nginx配置介绍（二） 虚拟主机定义： 1，基于端口的虚拟主机 cp nginx.conf{,.bak} vim /etc/sbin/nginx/nginx.conf server { listen 8080; server_name www.linuxea.com; root "/web/linuxea"; } [root@www ~]# mkdir /web/linuxea -pv mkdir: created directory `/web' mkdir: created directory `/web/linuxea' [root@www ~]#vim /web/linuxea/index.html <h1>web1<h1> /usr/local/nginx/sbin/nginx -s reload                 2，location定义： 如下： mkdir /web/{images,text} vim text/a.txt vim images/a.txt vim linuxea/a.txt server { listen 8080; server_name www.linuxea.com; location / { root "/web/linuxea"; } location /images/ { root "/web/images"; } #正则表达式模式匹配 location ~* \.(txt|text)$ { root "/web/text"； } } 在以上三个location中最先匹配的是第三个 对于nginx而言，location是非常关键的，每个location都能使用root，即便不在同一个网站或同一个站点访问，路径的微妙变化可能会导致url映射会到不同的文件中 3，别名-路径映射 alias path; 用于location配置段，定义路径别名 location /images/ { root "/vhosts/web1"; } 相当于http://www.linuxea.com/images/a.jpg <-- /vhosts/web1/images/a.jpg location /images/ { alias "/www/pictures"; } 相当于http://www.linuxea.com/images/a.jpg <-- /www/picuter/a.jpg 注意：root表示指明路径为对应的location "/" URL; alias表示路径映射，即location指令后定义的URL是相对于alias所指明的路径而言； 4，error_page（404）页面定义 error_page code [...] [=code] URI | @name 根据http响应状态码来指明特用的错误页面； server { listen 8080; server_name www.linuxea.com; location / { root "/web/linuxea"; error_page 404 =200 /404_customed.html; #指定错误响应码定义页面，并且将错误404改为200 } [root@www web]# vim linuxea/404_customed.html #创建404页面文档 <h1>wrong,cuoleYaYa<h1> [=code]：以指定的响应码进行响应，而不是默认的原来的响应；默认表示以新资源的响应码为其响应码；   5，基于IP的访问控制 标准模块控制来实现 allow IP/Network; 允许 deny IP/Network; 拒绝 server { listen 8080; server_name www.linuxea.com; location / { root "/web/linuxea"; deny 172.16.0.1;#拒绝172.16.0.1访问，允许便是allow #比如,只允许172.16.0.1，其他拒绝： allow 172.16.0.1/16; deny all; } 6，基于用户做认证 auth_basic ""; auth_basic_user_file "/PATH/TO/PASSWORD_FILE" 账号密码文件建议使用htpasswd来创建； basic, digest； 如： server { listen 8080; server_name www.linuxea.com; location / { root "/web/linuxea"; auth_basic "Only for VIPs"; #定义名称 auth_basic_user_file /etc/nginx/users/.htpasswd; #定义控制用户名的文件路径，为隐藏文件 } 用户认证 [root@www linuxea]# htpasswd -c -m /etc/nginx/users/.htpasswd mark New password: Re-type new password: Adding password for user mark [root@www linuxea]#               7，ssl，https [root@www linuxea]# cd /etc/pki/CA/ [root@www CA]# (umask 077;openssl genrsa -out private/cakey.pem 2048) Generating RSA private key, 2048 bit long modulus ........................................................................+++ ......................................................................................................................................................................+++ e is 65537 (0x10001) [root@www CA]# ls -l private/ total 4 -rw-------. 1 root root 1675 May 10 18:49 cakey.pem [root@www CA]# opensll req -new -x509 -key private/cakey.pem -out cacert.pem -days 3655 -bash: opensll: command not found [root@www CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem -days 3655 You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:HA Locality Name (eg, city) [Default City]:LinuxEA Organization Name (eg, company) [Default Company Ltd]:LinuxEA Organizational Unit Name (eg, section) []:Ops Common Name (eg, your name or your server's hostname) []:ca.linuxea.com Email Address []:caadmin@linuxea.com [root@www CA]# touch serial index.txt [root@www CA]# echo 01 > serial [root@www CA]# 为NGinx准备密钥证书 [root@www CA]# cd /etc/nginx/ [root@www nginx]# mkdir ssl [root@www nginx]# cd ssl/ [root@www ssl]# (umask 077;openssl genrsa -out nginx.key 1024) Generating RSA private key, 1024 bit long modulus ..