安裝
在 Linux 下安裝 Nginx
爲了確保能在 Nginx 中使用正則表達式進行更靈活的配置,安裝之前需要確定系統是否安裝有 PCRE(Perl Compatible RegularExpressions)包。您可以到ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/ 下載最新的 PCRE 源碼包,使用下面命令下載編譯和安裝 PCRE 包:
# wget ftp://ftp.csx.cam.ac.uk/pub/soft ...cre/pcre-7.7.tar.gz
# tar zxvf pcre-7.7.tar.gz
# cd pcre-7.7
# ./configure
# make
# make install
接下來安裝 Nginx,Nginx 一般有兩個版本,分別是穩定版和開發版,您可以根據您的目的來選擇這兩個版本的其中一個,下面是把 Nginx 安裝到 /opt/nginx 目錄下的詳細步驟:
http://sysoev.ru/nginx/nginx-0.7.61.tar.gz
# wget http://sysoev.ru/nginx/nginx-0.6.31.tar.gz
# tar zxvf nginx-0.6.31.tar.gz
# cd nginx-0.6.31
# ./configure--with-http_stub_status_module --prefix=/opt/nginx
# make
# make install
其中參數 --with-http_stub_status_module 是爲了啓用 nginx 的 NginxStatus 功能,用來監控 Nginx 的當前狀態。
安裝成功後 /opt/nginx 目錄下有四個子目錄分別是:conf、html、logs、sbin 。其中 Nginx 的配置文件存放於conf/nginx.conf,Nginx 只有一個程序文件位於 sbin 目錄下的 nginx 文件。確保系統的 80端口沒被其他程序佔用,運行 sbin/nginx命令來啓動 Nginx,打開瀏覽器訪問此機器的 IP,如果瀏覽器出現 Welcome to nginx!則表示 Nginx 已經安裝並運行成功。
常用的 Nginx 參數和控制
程序運行參數
Nginx 安裝後只有一個程序文件,本身並不提供各種管理程序,它是使用參數和系統信號機制對 Nginx 進程本身進行控制的。 Nginx的參數包括有如下幾個:
-c <path_to_config>:使用指定的配置文件而不是conf 目錄下的 nginx.conf 。
-t:測試配置文件是否正確,在運行時需要重新加載配置的時候,此命令非常重要,用來檢測所修改的配置文件是否有語法錯誤。
-v:顯示 nginx 版本號。
-V:顯示 nginx 的版本號以及編譯環境信息以及編譯時的參數。
例如我們要測試某個配置文件是否書寫正確,我們可以使用以下命令
sbin/nginx – t – c conf/nginx2.conf
常規配置
Nginx官方網站 的一個例子
#!nginx
# 使用的用戶和組
user www www;
# 指定工作衍生進程數
worker_processes 2;
# 指定 pid 存放的路徑
pid/var/run/nginx.pid;
# [debug | info | notice | warn | error | crit ]
# 可以在下方直接使用 [ debug | info | notice | warn | error | crit ] 參數
error_log /var/log/nginx.error_log info;
events {
# 允許的連接數
connections 2000;
#use [ kqueue | rtsig | epoll | /dev/poll | select | poll ] ;
# 具體內容查看 http://wiki.codemongers.com/事件模型
usekqueue;
}
http{
include conf/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user[$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer""$http_user_agent" '
'"$gzip_ratio"';
log_format download '$remote_addr - $remote_user[$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer""$http_user_agent" '
'"$http_range""$sent_http_content_range"';
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
client_header_buffer_size 1k;
large_client_header_buffers 4 4k;
gzipon;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
send_lowat 12000;
keepalive_timeout 75 20;
#lingering_time 30;
#lingering_timeout 10;
#reset_timedout_connection on;
server {
listen one.example.com;
server_name one.example.com www.one.example.com;
access_log /var/log/nginx.access_log main;
location / {
proxy_pass http://127.0.0.1/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
client_body_temp_path /var/nginx/client_body_temp;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_send_lowat 12000;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_temp_path /var/nginx/proxy_temp;
charset koi8-r;
}
error_page 404 /404.html;
location /404.html {
root /spool/www;
charset on;
source_charset koi8-r;
}
location /old_stuff/ {
rewrite ^/old_stuff/(.*)$ /new_stuff/$1 permanent;
}
location /download/ {
valid_referers none blocked server_names *.example.com;
if($invalid_referer) {
#rewrite ^/ http://www.example.com/;
return 403;
}
#rewrite_log on;
#rewrite /download/*/mp3/*.any_ext to /download/*/mp3/*.mp3
rewrite ^/(download/.*)/mp3/(.*)\..*$
/$1/mp3/$2.mp3 break;
root /spool/www;
#autoindex on;
access_log /var/log/nginx-download.access_log download;
}
location ~* ^.+\.(jpg|jpeg|gif)$ {
root /spool/www;
access_log off;
expires 30d;
}
}
}
起停腳本
啓動腳本
DAEMON=/home/umallfrn/nginx/nginx/sbin/nginx
CONFIGFILE=/home/umallfrn/nginx/nginx/conf/nginx.conf
echo "Starting nginx"
$DAEMON -c $CONFIGFILE || echo "already running nginx"
停止Nginx服務
kill -9 `pidof nginx`
在不停止Nginx服務的情況下平滑變更Nginx配置
1、修改/usr/local/webserver/nginx/conf/nginx.conf配置文件後,請執行以下命令檢查配置文件是否正確:
/usr/local/webserver/nginx/sbin/nginx -t
如果屏幕顯示以下兩行信息,說明配置文件正確:
