部署openresty

• 安装依赖

yum install -y make cmake gcc gcc-c++ autoconf automake libpng-devel libjpeg-devel zlib libxml2-devel ncurses-devel bison libtool-ltdl-devel libiconv libmcrypt mhash mcrypt pcre-devel openssl-devel freetype-devel libcurl-devel readline-devel curl wget unzip net-tools

• 下载openresty

可以登陆官网: openresty

wget https://github.com/vozlt/nginx-module-vts/archive/refs/tags/v0.2.1.zip
wget https://openresty.org/download/openresty-1.25.3.1.tar.gz

• 编译解压

mkdir -p /var/cache/openresty
mkdir -p /var/log/openresty
useradd nginx -s /sbin/nologin
tar -zxvf openresty-1.25.3.1.tar.gz
unzip v0.2.1.zip
mv nginx-module-vts-0.2.1  openresty-1.25.3.1
cd openresty-1.25.3.1
./configure -j8 --add-module=nginx-module-vts-0.2.1 --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module && gmake install
ln -s /usr/local/openresty/nginx/sbin/nginx /usr/bin/nginx

等待编译完成后openresty的目录为/user/local/openresty

• 目录结构

[root@master openresty]# ll
总用量 256
drwxr-xr-x.  2 root root    123 3月   1 15:05 bin
-rw-r--r--.  1 root root  22924 3月   1 15:05 COPYRIGHT
drwxr-xr-x.  6 root root     56 3月   1 15:05 luajit
drwxr-xr-x.  6 root root    116 3月   1 15:05 lualib
drwxr-xr-x.  6 root root     54 3月   1 15:05 nginx
drwxr-xr-x. 47 root root   4096 3月   1 15:05 pod
-rw-r--r--.  1 root root 231226 3月   1 15:05 resty.index
drwxr-xr-x.  5 root root     47 3月   1 15:05 site

修改配置文件

默认启动配置文件为当前目录下的nginx.conf，需要制定配置文件启动，则需要nginx -f [confIgfile]

[root@master nginx]# tree
.
├── conf
│   ├── fastcgi.conf
│   ├── fastcgi.conf.default
│   ├── fastcgi_params
│   ├── fastcgi_params.default
│   ├── koi-utf
│   ├── koi-win
│   ├── mime.types
│   ├── mime.types.default
│   ├── nginx.conf
│   ├── nginx.conf.default
│   ├── scgi_params
│   ├── scgi_params.default
│   ├── uwsgi_params
│   ├── uwsgi_params.default
│   └── win-utf
├── html
│   ├── 50x.html
│   └── index.html
├── logs
└── sbin
    └── nginx

4 directories, 18 files

• 修改默认配置文件为

最简单的配置

[root@master nginx]# cat /usr/local/openresty/nginx/conf/nginx.conf

user  nginx;
worker_processes  auto;
worker_rlimit_nofile 65535;

error_log  /var/log/openresty/error.log warn;

events {
    worker_connections  65535;
}


http {
    include       /usr/local/openresty/nginx/conf/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;

    keepalive_timeout  65;

    include /etc/nginx/conf.d/*.conf;
}

优化配置

#nginx.conf

user  nginx;
worker_processes  auto;
worker_rlimit_nofile 65535;

error_log   /var/log/openresty/error.log warn;

events {
    worker_connections  65535;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    vhost_traffic_status_zone;
    log_format main '{ "@time_local": "$time_local", '
                       '"@fields": { '
                         '"remote_addr": "$remote_addr", '
                         '"request_method": "$request_method", '
                         '"request_uri":"$request_uri",'
                         '"upstream_addr":"$upstream_addr",'
                         '"body_bytes_sent":"$body_bytes_sent", '
                         '"host":"$host",'
                         '"server_addr":"$server_addr",'
                         '"request_time":"$request_time", '
                         '"status":"$status",'
                         '"upstream_time":"$upstream_response_time",'
                         '"http_referrer": "$http_referer", '
                         '"http_user_agent": "$http_user_agent" } }';

