nginx安装配置学习笔记

U!s3OSB|*s8I}1. 基本安装BSD爱好者乐园'W9S6|,p/@:{0^4Z
官方站点 http://nginx.net/
Yqs*u4[rwiki： http://wiki.codemongers.com/MainBSD爱好者乐园ed6Vddf(K$_.ji$o
模块用法 http://wiki.codemongers.com/NginxModulesBSD爱好者乐园)R?~ed}
mp4支持模块 http://wiki.codemongers.com/NginxMP4StreamingLiteBSD爱好者乐园Ff(A`h
地址加密模块  http://wiki.codemongers.com/NginxHttpAccessKeyModuleBSD爱好者乐园;Q2T&C(Uv
#Unpack, edit the “config” file, replace “$HTTP_ACCESSKEY_MODULE” to “ngx_http_accesskey_module”BSD爱好者乐园 kKIB qm:\:n wP M
依赖软件包 zlib-devel pcre-devel openssl-devel
&]Y"eb4YK编译参数: ./configure  –prefix=/blog.zhangjianfeng.com/app/nginx-0.7.27 –user=www –group=www –with-http_stub_status_module –with-http_flv_module –add-module=./nginx_mp4_streaming_public  –add-module=/tmp/nginx-0.7.27/nginx-accesskey-2.0.3 –with-http_ssl_module –with-cc-opt=’-O3′

K5dI
fkiQ# flv/mp4模块是支持拖动播放的,是否需要flv/mp4/accesskey根据需要决定
#l.mC3e3Z~Bu],Kb# accesskey需要

d:K7u.Pqo#K!vAzkBSD爱好者乐园9l&b7l]z%d^

2. 配置BSD爱好者乐园zK%B
Bt*n{E ] a8@
++ Nginx Redirect
^9zNZvnW
a#如果正规中有大括号{},需要用”"引号包起来BSD爱好者乐园wauh Q
#支持last break redirect permanentBSD爱好者乐园;c$|7YK B^
# http://wiki.codemongers.com/NginxHttpRewriteModule#rewrite
:C+zG
On(U:Vserver
}$s~9zU{BSD爱好者乐园1al[fq8x
listen 80;
U!?m%[!CXFserver_name linuxtone.org abc.linuxtone.org;BSD爱好者乐园&vMk.IJl+`
index index.html index.php;
[*o5v9w+Uroot /data/www/wwwroot;BSD爱好者乐园r7D7p$S:P.bF!p
if ($http_host !~ “^www\.linxtone\.org$”) {BSD爱好者乐园 j[9je/T
rewrite ^(.*) http://www.linuxtone.org$1 redirect;BSD爱好者乐园)T4T!]*iu2k"Q[;Qb
}
M[4ujA*L7aj`……………………BSD爱好者乐园4uc0y8K(j7V X$T
}

8P%ZI s'Ax*FBSD爱好者乐园Qd ra
U-f

++ 目录自动加斜线,解决IE浏览器不识别
6l.DPKHY u/cif (-d $request_filename){BSD爱好者乐园|,A:vq`;a
rewrite ^/(.*)([^/])$ http://$host/$1$2/ permanent;
GjQ'B&z'Nt4n} U%r}BSD爱好者乐园m1J8W_]9?

BSD爱好者乐园$`i%zpfz[3T

++ Nginx 防盗链BSD爱好者乐园AWu9Hb h7H9m7E
#Preventing hot linking of images and other file types
pF:a?!Zaolocation ~* ^.+\.(gif|jpg|png|swf|flv|rar|zip)$ {BSD爱好者乐园rq-\/n_&ux
valid_referers none blocked server_names *.linuxtone.org http://localhost baidu.com;
.Ys0Z"I,Xif ($invalid_referer) {
)n)hkj qrewrite ^/ http://www.linuxtone.org/images/default/logo.gif;BSD爱好者乐园3Dg(VU2cL$`8J0f
# return 403;
%g!y(PS.i _NmPI}
O&jA
o*d5_l}BSD爱好者乐园K*Z9l,tQ,nQ5_

K}2m8t*][4x:y5S)u*}++ Nginx expires
i;Iu5L/_e第一种方法:根据文件类型expiresBSD爱好者乐园/ST]-FpYC:s0m%f2u
# Add expires header for static content
,S j2l'zzJ8WCx,O'slocation ~* \.(js|css|jpg|jpeg|gif|png|swf)$ {
"Py5i"_yfif (-f $request_filename) {BSD爱好者乐园!O7@6[BRG
root /data/www/wwwroot/bbs;
HU4S1Ruao-t8AEexpires 1d;BSD爱好者乐园BY-L/_}%\Q
break;
"v]8Av#} _)~iZ&Y9~}BSD爱好者乐园1BvM}IJ#Ns`
第二种方法:根据判断某个目录BSD爱好者乐园E5gtw8SfKS
# serve static filesBSD爱好者乐园Z ~W+gU+f|nHJ
location ~ ^/(images|javascript|js|css|flash|media|static)/ {BSD爱好者乐园4A\8Vds/tN
root /data/www/wwwroot/down;BSD爱好者乐园#S6Y @;nk
expires 30d;BSD爱好者乐园*f5vR+{I,rO(J4c[7r
}BSD爱好者乐园:F\H]N%l _r&o

BSD爱好者乐园G3W1It P7|^*_

++ Nginx 访问控制BSD爱好者乐园Lfb1yBB#tIW8Y
#/usr/local/apache2/bin/htpasswd -c /usr/local/nginx/conf/htpasswd/tongji linuxtone 创建用户BSD爱好者乐园OI M-Efn)TL4HN
location ~ ^/(tongji)/ {BSD爱好者乐园zA"C[8Y9Y#z)]
root /data/www/wwwroot/count;
e:BmKy7A%Uauth_basic “LT-COUNT-TongJi”;BSD爱好者乐园M.V0Bl0PxgIZ
auth_basic_user_file /usr/local/nginx/conf/htpasswd/tongji;BSD爱好者乐园u`q"T#w]q]
}BSD爱好者乐园
RZ0_j+I0wDE

