nginx安装配置学习笔记

?Xe.nsA/g.X4A1. 基本安装BSD爱好者乐园x8FFC.x2v UN(_5a
官方站点 http://nginx.net/BSD爱好者乐园ck)l0d'Tw(z*v|
wiki： http://wiki.codemongers.com/MainBSD爱好者乐园7k:e(d!UVg"o;{
模块用法 http://wiki.codemongers.com/NginxModulesBSD爱好者乐园nHTci nq j
mp4支持模块 http://wiki.codemongers.com/NginxMP4StreamingLite
#m ac@
OzP地址加密模块  http://wiki.codemongers.com/NginxHttpAccessKeyModule
M)_-ef!CWz4T\#Unpack, edit the “config” file, replace “$HTTP_ACCESSKEY_MODULE” to “ngx_http_accesskey_module”
~2aFo qlm'w依赖软件包 zlib-devel pcre-devel openssl-develBSD爱好者乐园1VI*ga-B sA5Z| a9[7f
编译参数: ./configure  –prefix=/blog.zhangjianfeng.com/app/nginx-0.7.27 –user=www –group=www –with-http_stub_status_module –with-http_flv_module –add-module=./nginx_mp4_streaming_public  –add-module=/tmp/nginx-0.7.27/nginx-accesskey-2.0.3 –with-http_ssl_module –with-cc-opt=’-O3′BSD爱好者乐园8o7h [(N-u
# flv/mp4模块是支持拖动播放的,是否需要flv/mp4/accesskey根据需要决定
&ceMR8Z4x# accesskey需要BSD爱好者乐园 Jr2LJacv

BSD爱好者乐园.`*[7NO!E$T

2. 配置BSD爱好者乐园)N/A#m-a!~t
++ Nginx Redirect
:E$d'TF2Q h#如果正规中有大括号{},需要用”"引号包起来
#uC(ajsa,R3??P8\Yp-J#支持last break redirect permanentBSD爱好者乐园0QJ+o&eXk~
# http://wiki.codemongers.com/NginxHttpRewriteModule#rewriteBSD爱好者乐园#fC-F#P-y&B?Sc
serverBSD爱好者乐园$F-W+YIYZ,tN
{
U.J_Z A)UIYh2Klisten 80;BSD爱好者乐园*mut?(wy9^G
server_name linuxtone.org abc.linuxtone.org;BSD爱好者乐园'NVM"d4v
index index.html index.php;BSD爱好者乐园.g"F)x;vF/E*Pe
root /data/www/wwwroot;BSD爱好者乐园%{!L@%xRq
if ($http_host !~ “^www\.linxtone\.org$”) {
8KV0}3^` TSrewrite ^(.*) http://www.linuxtone.org$1 redirect;
]$}l/A(Tx8or)e}BSD爱好者乐园0i;t$H)V;q:Ma
……………………BSD爱好者乐园s$z#c(@ @
}BSD爱好者乐园V PA5B Y/c)R)r.L

{ R5Y`-l'n:i}x++ 目录自动加斜线,解决IE浏览器不识别
YX)m@%L%p1U]if (-d $request_filename){
\f3g!EGb9{Irewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
&r`3m
c] c}BSD爱好者乐园0E,M}uc{v(f

`;Hb Hd3V(G2sfg,\p++ Nginx 防盗链
\CI;PQ)SW'^#Preventing hot linking of images and other file typesBSD爱好者乐园/pFR#u:? I.ISe
location ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip)$ {
s/kJ N!|MKvalid_referers none blocked server_names *.linuxtone.org http://localhost baidu.com;BSD爱好者乐园!~t$kL:A4Je
if ($invalid_referer) {
6_A XJ9tx c5BrC7UK yorewrite ^/ http://www.linuxtone.org/images/default/logo.gif;BSD爱好者乐园R3] L/{qKQ8K
# return 403;BSD爱好者乐园#Scnk)@IJc m
}BSD爱好者乐园]FO1D{B
}BSD爱好者乐园4]:?3h:T8h0b*O

BSD爱好者乐园:D,u,M*O(? sh*H

++ Nginx expiresBSD爱好者乐园ExX)| i+\z"[&N
第一种方法:根据文件类型expires
LJ U(DL-]# Add expires header for static contentBSD爱好者乐园7t | b-c/W
location ~* \.(js|css|jpg|jpeg|gif|png|swf)$ {
plm:t:_8l1AMif (-f $request_filename) {
7M(K)Tl*q|q ] rroot /data/www/wwwroot/bbs;
"`$D$} ] G1U.}4Lexpires 1d;BSD爱好者乐园0n4GWgJ8U
break;
Oz[2cfd-ZKu+d}
v%j,Ef i第二种方法:根据判断某个目录
bpn;bFz# serve static files
[}o {7Klocation ~ ^/(images|javascript|js|css|flash|media|static)/ {BSD爱好者乐园Y1q+A9d}-v,c;{
root /data/www/wwwroot/down;
%[7^ yTD0b Wexpires 30d;BSD爱好者乐园dc y8j"Sv9m#~+k e6?+C
}BSD爱好者乐园N]*]"}'vn5^

