Nginx installation configuration

Yum -y install GCC pcre-devel zlib openssl openssl-devel 2 install GCC pcr-devel -devel 2 install GCC pcr-devel -devel 2 install GCC pcr-devel -devel 2 install GCC pcr-devel -devel 2 install GCC pcr-devel -devel /configure –prefix=/usr/local/nginx –prefix=/usr/local/nginx

--prefix=PATH Specifies the directory where NGINX will be installed. Default /usr/local/nginx --conf-path= path Set the path to the nginx.conf configuration file by /usr/local/nginx --conf-path= path Nginx allows you to start with a different configuration file, via the -c option on the command line. The default is prefix/conf/nginx.conf --user=name to set the user of the nginx worker process. After the installation is complete, you can change the user directive at any time in the nginx.conf configuration file. The default user name is nobody. - group = name similar - with - pcre set pcre library source code path, if has been installed via yum, use - with - automatically find pcre library files. --with-pcre=PATH --with-pcre=PATH --with-pcre=PATH --with-pcre=PATH --with-pcre=PATH --with-pcre=PATH --with-pcre=PATH --with-pcre=PATH --with-pcre=PATH --with-pcre=PATH --with-pcre=PATH --with-pcre=PATH Perl regular expressions use the source unzipping directory specified in the location directive and ngx_http_rewrite_module module --with-zlib=PATH for zlib (versions 1.1.3 -- 1.2.5). By default, you need to use zlib -- with-http_SSL_module to use the HTTPS protocol module for the enabled network transport compression module ngx_http_gzip_module. By default, the module is not built. This is provided if OpenSSL and openssl-devel are installed --with-http_stub_status_module is used to monitor the current state of NGINX --with-http_realip_module This module allows you to change the IP address (For example, X-REAL-IP, or X-FORWARDED-FOR) of the client header. It tells the server to record the IP address of the original client --add-module=PATH -- and adds a third-party external module. Such as nginx-sticky module-ng or cache module. Recompile every time you add a new module (Tengine can add a new module without recompile)

6. After the installation, enter the sbin directory under the nginx directory. / nginx-s reload reopen reopen reopen nginx./ nginx-s reload reopen reopen

Configure the users and groups that run the server (nobody means that all users and groups can start NGINX) worker_processes 8; The number of worker processes allowed to be generated. Default is 1. A configuration error log repository paths and storage level (the debug log level low to high order | info | notice | warn | error | crit | alert | emerg, default error) pid logs/nginx. Pid; Configure the PID file storage path

events {

accept_mutex on|off; Set the serialization of the network connection, the default open (on) position, serialization to receive multiple Nginx process connections, prevent multiple processes to connect for multi_accept on | off; Set to receive multiple network connections at the same time, the default off (off) state, can only receive one newly arrived network connection at a time; Method: select, pool, kqueue, epoll, rtsig, /dev/poll, eventport worker_connections 1024; Configure the maximum number of connections (the maximum number of connections that each worker process is allowed to open at the same time)

}

http {

The include file. Default_type application/octet-stream is a relative path. proxy_cache_path /nginx/cache/first [levels=1:2:1] keys_zone=first:20m [max_size=1g]; Create a cache, cannot be defined in the server/nginx/cache / {} context first create a cache directory on the local max_size cache directory content more than 1 g = 1 g, nginx will enable cache_manager process before using a least recently used algorithm to remove the cache Keys_zone =first: 20M Levels =1:2:1 in the cache directory #log_format main '$remote_addr - #log_format main '$remote_addr - #log_format main '$remote_addr - #log_format main '$remote_addr - #log_format main '$remote_addr - #log_format main '$remote_addr - #log_format main '$remote_addr - #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; Configure the log file path and log format sendfile on; tcp_nopush on; keepalive_timeout 65; Setting for connection timeout time gzip on | off; Upstream: "Upstream:" : "Upstream:" Upstream: "Upstream:" Upstream: "Upstream:" Upstream: "Upstream:" Upstream: "Upstream:" Upstream: "Upstream:" Upstream: "Upstream:" Upstream: "Upstream:" Upstream: Configure the hash scheduling cluster least_conn; Max_fails = configures the maximum number of health checks fail_timeout = configures the timeout time for each health check back when no other server can connect} server {listen 80; Listener port server_name localhost; Configure the hostname charset koi8-r; location URI {}; Location = URI {} for all objects in the current path and subpaths. Matches exactly the specified path, does not contain child paths, therefore only applies to the current resource location ~ URI {}; Patterns match URIs, where URIs can be used using regular expressions, ~ case-sensitive location ~* URI {}; Patterns match URIs, where URIs can be used using regular expressions, ~* case-insensitive location ^~ URI {}; The priority order without regular expression matching is location = URI {}, location ^~ URI {}, location ~ URI {}, location ~* URI {}, location URI {} location / { root html; Index. HTML index. HTM; Configure the default page autoindex on; Enable automatic index stub_status on; deny IP; Allow IP access; Allows IP access to deny All; Reject all IP access auth_basic; Enable user based access control auth_basic_user_file /etc/nginx/.user; Proxy_pass configuration proxy backend server proxy_cache first enables caching with region name first proxy_set_header x-real-ip $remote_addr Configure the agent to the backend server sends the client's IP address rewrite [pattern matching | judgment] redirect path parameter configuration URL redirection: If ($request_method = "POST") {proxy_pass} if ($request_uri ~* "/forum") {} } location / {read/write split configuration proxy_pass http://192.168.3.6/;} location / {read/write split configuration proxy_pass http://192.168.3.6/; If ($request_method = "PUT") {upload the uploaded file to proxy_pass defined server proxy_pass http://192.168.3.8/}} error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } location ~ \.php$ { root html; Fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; include fastcgi_params; }} server {listen 443 SSL; server_name localhost; ssl on; Enable SSL function ssl_certificate /etc/nginx/ SSL /cert.pem; Configure the location where the certificate is stored ssl_certificate_key cert.key; Ssl_session_cache shared:SSL:1m; Configure session cache ssl_session_timeout 5m; Configure session timeout SSL_CIPHERS HIGH:! aNULL:! MD5; Prefer_server_ciphers on; Allow the server to select its preferred encryption algorithm location / {root HTML; index index.html index.htm; }}

}

Related Posts

Windows – Server -2012: install nginx service and start it

Interviewer: Don’t even know the leaky bucket algorithm and the token bucket algorithm? Go back and read more books

18. Nginx and Lua grayscale publishing