BSD爱好者乐园q-ceG}E

++ Nginx 禁止访问某类型的文件.BSD爱好者乐园-bM|hBm^6z\5~
方法一:
+^&c K4t[8Zlocation ~* \.(txt|doc)$ {BSD爱好者乐园sb;v]A0lK
if (-f $request_filename) {
"~?G0s6p.A"C_[/Ffroot /data/www/wwwroot/linuxtone/test;
9Vm|1@'sar"qjbreak;
?E(_dz
C!{f4h}
-t7X:d-?k C}BSD爱好者乐园,qs
{6[st4Y
方法二
S-m'A_J/Tm$e%D;Wlocation ~* \.(txt|doc)${BSD爱好者乐园j@Z,j}~X7P
root /data/www/wwwroot/linuxtone/test;
pKt-n2}'n Nydeny all;
IL\%K7k}BSD爱好者乐园y"|:X7V4N;m,M
}BSD爱好者乐园;Hi5wINnA9YJZc

BSD爱好者乐园iL)^:{$Vf)]G*r

++ 禁止访问某个目录
NT+m6T(B#mlocation ~ ^/(WEB-INF)/ {BSD爱好者乐园/?G#VCO0O
deny all;
}G-KO"iE2GS&i}
#\4Ju6])K++使用ngx_http_access_module限制ip访问BSD爱好者乐园(BWo(s&S] K)G
location / {BSD爱好者乐园K9UA|:w bE7B$H$F
deny 192.168.1.1;
Q#g V[c/_;e C*g;Gallow 192.168.1.0/24;BSD爱好者乐园2_Ned[)r
allow 10.1.1.0/16;BSD爱好者乐园 y7OV/j,Ub8Wx+g
deny all;BSD爱好者乐园'p5j ]'['xI%_[I
}BSD爱好者乐园];O0p AS9]3},L$\ `
详细参见wiki: http://wiki.codemongers.com/NginxHttpAccessModule#allow

-C@ZI A{

f*yE-_3Q9`j+~++ Nginx 下载限制并发和速率
j
DC#IVclimit_zone one $binary_remote_addr 10m;
a*T}4K)Bl!`)aiserverBSD爱好者乐园;W"]e4M Z~
{BSD爱好者乐园
] ` c5ZQdb'Q,q)l
listen 80;BSD爱好者乐园xyr1j+spv
server_name down.linuxotne.org;BSD爱好者乐园{
_8b;^g6FR)SV
index index.html index.htm index.php;BSD爱好者乐园DY2`x q@8D+ci
root /data/www/wwwroot/down;
G#F9Q? z#Zone limitBSD爱好者乐园eM1^b-] s6~
location / {BSD爱好者乐园}'t,V [G`,nM
limit_conn one 1;
0Ma!~%ja dfb+G!^limit_rate 20k;
%x/H/Y:RA:~M/|[}BSD爱好者乐园;jU&C&ZlH7BmU
……….
-~+P)IK6M|H`}
8fEb ~!U;\sH#针对flv的下载请求，对指定IP作特殊处理
3e:PJ}t)sEset $limit_rate 300k;BSD爱好者乐园^2})H#oL4f
if ($remote_addr ~ 192.168.0.13$) {BSD爱好者乐园o2k(RQ6X8jE
set $limit_rate 200k;
K-xO9m%C t;E}BSD爱好者乐园m1|oC]sg

BSD爱好者乐园V];J(JT

++ Nginx 实现Apache一样目录列表
hP$a\DPlocation / {
B U2a2U
wautoindex on;
[,_7Q`3w}BSD爱好者乐园)^-d r)[([_;va c

y;ROI8Xa K M++nginx 如何不记录部分日志
C!['A#]5m{2Qlocation ~ .*\.(js|jpg|JPG|jpeg|JPEG|css|bmp|gif|GIF)$
:on e+P&lfZ-r{
,X hPd:`|access_log off;
gLvo(c4X O}BSD爱好者乐园U[!i@8}T$H [ Q

BSD爱好者乐园i @9Y1~b

++虚拟主机配置
T:v|T2^Ie"\http {
1eA2Jb,u lserver {
Wu3CH'xVnD^ |listen 80;BSD爱好者乐园y;tT}{pj0I/_[
server_name www.domain1.com;
G'B's9}9vd Faccess_log logs/domain1.access.log main;
efk'R ^$qP:a.o:K9hlocation / {
F*O`$\Em'cindex index.html;
h~*_9T| V,V9}root /var/www/domain1.com/htdocs;
;}gl3aRu:{}
Xe6M9T^t}

o&IcZ,k oBSD爱好者乐园'@V4X3}C
a k[7Y

server {
pNI/NViLlisten 80;
q2FW@,SB#mI axserver_name www.domain2.com;BSD爱好者乐园Y"A~M[:Hk,M*K
access_log logs/domain2.access.log main;
RoX3iv$X9}zKlocation / {BSD爱好者乐园"^#T:Bl8g)p
index index.html;BSD爱好者乐园3_7zg:g V
root /var/www/domain2.com/htdocs;BSD爱好者乐园!WzM4iIXOz
}BSD爱好者乐园4h3`;d7r!k"K
}BSD爱好者乐园7S R8I#vqG&r
}BSD爱好者乐园+J0?,B Mxf