SZ9c:P.^NWc#v(^++ Nginx 访问控制BSD爱好者乐园 p`/[%j'IPh
#/usr/local/apache2/bin/htpasswd -c /usr/local/nginx/conf/htpasswd/tongji linuxtone 创建用户BSD爱好者乐园 qwo;~?^u-f,r q
location ~ ^/(tongji)/ {BSD爱好者乐园`9ZPO9We9Z#gj ~
root /data/www/wwwroot/count;
*D Vpt4z5x~+mSauth_basic “LT-COUNT-TongJi”;
b k E@5WnH W sauth_basic_user_file /usr/local/nginx/conf/htpasswd/tongji;BSD爱好者乐园8qK0|,YL3Bb3@
}

h&ykn a!hh:f

T4M9e,G_7n0j3X++ Nginx 禁止访问某类型的文件.BSD爱好者乐园'q5g@0rkA3eM"^E
方法一:
g&Pc0g0p$OSlocation ~* \.(txt|doc)$ {BSD爱好者乐园y0Fz-_H.`?f(m
if (-f $request_filename) {

x%L!D({n/l h.H'Zroot /data/www/wwwroot/linuxtone/test;BSD爱好者乐园-q3p@$iAg+T'uA7n
break;BSD爱好者乐园&Z
bnna(h6X
}BSD爱好者乐园yx ZT'EIPs5{
}
1@EY6xN m方法二
Q f"b/{-wZ}K8j xlocation ~* \.(txt|doc)${
/O3xY9` FqIe_9Pcroot /data/www/wwwroot/linuxtone/test;
J8Z?!t'X#t^!Vdeny all;BSD爱好者乐园sZkE`E:c)Mu
}
e`.NUi%sC}BSD爱好者乐园 f |2LE/u"psq

BSD爱好者乐园!un;A#rJ7V@

++ 禁止访问某个目录BSD爱好者乐园X3Z`ARp*E
location ~ ^/(WEB-INF)/ {
*v9f-y n a@deny all;BSD爱好者乐园,Kb%\#W:bF5W*v
}BSD爱好者乐园Z]N@I c
++使用ngx_http_access_module限制ip访问BSD爱好者乐园8n
N7lgU7r N w
location / {BSD爱好者乐园t2I*x3sS9?z%V
deny 192.168.1.1;
CX8K?-pallow 192.168.1.0/24;
0Ui1I G;| MuP1B)Oallow 10.1.1.0/16;
Z;jU!r'i_deny all;BSD爱好者乐园Y$xyfDA6y C
}BSD爱好者乐园)C C7\kn+P-WyT6p%D
详细参见wiki: http://wiki.codemongers.com/NginxHttpAccessModule#allowBSD爱好者乐园VdO/z@8A|6L+i}

BSD爱好者乐园Ql?.da2F:o(f`S

++ Nginx 下载限制并发和速率
S(OZ9ja4K?(Alimit_zone one $binary_remote_addr 10m;
P}.Cb;i9l(~+]'J4|(T@4userver
@C)|a'YSH,YT{
.Ulr8a+OB)x c5xlisten 80;BSD爱好者乐园'it*H B|
server_name down.linuxotne.org;BSD爱好者乐园~ o;aM;s1gT
index index.html index.htm index.php;
y-zv/DC.`.F7Z,X$^h5droot /data/www/wwwroot/down;
@0PW[4U
\#Zone limitBSD爱好者乐园!QH1gv9nR\
location / {
'\ H"WO!]+D%cTzlimit_conn one 1;BSD爱好者乐园k#V/a2P4T
Y3BN ^_
limit_rate 20k;
&th3|],h+?2f9c}
Y6o;|ba……….
E
vp }!P6V8fj}BSD爱好者乐园WeUv4xXxSQ
#针对flv的下载请求，对指定IP作特殊处理BSD爱好者乐园
l/]l
P.^ U@5e4r-F
set $limit_rate 300k;
?ZU:H]diif ($remote_addr ~ 192.168.0.13$) {
1CfGqEc\ o:Cset $limit_rate 200k;
4ej0{A&lWz G-W}BSD爱好者乐园W4FL/[w
|,c

2Rj/J8XR$j0Q8[++ Nginx 实现Apache一样目录列表
.\7bG|S@&Blocation / {BSD爱好者乐园7r}4d jAd ?#P\
autoindex on;BSD爱好者乐园f%B%BEC`N2N
}BSD爱好者乐园iS tp(M,n @

Q"q&T;lho,ZG++nginx 如何不记录部分日志BSD爱好者乐园O!dSL
{l [ }M
location ~ .*\.(js|jpg|JPG|jpeg|JPEG|css|bmp|gif|GIF)$BSD爱好者乐园SLF{u9X&A)M
{BSD爱好者乐园/qb!d)u:J1F5^
access_log off;
w0C.I;\:h
w3UtWu aa}BSD爱好者乐园v%k!RE pJ u

0EoxcdGwz++虚拟主机配置BSD爱好者乐园 L3rJw@
http {
up1Co/B S2p_Fserver {BSD爱好者乐园.IuQx z;Dn
listen 80;BSD爱好者乐园NR2t#K+m7Ad
server_name www.domain1.com;BSD爱好者乐园4_5JeMV6w?
access_log logs/domain1.access.log main;
BE1U'L7Slocation / {BSD爱好者乐园J$isOA&Rs2X
index index.html;BSD爱好者乐园6A9I\gU
root /var/www/domain1.com/htdocs;
%E-EQ6p{
c&ZJ}BSD爱好者乐园3m'T;m+N vHcj
}

$m[f~KpI6A2N

s)_"Sod2aih#vserver {
G$^0a2u8Dlisten 80;BSD爱好者乐园\#B!Gh tVLi
server_name www.domain2.com;BSD爱好者乐园.hK/MUMq
access_log logs/domain2.access.log main;
&hpdG]6l1Z?1Llocation / {BSD爱好者乐园0ck4P5s X}$xee
index index.html;BSD爱好者乐园Ed]Uwf `
root /var/www/domain2.com/htdocs;
`|3S
U1U4D?}
yv5Ca6Hav"v
N}BSD爱好者乐园(B^y|9C%t)xfQ
}BSD爱好者乐园JnI$Km;s"w n;dS

