65s; (https session timeout time to time) Rewrite # /(.*)$ HTTPS: // www.ilinux.com/$1; (redirect page) LOCATION / referer {(configuration allows the client requests content referer message carried (by which site to jump to this page) valid_referers www.ilinuc.com; if ($ invalid_referer) {(when the client message referer content can not be successful with a given match match, nginx mechanism will be assigned to the variable $ invalid_referer 1, here if statement when the variable $ invalid_referer value is 1, stop client access and feedback specify the error code;) return 402 ; (This feature can be used to prevent the illegal use of pictures and links to theft behavior) } } } } }