526互联

Nginx的安装和简单配置,已转发原来的网址

发布时间 2023-04-30 22:17:44作者: 1223837802

https://fedoraproject.org/wiki/Nginx

For Fedora 22 and later versions use DNF:

$ su

dnf install nginx

Or for older releases use YUM:

$ su

yum install nginx

To have the server start at each boot:

systemctl enable nginx.service

To start the server now:

systemctl start nginx.service

? Configuration

The configuration of nginx is straightforward. The main configuration file is located in /etc/nginx/nginx.conf and is structured in the following way, first there is some very general configuration about nginx itself and an events block which looks like this:

user nginx;
worker_processes 1;

error_log /var/log/nginx/error.log;

error_log /var/log/nginx/error.log notice;

error_log /var/log/nginx/error.log info;

pid /var/run/nginx.pid;

events {
worker_connections 1024;
}

The advised number of processes is the number of cores/threads your cpu has. Remember that you should use a semicolon(? after each option, except for the blocks themselves.

After that there is one big http block that contains the general configuration related to this protocol. Notice that inside this block there is the following line

include /etc/nginx/conf.d/*.conf;

which tells us that the rest of the configuration files are going to be in the configuration directory /etc/nginx/conf.d/ and are going to have a .conf extension.

And inside this http block, either in the nginx.conf file itself or included from the configuration directory /etc/nginx/conf.d/ there is one server block per virtual host.
? Webserver

Nginx was designed to be a webserver. All you need to create a virtual host is to create a new file in the /etc/nginx/conf.d/ directory with a .conf extension and a server block in it. the server block will be automatically included in the http block.

For example, /etc/nginx/conf.d/myhost.com.conf

server {
listen 80;
server_name myhost.com;
root /var/www/myhost.com/public_html;
index index.php index.html;
}

? TLS/SSL

Nginx uses ngx_http_ssl_module which is based on OpenSSL and at the moment there are no alternatives.
? Install an existing certificate

If you already have a certificate generated on another computer, move the certificate and the key file to the correct folder, and ensure their SELinux contexts, ownerships and permissions are correct:

mv key_file.key /etc/pki/tls/private/myhost.com.key

restorecon /etc/pki/tls/private/myhost.com.key

chown root.root /etc/pki/tls/private/myhost.com.key

chmod 0600 /etc/pki/tls/private/myhost.com.key

mv certificate.crt /etc/pki/tls/certs/myhost.com.crt

restorecon /etc/pki/tls/private/myhost.com.crt

chown root.root /etc/pki/tls/private/myhost.com.crt

chmod 0600 /etc/pki/tls/private/myhost.com.crt

After this set it up
? Generate a new certificate

How to generate a new certificate

? Configuring TLS/SSL hosts

Modify inside the server block of a particular virtual host the following lines or add them, so it looks like this:

listen 443 ssl;
ssl_certificate /etc/pki/tls/certs/myhost.com.crt
ssl_certificate_key /etc/pki/tls/private/myhost.com.key