BSD爱好者乐园+\Q2ZA$hN2`

++flv/mp4配置
5EYYj E7?:`location ~ \.flv$ {
w#QTUz5@flv;BSD爱好者乐园huPJNs
}
p*benWtA7vlocation ~ \.mp4$ {
nkSn~$[x8k#]mp4;
c f%Ph!btlPOi}BSD爱好者乐园T9ZOx6V

~0Q"Gq1x/L#k Xcv++accesskey_module地址加密
3s)r$e)Svolocation /download {BSD爱好者乐园&axT[ C*Z
hAms
accesskey on;
!~,H4O!U3V4Xaccesskey_hashmethod md5;
a6~ WLo8UN7b!^!zPy7Oaccesskey_arg “key”;BSD爱好者乐园WZ$c"M G nFW*M#\
accesskey_signature “blog.zhangjianfeng.com$remote_addr”;BSD爱好者乐园N0q6T3wu]
}
7?!i&]`+E-n
\ k# 写一个php程序产生加密keyBSD爱好者乐园D zMtO'U
\<\?php echo md5(’blog.zhangjianfeng.com’.$_SERVER["REMOTE_ADDR"]);\?\>BSD爱好者乐园/p/z8VD@vZ3d
#手工测试用 \<\?php echo md5(’blog.zhangjianfeng.com’.'192.169.0.21′);\?\>BSD爱好者乐园.izh'WDU+O5|
# 下载URL http://blog.zhangjianfeng.com/download/file10m.zip?key=1e49fa4ed26486938742e24d2040cc84BSD爱好者乐园6kX rx[.cF}G2{2|
# 下载flv并带start参数 http://blog.zhangjianfeng.com/download/file10m.flv?key=1e49fa4ed26486938742e24d2040cc84&start=xxxBSD爱好者乐园
{7L!f\%``6z

ln7_;@9[+Y++NginxStatus配置BSD爱好者乐园F)evEW2qL x
location ~ ^/NginxStatus/ {BSD爱好者乐园 {SeL-hz
stub_status on;BSD爱好者乐园`!c0@-@TS^9E
access_log off;BSD爱好者乐园f2Y"zYK0e?
allow 218.5xx.xx.xx;BSD爱好者乐园r\b n&p
deny all;
P#b2r#Q.SCG'[-c's}BSD爱好者乐园s,K)G9l#EB!l5A
#输出状态中
jOeZR a^ GvX#Active connections=Reading+Writing+Waiting
u LI:\ d D!bH9@8Wr#Reading 从客户端读取数据的链接数目， Writing向客户端返回数据的链接数目，Waiting通常与KeepAlive设置有关
J%KaG)@4J*V#active connections — 对后端发起的活动连接数BSD爱好者乐园'j(t8wW1ACG9@
#reading — nginx 读取到客户端的Header信息数
jMF(y \N:m F#writing — nginx 返回给客户端的Header信息数
"m d,iae3^0\/]T-[#waiting — 开启 keep-alive 的情况下，这个值等于 active - (reading + writing)，意思就是Nginx已经处理完成，正在等候下一次请求指令的驻留连接。BSD爱好者乐园6qKp sY7yM

BSD爱好者乐园&p1i/L TJ`,FHhX

++页面访问控制BSD爱好者乐园:TE7Kpx
location / {BSD爱好者乐园F,_`WN,l1z
auth_basic “Restricted”;BSD爱好者乐园3aa%W'YG.g
auth_basic_user_file conf/htpasswd;
T `%cLC+LwW}BSD爱好者乐园3T)z5NJ-W(g;D1n wX
#conf/htpasswd可以用Apache 的 htpasswd创建BSD爱好者乐园 w2];b:OXb@2Y$_.i+NJ

BSD爱好者乐园ir
Dd'|)B5t

++ssi支持BSD爱好者乐园3c/he+jej(A.k
location / {BSD爱好者乐园MJb}.O'U+n(j2U
ssi on;
:jnPfNJ9oL{ c}

&qOb/? q6hBSD爱好者乐园\.e!]^S

++其它BSD爱好者乐园0D xH"Z rD'Ki
user          www        users;
{1w;D_ E&Qworker_rlimit_nofile 51200;BSD爱好者乐园1l#bcWs`"K}_
events
_XsR!_-D{BSD爱好者乐园^Pf(f2lOP}
A;L)y
use epoll;
*vXt
]`] [Kiworker_connections 51200;BSD爱好者乐园`EzZu2X
}BSD爱好者乐园_ x.ymGi

W!C4Z6y;nS++在日志中记录虚拟主机名信息
|1n3l-SJ;Y*R&];Qlog_format vhost ‘$remote_addr - $remote_user [$time_local] “$request” ‘
E(}-H%B;Wx[‘”$status” $body_bytes_sent “$http_referer” ‘BSD爱好者乐园9X]/H-g-CN!e Ef5Sf
‘”$http_user_agent” “$http_x_forwarded_for” $host $server_name’;BSD爱好者乐园rh+@+`2C)K$lRx

BSD爱好者乐园5| gw`q)|z

3．Nginx 日志处理
!S)p.Bp M[$wr#contab -eBSD爱好者乐园cE]t(BV6?} _
59 23 * * * /blog.zhangjianfeng.com/sh/logcron-nginx.sh >> /blog.zhangjianfeng.com/logs/crontab/logcron-nginx_log 2>&1
If Kc1K6g;|logcron-nginx.sh.txt(960 B )

