标签:
1、安装常用工具及基础包:
[root@17track /]# yum -y install wget git vim make gcc gcc-c++
2、安装nginx支持包:
[root@17track /]# yum -y install openssl openssl-devel pcre pcre-devel zlib zlib-devel
3、安装LuaJIT模块
[root@17track /]# wget -P/usr/local/src/ http://luajit.org/download/LuaJIT-2.0.2.tar.gz [root@17track /]# tar -xzvf /usr/local/src/LuaJIT-2.0.2.tar.gz -C /usr/local/src/ [root@17track /]# cd /usr/local/src/LuaJIT-2.0.2 [root@17track LuaJIT-2.0.2]# make [root@17track LuaJIT-2.0.2]# make install
4、安装lua-nginx-module模块
[root@17track /]# wget -P/usr/local/src/ https://codeload.github.com/openresty/lua-nginx-module/tar.gz/v0.8.6.tar.gz [root@17track /]# tar -xzvf /usr/local/src/v0.8.6.tar.gz -C /usr/local/nginx/module/
5、安装nginx sticky
[root@17track /]# wget -P/usr/local/src/ https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/nginx-sticky-module/nginx-sticky-module-1.1.tar.gz [root@17track /]# tar -xzvf /usr/local/src/nginx-sticky-module-1.1.tar.gz -C /usr/local/nginx/module/
6、安装echo-nginx
[root@17track /]# wget -P/usr/local/src/ https://github.com/openresty/echo-nginx-module/archive/v0.58.tar [root@17track /]# tar -xvf /usr/local/src/echo-nginx-module-0.58.tar -C /usr/local/nginx/module/
7、安装ngx_cache_purge
[root@17track /]# wget -P/usr/local/src/ http://labs.frickle.com/files/ngx_cache_purge-2.1.tar.gz [root@17track /]# tar -xzvf /usr/local/src/ngx_cache_purge-2.1.tar.gz -C /usr/local/nginx/module/
8、安装ngx_http_lower_upper_case
[root@17track /]# cd /usr/local/lib [root@17track lib]# git clone https://github.com/replay/ngx_http_lower_upper_case.git
9、安装、配置Nginx
[root@17track /]# wget -P/usr/local/src/ http://nginx.org/download/nginx-1.4.7.tar.gz [root@17track /]# tar -xzvf /usr/local/src/nginx-1.4.7.tar.gz -C /usr/local/src/ [root@17track /]# cd /usr/local/src/nginx-1.4.7 [root@17track nginx-1.4.7]# ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-pcre --with-http_realip_module --add-module=/usr/local/nginx/module/nginx-sticky-module-1.1 --add-module=/usr/local/nginx/module/lua-nginx-module-0.8.6 --add-module=/usr/local/nginx/module/ngx_http_lower_upper_case --add-module=/usr/local/nginx/module/echo-nginx-module-0.58 --add-module=/usr/local/nginx/module/ngx_cache_purge-2.1 [root@17track nginx-1.4.7]# make [root@17track nginx-1.4.7]# make install
10、编译参数详解:
支持SSL加密
--with-http_ssl_module
支持Google的SPDY协议
--with-http_spdy_module
获取客户端真实IP
--with-http_realip_module
查看Nginx服务器工作状态
--with-http_stub_status_module
支持Rewrite重写规则
--with-pcre=/root/pcre-8.33
实现基于cookie的负载均衡
--add-module=/root/nginx-sticky-module-1.1
用于从FastCGI、proxy、SCGI 和uWSGI缓存中增加内容清除功能
--add-module=/root/ngx_cache_purge-2.1
在Nginx配置中调用lua语言脚本
--add-module=/root/lua-nginx-module-0.8.6
提供直接在 Nginx 配置使用包括 "echo", "sleep", "time" 等指令
--add-module=/root/echo-nginx-module-0.58
实现大小写字母转换
--add-module=/root/ngx_http_lower_upper_case
11、添加用户、设置权限目录
useradd nginx -s /sbin/nologin chown -R nginx:nginx /usr/local/nginx mkdir -p /home/cache/temp mkdir -p /home/cache/path chown -R nginx:nginx /home/cache cd /usr/local/nginx/logs mkdir p download v5api order user www www-null mkdir /usr/local/nginx/conf/v5website mkdir /usr/local/nginx/rootpath mkdir /usr/local/nginx/ssl
常见错误
# /usr/local/nginx-1.4.2/sbin/nginx -V
./objs/nginx: error while loading shared libraries: libluajit-5.1.so.2: cannot open shared object file: No such file or directory
解决方法:
# ln -s /usr/local/lib/libluajit-5.1.so.2 /lib64/libluajit-5.1.so.2
12、TLSv1.2配置
生成DH密钥
[root@localhost /]# cd /usr/local/nginx/ssl/ [root@localhost ssl]# openssl dhparam 4096 -out dhparam.pem
在nginx.conf文件中添加如下ssl相关的配置:
ssl_certificate /usr/local/nginx/ssl/17track.crt; ssl_certificate_key /usr/local/nginx/ssl/17track.key ssl_dhparam /usr/local/nginx/ssl/dhparam.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m;
标签:
原文地址:http://www.cnblogs.com/configure/p/5619654.html