++++++ ....++++++ e is 65537 (0x10001) [root@www ssl]# openssl req -new -key nginx.key -out nginx.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:CN State or Province Name (full name) []:HA Locality Name (eg, city) [Default City]:LinuxEA Organization Name (eg, company) [Default Company Ltd]:LinuxEA Organizational Unit Name (eg, section) []:Ops Common Name (eg, your name or your server's hostname) []:www.linuxea.com Email Address []:webadmin@linuxea.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []: [root@www ssl]# CA已经制作完成，如果是要给别人，就发给谁，这里自己用 [root@www ssl]# ll total 8 -rw-r--r-- 1 root root 700 May 10 18:57 nginx.csr -rw------- 1 root root 887 May 10 18:55 nginx.key [root@www ssl]# 签证 [root@www ssl]# openssl ca -in nginx.csr -out nginx.crt -days 3655 Using configuration from /etc/pki/tls/openssl.cnf Check that the request matches the signature Signature ok Certificate Details: Serial Number: 1 (0x1) Validity Not Before: May 10 10:59:59 2015 GMT Not After : May 12 10:59:59 2025 GMT Subject: countryName = CN stateOrProvinceName = HA organizationName = LinuxEA organizationalUnitName = Ops commonName = www.linuxea.com emailAddress = webadmin@linuxea.com X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: 12:7A:07:CB:2B:5A:35:80:99:8B:62:27:12:04:63:0D:1E:D1:AE:9F X509v3 Authority Key Identifier: keyid:D5:3F:02:F3:B6:03:E9:87:9F:47:24:68:BD:8D:3D:8C:98:0B:9C:A4 Certificate is to be certified until May 12 10:59:59 2025 GMT (3655 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y Write out database with 1 new entries Data Base Updated [root@www ssl]# ll total 12 -rw-r--r-- 1 root root 3857 May 10 19:00 nginx.crt -rw-r--r-- 1 root root 700 May 10 18:57 nginx.csr -rw------- 1 root root 887 May 10 18:55 nginx.key [root@www ssl]# nginx配置文件开启 server { listen 443 ssl; server_name www.linuxea.com; ssl_certificate /etc/nginx/ssl/nginx.pem;#指定证书路径 ssl_certificate_key /etc/nginx/ssl/nginx.key;# ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root /web/linuxea;#指定网站根路径 index index.html index.htm; } } } 打开浏览器：https://172.16.249.117/提示访问风险，而后安装证书即可。 过程：生成私钥，生成证书签署请求，并获得证书；                       8，状态页，stub_status{on|off} 仅能用于location上下文 server { listen 8080; server_name www.linuxea.com; location / { root "/web/linuxea"; #error_page 404 =200 /404_customed.html; auth_basic "Only for VIPs"; auth_basic_user_file /etc/nginx/users/.htpasswd; } location /images/ { root "/web/images"; } #正则表达式模式匹配 location ~* \.(txt|text)$ { root "/web/text"; } location /status { stub_status on; allow 172.16.0.0/16; deny all; } } 结果示例： Active connections: 6 #当前所有处于打开状态的连接数 server accepts handled requests 113 113 159 第一个数字，已经接受的链接 第二个数字，已经处理的链接 第三个数字，已经处理的请求 Reading: 0 Writing: 1 Waiting: 5 Reading:正处于接受请求状态的连接数； Writing:请求已经接受完成，正处于处理请求或发送响应的过程的连接数 Waiting:保持链接模式，且处于活动状态的连接数 9.rewrite regex replacement flag;（URL重写） 例如： ... rewrite ^/images/(.*\.jpg)$ /imgs/$1 break; http://www.linuxea.com/images/a/b/c/1.jpg --> http://www.linuxea/imgs/a/b/c/1.jpg 当linuxea/images访问到时，先检查rewrite规则，匹配后浏览器在重读，匹配到的linuxea/imgs。而后在进行检查rewrite规则。 死循环！当你规则过多可能会恰巧的出现死循环。这时你可能需要break rewrite ^/images/(.*\.jpg)$ /imgs/$1 break; rewrite ^/imgs/(.*\.jpg)$ /images/$1 break; .... http://www.linuxea/images/a/b/c/1.jpg --> http://www.linuxea/imgs/a/b/c/1.jpg flag: last：一旦此rewrite规则重写完成后，就不再被后面其它的rewrite规则进行处理；而是由User Agent重新对重写后的URL再一次发起请求，并从头开始执行类似的过程 break：一旦此rewrite规则重写完成后，由User Agent对新的URL重新发起请求，且不再会被当前locatrion内的任何rewrite规则所检查； redirect：以302响应码（临时重定向）返回新的URL； permanent：以301响应码（永久重定向）返回新的URL； 例如： 任何来自www.linuxea.com/bbs下的任何内容都替换至/forum路径下内容 rewrite ^/bbs(.