本文记录在Linux下安装Nginx的全过程.

操作

因为yum安装只是一条命令的事情, 这里只记录源码安装的方法 :

  1. 首先安装缺少的依赖包

    1
    yum -y install gcc gcc-c++ make libtool zlib zlib-devel openssl openssl-devel pcre pcre-devel
  2. 下载

    1
    wget http://nginx.org/download/nginx-1.10.1.tar.gz
  3. 解压缩:

    1
    tar -zxvf nginx-1.10.1.tar.gz
  4. 配置安装

    1
    ./configure --prefix=/usr/local/nginx --with-http_ssl_module

--prefix=/usr/local/nginx:指定安装目录

--with-http_ssl_module:开启SSL模块

  1. 进入解压后的目录执行
1
make && make install
  1. 进入到sbin目录启动nginx
1
/usr/local/path/nginx/sbin/nginx

相关配置

  1. vi命令打开usr/local/path/nginx/conf/nginx.conf, 在底部添加include /usr/local/path/nginx/conf.d/*.conf;.

  2. 往后所有的配置都放到/usr/local/path/nginx/conf.d/下, 方便管理

参考

xxx.websitename.conf :

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
server {  
listen 80;
server_name xxx.websitename.com;

rewrite ^(.*)$ https://$host$1 permanent; # 强制转发http到https, 没有证书则不需要配置
}

server {
listen 443 ssl; # https监听, 没有证书则改成80
server_name argo.cayzlh.cn;

ssl_certificate /usr/local/path/nginx/cert/111.pem; # https证书配置, 没有则注释掉
ssl_certificate_key /usr/local/path/nginx/cert/111.key; # https证书配置, 没有则注释掉

ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;

ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

location ~ / {

proxy_set_header Host argo.cayzlh.cn;

proxy_set_header X-Real-IP $http_x_forwarded_for;

proxy_set_header X-Forwarded-For $http_x_forwarded_for;

proxy_pass http://websitename.service;

}

}

upstream.conf :

1
2
3
upstream websitename.service {
server 127.0.0.1:11200 weight=10;
}

以上配置表示, 将xxx.websitename.com映射到服务器的https端口上, 并且做了强制http转https的配置;

其他

请求头header支持下划线配置

1
underscores_in_headers on

underscores_in_headers 默认值是off,会把header里面的下划线拦截,设置为on解决。