介绍
Nginx(发音为"engine-x")是一个高性能的HTTP和反向代理服务器,同时也是一个IMAP/POP3/SMTP代理服务器。它最初由Igor Sysoev于2004年发布,并以其高性能、稳定性、丰富的功能集和低系统资源消耗而闻名。
Nginx的主要特点
高并发处理能力:
Nginx采用异步、事件驱动的架构设计,这使得它能够处理大量的并发连接而不消耗过多的资源。
反向代理和负载均衡:
Nginx可以作为反向代理服务器来分发客户端请求到后端服务器,并支持多种负载均衡算法,如轮询、最少连接等。
静态内容处理:
Nginx在处理静态文件(如HTML、CSS、JavaScript文件)时速度极快,适合用作静态文件服务器。
模块化设计:
Nginx具有模块化架构,许多功能可以通过动态加载或编译模块来实现。
HTTPS支持:
支持TLS/SSL,提供了强大的安全功能。
URL重写与重定向:
Nginx支持复杂的URL重写和重定向规则,适合用于SEO优化和访问控制。
缓存功能:
提供内置缓存功能,可以缓存后端服务器的响应以提高性能。
支持HTTP/2:
支持HTTP/2协议,提供更好的性能和安全性。
常见使用场景
Web服务器:用于托管网站和应用。
反向代理服务器:用于将请求转发到后端应用服务器。
负载均衡器:用于分发流量以优化资源使用。
API网关:管理和保护API流量。
Nginx与其他Web服务器的比较:
与Apache相比:Nginx的性能和资源使用效率通常优于Apache,特别是在处理静态内容和高并发连接时。
与其他负载均衡器相比:Nginx的简单配置和高效率使其成为许多企业的首选。
#pkg_dir=$(pwd)decompression_dir=/datapkg_install_dir=/data/nginxpkg_install_name=nginx-1.27.1port=80user='nginx'cpu_num=$(cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c | awk '{print $1}')portNum=`ss -ntpl | grep ':'${port}' ' | wc -l`if [[ $portNum -gt 0 ]];thenecho "tcp port ${port} already use try to other port !!!"exit 1fi# 需要增加超时退出函数function downloadpackage(){curl -L -O http://nginx.org/download/$1}if [[ ! -f "${pkg_install_name}.tar.gz" ]] ; thenecho "${pkg_install_name}.tar.gz package is not exist"downloadpackage ${pkg_install_name}.tar.gzif [[ ! -f "${pkg_install_name}.tar.gz" ]] ; thenecho "install fail"exitfifi## 安装 nginx 软件安装的依赖printf "\n<<<<<<<< Installing dependent Software\n\n"## 测试每一个安装包,没有下载的进行安装yum_pack_name=(makecmakegccgcc-c++pcre-develzlib-developenssl-devel)apt_pack_name=(makebuild-essentiallibpcre3libpcre3-devzlib1g-devopenssllibssl-dev)pacman_pack_name=(makegccgcc-c++autoconfautomakepcre-develzlib-developenssl-devel)function is_apt_package_installed() {local package_name="$1"dpkg -s "$package_name" >/dev/null 2>&1if [ $? -ne 0 ];thenapt install -y $1fiecho "$1 installed !!!"}function is_pacman_package_installed() {local package_name="$1"pacman -Qi "$package_name" >/dev/null 2>&1if [ $? -ne 0 ];thenpacman install -y $1fiecho "$1 installed !!!"}function is_yum_package_installed(){local package_name="$1"rpm -q "$package_name" >/dev/null 2>&1if [ $? -ne 0 ];thenyum install -y $1fiecho "$1 installed !!!"}function is_package_installed(){case $1 inapt )for tmp_pack_name in ${apt_pack_name[*]}; dois_apt_package_installed $tmp_pack_namedone;;pacman )for tmp_pack_name in ${pacman_pack_name[*]}; dois_apt_package_installed $tmp_pack_namedone;;yum )for tmp_pack_name in ${yum_pack_name[*]}; dois_apt_package_installed $tmp_pack_namedone;;*)echo "not support";;esac}function identify_package_manager() {# 优先尝试使用 lsb_releasedistro=$(lsb_release -is 2>/dev/null)if [ -n "$distro" ]; thencase "$distro" inUbuntu|Debian)echo "apt";;Fedora|CentOS|RHEL)echo "yum";;Arch)echo "pacman";;# 添加更多发行版和对应包管理器的判断*)echo "Unsupported distribution: $distro";;esacreturnfi# 如果 lsb_release 不存在,尝试从 /etc/os-release 获取信息distro_id=$(grep '^ID=' /etc/os-release | cut -d= -f2 |sed 's/"//g')case "$distro_id" inubuntu|debian)echo "apt";;fedora|centos|rhel)echo "yum";;arch)echo "pacman";;# 添加更多发行版和对应包管理器的判断*)# 如果 /etc/os-release 中也没有找到,尝试其他方法# ...echo "Failed to identify package manager";;esac}is_package_installed $(identify_package_manager)if [ ! -d "${pkg_install_dir}" ]; thenmkdir -p ${pkg_install_dir}fitar xzf ${pkg_install_name}.tar.gz -C ${decompression_dir}printf "\n Are you want to use modules?