*)$ /forum/$1 break 任何来自www.linuxea.com/bbs下的任何内容完全定向至https：//www.linuxea.com/路径下内容 rewrite ^/bbs(.*)$ https：//www.linuxea.com/$1 redirect; server { listen 8080; server_name www.linuxea.com; location / { root "/web/linuxea"; #error_page 404 =200 /404_customed.html; #auth_basic "Only for VIPs"; #auth_basic_user_file /etc/nginx/users/.htpasswd; rewrite ^/bbs/(.*)$ /forum/$1 break; 这里根本不存在bbs [root@www ~]# mkdir /web/linuxea/forum/ [root@www ~]# vim /web/linuxea/forum/index.html <h1>New Url forum<h1> [root@www ~]# /usr/local/nginx/sbin/nginx -s reload [root@www ~]# tail /var/log/nginx/access.log 172.16.250.99 - - [10/May/2015:22:06:03 +0800] "GET /bbs/ HTTP/1.1" 304 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)" 172.16.250.99 - - [10/May/2015:22:06:03 +0800] "GET /bbs/ HTTP/1.1" 304 0 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)" [root@www ~]#               10、if 语法：if (condition) {...} 应用环境：server, location condition： (1) 变量名； 变量值为空串，或者以“0”开始，则为false；其它的均为true; (2) 以变量为操作数构成的比较表达式 可使用=, !=类似的比较操作符进行测试； (3) 正则表达式的模式匹配操作 ~: 区分大小写的模式匹配检查 ~*: 不区分大小写的模式匹配检查 !~和!~*：对上面两种测试取反 (4) 测试路径为文件可能性：-f, !-f (5) 测试指定路径为目录的可能性：-d, !-d (6) 测试文件的存在性：-e, !-e (7) 检查文件是否有执行权限：-x, !-x 例如：内建变量 把msie用户请求的任何内容替换成msie/$1,比如说探测手机版网页等 if ($http_user_agent ~* MSIE) { rewrite ^(.*)$ /msie/$1 break; } 11、防盗链 任何用户访问以jpg.gif.jpeg.png资源时，定义www.linuxea.com是合法引用valid_referer的，if ($invalid_referer)这句是说，但凡不被上面引用的，都会被定向至linuxea.com/403.html 注意：网站同时也被访问了一次。 location ~* \.(jpg|gif|jpeg|png)$ { valid_referer none blocked www.linuxea.com; if ($invalid_referer) { rewrite ^/ http://www.linuxea.com/403.html; } } 12、定制访问日志格式 log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; 注意：此处可用变量为nginx各模块内建变量； 其他几个配置信息记录。 反代服务器时可能会用到！ 网络连接相关的配置： 当前端去后端取内容偶尔出现超时，而本地取内容正常，如果tomcat处理和nginx处理的时间过长或者过短，可能会出现这种问题。 1、keepalive_timeout #; 长连接的超时时长，默认75s; 2、keepalive_requests #; 在一个长连接上所能够允许请求的最大资源数； 3、keepalive_disable [msie6|safari|none]; 为指定类型的User Agent禁用长连接； 4、tcp_nodelay on|off;合并请求资源 是否对长连接使用TCP_NODELAY选项； 5、client_header_timeout #; 读取http请求报文首部的超时时长； 6、client_body_timeout #; 读取http请求报文body部分的超时时长； 7、send_timeout #; 发送响应报文的超时时长； fastcgi的相关配置： LNMP： nginx和php结合时，php启用fpm模型； location ~ \.php$ { root html; fastcgi_pass 127.0.0.1:9000;反向代理，单独主机则是外部网卡 fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; include fastcgi_params; } [root@www nginx]# vim fastcgi_params 将$query_string;变量值赋至QUERY_STRING 变量，这个变量是在fastcgi的，完成一个映射 fastcgi_param QUERY_STRING $query_string;

nginx编译简单安装和优化（一） nginx编译简单安装 前提： 安装开发环境 yum groupinstall “Deveopment Tools” “Server Platform Developent” 另外，在安装nginx时，可能额外依赖pcre-devel，来实现扩展表达式，扩展URL重写，它不会自动安装 yum -y install pcre-devel 1，下载nginx包，加压 [root@www ~]# tar xf nginx-1.6.2.tar.gz [root@www ~]# cd nginx-1.6.2 在之前的文档中没有细说编辑安装选项，这次将会简单介绍 --prefix=默认安装路径 --sbin-path=PATH=主程序安装路径 --conf-path=PATH=主配置文件路径 --error-log-path=PATH=错误日志路径 -pid-path=PATH=pID文件路径 --lock-path=PATH=索文件路径 --user=普通用户 --group=组 --http-client-body-temp-path=PATH：定义临时目录路径 启用功能模块： -with-rtsig_module 禁用为功能模块： --without-poll_module 至于这些模块的介绍，请登录nginx官网查看 这里显示的启用，表示默认没启用 这里显示的禁用，表示默认启用 [root@www nginx-1.6.2]# ./configure --help --help print this message --prefix=PATH set installation prefix --sbin-path=PATH set nginx binary pathname --conf-path=PATH set nginx.conf pathname --error-log-path=PATH set error log pathname --pid-path=PATH set nginx.pid pathname --lock-path=PATH set nginx.lock pathname --user=USER