BSD爱好者乐园q-B,Oe)u.B

++flv/mp4配置
u"M:VB3X+alocation ~ \.flv$ {
0fCf#_L&uflv;BSD爱好者乐园
e@$k~@6P
}BSD爱好者乐园5u,M1v9S7o9k
location ~ \.mp4$ {BSD爱好者乐园v s#_$C5b~i2l0m
mp4;
Ug,^j)L"G}

L6|%l/F3R{BSD爱好者乐园E%g6K/G-xX9x4_U)F

++accesskey_module地址加密
ZiU;z ]![#y9[S*alocation /download {
h d Y&G%U4Exaccesskey on;
-V5pgBa)gcXaccesskey_hashmethod md5;BSD爱好者乐园%X9JJ9D\)^['x
accesskey_arg “key”;BSD爱好者乐园8d*DW;c m~2@q?HW
accesskey_signature “blog.zhangjianfeng.com$remote_addr”;BSD爱好者乐园(j4O;x$H"[SG
}
|v1`r`"R# 写一个php程序产生加密key
JX.l{mJ{ J\<\?php echo md5(’blog.zhangjianfeng.com’.$_SERVER["REMOTE_ADDR"]);\?\>
h? SZd5fX i2Y#手工测试用 \<\?php echo md5(’blog.zhangjianfeng.com’.'192.169.0.21′);\?\>

^ m#[:rf# 下载URL http://blog.zhangjianfeng.com/download/file10m.zip?key=1e49fa4ed26486938742e24d2040cc84
hbFmH0b&V# 下载flv并带start参数 http://blog.zhangjianfeng.com/download/file10m.flv?key=1e49fa4ed26486938742e24d2040cc84&start=xxx

imVgQ7f

#NU8m'a"xi*duJ z++NginxStatus配置BSD爱好者乐园2DV^Mnp/E}E
location ~ ^/NginxStatus/ {
&e\h!^7{;` da#nK2wstub_status on;BSD爱好者乐园cLi)tC
access_log off;
@(W%C9E#zallow 218.5xx.xx.xx;BSD爱好者乐园 z3m%S Pf7|'i[
deny all;BSD爱好者乐园9sFG/`e@
}
@3q4r-k:`"GJ(k
g#输出状态中
bp_2QS0tkGg-`t9r#Active connections=Reading+Writing+WaitingBSD爱好者乐园3x~+Kx&Zot
#Reading 从客户端读取数据的链接数目， Writing向客户端返回数据的链接数目，Waiting通常与KeepAlive设置有关BSD爱好者乐园 }Aia~,e c
#active connections — 对后端发起的活动连接数
z{%w|#XR#reading — nginx 读取到客户端的Header信息数
:v L |'p!gW2uiht#writing — nginx 返回给客户端的Header信息数
g1Bghq&_1o#waiting — 开启 keep-alive 的情况下，这个值等于 active - (reading + writing)，意思就是Nginx已经处理完成，正在等候下一次请求指令的驻留连接。BSD爱好者乐园 y1s p:[5A*aBgF

et(c-}!|*Hj++页面访问控制BSD爱好者乐园Wy:|f*k7v
location / {BSD爱好者乐园uj4}KP4d!x
auth_basic “Restricted”;
y6kw(k1h)Kauth_basic_user_file conf/htpasswd;BSD爱好者乐园1ZQcYij S4hy$@
}BSD爱好者乐园7G.x(]6lu&Q&~7IQ
#conf/htpasswd可以用Apache 的 htpasswd创建BSD爱好者乐园msN*?C#t4v8H

(q:wOcw'h.C++ssi支持BSD爱好者乐园.Nmr4P;?g1v5C
location / {
@:a0V:S#LU ls&Ossi on;BSD爱好者乐园2FE3I)E4fU @
}

z/Bb w0Lp6b:B3}

kF-L.^b++其它BSD爱好者乐园j Z~1riV
user          www        users;
's/?6o4E MHL5b3n*`worker_rlimit_nofile 51200;BSD爱好者乐园]g)Q;J&zO Bh'N
events
b pQ S+bR{BSD爱好者乐园^tLq
h Fn.J
use epoll;
!y&wf?k2dD%pworker_connections 51200;BSD爱好者乐园~JU}G
de
}

1^+X:N8k8~_

\!K;_&U,gce:w{ k++在日志中记录虚拟主机名信息BSD爱好者乐园!A5GZX"~0k5e
log_format vhost ‘$remote_addr - $remote_user [$time_local] “$request” ‘
G ~$y{fuo‘”$status” $body_bytes_sent “$http_referer” ‘BSD爱好者乐园(d
e:M.}&h7T[i
‘”$http_user_agent” “$http_x_forwarded_for” $host $server_name’;BSD爱好者乐园!s"?3?%K)Z$s9[

BSD爱好者乐园C k.tS1X w"H!o*[

3．Nginx 日志处理BSD爱好者乐园+{GZ7H1|6Z
#contab -e
`](oDUZ:@&|59 23 * * * /blog.zhangjianfeng.com/sh/logcron-nginx.sh >> /blog.zhangjianfeng.com/logs/crontab/logcron-nginx_log 2>&1BSD爱好者乐园e%O~.l1RI)_J4i"x
logcron-nginx.sh.txt(960 B )BSD爱好者乐园m!xJ&Ua \a]Wp_I