    access_log  /var/log/openresty/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  300;

    tcp_nodelay on;

    gzip  on;
    gzip_min_length 1k;
    gzip_proxied any;
    gzip_buffers 4 32k;
    gzip_types text/plain text/css text/xml application/xml application/atom+xml application/x-javascript application/json application/javascript;
    gzip_disable "MSIE [1-6]\.";

    ignore_invalid_headers    on;
    client_body_timeout 300s;
    client_header_timeout 300s;
    client_max_body_size 100m;
    large_client_header_buffers 4 128k;

    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 8 128k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 128k;

    proxy_buffering on;
    proxy_temp_path /var/cache/openresty/proxy_temp;
    proxy_cache_path /var/cache/openresty/proxy_cache levels=1:2 keys_zone=nginx_cache:256m inactive=60m max_size=10g use_temp_path=off;
    underscores_in_headers on;
    proxy_buffer_size  128k;
    proxy_buffers 100  128k;

    include /etc/nginx/conf.d/*.conf;
}
stream {
    upstream uat-mysql {
        server 10.66.1.50:30485;
    }
    server {
        listen 30485;
        proxy_pass uat-mysql;
    }
}

• 新建nginx配置文件目录

mkdir /etc/nginx/conf.d
#目录结构为
[root@master conf.d]# tree
.
├── server.conf           #server配置文件
├── logs.conf              #web访问日志文件
├── download.conf     #下载文件
├── location
│   └── location.conf   #location配置文件
└── upstream.conf       #upstream配置文件
1 directory, 3 files

• 默认server配置文件

/etc/nginx/conf.d/server.conf

server{
    listen      80;
    charset utf-8;

    access_log  /var/log/openresty/nginx/access.log main;
    error_log   /var/log/openresty/nginx/error.log;

    #rewrite ^/rcs/(.*)$ /$1 break;

    proxy_next_upstream http_502 http_404;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_set_header Cookie $http_cookie;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Scheme $scheme;
    proxy_pass_header Server;
    proxy_redirect off;

    include /etc/nginx/conf.d/location/location.conf;
}

• location配置文件

/etc/nginx/conf.d/location/location.conf

location = / {
        root  /opt/dist;
        index index.html;
        expires      3d;
        error_page 405 =200 $uri;
}

location ~ ^/amtorder {
        client_max_body_size 3G;  #允许客户端请求的最大单文件字节数
        client_body_buffer_size 128k; #缓冲区代理缓冲用户端请求的最大字节数
        proxy_pass http://order;
}
location /status {  
      vhost_traffic_status_display;
      vhost_traffic_status_display_format html;
 }
location ~ ^/amtuser {
        client_max_body_size 3G;  #允许客户端请求的最大单文件字节数
        client_body_buffer_size 128k; #缓冲区代理缓冲用户端请求的最大字节数
        proxy_pass http://user;
}
location /components {
        if ( $request_uri  ~*  \.jpg$){ #截取后缀jpg的
                rewrite ^/(.*)\.jpg$ /$1.png last; #后缀为jpg的替换成png
                break;
            }
        }

• 默认upstream文件

/etc/nginx/conf.d/upstream.conf

upstream order {
    server 127.0.0.1:8080 max_fails=3 fail_timeout=30s;
}
upstream user {
    server 127.0.0.1:8081 max_fails=3 fail_timeout=30s;
}

• 访问服务器日志文件

/etc/nginx/conf.d/logs.conf

server {
    listen       81;
    server_name  localhost;
    location / {
        autoindex on; #开启浏览目录
        root   /opt/logs; #日志文件路径
    }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

• 下载服务器文件

/etc/nginx/conf.d/download.conf

server {
    listen       82;
    server_name  localhost;
    location / {
        autoindex on;
        root   /opt/download/;
    }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

配置ssl

• 安装openssl

脚本安装openresty