Centos7 安装nghttpx与squid(代理服务器)
1、安装nghttpx
yum -y install epel-release
yum -y groupinstall "Development Tools"
yum -y install openssl git-core libev libev-devel zlib zlib-devel openssl openssl-devel git
git clone https://github.com/nghttp2/nghttp2.git
cd nghttp2
autoreconf -i
automake
autoconf
./configure --prefix=/home/nghttpx
make
make install
mkdir /home/nghttpx/conf
修改配置文件:
vi /home/nghttpx/conf/nghttpx.conf
frontend=0.0.0.0,443;tls
backend=127.0.0.1,3128;no-tls
private-key-file=/home/nghttpx/conf/privkey.pem
certificate-file=/home/nghttpx/conf/fullchain.pem
workers=1
http2-proxy=yes
log-level=INFO
# daemon=yes
no-via=yes
no-ocsp=yes
no-host-rewrite=yes
add-x-forwarded-for=yes
strip-incoming-x-forwarded-for=yes
accesslog-file=/var/log/nghttpx/access.log
errorlog-file=/var/log/nghttpx/error.log
配置证书:
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto
把生成的证书文件统一复制到/home/nghttpx/conf目录
启动:
/home/nghttpx/bin/nghttpx --conf=/home/nghttpx/conf/nghttpx.conf
或者编写一个启动脚本:
vi /etc/systemd/system/nghttpx.service
[Unit]
Description=nghttpx
After=network.target
[Service]
Type=simple
ExecStart=/usr/local/bin/nghttpx --conf=/etc/nghttpx/nghttpx.conf
ExecReload=/bin/kill -SIGUSR1 ${MAINPID}
ExecStop=/bin/kill -SIGQUIT ${MAINPID}
[Install]
WantedBy=multi-user.target
写到服务里去:
# systemctl daemon-reload
# systemctl start nghttpx
# systemctl enable nghttpx
vi /etc/squid/squid.conf
http_port 3128 //设置监听的IP与端口号
cache_mem 64 MB //额外提供给squid使用的内存,squid的内存总占用为 X * 10+15+“cache_mem”,其中X为squid的cache占用的容量(以GB为单位),
//比如下面的cache大小是100M,即0.1GB,则内存总占用为0.1*10+15+64=80M,推荐大小为物理内存的1/3-1/2或更多。
maximum_object_size 4 MB //设置squid磁盘缓存最大文件,超过4M的文件不保存到硬盘
minimum_object_size 0 KB //设置squid磁盘缓存最小文件
maximum_object_size_in_memory 4096 KB //设置squid内存缓存最大文件,超过4M的文件不保存到内存
cache_dir ufs /var/spool/squid 100 16 256 //定义squid的cache存放路径 、cache目录容量(单位M)、一级缓存目录数量、二级缓存目录数量
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh //log文件日志格式
access_log /var/log/squid/access.log combined //log文件存放路径和日志格式
cache_log /var/log/squid/cache.log //设置缓存日志
logfile_rotate 60 //log轮循 60天
cache_swap_high 95 //cache目录使用量大于95%时,开始清理旧的cache
cache_swap_low 90 //cache目录清理到90%时停止。
acl localnet src 192.168.1.0/24 //定义本地网段
http_access allow localnet //允许本地网段使用
http_access deny all //拒绝所有
visible_hostname squid.david.dev //主机名
cache_mgr mchina_tang@qq.com //管理员邮箱
via off
forwarded_for delete
启动:
service squid start
1、安装nghttpx
yum -y install epel-release
yum -y groupinstall "Development Tools"
yum -y install openssl git-core libev libev-devel zlib zlib-devel openssl openssl-devel git
git clone https://github.com/nghttp2/nghttp2.git
cd nghttp2
autoreconf -i
automake
autoconf
./configure --prefix=/home/nghttpx
make
make install
mkdir /home/nghttpx/conf
修改配置文件:
vi /home/nghttpx/conf/nghttpx.conf
frontend=0.0.0.0,443;tls
backend=127.0.0.1,3128;no-tls
private-key-file=/home/nghttpx/conf/privkey.pem
certificate-file=/home/nghttpx/conf/fullchain.pem
workers=1
http2-proxy=yes
log-level=INFO
# daemon=yes
no-via=yes
no-ocsp=yes
no-host-rewrite=yes
add-x-forwarded-for=yes
strip-incoming-x-forwarded-for=yes
accesslog-file=/var/log/nghttpx/access.log
errorlog-file=/var/log/nghttpx/error.log
配置证书:
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto
把生成的证书文件统一复制到/home/nghttpx/conf目录
启动:
/home/nghttpx/bin/nghttpx --conf=/home/nghttpx/conf/nghttpx.conf
或者编写一个启动脚本:
vi /etc/systemd/system/nghttpx.service
[Unit]
Description=nghttpx
After=network.target
[Service]
Type=simple
ExecStart=/usr/local/bin/nghttpx --conf=/etc/nghttpx/nghttpx.conf
ExecReload=/bin/kill -SIGUSR1 ${MAINPID}
ExecStop=/bin/kill -SIGQUIT ${MAINPID}
[Install]
WantedBy=multi-user.target
写到服务里去:
# systemctl daemon-reload
# systemctl start nghttpx
# systemctl enable nghttpx
安装squid
yum -y install squid
vi /etc/squid/squid.conf
http_port 3128 //设置监听的IP与端口号
cache_mem 64 MB //额外提供给squid使用的内存,squid的内存总占用为 X * 10+15+“cache_mem”,其中X为squid的cache占用的容量(以GB为单位),
//比如下面的cache大小是100M,即0.1GB,则内存总占用为0.1*10+15+64=80M,推荐大小为物理内存的1/3-1/2或更多。
maximum_object_size 4 MB //设置squid磁盘缓存最大文件,超过4M的文件不保存到硬盘
minimum_object_size 0 KB //设置squid磁盘缓存最小文件
maximum_object_size_in_memory 4096 KB //设置squid内存缓存最大文件,超过4M的文件不保存到内存
cache_dir ufs /var/spool/squid 100 16 256 //定义squid的cache存放路径 、cache目录容量(单位M)、一级缓存目录数量、二级缓存目录数量
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh //log文件日志格式
access_log /var/log/squid/access.log combined //log文件存放路径和日志格式
cache_log /var/log/squid/cache.log //设置缓存日志
logfile_rotate 60 //log轮循 60天
cache_swap_high 95 //cache目录使用量大于95%时,开始清理旧的cache
cache_swap_low 90 //cache目录清理到90%时停止。
acl localnet src 192.168.1.0/24 //定义本地网段
http_access allow localnet //允许本地网段使用
http_access deny all //拒绝所有
visible_hostname squid.david.dev //主机名
cache_mgr mchina_tang@qq.com //管理员邮箱
via off
forwarded_for delete
启动:
service squid start