BSD爱好者乐园 l&sdE6Tx-r*@7}

++Nginx 如何不记录部分日志
T3@+a!`kglocation ~ .*\.(js|jpg|JPG|jpeg|JPEG|css|bmp|gif|GIF)$
%nd%Q#k6GS{
n5L?h$M#taccess_log off;BSD爱好者乐园3ifh.{DIj;r
}BSD爱好者乐园_0Z,mf Q
4．Nginx Cache服务配置BSD爱好者乐园/A@u&kMd+Z
如果需要将文件缓存到本地，则需要增加如下几个子参数BSD爱好者乐园.inY3NQ6`"JQ
proxy_store on;
3E9m9IWxVproxy_store_access user:rw group:rw all:rw;BSD爱好者乐园,D/hwc(fN5SN!Zb*F
proxy_temp_path 缓存目录;其中，
3UBzN9Yu3?proxy_store on用来启用缓存到本地的功能，BSD爱好者乐园.NQd[/Y#y*M1K
proxy_temp_path用来指定缓存在哪个目录下，如：proxy_temp_path html;BSD爱好者乐园`ya)Gn ~5d-n2Z
#在经过上一步配置之后，虽然文件被缓存到了本地磁盘上，但每次请求仍会向远端拉取文件，为了避免去远端拉取文件，必须修改proxy_pass：代码:
hT_m*~[8Tz2wif ( !-e $request_filename) {BSD爱好者乐园 KG2_)s(C%M-{
proxy_pass http://mysvr;BSD爱好者乐园Qy9W9_0q#d9B&Fe*[
}BSD爱好者乐园E@$gWl
#即改成有条件地去执行proxy_pass，这个条件就是当请求的文件在本地的proxy_temp_path指定的目录下不存在时，再向后端拉取。BSD爱好者乐园[e)lC5@BCT
5．Nginx 负载均衡
9?fpn6swlI#F1. Nginx 基础知识
!g
`y%U!anginx的upstream目前支持4种方式的分配
U.A%Z-V&b1)、轮询（默认）BSD爱好者乐园/PxzyK,m']
每个请求按时间顺序逐一分配到不同的后端服务器，如果后端服务器down掉，能自动剔除。BSD爱好者乐园z3yGe |~&Zu
2)、weightBSD爱好者乐园bI}'k5w&}3wQ
指定轮询几率，weight和访问比率成正比，用于后端服务器性能不均的情况。
1v d%Wz \4{ E2)、ip_hash
W"yW7wFr.r每个请求按访问ip的hash结果分配，这样每个访客固定访问一个后端服务器，可以解决session的问题。
Yk}9kk*h` z3)、fair（第三方）
7r-W fe4l E,b$sU/U j F按后端服务器的响应时间来分配请求，响应时间短的优先分配。BSD爱好者乐园7fKCXt)c7Df
4)、url_hash（第三方）BSD爱好者乐园V8?db6O)U*^/SO
Nginx 负载均衡BSD爱好者乐园|(`-@D+{NQw
实例1代码:BSD爱好者乐园"\p
~i'M8cZ
upstream bbs.linuxtone.org {#定义负载均衡设备的Ip及设备状态BSD爱好者乐园M5Pq|3b^
server 127.0.0.1:9090 down;BSD爱好者乐园pMc%p@
server 127.0.0.1:8080 weight=2;
_[XDW!j9h'YajfYserver 127.0.0.1:6060;
? @~ Y"T]#s~~(sserver 127.0.0.1:7070 backup;BSD爱好者乐园8b2f6u$e.r zer
~
}
&k5g2v'Fa在需要使用负载均衡的server中增加代码:BSD爱好者乐园.\w:oy2F
proxy_pass http://bbs.linuxtone.org/;
%|/YU5[{1x HI{#}每个设备的状态设置为:代码:
ywE0tXQ.yk1.down 表示单前的server暂时不参与负载BSD爱好者乐园-F }.t|q[$J1m
2.weight 默认为1.weight越大，负载的权重就越大。BSD爱好者乐园P2C;n5i8A pF
3.max_fails ：允许请求失败的次数默认为1.当超过最大次数时，返回proxy_next_upstream 模块定义的错误
,K#PRP7E8WF@4.fail_timeout:max_fails次失败后，暂停的时间。
&Jk\#`c{I5.backup： 其它所有的非backup机器down或者忙的时候，请求backup机器。所以这台机器压力会最轻。nginx支持同时设置多组的负载均衡，用来给不用的server来使用。
z1h-jh}L!leaclient_body_in_file_only 设置为On 可以讲client post过来的数据记录到文件中用来做debug
c)V!yw bQ"wZ$AY$}client_body_temp_path 设置记录文件的目录 可以设置最多3层目录BSD爱好者乐园]b;ir0`:A'q*a
location 对URL进行匹配.可以进行重定向或者进行新的代理 负载均衡BSD爱好者乐园+L5j+e`B I
++Nginx 负载均衡实例 2BSD爱好者乐园5Z-LG1`8K1_.Lr
按访问url的hash结果来分配请求，使每个url定向到同一个后端服务器，后端服务器为缓存时比较有效,也可以用作提高Squid缓存命中率.
+kZp"i]简单的负载均等实例:
;DTs(qZ Q#loadblance cacheblog.zhangjianfeng.comBSD爱好者乐园%QQ6G P}z!p
upstream flvsrv {BSD爱好者乐园B&Ka6[*g'MP
ip_hash;
2Q[d ^O0~h2].Xcserver 58.2xx.xxx.xx:80 weight=2;
2Gj#j.QHC,RP&SKserver 218.xx.xx.xx:80;
w9m%?-S%G*L}BSD爱好者乐园@7O,lZ3URDk'Ng
serverBSD爱好者乐园5cak{[
{BSD爱好者乐园l#E;qH g
listen 80;BSD爱好者乐园 Y9H6_R @kc
server_name cacheblog.zhangjianfeng.com;
1K:P N}?f*Dindex index.html index.php;BSD爱好者乐园4ywvq,O;| W
root /blog.zhangjianfeng.com/data/cache/cached1/;BSD爱好者乐园3Cl%c&W
S0@
if (-f $request_filename) {
8[?%m+~`MXbreak;
[r f9h6p}BSD爱好者乐园"t1om/p
Gm6Rik8`

