/ 中存储网

使用Nginx配置代理服务器图文说明

2014-04-03 08:20:01 来源:itjs.cn
我们要创建一个nginx服务器,代理ip为192.168.0.101,本机作为测试主,本机的ip是192.168.0.234

Nginx代理服务器的配置

首先,配置好yum源

[[email protected] ~]# yum groupinstall -y "Development Tools" "Development Libraries"

[[email protected] ~]# yum install gcc openssl-devel pcre-devel zlib-devel –y

Lftp 192.168.0.254

下载nagios-3.2.1.tar.gz

Tar xf nginx-1.1.3.tar.gz

# groupadd nginx

# useradd -g nginx -s /bin/false -M nginx

#cd nginx-1.1.3

./configure

 --prefix=/usr

 --sbin-path=/usr/sbin/nginx

 --conf-path=/etc/nginx/nginx.conf

 --error-log-path=/var/log/nginx/error.log

 --http-log-path=/var/log/nginx/access.log

 --pid-path=/var/run/nginx/nginx.pid

 --lock-path=/var/lock/nginx.lock

 --user=nginx

 --group=nginx

 --with-http_ssl_module

 --with-http_flv_module

 --with-http_stub_status_module

 --with-http_gzip_static_module

 --http-client-body-temp-path=/var/tmp/nginx/client/

 --http-proxy-temp-path=/var/tmp/nginx/proxy/

 --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/

 --with-pcre

 Make && make install

 Vim /etc/init.d/nginx

#!/bin/sh

#

# nginx - this script starts and stops the nginx daemon

#

# chkconfig:   - 85 15

# description: Nginx is an HTTP(S) server, HTTP(S) reverse

#               proxy and IMAP/POP3 proxy server

# processname: nginx

# config:      /etc/nginx/nginx.conf

# config:      /etc/sysconfig/nginx

# pidfile:     /var/run/nginx.pid

# Source function library.

. /etc/rc.d/init.d/functions

# Source networking configuration.

. /etc/sysconfig/network

# Check that networking is up.

[ "$NETWORKING" = "no" ] && exit 0

nginx="/usr/sbin/nginx"

prog=$(basename $nginx)

NGINX_CONF_FILE="/etc/nginx/nginx.conf"

[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx

lockfile=/var/lock/subsys/nginx

make_dirs() {

   # make required directories

   user=`nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=([^ ]*).*/1/g' -`

   options=`$nginx -V 2>&1 | grep 'configure arguments:'`

  for opt in $options; do

if [ `echo $opt | grep '.*-temp-path'` ]; then

value=`echo $opt | cut -d "=" -f 2`

if [ ! -d "$value" ]; then

# echo "creating" $value

mkdir -p $value && chown -R $user $value

fi

fi

   done

}

start() {

[ -x $nginx ] || exit 5

[ -f $NGINX_CONF_FILE ] || exit 6

make_dirs

echo -n $"Starting $prog: "

daemon $nginx -c $NGINX_CONF_FILE

retval=$?

echo

[ $retval -eq 0 ] && touch $lockfile

return $retval

}

stop() {

echo -n $"Stopping $prog: "

killproc $prog -QUIT

retval=$?

echo

[ $retval -eq 0 ] && rm -f $lockfile

return $retval

}

restart() {

configtest || return $?

stop

sleep 1

   start

}

reload() {

configtest || return $?

echo -n $"Reloading $prog: "

killproc $nginx -HUP

RETVAL=$?

echo

}

force_reload() {

restart

}

configtest() {

 $nginx -t -c $NGINX_CONF_FILE

}

rh_status() {

status $prog

}

rh_status_q() {

rh_status >/dev/null 2>&1

}

case "$1" in

start)

rh_status_q && exit 0

$1

;;

stop)

rh_status_q || exit 0

$1

;;

restart|configtest)

$1

;;

reload)

rh_status_q || exit 7

$1

;;

force-reload)

force_reload

;;

status)

rh_status

;;

condrestart|try-restart)

rh_status_q || exit 0

;;

*)

echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"

exit 2

esac

退出,给/etc/init.d/nginx 执行权限

Chmod +x /etc/init.d/nginx

使其开机不能自动启动

Chkconfig --add nginx

下面我们可以启动nginx了

#service nginx start

然后看一下80端口是否已经启动

#netstat -tnlp

[[email protected] ~]# netstat -tnlp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name 

tcp        0      0 127.0.0.1:2208              0.0.0.0:*                   LISTEN      2310/hpiod        

tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      2000/portmap      

tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      8448/nginx.conf   

可以看见,80端口已经开启

之后我们可以看一下nginx的测试页  ,直接输入代理服务器的ip

当出现welcome 几个单词时就表示安装nginx成功,下面只剩配置

Cd /etc/nginx/

Cp nginx.conf nginx.conf.bak

然后在/etc/nginx/nginx.conf 下修改并添加如下内容

events {

worker_connections 51200;

}

server {

listen       80;

server_name localhost;

#charset koi8-r;

#access_log logs/host.access.log main;

location / {

root   /web;

index index.html index.htm;

}

location /bbs {

root   /web;

index test.html;

}

保存并推出

分别创建/web/ 和/web/bbs/

Mkdir /web

Mkdir /web/bbs

Echo “hello,are you ok” > / web/index.htm

Echo “hello” > /web/bbs/test.html

下面分别访问这两个页面文件,在浏览器中输入:http://192.168.0.101

http://192.168.0.101/bbs

当然,我们还可以做代理服务网页的访问控制,比如我们这时候对于/web/bbs/test.thml这个网页文件对于测试机可以访问的,下面我们要实现拒绝测试机访问。

那怎么实现呢,我们需要编辑/etc/nginx/nginx.conf

location /bbs {

root   /web;

index index.html;

deny 192.168.0.234;#############只拒绝192.168.0.234访问

allow all; ################允许所有

保存退出,并重载文件

重新在测试机上访问/web/bbs/test.html

现在我们在没有拒绝访问的机子上测试是否能够访问,新打开一台虚拟机