2C5z] \&M/q)A JBSD爱好者乐园|X/q,n'v&T

++Nginx 如何不记录部分日志
HY(WY:h2o5Hylocation ~ .*\.(js|jpg|JPG|jpeg|JPEG|css|bmp|gif|GIF)$BSD爱好者乐园c\y rE.x
{
7[JlNp-K
v8raccess_log off;BSD爱好者乐园9k/S._XJ.j"o
}
{D \u5}/P6W4．Nginx Cache服务配置BSD爱好者乐园^%v;R
H3S/Q(Y
如果需要将文件缓存到本地，则需要增加如下几个子参数BSD爱好者乐园-`0pigF|2zm4_-da
proxy_store on;BSD爱好者乐园:A5e y|'u~FY2e
proxy_store_access user:rw group:rw all:rw;BSD爱好者乐园 ETuLBu
proxy_temp_path 缓存目录;其中，BSD爱好者乐园"W4]1v4b7a
proxy_store on用来启用缓存到本地的功能，
?7]?d2FD+Nproxy_temp_path用来指定缓存在哪个目录下，如：proxy_temp_path html;BSD爱好者乐园q#B-sj xU
#在经过上一步配置之后，虽然文件被缓存到了本地磁盘上，但每次请求仍会向远端拉取文件，为了避免去远端拉取文件，必须修改proxy_pass：代码:BSD爱好者乐园$n3lAuz1g
if ( !-e $request_filename) {
r0ZvbMqm:s Fr
Cproxy_pass http://mysvr;BSD爱好者乐园'B({J2@$EE*tX.J&^/e
}BSD爱好者乐园}/a GC-m
#即改成有条件地去执行proxy_pass，这个条件就是当请求的文件在本地的proxy_temp_path指定的目录下不存在时，再向后端拉取。BSD爱好者乐园o+F$VZ4@C H:vwK
5．Nginx 负载均衡
%X0\Z a+H1. Nginx 基础知识
.jgt\p[nginx的upstream目前支持4种方式的分配
{3C2N8a:W1T!mv|0ir1)、轮询（默认）
C2Ca#T/TmV每个请求按时间顺序逐一分配到不同的后端服务器，如果后端服务器down掉，能自动剔除。BSD爱好者乐园&yF7lJ/`q%]_m7G
2)、weight
*]
i'Y&R'g bipv指定轮询几率，weight和访问比率成正比，用于后端服务器性能不均的情况。
+P qdj8TC&^$bE2)、ip_hash
)W*e)xu2S#H?@每个请求按访问ip的hash结果分配，这样每个访客固定访问一个后端服务器，可以解决session的问题。BSD爱好者乐园r&Qt!xG+NUr
3)、fair（第三方）
PO:zmesCFA*b$j按后端服务器的响应时间来分配请求，响应时间短的优先分配。
|gh7f%JDx4sM4)、url_hash（第三方）
"yO+J ?acz\/Y
kHNginx 负载均衡BSD爱好者乐园
XbU VRlXD
实例1代码:
Eo}!Z*LBXupstream bbs.linuxtone.org {#定义负载均衡设备的Ip及设备状态
S:h,fy#xd&Aserver 127.0.0.1:9090 down;
@*jD!u@B_4M3bserver 127.0.0.1:8080 weight=2;BSD爱好者乐园X yW-^ R*O*D
server 127.0.0.1:6060;BSD爱好者乐园C _%?!qI
server 127.0.0.1:7070 backup;BSD爱好者乐园D.b}1i|Vh9X0O
}
Z9H9X*jGO5mh在需要使用负载均衡的server中增加代码:
^mS kJr.jproxy_pass http://bbs.linuxtone.org/;
S%n6f D{~,KE^X0{/C-R每个设备的状态设置为:代码:BSD爱好者乐园3O~ObF5Q P
1.down 表示单前的server暂时不参与负载
-gvd.L+kG2.weight 默认为1.weight越大，负载的权重就越大。BSD爱好者乐园zYp)Bt!h
3.max_fails ：允许请求失败的次数默认为1.当超过最大次数时，返回proxy_next_upstream 模块定义的错误
/?$D7B+Dl4.fail_timeout:max_fails次失败后，暂停的时间。
+bs5N"`2m#N5.backup： 其它所有的非backup机器down或者忙的时候，请求backup机器。所以这台机器压力会最轻。nginx支持同时设置多组的负载均衡，用来给不用的server来使用。
cnS){,M4u-vAclient_body_in_file_only 设置为On 可以讲client post过来的数据记录到文件中用来做debugBSD爱好者乐园5q(Z O9k8`.N7[pS
client_body_temp_path 设置记录文件的目录 可以设置最多3层目录BSD爱好者乐园%n$\W#GO6r4G
location 对URL进行匹配.可以进行重定向或者进行新的代理 负载均衡BSD爱好者乐园#Y3rII(zr1_
++Nginx 负载均衡实例 2
9I K uZq9p/{按访问url的hash结果来分配请求，使每个url定向到同一个后端服务器，后端服务器为缓存时比较有效,也可以用作提高Squid缓存命中率.BSD爱好者乐园)C5sxR0MZM
简单的负载均等实例:BSD爱好者乐园c#A"Et9xX%~^0@t
#loadblance cacheblog.zhangjianfeng.comBSD爱好者乐园itNt"hn+GW
upstream flvsrv {BSD爱好者乐园5P(u]{Qe7|8f
ip_hash;BSD爱好者乐园5i{3P1?r
server 58.2xx.xxx.xx:80 weight=2;
qF!z'Uo,{Xpserver 218.xx.xx.xx:80;
Sf4d&V ex5ef}
^2sEsBjs\serverBSD爱好者乐园e a A&zvd w{
{
,~dO)t,RMlisten 80;
i!A,b]5A&XO/^server_name cacheblog.zhangjianfeng.com;BSD爱好者乐园L M/dH;e;VWS BJK
index index.html index.php;
ZzdMb
d$froot /blog.zhangjianfeng.com/data/cache/cached1/;BSD爱好者乐园CbA+nX Z
if (-f $request_filename) {BSD爱好者乐园 w
{4V9|"R]-]M
break;BSD爱好者乐园|r i:B'^swF
}