/moS+N6d{location / {
:AG*q^CzKXif ( !-e $request_filename) {BSD爱好者乐园*mJZ1|2P#p:Lt
proxy_pass http://flvsrv;BSD爱好者乐园E"k;i6t|.dvh T
break;
T)W!tOm@"y}
n`"]S`'x## include conf/proxy.conf
\
N ]#{0A%tproxy_redirect off;
!e9@i[`proxy_set_header Host $host;
l*p#t}#`N^;R"wg-R2hproxy_set_header X-Real-IP $remote_addr;BSD爱好者乐园'mn;H4v ~
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;BSD爱好者乐园O\7A"I8T6d!c[?
client_max_body_size 50m;BSD爱好者乐园/C5s8^-Cb#`
client_body_buffer_size 256k;BSD爱好者乐园$l/?4@b CbL
proxy_connect_timeout 30;
3`3IP*W+W1Yproxy_send_timeout 30;
*W#D yRO1Ufznproxy_read_timeout 60;BSD爱好者乐园l@,] A8K@~2Gov
proxy_buffer_size 4k;BSD爱好者乐园$E!h5t D0B B5~eR
proxy_buffers 4 32k;BSD爱好者乐园;{jYG,E
e5|i ]2@8m
proxy_busy_buffers_size 64k;BSD爱好者乐园 p:~$I/F Y%ty:O;N{
proxy_temp_file_write_size 64k;
)?/d{~gdqDproxy_next_upstream error timeout invalid_header http_500 http_503 http_404;

b]/{ L:pE#Nproxy_max_temp_file_size 8m;BSD爱好者乐园p+YEn/ao^MQ
proxy_store on;BSD爱好者乐园 p)\:NAtV
proxy_store_access user:rw group:rw all:r;
iaY&L \ u^#nginx cache
}]|y#h\Vclient_body_temp_path /blog.zhangjianfeng.com/data/cache/nginx_cache/client_body 1 2;
5a&W ` e/U$?8Oi*`proxy_temp_path /blog.zhangjianfeng.com/data/cache/nginx_cache/proxy_temp 1 2;BSD爱好者乐园%|Y!D)mhC~a

6^]yA:J E5Dl]6．Nginx 优化
|5p.H ib i1).编译优化BSD爱好者乐园R8b;su!a)f
编译时加参数–with-cc-opt=’-O3′
7ma3}Xp/n2).修改Nginx的header伪装服务器
K1Z!v-Kj#|$u代码:BSD爱好者乐园%z"^i3|Y8|}
# vi src/core/nginx.hBSD爱好者乐园hz%e ppcM^L@
#ifndef _NGINX_H_INCLUDED_BSD爱好者乐园Ca'uH$n.H4W1E
#define _NGINX_H_INCLUDED_BSD爱好者乐园 v5k G8gX yXh
#define NGINX_VERSION “1.3″BSD爱好者乐园cm3u qT8ID(LvC
#define NGINX_VER “LTWS/” NGINX_VERSIONBSD爱好者乐园b%fzpZ7Y
#define NGINX_VAR “NGINX”BSD爱好者乐园*N~/O{-jv
#define NGX_OLDPID_EXT “.oldbin”
9Syitj2F#endif /* _NGINX_H_INCLUDED_ */
a;FK`(ij q2m# curl -I my.linuxtone.orgBSD爱好者乐园5}rc3m1K)q b(wp
HTTP/1.1 200 OKBSD爱好者乐园4Gc,QT'egs
Server: LTWS/1.3
oT0YE$m)ODate: Mon, 24 Nov 2008 02:42:51 GMTBSD爱好者乐园 T;n
Y|h_%D0Kh
Content-Type: text/html; charset=gbk
1BVb+}9Lp/wTransfer-Encoding: chunkedBSD爱好者乐园(b/Vo#j'j
Connection: keep-aliveBSD爱好者乐园{JaZ4w@[A
3)几个配置
ts.L#G9i%Ia)gRsendfile on;BSD爱好者乐园8^{ ~bd(d

c {-_2r$d$bI5f-jtcp_nopush on;
F*M,W9hx[2s+Q)tkeepalive_timeout 60;BSD爱好者乐园x(MQ1k.[g

3G2f7W0z%K*Z4F;K#Zl!Ptcp_nodelay on;BSD爱好者乐园wl;o9N!c?*p(J u8w
fastcgi_connect_timeout 300;
9}~0Y|AK1{;IgwW:Jfastcgi_send_timeout 300;
L{ q4~5Vfastcgi_read_timeout 300;
*ly*c1is nXIfastcgi_buffer_size 64k;
Bfv-} \[fastcgi_buffers 4 64k;
s`Hg'Vkfastcgi_busy_buffers_size 128k;BSD爱好者乐园?Z1C5e8d.hA+Nz
fastcgi_temp_file_write_size 128k;BSD爱好者乐园#P6uO`3Wq%xi6Fm
gzip on;BSD爱好者乐园$\3NV-x&YcEn.U1{
gzip_min_length 1k;BSD爱好者乐园_n)d$u&a+bS
gzip_buffers 4 16k;BSD爱好者乐园`W:X*}-t@)O#^
gzip_http_version 1.0;
m4m%y#Ib4C'S"?gzip_comp_level 2;BSD爱好者乐园
EbN$n4N j
gzip_types text/plain application/x-javascript text/css application/xml;BSD爱好者乐园f6vwe `l$?p5Z
gzip_vary on;BSD爱好者乐园8Y$r0t ?{w

GZN`9o%r7.nginx服务简单控制脚本
U'DQQ+Lnginxd.sh.txt(1.18 KB)

