Linux – 安裝nginx – 搭配YII2環境

咱們在開發和測試環境，須要爲yii2搭配環境，這裏說的是安裝nginx

1.安裝腳本：

wget nginx.org/download/nginx-1.11.13.tar.gz
tar zxvf nginx-1.11.13.tar.gz
cd nginx-1.11.13
./configure --with-http_ssl_module --with-http_v2_module
make && make install

【 題外話：

–with-http_v2_module 配置表明開啓http2模塊，您能夠經過下面的方式設置http2

listen 443 ssl http2;
能夠經過下面的連接找到工具測試是否開啓http2：https://www.kejianet.cn/open-http2/

題外話：】

2.啓動腳本：

touch /etc/init.d/nginx
vim /etc/init.d/nginx
加入代碼，wq保存

#!/bin/bash

nginx Startup script for the Nginx HTTP Server

it is v.0.0.2 version.

chkconfig: - 85 15

description: Nginx is a high-performance web and proxy server.

It has a lot of features, but it's not for everyone.

processname: nginx

pidfile: /var/run/nginx.pid

config: /usr/local/nginx/conf/nginx.conf

nginxd=/usr/local/nginx/sbin/nginx
nginx_config=/usr/local/nginx/conf/nginx.conf
nginx_pid=/var/run/nginx.pid
RETVAL=0
prog="nginx"

Source function library.

. /etc/rc.d/init.d/functions

Source networking configuration.

. /etc/sysconfig/network

Check that networking is up.

[ ${NETWORKING} = "no" ] && exit 0
[ -x $nginxd ] || exit 0

Start nginx daemons functions.

start() {
if [ -e $nginx_pid ];then
echo "nginx already running...."
exit 1
fi
echo -n $"Starting $prog: "
daemon $nginxd -c ${nginx_config}
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/nginx
return $RETVAL
}

Stop nginx daemons functions.

stop() {
echo -n $"Stopping $prog: "
killproc $nginxd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/nginx /var/run/nginx.pid
}

reload nginx service functions.

reload() {
echo -n $"Reloading $prog: "
#kill -HUP cat ${nginx_pid}
killproc $nginxd -HUP
RETVAL=$?
echo
}

See how we were called.

case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|reload|status|help}"
exit 1
esac
exit $RETVAL
3.添加自啓動

vim /etc/rc.d/rc.local
添加：
/etc/init.d/nginx start
添加nginx用戶：

groupadd nginx
useradd -g nginx nginx

而後設置權限：

chmod 755 /etc/init.d/nginx
4.啓動nginx

/etc/init.d/nginx start

到這裏就啓動完成ngxin，咱們須要配置nginx

5.配置nginx

添加文件地址/www/web

mkdir -p /www/web
添加log文件：

mkdir /var/log/nginx
touch /var/log/nginx/error.log
chmod 777 -R /var/log/nginx/error.log
添加nginx 文件access.log和error.log

mkdir /www/web_logs
touch /www/web_logs/access.log
chmod 777 /www/web_logs/access.log
touch /www/web_logs/error.log
chmod 777 /www/web_logs/error.log
nginx的配置以下：

/usr/local/nginx/conf/nginx.conf，代碼以下：

user nginx nginx;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /usr/local/nginx/logs/nginx.pid;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 8m;

limit_conn_zone $binary_remote_addr zone=one:32k;

sendfile        on;
tcp_nopush     on;

keepalive_timeout  120;
tcp_nodelay on;

fastcgi_buffers 8 128k;
fastcgi_connect_timeout 9900s;
fastcgi_send_timeout 9900s;
fastcgi_read_timeout 9900s;
gzip  on;
gzip_min_length  1k;
gzip_buffers     4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types       text/plain application/x-javascript text/css application/xml;
gzip_vary on;
log_format  wwwlogs  '$remote_addr - $remote_user [$time_local] $request $status $body_bytes_sent $http_referer $http_user_agent $http_x_forwarded_for';

include conf.d/*.conf;