%A6X:M\AB2KY~ {Y

5y:A.P&IWg;q/ulocation / {
:Z!B$bE$tkif ( !-e $request_filename) {
T2]H5B XJJh Nproxy_pass http://flvsrv;BSD爱好者乐园)zJM0CvnH
break;
s)Z_ @ki
la}
jYJ6^0^k)^t## include conf/proxy.confBSD爱好者乐园V4d?hW;Xb
proxy_redirect off;BSD爱好者乐园}K/_jH5W1G
proxy_set_header Host $host;
dI3VP#Q7TXm*|proxy_set_header X-Real-IP $remote_addr;BSD爱好者乐园s;u2T-] LQR$?
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;BSD爱好者乐园
{P~9nai5N
client_max_body_size 50m;
@w:RMxclient_body_buffer_size 256k;
-MG6G I+geZqYproxy_connect_timeout 30;BSD爱好者乐园m$n;K8z:]/^s0O3x4e f
proxy_send_timeout 30;BSD爱好者乐园;F
H c\7m0d
proxy_read_timeout 60;BSD爱好者乐园
d7\y"G(wS$C"lX
proxy_buffer_size 4k;BSD爱好者乐园/{I^ x W*tI.w;G
proxy_buffers 4 32k;BSD爱好者乐园E/lwF*p g4VG
proxy_busy_buffers_size 64k;BSD爱好者乐园/dK}5b4cPB-}
proxy_temp_file_write_size 64k;
l&BW FsA{/Lproxy_next_upstream error timeout invalid_header http_500 http_503 http_404;BSD爱好者乐园j.}I Q{T
proxy_max_temp_file_size 8m;BSD爱好者乐园]Rh a[!lV#_P
proxy_store on;
|+AfL+nzdawproxy_store_access user:rw group:rw all:r;
}/NA;CEv$}f c#nginx cache
Om e5et7Gclient_body_temp_path /blog.zhangjianfeng.com/data/cache/nginx_cache/client_body 1 2;BSD爱好者乐园j!f]ST/Lq
proxy_temp_path /blog.zhangjianfeng.com/data/cache/nginx_cache/proxy_temp 1 2;BSD爱好者乐园?C+k n"bm5d

u L}0KU6[1WmY^6．Nginx 优化BSD爱好者乐园i oxr ^ up
1).编译优化BSD爱好者乐园!m1N9@zY$u:G
编译时加参数–with-cc-opt=’-O3′
QLf})xOJ:Rv2).修改Nginx的header伪装服务器
%r aF&vjwtb)K代码:
waG+l X{"M# vi src/core/nginx.hBSD爱好者乐园 VZ3HFhV'h3Ry.@
#ifndef _NGINX_H_INCLUDED_
}!P
HSH;b#define _NGINX_H_INCLUDED_
6d k
X3~TTV5@3~2Y#define NGINX_VERSION “1.3″
7yA}qO6f~#define NGINX_VER “LTWS/” NGINX_VERSION
8q1D%K e'S#define NGINX_VAR “NGINX”
F'd-lm(RP#g"b Oo@#define NGX_OLDPID_EXT “.oldbin”
s#g^&| FbKXT#endif /* _NGINX_H_INCLUDED_ */BSD爱好者乐园7@__)mK8{"a
# curl -I my.linuxtone.orgBSD爱好者乐园(f0r~:Y'A Tk
HTTP/1.1 200 OKBSD爱好者乐园If$g A/TMPJ
L ?%c
Server: LTWS/1.3
|*I qZ:}8_5c:I GeDate: Mon, 24 Nov 2008 02:42:51 GMTBSD爱好者乐园8K*zq3h:j XYR'N
Content-Type: text/html; charset=gbkBSD爱好者乐园Qf;k\qW'I/y!C
Transfer-Encoding: chunked
o2\}S9[L sb2C?Connection: keep-aliveBSD爱好者乐园C4k&}I6hy*iU)N
3)几个配置BSD爱好者乐园2N4x$~ t J
I6gLIX ]
sendfile on;

#l wTp` f8D%XBSD爱好者乐园t,Bug }4Au+L

tcp_nopush on;
B5RU O9qo ck#}Ikeepalive_timeout 60;BSD爱好者乐园8xU].q:B(E0|J G.{

9|^s"z^4Etcp_nodelay on;BSD爱好者乐园(WI!}t&B0]lF
fastcgi_connect_timeout 300;
5?6n,n1CvqEfastcgi_send_timeout 300;BSD爱好者乐园Z/^uZz_0n'f P^&n
fastcgi_read_timeout 300;
:w3EZ2U&Y)e%`pfastcgi_buffer_size 64k;BSD爱好者乐园2g/R)YM&EOE U
fastcgi_buffers 4 64k;
hAC$GP`7rfastcgi_busy_buffers_size 128k;BSD爱好者乐园 v!nsq9b
fastcgi_temp_file_write_size 128k;BSD爱好者乐园-jY*q\#k4L
gzip on;
k d/Kr'wbEgvgzip_min_length 1k;
\U3}'y9b(igzip_buffers 4 16k;
|5\/y%u:Pgzip_http_version 1.0;
O{9xu Tgzip_comp_level 2;BSD爱好者乐园qK9W-i8zP.I9L)Bv
gzip_types text/plain application/x-javascript text/css application/xml;BSD爱好者乐园i9~ptAFLI4yG9T
gzip_vary on;BSD爱好者乐园/a-k/UP+Yz