SxY[Pv

Ua E!l\J其它说明BSD爱好者乐园4k-J-w4`+t(Y5XB1A%T
++nginx几个参数
$c5T0u
ET!w.u+[ e-c 为 Nginx 指定一个配置文件，来代替缺省的。
N{%Rt!]$Wv4Jc|
W/c
B-t 不运行，而仅仅测试配置文件。nginx 将检查配置文件的语法的正确性，并尝试打开配置文件中所引用到的文件。
a f;z
v+d-v 显示 nginx 的版本。
R `5y&hUhhnx%_-V 显示 nginx 的版本，编译器版本和配置参数。BSD爱好者乐园t1SDcjK WP

fY!_w'C8g++处理信号
Y
T by.w
U重载配置文件 kill -HUP `cat $PATH/nginx.pid`BSD爱好者乐园4pSnW5o'G$rN4x#Dz
其它的信号BSD爱好者乐园}-o@ ` D
相关的处理信号
F v4T;Ml-E8Q
bN%TA)主进程可以处理的信号BSD爱好者乐园 g(G&]S/a'vr5u
TERM ，INT              快速关闭
p-gejNeE1vWQUIT                        从容关闭BSD爱好者乐园_e3q7D^(V3}%V
HUP                          重载配置，用新的配置开始新的进程，从容关闭旧的工作进程BSD爱好者乐园f6D4H,w6o.@'j2asG
USR1                        重新打开日志文件BSD爱好者乐园!a*v;};{&`:x
USR2                         平滑升级可执行程序
wz^~G7`%LMWINCH                      从容关闭工作进程
$Ob P.h3XAXtB)工作进程可以处理的信号BSD爱好者乐园+X1hL9}I
TERM ，INT                         快速关闭BSD爱好者乐园 H'cF8Gv(DxA
QUIT                                从容关闭
iv^7Szx:a5F*tUSR1                                重新打开日志文件

}Rw#w zBSD爱好者乐园7tq'Y'T*j2F+[bn;s

++ Nginx Location
&\9Z#c3S9~9V9K&T*j1Xx基本语法
Q"a!K'i8v6{?location [=|~|~*|^~] /uri/ { … }
.xC D'W `T= 严格匹配。如果这个查询匹配，那么将停止搜索并立即处理此请求。BSD爱好者乐园O f C*Ofl6c7}F+a
~ 为区分大小写匹配BSD爱好者乐园 f)z:Pg'F~2UpV-? G
~* 为不区分大小写匹配BSD爱好者乐园Q'Ze
Tlh P$E#TC P
!~和!~*分别为区分大小写不匹配及不区分大小写不匹配
3y9qBy8u^~ 如果把这个前缀用于一个常规字符串,那么告诉nginx 如果路径匹配那么不测试正则表达式。

#Zh+C IL^G!YBSD爱好者乐园7~%j7@e6\F3~Y[

例:
*a!r3P5Y2w;oU0}location = / { # 只匹配 / 查询。
(~bxpER,O#[location / { # 匹配任何查询，因为所有请求都已 / 开头。但正则表达式规则和长的块规则将被优先和查询匹配。BSD爱好者乐园)Al2j\0R
location ^~ /images/ { # 匹配任何已 /images/ 开头的任何查询并且停止搜索。任何正则表达式将不会被测试。
O.mU;Ly@location ~* \.(gif|jpg|jpeg)$ { # 匹配任何已 gif、jpg 或 jpeg 结尾的请求。BSD爱好者乐园[plv}8kr

{&G3bTw
t|@E++ 文件及目录匹配BSD爱好者乐园0b![/i l QA6eA+@]
* -f和!-f用来判断是否存在文件
8Y_!vk QX0? hQ* -d和!-d用来判断是否存在目录
$w8f1F+PVI#Afu}-{* -e和!-e用来判断是否存在文件或目录BSD爱好者乐园$J z^r2f*J;o?&P5j
* -x和!-x用来判断文件是否可执行

r#rIs5\;t

"f8^1K p5x4y|[]++ 一些可用的全局变量
3xd\:g,b] }$argsBSD爱好者乐园4o(Gs4[ PAzb
$content_lengthBSD爱好者乐园;T#twUy
$content_type
{k
Z B
m(K|@,a3P/Qj$document_rootBSD爱好者乐园.rq8z(e_2RW8P&P
$document_uri
rB)\ {hg$hostBSD爱好者乐园2mt&`hD.JP _7]!\iD
$http_user_agent
2L:TJo/RI7?/k`$http_cookie
%{'FMYY|^"j$limit_rateBSD爱好者乐园4}
Q0O&Y%T!hb
$request_body_fileBSD爱好者乐园g+JP\d9k%wB
@ DO
$request_method
W G)d5{$Z5Z!RS$remote_addr
&xt(wJXfO7K$remote_portBSD爱好者乐园 |Ot&}5Mhp5v
$remote_user
4J$o:Z VG?$request_filenameBSD爱好者乐园#g]W,T3m`
$request_uri
!Pt/Cu
f7d Q$s y{$query_stringBSD爱好者乐园*Uo prBo
$scheme
Uz-~"Z4W3P4{ [5x%\$server_protocol
&WY1C6z"tp$server_addrBSD爱好者乐园:jS*k9e3j
$server_nameBSD爱好者乐园x$V6Es[c
$server_port
$wRA+mHD*Tb$g$uriBSD爱好者乐园A$lM_'G+{{/h

BSD爱好者乐园3_~:p?e(RwVk8{

++errorlog定义级别BSD爱好者乐园Pd7p7F9SWQ/J
error_log logs/error.log [ debug | info | notice | warn | error | crit ]

O\#t7C ES+NXK

G;Oh9[2lU++ Invalid cross-device link错误
q Cs_p#}L,}5Oproxy_temp_path /data/temp;BSD爱好者乐园H"T vnSK.^/]
alias /data/www;BSD爱好者乐园GK
SY3x7D
解决办法: /data/www和/data/temp目录必须在同一个device

