Super detailed Nginx installation and configuration tutorial

main # Global configuration

events {# nginx working mode configuration
    ....
}

http {# http settings
    ....

    server {# Server host configuration
        ....
        location {# Routing configuration
            ....
        }
            upstream name {# Load balancing configuration
        ....
    }
}

As shown in the above configuration file, it mainly consists of 6 parts:

main: used to configure nginx global information
events: Used for configuration of nginx working mode
http: used to configure some of the http protocol information
server: used to configure server access information
location: used to configure access routing
upstream: configuration for load balancing

#user nobody nobody;
worker_processes 2;
#error_log logs/error.log
#error_log logs/error.log notice
#error_log logs/error.log info
#pid logs/nginx.pid
worker_rlimit_nofile 1024;

< /div>

The above configurations are all configuration items stored in the main global configuration module

user is used to specify the running user and user group of the nginx worker process, and the default nobody account runs
worker_processes specifies the number of child processes to be opened by nginx, and monitors the memory consumption of each process during operation (generally a few M to tens of M) and adjusts it according to the actual situation, usually the number is an integer multiple of the number of CPU cores
error_log defines the location and output level of the error log file [debug / info / notice / warn / error / crit]
pid is used to specify the location of the storage file of the process id
worker_rlimit_nofile is used to specify the description of the maximum number of files that a process can open

event module

event {
    worker_connections 1024;
    multi_accept on;
    use epoll;
}

The above configuration is some operation configuration for the working mode of nginx server

worker_connections specifies the maximum number of connections that can be received at the same time. It must be noted here that the maximum number of connections is determined jointly with worker processes.
The multi_accept configuration specifies that nginx accepts as many connections as possible after receiving a new connection notification
The use epoll configuration specifies the method of thread polling, if it is linux2.6+, use epoll, if it is BSD such as Mac, please use Kqueue

http module

As a web server, http module is the most A core module, there are many configuration items. Many actual business scenarios will be set in the project, which needs to be configured appropriately according to the hardware information. Under normal circumstances, use the default configuration!

http {
    ##
    # Basic configuration
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL certificate configuration
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Log configuration
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip compression configuration
    ##

    gzip on;
    gzip_disable "msie6";

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript
 text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual host configuration
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;

1) Basic configuration

sendfile on: Configure on to make sendfile work, and hand over the write-back process of the file Give the data buffer to complete, rather than put it in the application to complete, this will be good for performance improvement
tc_nopush on: Let nginx send all header files in one data packet instead of Send separately one by one
tcp_nodelay on: Let nginx not cache data, but send it piece by piece. If the data transmission has real-time requirements, you can configure it, and send a small piece of data immediately You can get the return value, but don’t abuse it.

keepalive_timeout 10: Assign a connection timeout time to the client, and the server will close the connection after this time has passed. Generally, the setting time is shorter, which can make nginx work more sustainable.
client_header_timeout 10: Set the timeout time of the request header
client_body_timeout 10: Set the request body Timeout
send_timeout 10: Specify the client response timeout time. If the interval between two operations of the client exceeds this time, the server will close the link

limit_conn_zone $binary_remote_addr zone=addr:5m: Set the parameters of shared memory used to save various keys,
limit_conn addr 100: Set the maximum number of connections for a given key

server_tokens: Although it will not make nginx execute faster, you can turn off the nginx version prompt on the error page, which is good for improving website security.
include / etc/nginx/mime.types: specify the instruction to include another file in the current file
default_type application/octet-stream: specify that the file type to be processed by default can be binary< br>type_hash_max_size 2048: Confusing data, affecting the conflict rate of the three columns. The larger the value, the more memory will be consumed, and the hash key conflict rate will decrease, and the retrieval speed will be faster; the smaller the value, the more memory will be occupied. Less, the higher the conflict rate, the slower the retrieval speed

2) Log configuration

access_log logs/access.log: Set the log for storing access records< br>error_log logs/error.log: Set the log of error occurrence in storage records

3) SSL certificate encryption

ssl_protocols : Command is used to start a specific encryption protocol, nginx defaults to ssl_protocols after version 1.1.13 and 1.0.12. SSLv3 TLSv1 TLSv1.1 TLSv1.2, TLSv1.1 and TL Sv1.2 must ensure that OpenSSL >= 1.0.1, SSLv3 is still in use in many places, but there are many * vulnerabilities.
ssl prefer server ciphers**: When setting the negotiated encryption algorithm, the cipher suite of our server is preferentially used instead of the cipher suite of the client browser

4) Compression configuration

gzip is to tell nginx to send data in the form of gzip compression. This will reduce the amount of data we send.
gzip_disable Disable the gzip function for the specified client. We set it to IE6 or lower to make our solution widely compatible.
gzip_static Tell nginx to look for pre-gzip-processed resources before compressing resources. This requires you to pre-compress your files (commented out in this example), allowing you to use the highest compression ratio so that nginx does not need to compress these files (for more detailed gzip_static information, please click here) .
gzip_proxied Allow or prohibit the compression of the response stream based on the request and response. We set it to any, which means that all requests will be compressed.
gzip_min_length Set the minimum number of bytes for data compression. If a request is less than 1000 bytes, we’d better not compress it, because compressing these small data will reduce the speed of all processes handling this request.
gzip_comp_level Set the compression level of the data. This level can be any value between 1-9, 9 is the slowest but the compression ratio is the largest. We set it to 4, which is a compromise setting.
gzip_type Set the data format that needs to be compressed. There are already some in the above example, and you can add more formats.