set non-privileged user for worker processes --group=GROUP set non-privileged group for worker processes --builddir=DIR set build directory --with-rtsig_module enable rtsig module --with-select_module enable select module 2，创建nginx普通用户 [root@www nginx-1.6.2]# groupadd -r nginx [root@www nginx-1.6.2]# useradd -g nginx -r nginx [root@www nginx-1.6.2]# id nginx uid=495(nginx) gid=492(nginx) groups=492(nginx) [root@www nginx-1.6.2]# 3，编译 为了以后的迁移和备份删除，我们手动指定安装路径 ./configure --prefix=/usr/local/nginx 安装路径 --conf-path=/etc/nginx/nginx.conf 配置文件（也可以放在安装路径下，方便迁移） --user=nginx 指定运行的普通用户 --group=nginx 指定运行的组 --error-log-path=/var/log/nginx/error.log 指明错误日志文件路径（也可以后盖配置文件） --http-log-path=/var/log/nginx/access.log 指明访问日志路径 --pid-path=/var/run/nginx/nginx.pid pid文件路径 --lock-path=/var/lock/nginx.lock 索文件路径 --with_http_ssl_module 启用ssl模块 --with_http_stub_status_module 启用状态页面 --with_http_gzip_static_module 启用压缩功能 --with-http_flv_module 启用流媒体 --with-http_mp4_module 启用MP4模块 --http-client-body-temp-path=/var/tmp/nginx/client 指明临时文件路径 *这些路径需要创建 --http-proxy-temp-path=/var/tmp/nginx/proxy proxy --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi fastcgi --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi uwsgi [root@www nginx-1.6.2]# ./configure --prefix=/usr/local/nginx --conf-path=/etc/nginx/nginx.conf --user=nginx --group=nginx --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx/nginx.pid --lock-path=/var/lock/nginx.lock --with-http_ssl_module --with-http_stub_status_module --with-http_gzip_static_module --with-http_flv_module --with-http_mp4_module --http-client-body-temp-path=/var/tmp/nginx/client --http-proxy-temp-path=/var/tmp/nginx/proxy --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi [root@www nginx-1.6.2]# make && make install [root@www ~]# mkdir -pv /var/tmp/nginx/{client,fastcgi,proxy,uwsgi} mkdir: created directory `/var/tmp/nginx' mkdir: created directory `/var/tmp/nginx/client' mkdir: created directory `/var/tmp/nginx/fastcgi' mkdir: created directory `/var/tmp/nginx/proxy' mkdir: created directory `/var/tmp/nginx/uwsgi' [root@www ~]# /usr/local/nginx/sbin/nginx [root@www ~]# ss -tnlp | grep :80 LISTEN 0 128 *:80 *:* users:(("nginx",4528,6),("nginx",4529,6)) [root@www ~]# 配置文件： main配置段：全局配置段 event{}： 定义event模型工作特性 http {} : 定义http协议相关的配置 配置指令：要以分号结尾，语法格式：directive value1 [value2...] 支持使用变量： 内置变量：模块会提供几建变量定义 自定义变量：set var_name value 主配置段的指令： 用于调试、定位问题 正常运行必备的配置 优化性能的配置 事件相关的配置 www.nginx.org 下载偶数，基数为开发版 在nginx-1.8后引入支持的新特性： 1，hash负载均衡方法：hash load balancing method 2，后端ssl证书校验 ：backend SSL certificate 3，支持线程池 4, 代理请求的缓冲 主配置段的指令： 正常运行的必备配置： 1、user USERNAME [GROUPNAME]; 指定运行worker进程的用户和组； user nginx nginx; 2、pid /path/to/pid_file; 指定nginx守护进程的pid文件； pid /var/run/nginx/nginx.pid; 3、worker_rlimit_nofile #; 指定所有worker进程所能够打开的最大文件句柄数； 性能优化相关的配置： 1、worker_processes #; worker进程的个数；通常应该略少于CPU物理核心数；（比如是八核，设置7核，剩下一个给系统其他） 2、worker_cpu_affinity cpumask ...; 优点：提升缓存的命中率； context switch进程切换本身会产生CPU的不必要的消耗；因此尽可能发挥CPU的最大化，的把进程绑定CPU上，但是你绑定后这颗CPU仍然可以被切换，只是被绑定的进程不能再其他切换到别的CPU而已。这样，被绑定的nginx进程的缓存有效性提高。 假设服务器有4课CPU，开始设定机器上的三个CPU给NGINX，开机就说明剩下一个给内核，这样一来，内核要调度任何资源，只能在最后一个CPU上调度，做内核隔离！ 隔离中断，设定的着三课CPU不处理中断也不让任何程序调度，不受内核调度。nginx绑定后霸占三个内核 三个进程起来之后，假如说每一个worker进程支持一万个并发，那三万个就很轻松了。 前提是中断和隔离操作！ cpumask： 0000 0000 0000 0001 第一个CPU 0000 0010 第二个CPU 0000 0100 第三个CPU 0000 1000 第四个CPU worker_cpu_affinity 00000001 00000010 00000100; 3、timer_resolution 计时器解析度；降低此值，可减少gettimeofday()系统调用的次数； timer_resolution指：减少降低worker线程中的计时解析度，减少发起系统调用，任何一个系统中，如果系统调用很多，任何一次系统调用必然会产生软中断，产生软中断的直接结果就是模式转换，每一次的模式转换必然会消耗时间。