the configuration file/usr/local/webserver/nginx/conf/nginx.conf syntax is ok
the configuration file/usr/local/webserver/nginx/conf/nginx.conf was tested successfully
2、這時,輸入以下命令查看Nginx主進程號:
ps -ef | grep "nginx: masterprocess" | grep -v "grep" | awk -F ' ' '{print $2}'
屏幕顯示的即爲Nginx主進程號,例如:
6302
這時,執行以下命令即可使修改過的Nginx配置文件生效:
kill -HUP 6302
或者無需這麼麻煩,找到Nginx的Pid文件:
kill -HUP `cat/usr/mpsp/mall/nginx/logs/nginx.pid`
日誌切割腳本
創建日誌日切腳本
# cat /usr/local/sbin/logcron.sh
#!/bin/bash
log_dir=”/data/logs”
time=`date +%Y%m%d`
/bin/mv ${log_dir}/access_linuxtone.org.log${log_dir}/access_count.linuxtone.org.$time.log
kill -USR1 `cat /var/run/nginx.pid`
編輯定時任務
#contab -e
59 23 * * * /usr/local/sbin/logcron.sh /dev/null 2>&1
控制檯身份認證
創建用戶:
Cd /usr/mpsp/mall/nginx/conf/
Mkdir htpasswd
htpasswd -c/usr/mpsp/mall/nginx/conf/htpasswd jinlu jinlu #
設置用戶密碼
設定查看Nginx狀態的地址
location /NginxStatus {
stub_status on;
access_log on;
auth_basic "NginxStatus";
auth_basic_user_file htpasswd/jinlu;
}
運行以下命令檢測配置文件是否無誤:
/nginc -t
如果沒有報錯,那麼就可以開始運行Nginx了,執行以下命令即可:
備註:conf/htpasswd 文件的內容用 apache 提供的 htpasswd 工具來產生即可,內容大致如下:
查看 Nginx 運行狀態
輸入地址http://192.168.8.1/NginxStatus/,輸入驗證帳號密碼,即可看到類似如下內容:
Active connections: 328
server accepts handled requests
9309 8982 28890
Reading: 1 Writing: 3 Waiting: 324
nginx系統變量列表
從英文版wiki站點摘抄,編寫rewrite規則備查
The module ngx_http_core_module supports the built-invariables, whose names correspond with the names of variables in Apache.
First of all, these are the variables, which represent thelines of the title of the client request, for example, $http_user_agent, $http_cookie and so forth.
Furthermore, there are other variables:
$arg_PARAMETER, this variable contains the value of the GET requestvariable PARAMETER if present in the query string
$args, this variable is equal to arguments in the line ofrequest;
$content_length, this variable is equal to line “Content-Length” in theheader of request;
$content_type, this variable is equal to line “Content-Type” in theheader of request;
$document_root, this variable is equal to the value of directive root forthe current request;
$document_uri, the same as $uri;
$host, this variable is equal to line “Host” in the header ofrequest or name of the server, to whom the request arrived, if there is no thisline;
$is_args evaluates to “?” if $args is set, “” otherwise.
$limit_rate, the variable allows to limit connection rate;
$query_string, the same as $args;
$request_method, this variable is equal to the method of request, usuallythis “GET” or “POST”;
$remote_addr, this variable is equal to the address of client;
$remote_port, this variable is equal to the port of client;
$remote_user, this variable is equal to the name of user, authenticatedby ngx_http_auth_basic_module;
$request_filename, this variable is equal to path to the file for thecurrent request, formed from directives root or alias and URI request;
$request_body_file, client request body temporary filename;
$request_uri, this variable is equal to the complete initial URItogether with the arguments;
$scheme, the HTTP scheme (http, https). Evaluated only on demand,for example:
rewrite ^(.+)$ $scheme://example.com$1 redirect;
$server_protocol, this variable is equal to the protocol of request,usually this “HTTP/1.0″ or “HTTP/1.1″;
$server_addr, the variable is equal to the server address, to whomarrived the request. As a rule, for obtaining the value of this variable isdone one system call. In order to avoid system call, it is necessary toindicate addresses in directives listen and to use parameter bind;
$server_name, this variable is equal to the name of the server, to whomarrived the request;
$server_port, this variable is equal to the port of the server, towhich the request arrived;
$uri, this variable is equal to current URI in the request, itcan differ from initial, for example by internal redirects, or with the use ofindex it is file with internal redirects.
