Nginx安装配置（系统平台：CentOS 7.1 64位）

一、安装编译工具及库文件

yum -y install make zlib zlib-devel gcc gcc-c++ libtool  openssl openssl-devel pcre pcre-devel

（PCRE 作用是让 Nginx 支持 Rewrite 功能）

二、安装Nginx

1、下载Nginx

下载地址：http://nginx.org/，选择稳定版本（例如：nginx-1.12.0.tar.gz）

2、将下载的二进制包移动到/usr/local目录，解压缩文件包

tar zxvf nginx-1.12.0.tar.gz

3、进入安装目录，编译安装

cd nginx-1.12.0

./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-pcre  --with-http_ssl_module

make

make install

安装完成后的摘要信息：

Configuration summary
  + using system PCRE library
  + using system OpenSSL library
  + using system zlib library

  nginx path prefix: "/usr/local/nginx"
  nginx binary file: "/usr/local/nginx/sbin/nginx"
  nginx modules path: "/usr/local/nginx/modules"
  nginx configuration prefix: "/usr/local/nginx/conf"
  nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
  nginx pid file: "/usr/local/nginx/logs/nginx.pid"
  nginx error log file: "/usr/local/nginx/logs/error.log"
  nginx http access log file: "/usr/local/nginx/logs/access.log"
  nginx http client request body temporary files: "client_body_temp"
  nginx http proxy temporary files: "proxy_temp"
  nginx http fastcgi temporary files: "fastcgi_temp"
  nginx http uwsgi temporary files: "uwsgi_temp"
  nginx http scgi temporary files: "scgi_temp"

默认安装到/usr/local/nginx目录。

4、查看Nginx版本

/usr/local/nginx/sbin/nginx -v

输出结果如下：

nginx version: nginx/1.12.0

到此，nginx安装完成。

5、启动、关闭Nginx

#检查配置文件是否正确

/usr/local/nginx/sbin/nginx -t

/usr/local/nginx/sbin/nginx -V     # 可以看到编译选项

#启动Nginx

/usr/local/nginx/sbin/nginx     # 默认配置文件 /usr/local/nginx/conf/nginx.conf，-c 指定

# 重新载入配置文件

/usr/local/nginx/sbin/nginx -s reload

#重启Nginx，不会改变启动时指定的配置文件

/usr/local/nginx/sbin/nginx -s reopen

#停止Nginx

/usr/local/nginx/sbin/nginx -s stop

或

pkill nginx

三、Nginx配置

1、创建Nginx运行使用的用户www

/usr/sbin/groupadd www

/usr/sbin/useradd -g www www

2、配置nginx.conf，将/usr/local/nginx/conf/nginx.conf替换为以下内容

user  www www;worker_processes  8;error_log  logs/error.log;#error_log  logs/error.log  notice;#error_log  logs/error.log  info;pid        logs/nginx.pid;events {    use epoll;    worker_connections  1024;}http {    include       mime.types;    default_type  application/octet-stream;    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '    #                  '$status $body_bytes_sent "$http_referer" '    #                  '"$http_user_agent" "$http_x_forwarded_for"';    #access_log  logs/access.log  main;       client_max_body_size 20M;    client_header_buffer_size  32k;    large_client_header_buffers 4 32k;        sendfile        on;    #tcp_nopush     on;    #keepalive_timeout  0;    keepalive_timeout  65;    gzip  on;    gzip_min_length 1k;    gzip_buffers 4 16k;    gzip_http_version 1.0;    gzip_comp_level 2;    gzip_types text/plain application/x-javascript text/css application/xml;    gzip_vary on;    proxy_buffer_size 64k;    proxy_buffers   32 32k;    proxy_busy_buffers_size 128k;    server {        listen       80;        server_name  localhost;        #charset koi8-r;        #access_log  logs/host.access.log  main;        location / {            root   html;            index  index.html index.htm;        }                location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {            expires max;            log_not_found off;        }                 location ^~ /HFC/ {            proxy_pass   http://$remote_addr:8090$request_uri;  proxy_set_header  Host  $host;            proxy_set_header  X-Real_IP  $remote_addr;proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;        }        #error_page  404              /404.html;        # redirect server error pages to the static page /50x.html        #        error_page   500 502 503 504  /50x.html;        location = /50x.html {            root   html;        }        # proxy the PHP scripts to Apache listening on 127.0.0.1:80        #        #location ~ \.php$ {        #    proxy_pass   http://127.0.0.1;        #}        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000        #        #location ~ \.php$ {        #    root           html;        #    fastcgi_pass   127.0.0.1:9000;        #    fastcgi_index  index.php;        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;        #    include        fastcgi_params;        #}        # deny access to .htaccess files, if Apache's document root        # concurs with nginx's one        #        #location ~ /\.ht {        #    deny  all;        #}    }    # another virtual host using mix of IP-, name-, and port-based configuration    #    #server {    #    listen       8000;    #    listen       somename:8080;    #    server_name  somename  alias  another.alias;    #    location / {    #        root   html;    #        index  index.html index.htm;    #    }    #}    # HTTPS server    #    #server {    #    listen       443 ssl;    #    server_name  localhost;    #    ssl_certificate      cert.pem;    #    ssl_certificate_key  cert.key;    #    ssl_session_cache    shared:SSL:1m;    #    ssl_session_timeout  5m;    #    ssl_ciphers  HIGH:!aNULL:!MD5;    #    ssl_prefer_server_ciphers  on;    #    location / {    #        root   html;    #        index  index.html index.htm;    #    }    #}}

四、防火墙配置

CentOS7默认的防火墙为firewall

添加防火墙规则如下：

#firewall-cmd --add-port=80/tcp          //http协议基于TCP传输协议，放行80端口