没一个生产力非常强的经常，应该把大量的时间运行在用户空间。 比如：任何一个请求达到nginx时候，nginx响应会产生日志，日志会记录时间，一旦有请求到达，nginx响应必须获取当前系统时间，记录日志当中。获取日志时间的方式便是：gettimeofday。如果获取的日志时间解析度过大的话，就会带来结果是：1秒钟解析1千次，那也就是1秒钟发起1千次系统调用，如果设为毫秒，那便是1毫秒解析10次，时间解析度越低精度越低，时间解析度越高精度越高。当然，消耗的资源也是对称的。 4、worker_priority number; 指明worker进程的nice值；（nice=worker优先级） -20, 19 100, 139 数字越小优先级越高，优先级越高优先调用 默认情况下优先级为0 事件相关的配置： 1、accept_mutex {off|on}; master调度用户请求至各worker进程时使用的负载均衡锁；on表示能让多个worker轮流地、序列化地去响应新请求； 2、lock_file file; accept_mutex用到的锁文件路径； 3、use [epoll|rtsig|select|poll]; 链接处理方法 指明使用的事件模型；建议让Nginx自行选择； 4、worker_connections #; 设定单个worker进程所能够处理的最大并发连接数量； worker_connections 乘 work_processes 用户于调试、定位问题： 1、daemon {on|off}; 是否以守护进程方式运行nginx；调试时应该设置为Off; 2、master_process {on|off}; 是否以master/worker模型来运行nginx; 调试时可以设置为off; 3、error_log file | stderr | syslog:server=address[,parameter=value] | memory:size [debug | info | notice | warn | error | crit | alert | emerg]; error_log 位置 级别; 若要使用debug级别，需要在编译nginx时使用了--with-debug选项； 常需要进行调整的参数 worker_processes, worker_connections, worker_cpu_affinity, worker_priority

简介源代码安装nginx/apache 在编译安装时请注意需求！必要时查看官方文档！ [root@centos3 ~]# rpm -qi glibc Name : glibc Relocations: (not relocatable) Version : 2.12 Vendor: CentOS Release : 1.149.el6 Build Date: Wed 15 Oct 2014 10:00:58 AM CST Install Date: Mon 13 Apr 2015 02:22:42 PM CST Build Host: c6b9.bsys.dev.centos.org Group : System Environment/Libraries Source RPM: glibc-2.12-1.149.el6.src.rpm Size : 12959134 License: LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ Signature : RSA/SHA1, Sat 18 Oct 2014 04:00:42 AM CST, Key ID 0946fca2c105b9de Packager : CentOS BuildSystem <http://bugs.centos.org> URL : http://sources.redhat.com/glibc/ Summary : The GNU libc libraries Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. [root@centos3 ~]# 手动编译源代码文件： 依赖环境：编译开发工具、以及各个被依赖到的程序包的开发组件 包组： Development tools server platform development desktop platform development [root@centos3 /]# yum -y groupinstall "Development tools" "server platform development" 这里省略一千字！ Installed: autoconf.noarch 0:2.63-5.1.el6 automake.noarch 0:1.11.1-4.el6 bison.x86_64 0:2.4.1-5.el6 byacc.x86_64 0:1.9.20070509-7.el6 cscope.x86_64 0:15.6-6.el6 ctags.x86_64 0:5.8-2.el6 dbus-devel.x86_64 1:1.2.24-7.el6_3 diffstat.x86_64 0:1.51-2.el6 doxygen.x86_64 1:1.6.1-6.el6 flex.x86_64 0:2.5.35-9.el6 gcc.x86_64 0:4.4.7-11.el6 gcc-c++.x86_64 0:4.4.7-11.el6 gcc-gfortran.x86_64 0:4.4.7-11.el6 git.x86_64 0:1.7.1-3.el6_4.1 indent.x86_64 0:2.2.10-7.el6 intltool.noarch 0:0.41.0-1.1.el6 krb5-devel.x86_64 0:1.10.3-33.el6 libstdc++-devel.x86_64 0:4.4.7-11.el6 libtool.x86_64 0:2.2.6-15.5.el6 libvirt-devel.x86_64 0:0.10.2-46.el6 libvirt-java-devel.noarch 0:0.4.9-1.el6 ncurses-devel.x86_64 0:5.7-3.20090208.el6 nss-devel.x86_64 0:3.16.1-14.el6 openldap-devel.x86_64 0:2.4.39-8.el6 openssl-devel.x86_64 0:1.0.1e-30.el6 pam-devel.x86_64 0:1.1.1-20.el6 patchutils.x86_64 0:0.3.1-3.1.el6 rcs.x86_64 0:5.7-37.el6 redhat-rpm-config.noarch 0:9.0.3-42.el6.centos rpm-build.x86_64 0:4.8.0-37.el6 subversion.x86_64 0:1.6.11-10.el6_5 swig.x86_64 0:1.3.40-6.el6 systemtap.x86_64 0:2.5-5.el6 zlib-devel.x86_64 0:1.2.3-29.el6 Dependency Installed: cloog-ppl.x86_64 0:0.15.7-1.2.el6 cpp.x86_64 0:4.4.7-11.el6 cyrus-sasl-devel.x86_64 0:2.1.23-15.el6 cyrus-sasl-md5.x86_64 0:2.1.23-15.el6 gdb.x86_64 0:7.2-75.el6 gettext-devel.x86_64 0:0.17-18.el6 gettext-libs.x86_64 0:0.17-18.el6 giflib.x86_64 0:4.1.6-3.1.el6 gnutls-utils.x86_64 0:2.8.5-14.el6_5 java-1.7.0-openjdk.x86_64 1:1.7.0.65-2.5.1.2.el6_5 