在arm下搭建nginx

原创已于 2024-11-27 14:29:43 修改 · 1.4k 阅读

16 ·

CC 4.0 BY-SA版权

文章标签：

#arm开发 #nginx #运维

于 2024-11-27 14:29:00 首次发布

服务器专栏收录该内容

4 篇文章

订阅专栏

1.先检查和修改DNS
vi /etc/resolv.conf

nameserver 8.8.8.8

2.安装依赖库
apt-get update
apt-get upgrade -y
apt install -y build-essential libpcre3 libpcre3-dev zlib1g-dev openssl libssl-dev

3.安装openssl 库
   apt-get install libssl-dev

4.下载稳定版代码
   wget -c https://nginx.org/download/nginx-1.26.2.tar.gz
   tar -xxvf nginx-1.26.2.tar.gz
   cd nginx-1.26.2

5.配置编译
./configure --prefix=/usr/local/nginx --user=www --group=www --sbin-path=/usr/local/nginx/sbin/nginx --conf-path=/usr/local/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module

6.编译
make

7.安装
make install

8.链接应用
sudo ln -s /usr/local/nginx/sbin/nginx /usr/bin/nginx

9.建立服务脚本
vim /usr/lib/systemd/system/nginx.service

[Unit]
Description=nginx
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s quit
PrivateTmp=true

[Install]
WantedBy=multi-user.target

10.创建用户
/usr/sbin/groupadd -f www
/usr/sbin/useradd -g www www

11.建立依赖目录和权限
# mkdir /var/cache/nginx
sudo chown -R www:www /var/cache/nginx/
sudo chown -R www:www /var/log/nginx/

12启动服务
systemctl enable nginx
systemctl status nginx --no-pager

检擦log信息

journalctl --no-pager -b 查看本次启动的LOG
journalctl --no-pager -f 查看当前log

12.制作证书 ssl访问
/ssl$ openssl genrsa -out ./server.key 2048
openssl req -new -x509 -key ./server.key -out ./server.crt -days 365

13SSL和反向代理的配置

    server {
        listen       80;
        listen       443 ssl;
        server_name  localhost;

        ssl_certificate      /usr/local/ssl/server.crt;
        ssl_certificate_key  /usr/local/ssl/server.key;

        ssl_session_cache    shared:SSL:10m;
        ssl_session_timeout  5m;
        ssl_protocols           TLSv1.2;
        ssl_ciphers          ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers  on;
        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   /usr/local/web;
            index  index.html index.htm;
        }

                location /api/ {
                        proxy_pass http://localhost:3000/api/;
                        proxy_http_version 1.1;
                        proxy_set_header Upgrade $http_upgrade;
                        proxy_set_header Connection 'upgrade';
                        proxy_set_header Host $host;
                        proxy_cache_bypass $http_upgrade;
                }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
}