H:Q(r+nh0c7.nginx服务简单控制脚本BSD爱好者乐园%mhT U3_
nginxd.sh.txt(1.18 KB)BSD爱好者乐园W3aX6~"U_1~6zc9U h

jU-b)s!s o9p G其它说明
9m-my`3g$j,L0G++nginx几个参数
8D]7C(P9A"d%D
W1V)S-c 为 Nginx 指定一个配置文件，来代替缺省的。BSD爱好者乐园@c-w/Nn^/i7L
-t 不运行，而仅仅测试配置文件。nginx 将检查配置文件的语法的正确性，并尝试打开配置文件中所引用到的文件。
_#Iri/e%z9Z#Qk-v 显示 nginx 的版本。BSD爱好者乐园!B:p$m
edj XW
-V 显示 nginx 的版本，编译器版本和配置参数。

Z)`4J/w;s-y*SBSD爱好者乐园sq~ m4E Fh9\

++处理信号

F&g{$V)?GkX重载配置文件 kill -HUP `cat $PATH/nginx.pid`
:YsD:w2CB;EWG其它的信号BSD爱好者乐园nN8Xvl#bK5r;n
相关的处理信号BSD爱好者乐园Bj:RJl T&P9Q@6L7n
A)主进程可以处理的信号
H ]0o1J#d9ZwTERM ，INT              快速关闭
RNej2|IQUIT                        从容关闭
qeh._-X1w9cHUP                          重载配置，用新的配置开始新的进程，从容关闭旧的工作进程BSD爱好者乐园*JKy5Yj-x/s({-]
USR1                        重新打开日志文件
2n T;I;Mtn d#LUSR2                         平滑升级可执行程序BSD爱好者乐园JL[.s n\/P4Z
WINCH                      从容关闭工作进程
Dr*p#qs;m)`B)工作进程可以处理的信号BSD爱好者乐园PQ,\&E$Z[ _E-c3K
TERM ，INT                         快速关闭
xa:p&`)s B6Yi5_QUIT                                从容关闭
(aN:sI zU9O&YUSR1                                重新打开日志文件

P,Z#o
Z
Z$U)b,N5P {

5yR"f1Su)sw++ Nginx LocationBSD爱好者乐园Q5jy)op([H
基本语法BSD爱好者乐园 av4Ep_9{
location [=|~|~*|^~] /uri/ { … }
\x9YaJ= 严格匹配。如果这个查询匹配，那么将停止搜索并立即处理此请求。BSD爱好者乐园9| H}#nIH2G9i1\ [
~ 为区分大小写匹配
Tooy(R"R
J!x~* 为不区分大小写匹配BSD爱好者乐园(E$~I*H&j!^.R*n
!~和!~*分别为区分大小写不匹配及不区分大小写不匹配BSD爱好者乐园g
Hf-]t
^~ 如果把这个前缀用于一个常规字符串,那么告诉nginx 如果路径匹配那么不测试正则表达式。

eV#X&?m!e

oiY6b4s"F l1K例:
A7dp/\+t{S2kFlocation = / { # 只匹配 / 查询。BSD爱好者乐园'aVm/R _!vO+P Yq9W:Z
location / { # 匹配任何查询，因为所有请求都已 / 开头。但正则表达式规则和长的块规则将被优先和查询匹配。
-z
aVp:d&Ba2elocation ^~ /images/ { # 匹配任何已 /images/ 开头的任何查询并且停止搜索。任何正则表达式将不会被测试。BSD爱好者乐园 m;^*h3bw1e7N}
W)E
location ~* \.(gif|jpg|jpeg)$ { # 匹配任何已 gif、jpg 或 jpeg 结尾的请求。

;fSpO#{F"?*xBSD爱好者乐园/U"r Uf6~D H)z3]

++ 文件及目录匹配
#{;b1IA-GFP+SR* -f和!-f用来判断是否存在文件
\h;iS$X%pP* -d和!-d用来判断是否存在目录
5?sg[(n'Dbx* -e和!-e用来判断是否存在文件或目录BSD爱好者乐园;y\7R}? \5J}
* -x和!-x用来判断文件是否可执行

t7_H D&w*C5M8h

s$j9\5^&o7j]/d++ 一些可用的全局变量
&sm Q*l@;n _$argsBSD爱好者乐园E4r'CbL9TH
$content_length
+~8g0h$r3_;f*V$content_type
d5Q(_+[/b6Gl$document_root
-U+EI
kN+d ltKvh$document_uriBSD爱好者乐园8C*S}B1E F[ `7`
$host
eu g-T zR_(f$http_user_agentBSD爱好者乐园+GU l2xZPy|
$http_cookie
!m:s!HK M$limit_rateBSD爱好者乐园6I*gA$cNi;xr/A9|J
$request_body_file
!B,[qzzN K$request_methodBSD爱好者乐园!K.l*B6SC;Zk*N
$remote_addrBSD爱好者乐园t+fwrAc+n*v!\I JM
$remote_port
0a9W0zK5@5|)n$remote_userBSD爱好者乐园$nd-}~9dOR/U
$request_filenameBSD爱好者乐园;q B.lp7iz,i/D
$request_uri
LB2j4J` s:y$query_string
G:y_"M]-U]y$scheme
q BX0j+r*U,E}$server_protocolBSD爱好者乐园 a5u+GWjlz!V$Z*pi
$server_addr
$d6z9Gy+h]$U$server_name
(|lD1IGX"kB6e#V$server_port
7q mu:@ f3ee3T+I$uriBSD爱好者乐园{,q D9Ql{

n
NlK^Y++errorlog定义级别
)O)bq!a1h[error_log logs/error.log [ debug | info | notice | warn | error | crit ]

_Lq%xDfBSD爱好者乐园;IHbz%y&N\

++ Invalid cross-device link错误BSD爱好者乐园:z&s e8~d$n/HZ5B
proxy_temp_path /data/temp;BSD爱好者乐园#OAm&j/{+D
alias /data/www;
A]:y}5l`G)}[解决办法: /data/www和/data/temp目录必须在同一个device