jna.x86_64 0:3.2.4-2.el6 jpackage-utils.noarch 0:1.7.5-3.12.el6 kernel-devel.x86_64 0:2.6.32-504.el6 keyutils-libs-devel.x86_64 0:1.4-5.el6 libcom_err-devel.x86_64 0:1.41.12-21.el6 libgcj.x86_64 0:4.4.7-11.el6 libgfortran.x86_64 0:4.4.7-11.el6 libselinux-devel.x86_64 0:2.0.94-5.8.el6 libsepol-devel.x86_64 0:2.0.41-4.el6 libvirt-client.x86_64 0:0.10.2-46.el6 libvirt-java.noarch 0:0.4.9-1.el6 mpfr.x86_64 0:2.4.1-6.el6 nc.x86_64 0:1.84-22.el6 nspr-devel.x86_64 0:4.10.6-1.el6_5 nss-softokn-devel.x86_64 0:3.14.3-17.el6 nss-softokn-freebl-devel.x86_64 0:3.14.3-17.el6 nss-util-devel.x86_64 0:3.16.1-3.el6 perl-Error.noarch 1:0.17015-4.el6 perl-Git.noarch 0:1.7.1-3.el6_4.1 ppl.x86_64 0:0.10.2-11.el6 systemtap-client.x86_64 0:2.5-5.el6 systemtap-devel.x86_64 0:2.5-5.el6 tzdata-java.noarch 0:2014g-1.el6 yajl.x86_64 0:1.0.7-3.el6 Complete! [root@centos3 /]# [root@centos3 ~]# lftp 172.16.0.1 lftp 172.16.0.1:~> mget /pub/Sources/sources/nginx/nginx-1.6.2.tar.gz 804164 bytes transferred lftp 172.16.0.1:/> bye [root@centos3 ~]# ls anaconda-ks.cfg install.log install.log.syslog nginx-1.6.2.tar.gz [root@centos3 ~]# useradd -r nginx [root@centos3 ~]# tar xf nginx-1.6.2.tar.gz [root@centos3 ~]# cd nginx-1.6.2 [root@centos3 nginx-1.6.2]# ./configure --prefix=/usr/local/nginx --conf-path=/etc/nginx.conf --user=nginx --group=nginx 这里省略一千字 checking for PCRE library in /usr/include/pcre/ ... not found checking for PCRE library in /usr/pkg/ ... not found checking for PCRE library in /opt/local/ ... not found 已经报错 ./configure: error: the HTTP rewrite module requires the PCRE library. You can either disable the module by using --without-http_rewrite_module option, or install the PCRE library into the system, or build the PCRE library statically from the source with nginx by using --with-pcre=<path> option. [root@centos3 nginx-1.6.2]# yum install pcre-devel -y 这里省略一千字 Install 1 Package(s) Total download size: 318 k Installed size: 954 k Downloading Packages: pcre-devel-7.8-6.el6.x86_64.rpm | 318 kB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : pcre-devel-7.8-6.el6.x86_64 1/1 Verifying : pcre-devel-7.8-6.el6.x86_64 1/1 Installed: pcre-devel.x86_64 0:7.8-6.el6 Complete! [root@centos3 nginx-1.6.2]# ./configure --prefix=/usr/local/nginx --conf-path=/etc/nginx.conf --user=nginx --group=nginx creating objs/Makefile Configuration summary + using system PCRE library + OpenSSL library is not used + md5: using system crypto library + sha1: using system crypto library + using system zlib library nginx path prefix: "/usr/local/nginx" nginx binary file: "/usr/local/nginx/sbin/nginx" nginx configuration prefix: "/etc" nginx configuration file: "/etc/nginx.conf" nginx pid file: "/usr/local/nginx/logs/nginx.pid" nginx error log file: "/usr/local/nginx/logs/error.log" nginx http access log file: "/usr/local/nginx/logs/access.log" nginx http client request body temporary files: "client_body_temp" nginx http proxy temporary files: "proxy_temp" nginx http fastcgi temporary files: "fastcgi_temp" nginx http uwsgi temporary files: "uwsgi_temp" nginx http scgi temporary files: "scgi_temp" [root@centos3 nginx-1.6.2]# make [root@centos3 nginx-1.6.2]# make install 安装完成！ 安装的路径和配置文件 [root@centos3 nginx-1.6.2]# cd /usr/local/nginx/ [root@centos3 nginx]# ls html logs sbin [root@centos3 nginx]# ls /usr/local/nginx/sbin/ nginx [root@centos3 nginx]# 再来！ lftp 172.16.0.1:/pub/Sources/sources/httpd> mget httpd-2.2.29.tar.bz2 5625498 bytes transferred lftp 172.16.0.1:/pub/Sources/sources/httpd> bye [root@centos3 ~]# rpm -q httpd httpd-2.2.15-39.el6.centos.x86_64 [root@centos3 ~]# rpm -e httpd error: Failed dependencies: httpd >= 2.2.0 is needed by (installed) gnome-user-share-2.28.2-3.el6.x86_64 [root@centos3 ~]# yum remove httpd Running Transaction Erasing : gnome-user-share-2.28.2-3.el6.x86_64 1/2 Erasing : httpd-2.2.15-39.el6.centos.x86_64 2/2 Verifying : httpd-2.2.15-39.el6.centos.x86_64 1/2 Verifying : gnome-user-share-2.28.2-3.el6.x86_64 2/2 Removed: httpd.x86_64 0:2.2.15-39.el6.centos Dependency Removed: gnome-user-share.x86_64 0:2.28.2-3.el6 Complete! [root@centos3 ~]# [root@centos3 ~]# tar xf httpd-2.2.29.tar.bz2 [root@centos3 ~]# ls anaconda-ks.cfg httpd-2.2.29.tar.bz2 install.log.syslog nginx-1.6.2.tar.gz httpd-2.2.29 install.log nginx-1.6.2 [root@centos3 ~]# cd httpd-2.2.29 [root@centos3 httpd-2.2.29]# ls ABOUT_APACHE CHANGES httpd.dsp libhttpd.dep NOTICE server acinclude.m4 config.layout httpd.mak libhttpd.dsp NWGNUmakefile srclib Apache.dsw configure httpd.spec libhttpd.mak os support build configure.in include LICENSE README test BuildAll.dsp docs INSTALL Makefile.in README.platforms VERSIONING BuildBin.dsp emacs-style InstallBin.dsp Makefile.win README-win32.txt buildconf httpd.dep LAYOUT modules ROADMAP [root@centos3 httpd-2.2.29]# 在安装之前可以读读install文件 [root@centos3 httpd-2.2.29]# less INSTALL --help查看选项 [root@centos3 httpd-2.2.29]# ./configure --help [root@centos3 httpd-2.2.29]# ./configure --prefix=/usr/local/apache --sysconfdir=/etc/httpd/ --enable-so 这里省略很多内容。 config.status: executing default commands [root@centos3 httpd-2.2.29]# make [root@centos3 httpd-2.2.29]# make install Installing header files Installing build system files Installing man pages and online manual mkdir /usr/local/apache/man mkdir /usr/local/apache/man/man1 mkdir /usr/local/apache/man/man8 mkdir /usr/local/apache/manual make[1]: Leaving directory `/root/httpd-2.2.29' [root@centos3 httpd-2.2.29]# cd /usr/local/apache/ [root@centos3 apache]# ls bin build cgi-bin error htdocs icons include lib logs man manual modules [root@centos3 apache]# [root@centos3 apache]# ls /usr/local/apache/bin/ ab apu-1-config dbmmanage htcacheclean htpasswd logresolve apachectl apxs envvars htdbm httpd rotatelogs apr-1-config checkgid envvars-std htdigest httxt2dbm [root@centos3 apache]# 添加环境变量搜索路径 [root@centos3 apache]# echo $PATH /usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin [root@centos3 apache]# 加入坏境变量 [root@centos3 apache]# vim /etc/profile.d/httpd.sh export PATH=/usr/local/apache/bin:$PATH [root@centos3 apache]# . /etc/profile.d/httpd.sh [root@centos3 apache]# echo $PATH /usr/local/apache/bin:/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin [root@centos3 apache]# apachectl Usage: /usr/local/apache/bin/httpd [-D name] [-d directory] [-f file] [-C "directive"] [-c "directive"] [-k start|restart|graceful|graceful-stop|stop] [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] Options: -D name : define a name for use in <IfDefine name> directives -d directory : specify an alternate initial ServerRoot -f file : specify an alternate ServerConfigFile -C "directive" : process directive before reading config files -c "directive" : process directive after reading config files -e level : show startup errors of level (see LogLevel) -E file : log startup errors to file -v : show version number -V : show compile settings -h : list available command line options (this page) -l : list compiled in modules -L : list available configuration directives -t -D DUMP_VHOSTS : show