编译安装nginx,实现多域名 https

その他 2021-11-18 02:54:36 訪問数: null

编译安装nginx,实现多域名 https

0. 目标

  1. 二进制安装NGINX
  2. 配置Nginx http访问
  3. 配置Nginx https访问

1. 获取Nginx包

https://nginx.org/en/download.html
在这里插入图片描述

2. 编译安装Nginx

yum install -y gcc pcre-devel openssl-devel zlib-devel lrzsz make
useradd -u 80 nginx -s /sbin/nologin
wget https://nginx.org/download/nginx-1.20.1.tar.gz
tar xf nginx-1.20.1.tar.gz 
cd nginx-1.20.1/
mkdir /apps/nginx -p
./configure --prefix=/apps/nginx \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--with-pcre \
--with-stream \
--with-stream_ssl_module \
--with-stream_realip_module
make -j 4 && make install
echo "PATH=/apps/nginx/sbin/:$PATH" >/etc/profile.d/nginx.sh
. /etc/profile.d/nginx.sh
chown nginx.nginx -R /apps/nginx/

2.1 Nginx版本确认

nginx -v
nginx version: nginx/1.20.1

nginx -V
nginx version: nginx/1.20.1
built by gcc 8.4.1 20200928 (Red Hat 8.4.1-1) (GCC) 
built with OpenSSL 1.1.1g FIPS  21 Apr 2020
TLS SNI support enabled
configure arguments: --prefix=/apps/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-stream --with-stream_ssl_module --with-stream_realip_module

3. 生成Nginx Service文件

cat > /usr/lib/systemd/system/nginx.service <<EOF
[Unit]
Description=nginx - high performance web server
Documentation=http://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/apps/nginx/run/nginx.pid
ExecStart=/apps/nginx/sbin/nginx -c /apps/nginx/conf/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID
LimitNOFILE=100000
[Install]
WantedBy=multi-user.target
EOF

4. Nginx配置(http)

4.1 http配置

cat > /apps/nginx/conf/nginx.conf<<EOF
worker_processes  2;
worker_cpu_affinity 0001 0010;
error_log  logs/error.log;
pid        logs/nginx.pid;
events {
    worker_connections  10240;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server {
        listen       80;
        server_name  www.aaa.com;
        location / {
            root   /apps/app0;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
    server {
        listen       80;
        server_name  www.bbb.com;
        location / {
            root   /apps/app1/;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
    server {
        listen       80;
        server_name  www.ccc.com;
        location / {
            root   /apps/app2;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}
EFO

4.2 准备index文件

mkdir /apps/app0
mkdir /apps/app1
mkdir /apps/app2
echo www.aaa.com > /apps/app0/index.html
echo www.bbb.com > /apps/app1/index.html
echo www.ccc.com > /apps/app2/index.html

4.3 测试HTTP

在这里插入图片描述

5. Nginx配置(https)

5.1 生成自签证书

https://blog.csdn.net/qq_29974229/article/details/119592889

5.2 将证书复制到nginx目录下

mkdir /apps/nginx/conf/ssl
cp ssl* /apps/nginx/conf/ssl

5.3 修改配置文件

cat >/apps/nginx/conf/nginx.conf<<EOF
worker_processes  1;
error_log  logs/error.log;
pid        logs/nginx.pid;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server {
        listen      443 ssl; 
	server_name  www.aaa.com;
        ssl_certificate ssl/ssl.crt;
        ssl_certificate_key ssl/ssl.key;
        ssl_session_timeout 5m;
        ssl_ciphers HIGH:!aNULL:!MD5:!3DES;
        ssl_prefer_server_ciphers on;
        location / {
            root   /apps/app0;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
    server {
        listen      443 ssl;
	server_name  www.bbb.com;
        ssl_certificate ssl/ssl.crt;
        ssl_certificate_key ssl/ssl.key;
        ssl_session_timeout 5m;
        ssl_ciphers HIGH:!aNULL:!MD5:!3DES;
        ssl_prefer_server_ciphers on;
        location / {
            root   /apps/app1/;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
    server {
	listen      443 ssl;
        server_name  www.ccc.com;
        ssl_certificate ssl/ssl.crt;
        ssl_certificate_key ssl/ssl.key;
        ssl_session_timeout 5m;
        ssl_ciphers HIGH:!aNULL:!MD5:!3DES;
        ssl_prefer_server_ciphers on;
        location / {
            root   /apps/app2;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}
EOF

5.4 确认配置正确

nginx -t
nginx -s stop
nginx

在这里插入图片描述

5.5 测试SSL

在这里插入图片描述

在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

おすすめ

転載: blog.csdn.net/qq_29974229/article/details/121266195
おすすめ
TIOBE 5 月リスト: Fortran がトップ 10 に「復活」
GCC 14.1 发布
ランキング
Linuxの一般的なコマンドの緊急対応
FPGAの設計者は、5つの基本的なスキルです
Javaの研究では、2019年6月12日ノート
Golang底层原理剖析之内存逃逸
VIM - Viは、プログラマーのテキストエディタを改善しました
魔法書(MagicTable)入門チュートリアルは、CADの一括転送複数のテーブルExcelをExcelを回し--CAD
mockitoとの望ましくないモック
EVE-NG MPLS L2VPN BGP pw -- スタティック ルート、スタティック mpls lsp
抵抗性タッチスクリーンドライバ(II)
PHP 安装扩展 Api Version 和扩展extensions路径不匹配的问题
アーカイブ
もっと
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(35)
2024-04-29(5)

コードワールド

© 2018 codetd.com