CentOS7yum安装和卸载Nginx
壹、安装
1.1 添加Nginx存储库
# 要添加CentOS EPEL仓库,终端使用yum命令安装
yum -y install epel-release
1.2 安装Nginx
# 现在Nginx存储库已经安装在您的服务器上,使用以下命令安装Nginx
yum -y install nginx
1.3 启动Nginx
# 启动服务
systemctl start nginx
# 查看状态
systemctl status nginx
# 停止服务
systemctl stop nginx
# 重启服务
systemctl reload nginx
# 加入开机运行
systemctl enable nginx
# 取消开机运行
systemctl disable nginx
1.4 设置防火墙
# 如果您正在运行防火墙,请运行以下命令以允许HTTP和HTTPS通信否则可跳过此步骤
# 允许HTTP通讯
firewall-cmd --permanent --zone=public --add-service=http
# 允许HTTPS通讯
firewall-cmd --permanent --zone=public --add-service=https
# 重启防火墙
firewall-cmd --reload
1.5 编辑nginx.conf
此方法安装后conf文件默认为/etc/nginx/nginx.conf
mv nginx.conf nginx.conf.bak
vim nginx.conf
粘贴以下内容:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
重启 systemctl reload nginx
可以在/etc/nginx/下创建conf.d/文件夹,默认会加载conf.d/文件夹*.conf文件
贰、卸载
2.1 停止Nginx
service nginx stop
2.2 取消开机启动
chkconfig nginx off
2.3 将Nginx从服务器删除
rm -rf /usr/sbin/nginx
rm -rf /etc/nginx
rm -rf /etc/init.d/nginx
2.4 yum清理
yum remove nginx
叁、基本运用
3.1 前端服务
# 默认的80端口
server {
listen 80;
server_name rongxinservice.com;
location / {
root /data/rongxinservice/html;
index index.html index.htm;
}
#error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/nginx/html;
}
}
# SSL443端口(腾讯)
server {
#SSL 访问端口号为 443
listen 443 ssl;
#填写绑定证书的域名
server_name api.rongxinservice.com;
#证书文件名称
ssl_certificate /data/rongxinservice/1_api.rongxinservice.com_bundle.crt;
#私钥文件名称
ssl_certificate_key /data/rongxinservice/2_api.rongxinservice.com.key;
ssl_session_timeout 5m;
#请按照以下协议配置
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
#网站主页路径。此路径仅供参考,具体请您按照实际目录操作。
root /data/rongxinservice/html;
index index.html index.htm;
}
}
3.2 80端口强制转https
server{
listen 80;
server_name api.rongxinservice.com;
return 301 https://$server_name$request_uri;
location ~ / {
index index.html index.php index.htm;
}
}
融信配置备份
# 主站域名配置
server {
listen 80;
server_name rongxinservice.com;
location / {
root /data/rongxinservice/html;
index index.html index.htm;
}
#error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/nginx/html;
}
}
# 数据域名配置
server {
listen 80;
server_name data.rongxinservice.com;
location / {
root /data/rongxinservice/sources;
index index.html index.htm;
# 开启目录列表
autoindex on;
}
}
# Api端口强制转换
server{
listen 80;
server_name api.rongxinservice.com;
return 301 https://$server_name$request_uri;
location ~ / {
index index.html index.php index.htm;
}
}
# Api域名配置
server {
listen 443 ssl;
server_name api.rongxinservice.com;
ssl_certificate /data/rongxinservice/1_api.rongxinservice.com_bundle.crt;
ssl_certificate_key /data/rongxinservice/2_api.rongxinservice.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $host;
proxy_pass http://xxx.xxx.xxx/;
}
location /sources {
alias /data/rongxinservice/sources;
index index.html index.htm;
# 开启目录列表
autoindex on;
}
}