5) File cache configuration

open_file_cache When opening the cache, it also specifies the maximum number of caches and the cache time. We can set a relatively high maximum time so that we can clear them after more than 20 seconds of inactivity.
open_file_cache_valid Specify the interval for checking correct information in open_file_cache.
open_file_cache_min_uses defines the minimum number of files during the inactive time of the instruction parameter in open_file_cache.
open_file_cache_errors specifies whether to cache error information when searching for a file, including adding files to the configuration again. We have also included server modules, which are defined in different files. If your server module is not in these locations, you have to modify this line to specify the correct location.

server module

srever module The configuration is a sub-module in the http module, used to define a virtual access host, that is, the configuration of a virtual server Information

server {
    listen 80;
    server_name localhost 192.168.1.100;
    root /var/www/html;
    index index.php index.html index.html;
    charset utf-8;
    access_log logs/access.log;
    error_log logs/error.log;
    ......
}

The core configuration information is as follows:

server：一个虚拟主机的配置，一个http中可以配置多个server

server_name：用力啊指定ip地址或者域名，多个配置之间用空格分隔

root：表示整个server虚拟主机内的根目录，所有当前主机中web项目的根目录

index：用户访问web网站时的全局首页

charset：用于设置www/路径中配置的网页的默认编码格式

access_log：用于指定该虚拟主机服务器中的访问记录日志存放路径

error_log：用于指定该虚拟主机服务器中访问错误日志的存放路径

location模块

location模块是nginx配置中出现最多的一个配置，主要用于配置路由访问信息

在路由访问信息配置中关联到反向代理、负载均衡等等各项功能，所以location模块也是一个非常重要的配置模块

基本配置

location / {
    root    /nginx/www;
    index    index.php index.html index.htm;
}

location /：表示匹配访问根目录

root：用于指定访问根目录时，访问虚拟主机的web目录

index：在不指定访问具体资源时，默认展示的资源文件列表

反向代理配置方式

通过反向代理代理服务器访问模式，通过proxy_set配置让客户端访问透明化

location / {
    proxy_pass http://localhost:8888;
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header Host $http_host;
}

uwsgi配置

wsgi模式下的服务器配置访问方式

location / {
    include uwsgi_params;
    uwsgi_pass localhost:8888
}

upstream模块

upstream模块主要负责负载均衡的配置，通过默认的轮询调度方式来分发请求到后端服务器

简单的配置方式如下

upstream name {
    ip_hash;
    server 10.5.10.119:8000;
    server 10.5.10.119:8001 down;
    server 10.5.10.119:8002 max_fails=3;
    server 10.5.10.119:8003 fail_timeout=20s;
    server 10.5.10.119:8004 max_fails=3 fail_timeout=20s;
}

核心配置信息如下

ip_hash：指定请求调度算法，默认是weight权重轮询调度，可以指定

server host:port：分发服务器的列表配置

-- down：表示该主机暂停服务

-- max_fails：表示失败最大次数，超过失败最大次数暂停服务

-- fail_timeout：表示如果请求受理失败，暂停指定的时间之后重新发起请求

2.检查nginx.conf文件

cd /usr/local/nginx/sbin
./nginx -t  #查看nginx.conf文件是否有语法错误

?
出现如下字样，表示nginx.conf没有语法错误，配置成功

?
3.启动nginx

cd /usr/local/nginx/sbin

?
查看进程：
?
备注：这里启动的服务进程其实是4个进程，因为nginx进程在启动的时候，会附带一个守护进程，用于保护正式进程不被异常终止；如果守护进程一旦返现nginx继承被终止了，会自动重启该进程。
守护进程一般会称为master进程，业务进程被称为worker进程

常见问题：
?