\n"prompt="input parameters: (y/n): "while true; doread -p "$prompt" yncase $yn in[Yy]* )# 用户输入为 y 或 Ycp -r module ${decompression_dir}printf "\n<<<<<<<< decompression nginx \n"printf "\n there are sevrval modules for you:\n"printf "\n module location: ${decompression_dir}/module\n"ls ${decompression_dir}/modulebreak;;[Nn]* )break;;* )# 用户输入不是 y、Y、n 或 Necho "无效的输入,请重新输入.";;esacdone## 编译安装cd ${decompression_dir}/${pkg_install_name}printf "\n<<<<<<<< decompression nginx \n"echo "you can use: --with-http_stub_status_module --with-http_ssl_module --with-pcre --with-http_v2_module "read -p "input parameters: " parameter./configure --prefix=${pkg_install_dir} ${parameter}make -j $cpu_num && make install## 覆盖原来的配置文件cat << EOF > ${pkg_install_dir}/conf/nginx.confuser nginx;worker_processes auto;pid logs/nginx.pid;events {worker_connections 768;# multi_accept on;}http {### Basic Settings##sendfile on;tcp_nopush on;tcp_nodelay on;keepalive_timeout 65;types_hash_max_size 2048;# server_tokens off;# server_names_hash_bucket_size 64;# server_name_in_redirect off;include mime.types;default_type application/octet-stream;### SSL Settings##ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLEssl_prefer_server_ciphers on;### Logging Settings##access_log logs/access.log;error_log logs/error.log;### Gzip Settings##gzip on;# gzip_vary on;# gzip_proxied any;# gzip_comp_level 6;# gzip_buffers 16 8k;# gzip_http_version 1.1;# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;### Virtual Host Configs##include ${pkg_install_dir}/conf.d/*.conf;}EOFif [[ ! -d ${pkg_install_dir}/conf.d ]];then mkdir ${pkg_install_dir}/conf.d; fiif [[ ! -d ${pkg_install_dir}/logs ]];then mkdir ${pkg_install_dir}/logs; ficat << EOF > ${pkg_install_dir}/conf.d/default.conf### You should look at the following URL's in order to grasp a solid understanding# of Nginx configuration files in order to fully unleash the power of Nginx.# https://www.nginx.com/resources/wiki/start/# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/# https://wiki.debian.org/Nginx/DirectoryStructure## In most cases, administrators will remove this file from sites-enabled/ and# leave it as reference inside of sites-available where it will continue to be# updated by the nginx packaging team.## This file will automatically load configuration files provided by other# applications, such as Drupal or Wordpress. These applications will be made# available underneath a path with that package name, such as /drupal8.## Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.### Default server configuration#server {listen 80 default_server;listen [::]:80 default_server;# SSL configuration## listen 443 ssl default_server;# listen [::]:443 ssl default_server;## Note: You should disable gzip for SSL traffic.# See: https://bugs.debian.org/773332## Read up on ssl_ciphers to ensure a secure configuration.# See: https://bugs.debian.org/765782## Self signed certs generated by the ssl-cert package# Don't use them in a production server!