5M9H!}['w({3K*f

n9z
pBVg sau++实现类似apache的aliasBSD爱好者乐园#k(X4z)M Skj n:P| t
location /installcd/ {BSD爱好者乐园/Rv?n`(S
alias /media/installcd/;BSD爱好者乐园 z4| WIJ2z
allow 192.168.25.0/24;BSD爱好者乐园/n5R5YI/Wl
deny all;
sOT~,y6aEO[k}

h:S N ky2H:AB

Y4^BU|1[
d4`++防止多线程下载range206BSD爱好者乐园3M dy9J4Y/H;X
if ($http_range) {BSD爱好者乐园p~1V/B5Ar+eq
return 405;
+i*N5Q+FN}BSD爱好者乐园/k(pN/u7i7x$C2vvr&@

BSD爱好者乐园8}'J?UrQ~&w

++nginx.conf及vhost.conf示例BSD爱好者乐园;^5\{6za6cW
## nginx.conf
gzv|9rweuser nobody nobody;BSD爱好者乐园,e^F!Wa s^P7D dj
worker_processes 8;

$kz)F8m e7V

%~w2gT VCxerror_log logs/error.log;BSD爱好者乐园Nk
R0]h |*GOPe ]^
pid logs/nginx.pid;BSD爱好者乐园;S
ve#qg7r*C[K j

9oR:x$i&Q$]#O/C:bworker_rlimit_nofile 51200;
1@ O8GW k4hevents {

E?r^5YI!K/U$\use epoll;BSD爱好者乐园l*E {,O,Cw
worker_connections 51200;
#srmf+L1^I}BSD爱好者乐园9x5W'uf st

]o!`c.e7U @^http {
}c*lB(k3ginclude mime.types;
L6^"i~7q5Dz:`default_type application/octet-stream;BSD爱好者乐园 M,cE*Vl.sbaj

-O@7YY+@&ZYlog_format main ‘$remote_addr - $remote_user [$time_local] “$request” ‘
oE+cj4E#Q3b‘”$status” $body_bytes_sent “$http_referer” ‘BSD爱好者乐园.JN*]?0~.m7L
‘”$http_user_agent” “$http_x_forwarded_for”‘;
!iqp%vt"t{2c##for squid+nginxBSD爱好者乐园t]`/X)vI'~G
log_format access ‘$remote_addr - $remote_user [$time_local] “$request” ‘
3l0q-CL8~‘”$status” $body_bytes_sent “$http_referer” ‘BSD爱好者乐园e;Fj3a7b&_"MI
‘”$http_user_agent” “$http_x_forwarded_for” “$host”‘;

9TO.vG1_5?'z

#y@i:C3y Q/Nserver_names_hash_bucket_size 128;
k{'f1Pq{)p7Tclient_header_buffer_size 32k;
]8YC{P)LEUF*ylarge_client_header_buffers 4 32k;BSD爱好者乐园%q4Aa6OF/L:i/q'Q@
client_max_body_size 20m;BSD爱好者乐园)Yj'r$dmn$Eh
sendfile on;
'mn:D:o{HrbOktcp_nopush on;BSD爱好者乐园 {(zo4X9J8Np8W
#keepalive_timeout 0;
'pl(@z]4gkeepalive_timeout 60;BSD爱好者乐园KI6l4V9e(Q
tcp_nodelay on;BSD爱好者乐园@JT:];Ds l^Gk6R9i

BSD爱好者乐园/C$sqNMdE2F{

fastcgi_connect_timeout 300;BSD爱好者乐园*Y#m rm#}iO:W~+O&K3J
fastcgi_send_timeout 300;
FV2Y&w,Eb sfastcgi_read_timeout 300;
-\2h+?4b*ncelfastcgi_buffer_size 64k;
#aG v:aG2xfastcgi_buffers 4 64k;BSD爱好者乐园r y/R.aT%H
fastcgi_busy_buffers_size 128k;BSD爱好者乐园_9X Ym!A`@W1g0]
fastcgi_temp_file_write_size 128k;BSD爱好者乐园6VW7qy%wS,x-u

)@_1vr2t6omgzip on;
H:T+q:Mr&\*E3_hgzip_min_length 1k;BSD爱好者乐园;mtBtam/N
gzip_buffers 4 16k;BSD爱好者乐园:WpT;{6JA/Ts
gzip_http_version 1.0;
Gm6iM!R#k*Jgzip_comp_level 2;
f,o#B.zQg.dgzip_types text/plain application/x-javascript text/css application/xml;
usWk*iPgzip_vary on;BSD爱好者乐园m6xR&mkd

t7^!cEY cTinclude vhost.conf;BSD爱好者乐园_un7@Uc(F9?y

BSD爱好者乐园2f/~By X XP

}BSD爱好者乐园 ]Hj#v~7Mp1O'{8|PS;d

(G'm;AzP}+q2^## vhost.conf

3r bT;T6H5|&vk:[BSD爱好者乐园0N+P|
`6GD7Ft

server {BSD爱好者乐园,p3Dq ]v
listen 80;BSD爱好者乐园#nQ8zEZid
server_name blog.zhangjianfeng.com;BSD爱好者乐园d1u)\8OWSr8A%_
root /zhangjianfeng/data/www/blog;BSD爱好者乐园Z(BEd;I y
access_log logs/blog.zhangjianfeng.com.log main;BSD爱好者乐园7Hfi1W0UoB)g
location ~ .*\.(js|jpg|JPG|jpeg|JPEG|css|bmp|gif|GIF)$
^ FOj#j#W;}+i{BSD爱好者乐园QL|7`c xV
access_log off;
$Apt1e7Rpm}BSD爱好者乐园d1KkB+{enD_