解决nginx:[emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)错误：
错误原因：不能绑定80端口，80端口已经被占用。
nginx: [error] invalid PID number “” in “/usr/local/nginx/logs/nginx.pid”
解决方法：
/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
ps -ef | grep nginx #查看进程
4.停止nginx，重新加载配置文件
执行命令：kill –INT进程号
启动成功
5.访问站点
?

nginx命令

方法（1）进入nginx的sbin目录

cd /usr/local/nginx/sbin

./nginx  启动Nginx

./nginx -s reload 重启Nginx

./nginx -s stop 停止Nginx

方法（2）创建软连接：

ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/

nginx   ##启动Nginx

nginx -s reload ## 重新载入配置文件
nginx -s reopen ## 重启 Nginx
nginx -s stop # #停止 Nginx

码字不易，如果觉得有帮助，一定要给我点赞哟~~

不然信不信我砸了你家灯，半夜偷亲你 (￣ε ￣) !!!

wget http://nginx.org/download/nginx-1.8.0.tar.gz

也可以选择其他版本，官网：http://nginx.org/en/download.html

tar -zxvf nginx-1.8.0.tar.gz

cd nginx-1.8.0

yum install -y pcre pcre-devel openssl openssl-devel gcc gcc gcc-c++ ncurses-devel perl

./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module --with-http_ssl_module

make

如果权限不够，需要用sudo去执行
sudo make

make install

如果权限不够，需要用sudo去执行

sudo make install

main                                # 全局配置

events {                            # nginx工作模式配置
    ....
}

http {                                # http设置
    ....

    server {                        # 服务器主机配置
        ....
        location {                    # 路由配置
            ....
        }
            upstream name {                    # 负载均衡配置
        ....
    }
}

如上述配置文件所示，主要由6个部分组成：

main：用于进行nginx全局信息的配置
events：用于nginx工作模式的配置
http：用于进行http协议信息的一些配置
server：用于进行服务器访问信息的配置
location：用于进行访问路由的配置
upstream：用于进行负载均衡的配置

#user nobody nobody;
worker_processes 2;
#error_log logs/error.log
#error_log logs/error.log notice
#error_log logs/error.log info
#pid logs/nginx.pid
worker_rlimit_nofile 1024;

user用来指定nginx worker进程运行用户以及用户组，默认nobody账号运行
worker_processes指定nginx要开启的子进程数量，运行过程中监控每个进程消耗内存(一般几M~几十M不等)根据实际情况进行调整，通常数量是CPU内核数量的整数倍
error_log定义错误日志文件的位置及输出级别【debug / info / notice / warn / error / crit】
pid用来指定进程id的存储文件的位置
worker_rlimit_nofile用于指定一个进程可以打开最多文件数量的描述

event {
    worker_connections 1024;
    multi_accept on;
    use epoll;
}

worker_connections 指定最大可以同时接收的连接数量，这里一定要注意，最大连接数量是和worker processes共同决定的。
multi_accept 配置指定nginx在收到一个新连接通知后尽可能多的接受更多的连接
use epoll 配置指定了线程轮询的方法，如果是linux2.6+，使用epoll，如果是BSD如Mac请使用Kqueue

http {
    ##
    # 基础配置
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL证书配置
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # 日志配置
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip 压缩配置
    ##

    gzip on;
    gzip_disable "msie6";

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript
 text/xml application/xml application/xml+rss text/javascript;

    ##
    # 虚拟主机配置
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;

server {
    listen        80;
    server_name localhost    192.168.1.100;
    root        /var/www/html;
    index        index.php index.html index.html;
    charset        utf-8;
    access_log    logs/access.log;
    error_log    logs/error.log;
    ......
}

server：一个虚拟主机的配置，一个http中可以配置多个server

server_name：用力啊指定ip地址或者域名，多个配置之间用空格分隔

root：表示整个server虚拟主机内的根目录，所有当前主机中web项目的根目录

index：用户访问web网站时的全局首页

charset：用于设置www/路径中配置的网页的默认编码格式

access_log：用于指定该虚拟主机服务器中的访问记录日志存放路径

error_log：用于指定该虚拟主机服务器中访问错误日志的存放路径

location / {
    root    /nginx/www;
    index    index.php index.html index.htm;
}

location / {
    proxy_pass http://localhost:8888;
    proxy_set_header X-real-ip $remote_addr;
    proxy_set_header Host $http_host;
}

location / {
    include uwsgi_params;
    uwsgi_pass localhost:8888
}

upstream name {
    ip_hash;
    server 10.5.10.119:8000;
    server 10.5.10.119:8001 down;
    server 10.5.10.119:8002 max_fails=3;
    server 10.5.10.119:8003 fail_timeout=20s;
    server 10.5.10.119:8004 max_fails=3 fail_timeout=20s;
}

ip_hash：指定请求调度算法，默认是weight权重轮询调度，可以指定

server host:port：分发服务器的列表配置

-- down：表示该主机暂停服务

-- max_fails：表示失败最大次数，超过失败最大次数暂停服务

-- fail_timeout：表示如果请求受理失败，暂停指定的时间之后重新发起请求

cd /usr/local/nginx/sbin
./nginx -t  #查看nginx.conf文件是否有语法错误

cd /usr/local/nginx/sbin

ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/