## include snippets/snakeoil.conf;root ${pkg_install_dir}/html;# Add index.php to the list if you are using PHPindex index.html index.htm index.nginx-debian.html;location / {# First attempt to serve request as file, then# as directory, then fall back to displaying a 404.try_files \$uri \$uri/ =404;}# pass PHP scripts to FastCGI server##location ~ \.php$ {# include snippets/fastcgi-php.conf;## # With php-fpm (or other unix sockets):# fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;# # With php-cgi (or other tcp sockets):# fastcgi_pass 127.0.0.1:9000;#}# deny access to .htaccess files, if Apache's document root# concurs with nginx's one##location ~ /\.ht {# deny all;#}}EOFln -s ${pkg_install_dir}/sbin/nginx /usr/sbin/nginx## 添加日志轮转cat << EOF > /etc/logrotate.d/nginx${pkg_install_dir}/logs/*.log {dailydateextmissingokrotate 52compressnotifemptycopytruncatecreate 640 app appsharedscriptspostrotateif [ -f ${pkg_install_dir}/logs/nginx.pid ]; thenkill -USR1 `cat ${pkg_install_dir}/logs/nginx.pid`fiendscript}EOF## 创建 service 文件,利用 systemd 控制 nginxcat <<EOF > /usr/lib/systemd/system/nginx.service[Unit]Description=The NGINX HTTP and reverse proxy serverAfter=syslog.target network-online.target remote-fs.target nss-lookup.targetWants=network-online.target[Service]User=rootGroup=nginxType=forkingExecStartPost=/bin/sleep 0.1PIDFile=${pkg_install_dir}/logs/nginx.pidExecStartPre=${pkg_install_dir}/sbin/nginx -tExecStart=${pkg_install_dir}/sbin/nginxExecReload=${pkg_install_dir}/sbin/nginx -s reloadExecStop=/bin/kill -s QUIT $MAINPIDPrivateTmp=trueRestartSec=30sRestart=on-failure[Install]WantedBy=multi-user.targetEOFfunction create_service_user(){if ! id -u $1 >/dev/null 2>&1;thenuseradd -M $1 -M -s /bin/falsefichown -R $1:$1 ${pkg_install_dir}}create_service_user $usersystemctl daemon-reloadsystemctl start nginx.servicesystemctl enable nginx.serviceprintf "\n<<<<<<<< install nginx end\n"printf "<<<<<<<< nginx service status: \n\n"systemctl status nginx --no-pager## 启动 nginx 测试服务是否正常printf "\n<<<<<<<< test web service is fine\n\n"curl -I 127.0.0.1:$portunset decompression_dirunset pkg_install_diunset pack_name# 备注普通用户可以启用 nginx ,不过因为 linux 启用 1024以内的端口要 root 用户,可以通过给 nginx 二进制文件添加 root 权限使用端口使用下面的命令即可# 方法1:# chown root /usr/local/nginx/sbin/nginx# chmod u+s /usr/local/nginx/sbin/nginx# 方法2:# 使用非80端口启动程序,然后再用iptables做一个端口转发。# 方法3:# setcap cap_net_bind_service =+ep /usr/local/nginx/sbin/nginx## setcap cap_net_bind_service=+ep /data/nginx/sbin/nginx# rm -rf $(pwd)/*
uninstall
#pkg_dir=$(pwd)decompression_dir=/datapkg_install_dir=/data/nginxprintf "\n<<<<<< stop nginx service \n"systemctl stop nginxsystemctl disable nginxif [ -f /etc/systemd/system/nginx.service ];thenrm -f /etc/systemd/system/nginx.servicefisystemctl daemon-reloadprintf "\n<<<<< remove file \n"rm -f /etc/profile.d/nginx.shsource /etc/profilerm -rf ${decompression_dir}/nginx-1.20.1rm -rf ${pkg_install_dir}# yum remove make cmake gcc gcc-c++ pcre-devel zlib-devel openssl openssl-devel -yprintf "<<<<< uninstall completed\n"unset decompression_dirunset pkg_install_dir
觉得不错别忘了给波哥一键三连哦!
波哥
IT行业近二十年的IT老炮。常年潜伏于国企、各一二线大厂中。硬件集成入行,直至虚拟技术、容器化。岗位历经系统集成、DBA、全栈开发、sre、项目经理、产品经理、部门总监。
主要作品:
IT类资源汇聚门户:https://www.98dev.com
各大短视频平台:98dev
各大主要技术论坛博客:IT运维技术圈
长视频教学作品:《波哥讲网络》《波哥讲git》《波哥讲gitlab》
小程序:IT面试精选
构建技术社区:+V itboge1521 入学习交流群
