centos6.5 Server installation Nginx setup service and startup method
- 2020-06-12 11:39:55
- OfStack
This article introduces the es1EN 6.5 server installation Nginx setup service and boot from the way, to share with you, but also to keep a note for yourself
1. Install Nginx and its dependencies
The first is the old way of using ssh to link servers. Remember the old code?
ssh -t The user name @ The server IP Or the domain name -p 22
<!-- The user name 1 As is root , easy to operate, my login code is as follows -->
ssh -t root@acheng1314.cn -p 22Enter the above command in the terminal and press enter, asking us to enter the password. This password is not visible, so 1 must be entered correctly.
After connecting to the server, we switch to the common installation path. Of course, the installation path on my server is /usr/src, and then we start to operate at the terminal:
<!-- Switch to the installation directory -->
cd /usr/src
<!-- create Nginx Folders for storing Nginx Related resources and dependencies -->
mkdir Nginx
<!-- Download resources and dependencies -->
yum -y install zlib zlib-devel openssl openssl--devel pcre pcre-devel
<!-- The command above 1 Generally it doesn't need to install anything, but it doesn't matter, we'll then reinstall the specified version, right -->
<!-- download pcre-->
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.40.tar.gz
<!-- Unpack the -->
tar -zxvf pcre-8.40.tar.gz
<!-- Switch to the pcre directory -->
cd pcre-8.40
<!-- Set up the -->
./configure
<!-- compile -->
make
<!-- The installation -->
make install
<!-- Switch to the Nginx Home directory -->
cd ..
<!-- Download and Install zlib-->
wget http://zlib.net/zlib-1.2.11.tar.gz
<!-- Unpack the -->
tar -zxvf zlib-1.2.11.tar.gz
<!-- Switch to the zlib directory -->
cd zlib-1.2.11
<!-- Setup, compile, install -->
./configure
make
make install
<!-- Switch to the Nginx Home directory -->
cd ..
<!-- Download and prepare ssl-->
wget http://www.openssl.org/source/openssl-fips-2.0.14.tar.gz
<!-- Unpack the -->
tar -zxvf openssl-fips-2.0.14.tar.gz
<!--yum The installation ssl-->
yum -y install openssl openssl-devel
<!-- Download and Install nginx-->
wget http://nginx.org/download/nginx-1.4.2.tar.gz
tar -zxvf nginx-1.4.2.tar.gz
cd nginx-1.4.2
<!-- Set up the Nginx The installation directory /opt/nginx And add ssl support -->
./configure --prefix=/opt/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre
make
make install
At this point, our nginx installation is complete, but we need to do more, which is to configure the server, add ssl access, set up the service, and start up
2. Configure the server
There is a lot about server setup on the Internet, but not so much about the exact explanation, and I just happened to have a look at their stuff after the hehe. The correct configuration method is as follows:
<!-- Switch to the nginx Set the directory -->
cd /opt/nginx/conf
<!--vim The editor nginx The configuration file -->
vi nginx.confMy ES30en. conf is as follows:
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
# Note that this is related to setting up the machine and is not recommended to change
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
# proxy_pass http://localhost;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# This is where you set up the machine https Access, which must be set in order to be correct https
# HTTPS server
#
server {
listen 443;
server_name localhost acheng1314.cn www.acheng1314.cn;
ssl on;
# Here's your signature. Throw it in conf The following cert In the directory
ssl_certificate cert/214217283570796.pem;
ssl_certificate_key cert/214217283570796.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
location / {
# root html;
# index index.html index.htm;
proxy_pass http://localhost;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# This is where you set up domain jump and forward these domain names to your local 8080 Port,
server {
listen 80;
server_name *.acheng1314.cn acheng1314.cn;
location / {
proxy_pass http://localhost:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}
It's important to note when writing this that no application port can conflict! For example, my nginx is bound to port 80. If tomcat sets port 80 again, my setting will fail to forward even if bound to localhost! After all, the network port can only be used by one application.
<!-- Check to see if our Settings are correct. Correct or incorrect will be prompted -->
/opt/nginx/sbin/nginx -t
<!-- Enable if the configuration is correct nginx-->
/opt/nginx/sbin/nginx
<!-- Reload the configuration file -->
/opt/nginx/sbin/nginx -t
<!-- Of course, when we get here, it will certainly not be passable, after all, we still have the firewall 443 Port intercepts, so move on. -->
<!-- add 443 Port to firewall -->
/sbin/iptables -I INPUT -p tcp --dport 443 -j ACCEPT
<!-- Save the firewall configuration -->
/etc/rc.d/init.d/iptables save
<!-- Is the configuration file in effect -->
/etc/init.d/iptables status
At this stage, we can test the server 1. Normally, my current server is http and https are fully supported.
3. Set up services and self-opening
In fact, there's not much to notice here, as long as the nginx path is set correctly.
#!/bin/sh
# Name:nginx4comex
# nginx - this script starts and stops the nginx daemon
#
# description: Nginx is an HTTP(S) server, HTTP(S) reverse \
# proxy and IMAP/POP3 proxy server
# processname: nginx
# config: /opt/nginx/conf/nginx.conf
# pidfile: /comexHome/nginx/nginx.pid
#
# Created By http://comexchan.cnblogs.com/
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
NGINX_DAEMON_PATH="/opt/nginx/sbin/nginx"
NGINX_CONF_FILE="/opt/nginx/conf/nginx.conf"
NGINX_LOCK_FILE="/var/lock/subsys/nginx4comex"
prog=$(basename $NGINX_DAEMON_PATH)
start() {
[ -x $NGINX_DAEMON_PATH ] || exit 5
[ -f $NGINX_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $NGINX_DAEMON_PATH -c $NGINX_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $NGINX_LOCK_FILE
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $NGINX_LOCK_FILE
return $retval
}
restart() {
configtest || return $?
stop
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $NGINX_DAEMON_PATH -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$NGINX_DAEMON_PATH -t -c $NGINX_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
The above code is used to create the service code, save them in the nginx4comex file (this file is still in /opt/nginx directory, one sample is written using vim). Note that the code below corresponds to your configuration.
NGINX_DAEMON_PATH="/opt/nginx/sbin/nginx"
NGINX_CONF_FILE="/opt/nginx/conf/nginx.conf"We then proceed with terminal command operations.
<!-- authorization nginx4comex The executable -->
chmod u+x nginx4comex
<!-- copy nginx4comex to /etc/init.d directory -->
cp nginx4comex /etc/init.d
<!-- Check running status -->
service nginx4comex status
<!-- Add to startup, first vim Open the boot file and add the boot code -->
vim /etc/rc.local
<!-- The added startup code is shown below -->
/etc/init.d/nginx4comex start
<!-- Now that our startup is complete, restart to check the effect -->
reboot
Finally, we have set up nginx agent tomcat and set up the corresponding server program to start itself.
Attention! nginx4comex cannot be used by chkconfig. The specific reason is not clear to me, but the original author did use the method of chkconfig to add the startup in his article. Those who are interested in linux can have a try.