Nginx Installation

Posted on | In | Page View

Nginx Installation

Basic Info

  • OS: CentOS: 7.3
  • Nginx Version: 1.8.0
  • PCRE Version: 8.36
  • zlib Version: 1.2.8
  • OpenSSL Version: 1.0.1j

Install Dependence

Install PCRE

1
2
3
4
5
6
7
8
[root@localhost local]# tar -zxvf pcre-8.36.tar.gz
[root@localhost local]# cd pcre-8.36/
[root@localhost pcre-8.36]# ./configure
## Fix Error: "configure: error: You need a C++ compiler for C++ support."
[root@localhost local]# yum install -y gcc-c++
[root@localhost pcre-8.36]# make
[root@localhost pcre-8.36]# make install

Install zlib

1
2
3
4
5
6
[root@localhost local]# wget https://www.zlib.net/fossils/zlib-1.2.8.tar.gz
[root@localhost local]# tar -zxvf zlib-1.2.8.tar.gz
[root@localhost local]# cd zlib-1.2.8/
[root@localhost zlib-1.2.8]# ./configure
[root@localhost zlib-1.2.8]# make
[root@localhost zlib-1.2.8]# make install

Install OpenSSL

1
2
3
4
5
6
7
[root@localhost local]# wget https://ftp.openssl.org/source/old/1.0.1/openssl-1.0.1j.tar.gz
[root@localhost local]# tar -zxvf openssl-1.0.1j.tar.gz
[root@localhost local]# cd openssl-1.0.1j/
[root@localhost openssl-1.0.1j]# ./config
[root@localhost openssl-1.0.1j]# make
## Wait a while...
[root@localhost openssl-1.0.1j]# make install

Setup SSL Certificate

1
2
3
4
[root@localhost local]# mkdir nginx_ssl
[root@localhost local]# cd nginx_ssl/
## 不使用密碼保護憑證,避免每次啓動Nginx時,都要輸入密碼
[root@localhost nginx_ssl]# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout nginx.key -out nginx.crt

Install Nginx

Install Nginx

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
[root@localhost ~]# cd /opt/software
[root@localhost software]# wget http://nginx.org/download/nginx-1.8.0.tar.gz
[root@localhost software]# tar -zxvf nginx-1.8.0.tar.gz
## --prefix=/usr/local/nginx: Nginx編譯後的輸出路徑
## --with-openssl, --with-http_ssl_module: 如要使用HTTPS需指定這兩個參數
[root@localhost nginx-1.8.0]# ./configure --prefix=/usr/local/nginx --with-pcre=/usr/local/pcre-8.36 --with-zlib=/usr/local/zlib-1.2.8 --with-openssl=/usr/local/openssl-1.0.1j --with-http_stub_status_module --with-http_ssl_module
Configuration summary
  + using PCRE library: /usr/local/pcre-8.36
  + using OpenSSL library: /usr/local/openssl-1.0.1j
  + md5: using OpenSSL library
  + sha1: using OpenSSL library
  + using zlib library: /usr/local/zlib-1.2.8
  nginx path prefix: "/usr/local/nginx"
  nginx binary file: "/usr/local/nginx/sbin/nginx"
  nginx configuration prefix: "/usr/local/nginx/conf"
  nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
  nginx pid file: "/usr/local/nginx/logs/nginx.pid"
  nginx error log file: "/usr/local/nginx/logs/error.log"
  nginx http access log file: "/usr/local/nginx/logs/access.log"
  nginx http client request body temporary files: "client_body_temp"
  nginx http proxy temporary files: "proxy_temp"
  nginx http fastcgi temporary files: "fastcgi_temp"
  nginx http uwsgi temporary files: "uwsgi_temp"
  nginx http scgi temporary files: "scgi_temp"
[root@localhost nginx-1.8.0]# make
## Wait a while
[root@localhost nginx-1.8.0]# make install
## 設置Nginx環境變量
[root@localhost nginx-1.8.0]# vim /etc/profile
export NGINX_HOME="/usr/local/nginx"
export PATH="$NGINX_HOME/sbin:$PATH"
[root@localhost nginx-1.8.0]# source /etc/profile

Configure HTTPS

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
[root@localhost nginx-1.8.0]# cd /usr/local/nginx
[root@localhost nginx]# vim conf/nginx.conf
## 位於文件最底部,將下述設定打開並指定憑證所在位置
    # HTTPS server
    server {
        listen       443 ssl;
        server_name  localhost;
        ssl_certificate      /usr/local/nginx_ssl/nginx.crt;
        ssl_certificate_key  /usr/local/nginx_ssl/nginx.key;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
        location / {
            root   html;
            index  index.html index.htm;
        }
    }

Start Nginx

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[root@localhost nginx]# ./sbin/nginx
## 可以透過瀏覽器訪問 http://[ip] 或是 https://[ip]
## access.log 會顯示對應訪問的Log
[root@localhost nginx]# tail -F logs/access.log
10.50.129.66 - - [10/Jan/2018:23:23:38 -0800] "GET / HTTP/1.0" 200 612 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.89 Safari/537.36"
10.103.67.83 - - [10/Jan/2018:23:24:29 -0800] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
## nginx.pid 會當前Nginx的Pid
[root@localhost nginx]# cat logs/nginx.pid 
82206
## 使用netstat命令確認Nginx的監聽port
[root@localhost nginx]# netstat -nlp | grep nginx
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      82206/nginx: master 
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      82206/nginx: master

Nginx Web UI

  • HTTP Web
  • HTTPS Web