}
/usr/local/nginx/conf/none.conf，代碼以下：

location / {
index index.html index.php; ## Allow a static html file to be shown first
try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
expires 30d; ## Assume all files are cachable

rewrite ^/$ /index.php last;

rewrite ^/(?!index.php|robots.txt|static)(.*)$ /index.php/$1 last;

}
## These locations would be hidden by .htaccess normally
location /app/                { deny all; }
location /includes/           { deny all; }
location /lib/                { deny all; }
location /media/downloadable/ { deny all; }
location /pkginfo/            { deny all; }
location /report/config.xml   { deny all; }
location /var/                { deny all; }
location /var/email/ {allow all;}
location /var/export/ { ## Allow admins only to view export folder
    auth_basic           "Restricted"; ## Message shown in login window
    auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
    autoindex            on;
}
  location  /. { ## Disable .htaccess and other hidden files
    return 404;
}
location @handler { ## Magento uses a common front handler
    rewrite / /index.php;
}
location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
    rewrite ^(.*.php)/ $1 last;
}

/usr/local/nginx/conf/conf.d/default.conf 這個文件是網站內容的配置。譬如以下：

server {
listen 1000;
listen 443 ssl;

server_name 192.168.220.100;
root  /www/web/datacenter/datacenter_1000/appadmin/web;
server_tokens off;
    include none.conf;
    index index.php;
    access_log /www/web_logs/access.log wwwlogs;
    error_log  /www/web_logs/error.log  notice;
    location ~ \.php$ {
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            include fcgi.conf;
    }
    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
            expires      30d;
    }
    location ~ .*\.(js|css)?$ {
            expires      12h;
    }

location ~ /.svn/ {
            deny all;
    }

}
上面的意思爲：

listen 表明監聽的端口，線上都是填寫80,80是默認端口，咱們訪問的網站，默認都是80端口

server_name 填寫對應的IP，或者域名

root 表明上面訪問IP或者域名，網站的根目錄

填寫完成上面的後，保存，退出。重啓nginx

/etc/init.d/nginx restart

6.新建文件：

mkdir -p /www/web/datacenter/datacenter_1000/appadmin/web
touch /www/web/datacenter/datacenter_1000/appadmin/web/index.php
vim /www/web/datacenter/datacenter_1000/appadmin/web/index.php
添加代碼

<?php
echo phpinfo();
?>
訪問配置的nginx的域名或者IP就能夠看到頁面了。

7. nginx php 隱藏版本號

vi /usr/local/nginx/conf/nginx.conf
#在http{}中加入
server_tokens off;

第二歩：

vi /usr/local/nginx/conf/fastcgi_params
#將裏面的
#fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
#修改成：
fastcgi_param SERVER_SOFTWARE nginx;

隱藏PHP版本號

vi php.ini
#找到：
#expose_php = On;
#修改成：
expose_php = Off;

8nginx日誌切割

設置日誌格式及路徑：

全局格式設置 ：nginx.conf

log_format wwwlogs '$remote_addr - $remote_user [$time_local] $request $status $body_bytes_sent $http_referer $http_user_agent $http_x_forwarded_for';
access_log /www/web_logs/access.log wwwlogs;
error_log /www/web_logs/error.log notice;
新建文件 /cron/nginx_spilit.sh

#!/bin/bash
log_files_path="/www/web_logs/"
log_files_dir=${log_files_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")
log_files_name=(access access error error)
nginx_sbin="$/usr.local/nginx/sbin/nginx "
save_days=60
mkdir -p $log_files_dir
log_files_num=${#log_files_name[@]}
for((i=0;i<$log_files_num;i++));do
mv ${log_files_path}${log_files_name[i]}.log ${log_files_dir}/${log_filesname[i]}$(date -d "yesterday" +"%Y%m%d").log
done
find $log_files_path -mtime +$save_days -exec rm -rf {} \;
$nginx_sbin -s reload

crontab -e00 00 * /bin/bash /cron/nginx_spilit.sh