BSD爱好者乐园 |\K%v"C1W9C-k

location / {BSD爱好者乐园z7h#B)[BcRZ
index index.html index.htm index.php;
K^$n ^9dVC.`e]}

6@ka
WuBiBSD爱好者乐园#y7S#~F;\$kT3d+@~

include rewrite-blog.conf;BSD爱好者乐园8q }st\EnYeY

BSD爱好者乐园yFRv X"M.^,fJw

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$BSD爱好者乐园|R:| SL+}"a
{
%D7~ WRW*z Gexpires 7d;
FGUn$_0L}

G)A)K)A?tBSD爱好者乐园$[D
to~ [D/j

location ~ .*\.(js|css)?$BSD爱好者乐园5w%fSt8x;O
{
"e!p;T/b2|2r&y;Jexpires 1d;BSD爱好者乐园&Uy)yyRKe3N
}

8W~'R.YXcV"g4HoBSD爱好者乐园,ur0WD"k

location ~ \.php$ {BSD爱好者乐园&tn B+B[;l1\R!Q
fastcgi_pass 127.0.0.1:9000;
Lw5`$E0Zz;sKfastcgi_index index.php;BSD爱好者乐园o:q
g.`'`
include fastcgi_params;
vv7D$zQ${%Mplfastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;BSD爱好者乐园.m8g2_HGK]
}BSD爱好者乐园 biF v)QE
error_page 404 500 502 503 504 http://blog.zhangjianfeng.com/error.html;BSD爱好者乐园;xIW5~I?
location = /50x.html {BSD爱好者乐园2`o9El VY@
root html;BSD爱好者乐园?+\H{$a^5{
}

$rjHW9}V

7a6kVg%@9p].e}BSD爱好者乐园RR!Zf3J0ge tYS

BSD爱好者乐园v9fYh{-d$Mi p

server {BSD爱好者乐园"W y)XR5W/^k
listen 80;BSD爱好者乐园U;S&u(k [5OO-Sx
server_name bbs.zhangjianfeng.com;
"\0U5\
|*s_0]access_log logs/bbs.zhangjianfeng.com.log main;
^Y T-rctroot /zhangjianfeng/data/www/bbs;BSD爱好者乐园so9\D~ w
location / {
,~DJ-Z4t,@index index.html index.htm index.php;
a*i(a\%w"VMG-^}BSD爱好者乐园SCd'\.G~2{

BSD爱好者乐园B5M%YS)P&z G

include rewrite-bbs.conf;BSD爱好者乐园p7v X(tS@X

BSD爱好者乐园,`G3AFuH%Ve

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$BSD爱好者乐园a+A i5G9aS
{
!V+]mb#| N8?dexpires 7d;BSD爱好者乐园tcPg?_+WE
}

sg"M{6l8U

ny2nWRilocation ~ .*\.(js|css)?$BSD爱好者乐园:S2fK'V-N)B"W-a i
{
U;Q3i$pejxm;xexpires 1d;
~ xif
M9e}

k+M)St
FZ9YGr-vJ5H

Enq%q#`/}6@&{location ~ \.php$ {
]h(oPigfastcgi_pass 127.0.0.1:9000;BSD爱好者乐园4oq$Hn0_7l;Y
fastcgi_index index.php;
(v~)HmF{S%s,|include fastcgi_params;BSD爱好者乐园\c
v(yH0Im)xj
fastcgi_param SCRIPT_FILENAME /zhangjianfeng/data/www/bbs/$fastcgi_script_name;
M3ah/mRQ5Ma&}
K}BSD爱好者乐园ddhwb c

.s(~ \V3einPTelocation ~ ^/NginxStatus/ {BSD爱好者乐园!ve)eL Ts8a
stub_status on;
H,G$T T:pw0WSEaccess_log off;
v#BII6]qyauth_basic  “Restricted”;BSD爱好者乐园}J(k8p:V
auth_basic_user_file  /blog.zhangjianfeng.com/app/nginx-0.7.27/htpasswd/.htpasswd.status.users;
N%Q@G6A'T {At# allow 218.5xx.xx.xx;BSD爱好者乐园/vu)MsQ Z8D3@:{
# deny all;
HV q {E:{;GaB}BSD爱好者乐园6?a;Z^b:Up
w3zv

BSD爱好者乐园4wCU4Y2gL7b0M

error_page 404 500 502 503 504 http://bbs.zhangjianfeng.com/error.html;BSD爱好者乐园{qX,}9A UDm
location = /50x.html {
\P;nNEroot html;
g
K~J.kO*cu;]5|.V:b}

cE K],p2N [s8gBSD爱好者乐园xJW!w4e'ru&G

}

A8j6d-UgyFBSD爱好者乐园u4a9j \ox-SW ?

++php上传BSD爱好者乐园:Ne9~Tk0T9F
1.nginx.conf的http{}中增加
Ux Fc:d:uN?client_max_body_size 300m;BSD爱好者乐园+sVQ8g2E4d
2.php.ini需要修改
8wF8IY8hd{post_max_size = 300MBSD爱好者乐园9b7UinE%W,B
upload_max_filesize = 300M
D^2zt1vG@/x}%Y## 如果出现413 Request Entity Too Large,看看是不是超过上面的限值了BSD爱好者乐园 Z!H6x)|.y8I:J3~Tm"P

[重要提醒]对本篇资料有疑问，请到论坛讨论，尽量使文章准确无误>>>
[版权声明]BSD爱好者乐园站内文章，如来源不是互联网，则均系原创或翻译之作，可随意转载，或以此为基础进行演译，但务必以链接形式注明原始出处和作者信息，否则属于侵权行为。另对本站转载他处文章，俱有说明，如有侵权请联系本人，本人将会在第一时间删除侵权文章。
TAG: nginx