parsed settings (currently only vhost settings) -S : a synonym for -t -D DUMP_VHOSTS -t -D DUMP_MODULES : show all loaded modules -M : a synonym for -t -D DUMP_MODULES -t : run syntax check for config files -T : start without DocumentRoot(s) check [root@centos3 apache]# 库文件： Last login: Mon Apr 13 21:54:06 2015 from 172.16.250.167 [root@centos3 ~]# man httpd No manual entry for httpd [root@centos3 ~]# 下面的库文件没有被系统找到 [root@centos3 apache]# ls /usr/local/apache/lib/ apr.exp libapr-1.so.0 libaprutil-1.so.0 libexpat.so.0 aprutil.exp libapr-1.so.0.5.1 libaprutil-1.so.0.5.3 libexpat.so.0.5.0 libapr-1.a libaprutil-1.a libexpat.a pkgconfig libapr-1.la libaprutil-1.la libexpat.la libapr-1.so libaprutil-1.so libexpat.so [root@centos3 apache]# [root@centos3 apache]# cat /etc/ld.so.conf include ld.so.conf.d/*.conf [root@centos3 apache]# ldconfig -p | grep /usr/local/apache/lib/ [root@centos3 apache]# vim /etc/ld.so.conf.d/httpd.conf /usr/local/apapche/lib [root@centos3 apache]# ldconfig [root@centos3 apache]# ldconfig -p | grep /usr/local/apache/lib/ libexpat.so.0 (libc6,x86-64) => /usr/local/apache/lib/libexpat.so.0 libexpat.so (libc6,x86-64) => /usr/local/apache/lib/libexpat.so libaprutil-1.so.0 (libc6,x86-64) => /usr/local/apache/lib/libaprutil-1.so.0 libaprutil-1.so (libc6,x86-64) => /usr/local/apache/lib/libaprutil-1.so libapr-1.so.0 (libc6,x86-64) => /usr/local/apache/lib/libapr-1.so.0 libapr-1.so (libc6,x86-64) => /usr/local/apache/lib/libapr-1.so [root@centos3 apache]# 头文件导出方案： 头文件存放路径/usr/include/，输出httpd给系统头文件 [root@centos3 apache]# ln -sv /usr/local/apache/include /usr/include/httpd `/usr/include/httpd' -> `/usr/local/apache/include' [root@centos3 apache]# ls -l /usr/include/httpd lrwxrwxrwx 1 root root 25 Apr 13 22:54 /usr/include/httpd -> /usr/local/apache/include [root@centos3 apache]# ls /usr/include/httpd/ ap_compat.h apr_file_info.h apr_pools.h apr_user.h mod_dbd.h ap_config_auto.h apr_file_io.h apr_portable.h apr_uuid.h mod_include.h ap_config.h apr_fnmatch.h apr_proc_mutex.h apr_version.h mod_log_config.h ap_config_layout.h apr_general.h apr_queue.h apr_want.h mod_proxy.h ap_listen.h apr_getopt.h apr_random.h apr_xlate.h mod_rewrite.h ap_mmn.h apr_global_mutex.h apr_reslist.h apr_xml.h mod_ssl.h ap_mpm.h apr.h apr_ring.h apu_errno.h mod_status.h ap_provider.h apr_hash.h apr_rmm.h apu.h mpm_common.h apr_allocator.h apr_hooks.h apr_sdbm.h apu_version.h mpm_default.h apr_anylock.h apr_inherit.h apr_sha1.h apu_want.h mpm.h apr_atomic.h apr_ldap.h apr_shm.h expat.h os.h apr_base64.h apr_ldap_init.h apr_signal.h http_config.h scoreboard.h apr_buckets.h apr_ldap_option.h apr_skiplist.h http_connection.h unixd.h apr_crypto.h apr_ldap_rebind.h apr_strings.h http_core.h util_cfgtree.h apr_date.h apr_ldap_url.h apr_strmatch.h httpd.h util_charset.h apr_dbd.h apr_lib.h apr_support.h http_log.h util_ebcdic.h apr_dbm.h apr_md4.h apr_tables.h http_main.h util_filter.h apr_dso.h apr_md5.h apr_thread_cond.h http_protocol.h util_ldap.h ap_regex.h apr_memcache.h apr_thread_mutex.h http_request.h util_md5.h ap_regkey.h apr_mmap.h apr_thread_pool.h http_vhost.h util_script.h ap_release.h apr_network_io.h apr_thread_proc.h mod_auth.h util_time.h apr_env.h apr_optional.h apr_thread_rwlock.h mod_cgi.h util_xml.h apr_errno.h apr_optional_hooks.h apr_time.h mod_core.h apr_escape.h apr_poll.h apr_uri.h mod_dav.h [root@centos3 apache]# man手册文件 1，[root@centos3 apache]# vim /etc/man.config MANPATH /usr/local/apache/man ,2，[root@centos3 apache]# man -M /usr/local/apache/man