幻的小屋

在 CentOS 7.6 上安装 NGINX

蛋蛋 2025年04月28日 46 0

在 CentOS 7.6 上安装 NGINX 可以通过以下步骤实现:

yum源安装

步骤 1: 更新你的系统

在开始之前,确保你的系统包是最新的。

sudo yum update -y

步骤 2: 安装 EPEL 仓库

NGINX 通常不包含在 CentOS 的默认软件仓库中,因此你需要启用 EPEL 仓库。

sudo yum install epel-release -y

步骤 3: 安装 NGINX

一旦 EPEL 仓库安装完毕,你就可以安装 NGINX:

sudo yum install nginx -y

步骤 4: 启动并配置 NGINX 在启动时自动运行

你需要启动 NGINX 服务,并确保它在系统启动时自动运行:

sudo systemctl start nginx
sudo systemctl enable nginx

步骤 5: 配置防火墙(按需)

如果你的系统上启用了防火墙(firewalld),你可能需要允许 HTTP 和 HTTPS 流量通过。

sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

步骤 6: 检查 NGINX 安装状态

你可以通过以下命令检查 NGINX 的状态,以确保它正在运行:

sudo systemctl status nginx

你应该会看到服务的状态为 "active (running)"。

步骤 7: 测试 NGINX

打开你的浏览器,访问你的服务器的 IP 地址。例如:

http://your_server_ip/

你应该会看到一个默认的 NGINX 欢迎页面,表示安装成功。

通过这些步骤,你应该就能在 CentOS 7.6 上成功安装并运行 NGINX。如果你需要调整 NGINX 的配置,可以修改 /etc/nginx/nginx.conf 或添加新的配置文件到 /etc/nginx/conf.d/ 目录下。完成配置更改后,记得使用 sudo systemctl restart nginx 重启 NGINX 以应用更改。

部署完环境及执行命令

网站目录:/usr/share/nginx/html
配置文件:/etc/nginx/nginx.conf
日志目录:/var/log/nginx/

# 查看服务状态
systemctl status nginx
# 重启服务
systemctl restart nginx
# 校验配置
nginx -t
/usr/sbin/nginx -t
# 加载配置
nginx -s reload
/usr/sbin/nginx -s reload

配置ssl

生成证书

mkdir /etc/nginx/ssl
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/selfsigned.key -out /etc/nginx/ssl/selfsigned.crt

修改配置

vi /etc/nginx/nginx.conf
#user  nobody;
worker_processes  1;

#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';


    access_log  /var/log/nginx/access.log;
    error_log  /var/log/nginx/error.log;

    sendfile        on;

    #keepalive_timeout  0;
    keepalive_timeout  3600;

    #gzip  on;
    server {
        listen       40022 ;
        listen       40023 ssl;

        server_name  localhost;

        ssl_certificate      /etc/nginx/ssl/selfsigned.crt;
        ssl_certificate_key  /etc/nginx/ssl/selfsigned.key;

        ssl_session_timeout  5m;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4;
        ssl_prefer_server_ciphers   on;

        location / {
            if ($request_method !~ ^(GET)$) {
                return 403;
            }
            root   html;
            index  index.html index.htm;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

源码包安装

1、上传对应的源码包到/usr/local/src
2、解压源码包并编译安装

cd /usr/local/src
tar zxvf nginx-1.28.0.tar.gz
cd nginx-1.28.0
./configure --with-stream --with-http_stub_status_module --with-http_ssl_module --with-http_dav_module --with-http_v2_module --prefix=/usr/local/nginx
make
make install

3、修改配置文件:

# cp /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bak
# cat /usr/local/nginx/conf/nginx.conf.bak | grep -vE "^[[:space:]]*#|^$" > /usr/local/nginx/conf/nginx.conf
# cat /usr/local/nginx/conf/nginx.conf
worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server {
        listen       50021;
        server_name  localhost;
        location / {
            root   html;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}
stream {
    upstream udp_servers {
        server 0.0.0.0:50022;
    }
    server {
        listen 50021 udp;  # Nginx 监听的 UDP 端口
        proxy_pass udp_servers;
    }
}

# /usr/local/nginx/sbin/nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

4、配置开启启动文件

# vim /etc/systemd/system/nginx.service
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=network.target

[Service]
Type=forking
# 修改为你的nginx实际路径
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PIDFile=/usr/local/nginx/logs/nginx.pid
PrivateTmp=true

[Install]
WantedBy=multi-user.target

使 systemd 识别新服务

systemctl daemon-reload

设置 nginx 开机自动启动

systemctl enable nginx

启动 nginx 服务

systemctl start nginx
Last Updated: 2025/05/29 16:29:50
linux基础_解决 SSH 报错 "no hostkey alg" HTTP协议