,v C'D7V vOR\

dA;Cy)^CM5V+Q'B9`B,^++实现类似apache的aliasBSD爱好者乐园3xpt\!S
location /installcd/ {
a^;t#I.u~-HPalias /media/installcd/;BSD爱好者乐园gcapb6I%D"f
allow 192.168.25.0/24;BSD爱好者乐园RP+}]5X$_8Ewa+zU
deny all;
*Ya&I S,Oz2Y}

$A%i2];T0LX&V0_6t

yU I'b!P.]++防止多线程下载range206
FZ e^*X/]if ($http_range) {BSD爱好者乐园4`5io
d Wg-{
return 405;
"|,m*{*FE8xdh}

ztjw@_.I

/j3M*EXs
d i!W++nginx.conf及vhost.conf示例
'gUV J qq/J/m(S## nginx.confBSD爱好者乐园!LV4A3PG tc%a.W q
user nobody nobody;
Xgu;B9M0R\'CSworker_processes 8;BSD爱好者乐园uVfF7V%MW%l

BSD爱好者乐园;c
Z2a"B y%V+_

error_log logs/error.log;BSD爱好者乐园n)H~+g8u)u9o2t
pid logs/nginx.pid;

C lTol^8hf

GV^1T{["Pz9W9M8qworker_rlimit_nofile 51200;BSD爱好者乐园4F#IcrX*Ex*vo
events {
|9I e^f&S5PGuse epoll;
6Qh[@"t)Emo~worker_connections 51200;
tI6R-d&j'E!oi3}"\Y}

}9IOtMTL:P R5SBSD爱好者乐园&m1U3qal~kqW}-_2v

http {BSD爱好者乐园td/Y ~ x(r
include mime.types;
~3y*`x{default_type application/octet-stream;

k n3D_T'l
wF,U3gp5qBSD爱好者乐园CT_Fw j

log_format main ‘$remote_addr - $remote_user [$time_local] “$request” ‘BSD爱好者乐园-YC2r u7h8?
‘”$status” $body_bytes_sent “$http_referer” ‘BSD爱好者乐园x(X j3c1Y#LKF'ZB
‘”$http_user_agent” “$http_x_forwarded_for”‘;
j&\$YJU4CW vo##for squid+nginx
DZm-t5c
z8R b6l1^!llog_format access ‘$remote_addr - $remote_user [$time_local] “$request” ‘
Q ZR"P!~$m#Nt2?‘”$status” $body_bytes_sent “$http_referer” ‘
-e
ukJ?‘”$http_user_agent” “$http_x_forwarded_for” “$host”‘;

D[cnd@BSD爱好者乐园jLG1D?u

server_names_hash_bucket_size 128;BSD爱好者乐园 M,sl N L|^0Tk
client_header_buffer_size 32k;BSD爱好者乐园/[[5`gO9xH~
large_client_header_buffers 4 32k;
)sy ^z3y7[Lclient_max_body_size 20m;BSD爱好者乐园3y#E&rlrH#J
sendfile on;
`p5d-v5{f$^tcp_nopush on;

C)zI klMax#keepalive_timeout 0;
UAZYN leokeepalive_timeout 60;BSD爱好者乐园%gG+r vsR:Y#n,_ ~
tcp_nodelay on;

%h `^SD

@~)y T]3C/Ffastcgi_connect_timeout 300;BSD爱好者乐园&|+o CvW2Y6O)I
fastcgi_send_timeout 300;
)E8j9C4}:|8aq1r1]fastcgi_read_timeout 300;
})FF7o:y i)sA,M:efastcgi_buffer_size 64k;BSD爱好者乐园;o+T&L#uA
fastcgi_buffers 4 64k;BSD爱好者乐园#U;t|^M*OxE
fastcgi_busy_buffers_size 128k;
!Un ~kh KuOfastcgi_temp_file_write_size 128k;

"vOK,_Opw

3n[-d5K.k5X;J"O7h M%Xgzip on;BSD爱好者乐园FtY D8d3z)b%R
gzip_min_length 1k;BSD爱好者乐园$JVd\HdWh5B
gzip_buffers 4 16k;BSD爱好者乐园e3DU1S we+`EA*\
gzip_http_version 1.0;
I2\2^4Mo^%B7L"@
zgzip_comp_level 2;
1C#OQ;u*P!^]An8fgzip_types text/plain application/x-javascript text/css application/xml;BSD爱好者乐园/@E&Kr*v
gzip_vary on;

yd-ZW
G+a8_XuBSD爱好者乐园0Y7X3jccq3Hu

include vhost.conf;BSD爱好者乐园u#ca3h%}f

(@"o.p/P,l-c9off}BSD爱好者乐园)Pc.He+M

BSD爱好者乐园JifFo'au

## vhost.confBSD爱好者乐园6o^9i!dfr]]

V:}%LI-i,N6Dbserver {
Q"G | mXU3WwP#cvAlisten 80;
'wt{d%~_#|2y,tserver_name blog.zhangjianfeng.com;
~4Xy5k"P7^$j(a0]root /zhangjianfeng/data/www/blog;BSD爱好者乐园6B#YWMHur8sx-R
access_log logs/blog.zhangjianfeng.com.log main;BSD爱好者乐园1HNc5]3j?I/g
location ~ .*\.(js|jpg|JPG|jpeg|JPEG|css|bmp|gif|GIF)$
S"LNVs N{
RGa1?.\W
aaccess_log off;
}3Aj;G;k+~p}

2^/I\2^9U%acBSD爱好者乐园,Ijbk;d)|X

location / {BSD爱好者乐园a,^4eN1R pW)G
}&T
index index.html index.htm index.php;BSD爱好者乐园K.Kh%u^IY(CpY@
}

n)uW0Gp(T

1g8E;pEH] iiinclude rewrite-blog.conf;BSD爱好者乐园0EV6GZ3Wj6e

4k
|a2T GpB2zlocation ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
)\%K-i~sP!lMvfv{

CfK0W1E\ ~SJ+Rexpires 7d;
7JP'@ovu:wC.N}BSD爱好者乐园)uUF9d2b*h

BSD爱好者乐园"n^,{2U]#Lb:o

location ~ .*\.(js|css)?$BSD爱好者乐园.g.m(d r"r*|B%?$w
{BSD爱好者乐园m5@$Q J*s/a;]
expires 1d;BSD爱好者乐园F:nt2vH(W
}BSD爱好者乐园(?n1J?n5c"o

BSD爱好者乐园1P)PBpv

location ~ \.php$ {
Q&uC!Zv)wxfastcgi_pass 127.0.0.1:9000;
7u.I!YQa5y~ z\fastcgi_index index.php;
K D@Z/y[$l"b3e4BnSinclude fastcgi_params;
K@u(p_~fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;BSD爱好者乐园8@:O"j5RE6TD
}BSD爱好者乐园)]E9`
X7NhO{
error_page 404 500 502 503 504 http://blog.zhangjianfeng.com/error.html;BSD爱好者乐园0o(k H!Ilp%V
location = /50x.html {
1?RA
g8t9BWN
N$|UXroot html;BSD爱好者乐园o] o_j2A
}BSD爱好者乐园E:m8zs+wrIgZ

BSD爱好者乐园 x7c ~X$^F7ee

}

{@1[*\-fX0Fe5p

't v+F#w-GD3pserver {BSD爱好者乐园?-z$I-_rQz`%d
listen 80;
A#P8l"Jn+id5moserver_name bbs.zhangjianfeng.com;
c9ea8R ZqH1caccess_log logs/bbs.zhangjianfeng.com.log main;
:O:IfIA#]pjroot /zhangjianfeng/data/www/bbs;BSD爱好者乐园(H"uy or-{
location / {BSD爱好者乐园$D5NF2M~)C
index index.html index.htm index.php;BSD爱好者乐园/e5lRh[i"dO
}BSD爱好者乐园/BcL M'^)F6s

t,}!^s+Q'E1Kinclude rewrite-bbs.conf;

eww1D;C
kN_

:ZYX5n0Y"W)clocation ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$BSD爱好者乐园1yo$RJ+x
{
2G
x3f/I%m6D^expires 7d;
J{4G
fniV
fZ}

Q2hwX6XX9Xvj

v^x;nA9b*Klocation ~ .*\.(js|css)?$
D f7S0Li0km1w9rV{BSD爱好者乐园cA3@ {_0RF.b
expires 1d;
m6d*i:zg`!~nQ}

7hVvn}&aBSD爱好者乐园2S0K&K)c^(K'W

location ~ \.php$ {BSD爱好者乐园3l5BZE0FqV-{*{(Z
fastcgi_pass 127.0.0.1:9000;BSD爱好者乐园#{/?TC(ryP$@o
fastcgi_index index.php;BSD爱好者乐园$Qb-_(tU H
include fastcgi_params;BSD爱好者乐园!d,f1h+a&]1Uq7^
fastcgi_param SCRIPT_FILENAME /zhangjianfeng/data/www/bbs/$fastcgi_script_name;BSD爱好者乐园/AB5{$O \
}BSD爱好者乐园0x vZ3H+gV

BSD爱好者乐园(d@;DRk*n

location ~ ^/NginxStatus/ {BSD爱好者乐园0s g {@6}*e
stub_status on;BSD爱好者乐园_?*s8?`|x;q
access_log off;
s+\hAsW,I ?.P{auth_basic  “Restricted”;BSD爱好者乐园
ad&Q(V?.u])_
auth_basic_user_file  /blog.zhangjianfeng.com/app/nginx-0.7.27/htpasswd/.htpasswd.status.users;
m&} Wv.q'Oq-m# allow 218.5xx.xx.xx;
/{
S xiW2M_ti%hl(i# deny all;BSD爱好者乐园3qmRx&|CO
}

*zb
\6|9W,\eAD.[,Qf%fBSD爱好者乐园I)P2y,?H ~3g1?:L

error_page 404 500 502 503 504 http://bbs.zhangjianfeng.com/error.html;
\3Uf+K UU Sq,Xlocation = /50x.html {BSD爱好者乐园0GO:gFO+y1c
root html;
#OI5K2u.Y H}BSD爱好者乐园 e9R0|6eS4@

G,V+Ez9|!D^}BSD爱好者乐园;^}*NPi1o`U

BSD爱好者乐园S,x5q i;ND*w:`,?

++php上传BSD爱好者乐园|Y)\
g$W*o,`"CG+_
1.nginx.conf的http{}中增加
L`1qUw9z{({6v+Eclient_max_body_size 300m;BSD爱好者乐园?7p,]*G9MP8q
2.php.ini需要修改
j2_P#q|j%O0lpost_max_size = 300MBSD爱好者乐园RV
E*B0]kE+a8M
upload_max_filesize = 300MBSD爱好者乐园'aC]qiwO1a2F
## 如果出现413 Request Entity Too Large,看看是不是超过上面的限值了

;t#n/{@@R l9}
n因为使用范围的限制，BSD方面文章更新速度不快，站长会坚持每天更新博客，欢迎访问！
[版权声明]BSD爱好者乐园站内文章，如来源不是互联网，则均系原创或翻译之作，可随意转载，或以此为基础进行演译，但务必以链接形式注明原始出处和作者信息，否则属于侵权行为。另对本站转载他处文章，俱有说明，如有侵权请联系本人，本人将会在第一时间删除侵权文章。 TAG: nginx