美文网首页
nginx的location规则和LNMP部署

nginx的location规则和LNMP部署

作者: A宽宽 | 来源:发表于2019-06-11 15:15 被阅读0次

    一、nginx状态模块及权限控制补充

    1.2 nginx状态模块

    通过监控软件查看nginx的状态

    [root@web01 ~]# curl status.oldboy.com
    Active connections: 1 
    server accepts handled requests
     23 23 23 
    Reading: 0 Writing: 1 Waiting: 0 
    
    \\------------------分别代表的含义-----------------------------------
    Active connections: 1     当前的连接数量(已经建立的连接)
    
    server accepts             服务器接收到的请求数量
    server handled             服务器处理的请求数量
    server requests            用户一共向服务器发出多少请求 
    
    Reading: 0                 当前nginx正在读取的用户请求头的数量 
    Writing: 1                 当前nginx正在响应用户请求的数量
    Waiting: 0                 当前等待被nginx处理的请求数量 
    
    

    1.2 权限控制

    实例1.2.1 基于用户登录配置(简单验证)
    1>在status.conf 中配置配置用户及密码

    [root@web01 /etc/nginx/conf.d]# cat status.conf 
    server{ 
        listen   80; 
        server_name   status.oldboy.com;
        stub_status  on;
        access_log  off;
        auth_basic "Auth access Blog Input your Passwd!";   \\指定用户密码提示
        auth_basic_user_file /etc/nginx/htpasswd;     \\指定用户密码文件
    
    }
    
    

    2>添加密码文件

    [root@web01 /etc/nginx/conf.d]# htpasswd -bc /etc/nginx/htpasswd  oldboy   oldboy
    Adding password for user oldboy
    
    

    3>设置密码文件的权限为600,所有者及属组为nginx

    \\修改密码文件的权限为600
    [root@web01 /etc/nginx/conf.d]# chmod 600 /etc/nginx/htpasswd
    
    \\修改密码文件的所有者及所有属组为nginx
    [root@web01 /etc/nginx/conf.d]# chown nginx.nginx /etc/nginx/htpasswd
    
    

    4>nginx检查语法

    [root@web01 /etc/nginx/conf.d]# nginx -t
    nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    nginx: configuration file /etc/nginx/nginx.conf test is successful
    
    

    5>启动nginx服务

    [root@web01 /etc/nginx/conf.d]# systemctl reload nginx
    
    

    6>浏览器输入域名检查,如图:

    image

    1.3 #取出本地的状态码

    [root@web01 /etc/nginx/conf.d]# curl  10.0.0.7
    HTTP/1.1 200 OK
    Server: nginx/1.16.0
    Date: Thu, 06 Jun 2019 01:58:40 GMT
    Content-Type: text/html
    Content-Length: 15
    Last-Modified: Wed, 05 Jun 2019 09:52:47 GMT
    Connection: keep-alive
    ETag: "5cf790ef-f"
    Accept-Ranges: bytes
    
    [root@web01 ~]# curl 10.0.0.7|awk 'NR==1{print $2}'
      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                     Dload  Upload   Total   Spent    Left  Speed
    100    16  100    16    0     0  22471      0 --:--:-- --:--:-- --:--:-- 16000
    
    [root@web01 ~]# curl -sI 10.0.0.7|awk 'NR==1{print $2}'
    200
    
    

    curl 常见的参数:
      -s:不显示网页的内容
      -w:什么输出完成后
      -o:把网站页面的内容写入到哪里或黑洞`

    二、 nginx的location规则

    2.1 location的作用

    根据用户请求的URL来执行不同的应用,即URI的内容。

    2.2 location语法

    location[=|~|~*|^~]url{
               ……
            }
    
    

    2.3 location语法说明

    | location | [=||*|^~] | url | {……} |
    | --- | --- | --- | --- |
    | 指令 | 匹配标识 | 匹配的网站网址 | 匹配URL后要执行的配置段 |

    2.4 匹配标识分别代表的含义

    匹配标识 含义
    = 精确
    ~ 区分大小写的正则匹配
    ~* 不区分大小写的正则匹配
    ^~ 不做正则表达式的检查

    2.5 location的优先级

    注:验证这个之前将 /etc/nginx/conf.d目录下的conf文件只保留01-www.conf,其他全部压缩了,不然会影响后面的验证

    [root@web01 /etc/nginx/conf.d]# cat 01-www.conf
    server {
        listen       80;
        server_name  www.oldboy.com;
        root   html/www;
        location / {
           return 200  "location / \n";
        }
        location = / {
            return 200 "location = \n";
        }
        location /documents/ {
            return 200 "location /documents/ \n";
        }
        location ^~ /images/ {
            return 200 "location ^~ /images/ \n";
        }
        location ~* \.(gif|jpg|jpeg)$ {
            return 200 "location ~* \.(gif|jpg|jpeg) \n";
        }
        access_log off;
    }
    
    

    以上是01-www.conf配置文件中的内容,然后进行以下测试

    [root@web01 /etc/nginx/conf.d]# curl 10.0.0.7
    location = 
    
    [root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/
    location = 
    
    [root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/oldboy.html
    location / 
    
    [root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/documents/alex.txt
    location /documents/ 
    
    [root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/lidao/documents/alex.txt
    location / 
    
    [root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/oldboy.jpg
    location ~* \.(gif|jpg|jpeg) 
    
    #验证/documents与~* 的优先级
    [root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/documents/oldboy.jpg
    location ~* \.(gif|jpg|jpeg) 
    
    #验证 ~* 与 ^~ 优先级
    [root@web01 /etc/nginx/conf.d]# curl 10.0.0.7/images/oldboy.jpg
    location ^~ /images/ 
    
    
    image

    2.6 location规则应用:

    1>限制敏感目录

    location /admin{
        deny all;
    }
    
    

    2>区分不同的文件类型

    location ~* \.(gif|jpg|jpeg)$ {
        在用户浏览器缓存10年
    }
    
    

    三、LNMP搭建博客网站

    3.1 搭建网站必备环境

    PHP网站用LNMP/LEMP
    Java网站用LNMT
    静态/动态

    LNMP分别是L=Linux、N=Nginx、M=MySQL、P=PHP
    LNMT分别是L=Linux、N=Nginx、M=MySQL、T=Tomcat

    3.2 LNMP架构环境部署

    image

    3.2.1配置nginx的yum源

    [root@web ~]# vim /etc/yum.repos.d/nginx.repo
    [nginx]
    name=nginx repo
    baseurl=http://nginx.org/packages/centos/7/$basearch/
    gpgcheck=0
    enabled=1
    
    

    3.2.2安装nginx

    yum install -y nginx

    3.2.3 启动nginx,并加入开机自启动

    启动服务:systemctl start nginx
    设置开机自启:systemctl enable nginx

    3.2.4 使用第三方扩展源安装php7.1

    rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
    rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

    由于网络的原因,也可以将这两个包先下载到本地,在导入到系虚拟机中安装

    rpm -ivh epel-release-latest-7.noarch.rpm
    rpm -ivh webtatic-release.rpm

    yum -y install php71w php71w-cli php71w-common php71w-devel php71w-embedded php71w-gd php71w-mcrypt php71w-mbstring php71w-pdo php71w-xml php71w-fpm php71w-mysqlnd php71w-opcache php71w-pecl-memcached php71w-pecl-redis php71w-pecl-mongodb

    修改nginx配置(只保留/etc/nginx/conf.d/02-blog.conf,其他都用gzip压缩了)※※

    [root@web01 /etc/nginx/conf.d]# vim 02-blog.conf 
    server   {
        listen       80;
        server_name  blog.oldboy.com;
        access_log  /var/log/nginx/access_blog.log  main;
        root   /usr/share/nginx/html/blog;
        location / {
        index  index.php index.html index.htm;
        }
       location ~* \.(php|php5)$ {
           fastcgi_pass   127.0.0.1:9000;
           fastcgi_index  index.php;
           fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
           include        fastcgi_params;
      }
    }
    
    \\----------------上面的含义----------------------------
    fastcgi_pass      \\把动态请求交给php-fpm
    fastcgi_index    \\默认访问的首页文件
    fastcgi_param     \\设置nginx把请求转发给php的时候的参数
    $document_root    \\网站的站点目录
    $fastcgi_script_name    \\请求URI
    
    
    image

    3.2.5 安装mariadb数据库(MySQL)

    yum install -y mariadb-server

    3.2.6 启动mariadb数据库,并设置开机自启

    启动服务:systemctl start mariadb.service
    设置开机自启:systemctl enable mariadb.service

    3.2.7 检查MySQL端口

    [root@web01 /etc/nginx/conf.d]#  ss -lntup |grep mysql
    tcp    LISTEN     0      50        *:3306                  *:*                   users:(("mysqld",pid=74317,fd=13))
    [root@web01 /etc/nginx/conf.d]# 
    
    

    3.3 MySQL数据库的基础操作

    3.3.1 进入数据库

    1>MySQL命令(mysql客户端)
    2>进入本地指定数据库:mysql -u wordpress -p123456或mysql -uwordpress -p回车输入密码
    3>远程进入指定数据库:mysql -uwordpress -p123456 -h 172.16.1.7

    3.3.2 查看操作
    1>查看系统中所有数据库

    MariaDB [(none)]> show databases;
    +--------------------+
    | Database           |
    +--------------------+
    | information_schema |
    | mysql              |
    | performance_schema |
    | test               |
    +--------------------+
    4 rows in set (0.00 sec)
    
    MariaDB [(none)]> 
    
    

    2>查看系统中所有的用户(显示指定某些表字段)

    MariaDB [(none)]> select user,host from mysql.user;
    +------+-----------+
    | user | host      |
    +------+-----------+
    | root | 127.0.0.1 |
    | root | ::1       |
    |      | localhost |
    | root | localhost |
    |      | web01     |
    | root | web01     |
    +------+-----------+
    6 rows in set (0.00 sec)
    
    

    3>查询横向显示所有表字段

    select * from mysql.user

    4>查询纵向显示所有表字段

    select * from mysql.user\G

    5>显示当前所用的用户

    select user();

    6>使用数据库(进入指定数据库)

    use mysql;

    7>显示当前使用的数据库

    select database();

    8>只显示1条数据

    MariaDB [(none)]> select * from mysql.user limit 1 ;
    MariaDB [(none)]> select * from mysql.user limit 1 \G

    3.3.3 创建操作
    1>创建数据库

    MariaDB [(none)]> create database wordpress;
    Query OK, 1 row affected (0.00 sec)
    
    MariaDB [(none)]> show databases;
    +--------------------+
    | Database           |
    +--------------------+
    | information_schema |
    | mysql              |
    | performance_schema |
    | test               |
    | wordpress          |
    +--------------------+
    5 rows in set (0.00 sec)
    
    

    2>创建用户

    MariaDB [(none)]> grant all      on wordpress.*       to 'wordpress'@'172.16.1.%'  identified by '123456';
    Query OK, 0 rows affected (0.00 sec)
    
    MariaDB [(none)]> grant all      on wordpress.*       to 'wordpress'@'localhost'  identified by '123456';
    Query OK, 0 rows affected (0.00 sec)
    
    MariaDB [(none)]> 
    
    

    3.3.4删除操作

    1>删除数据库

    drop database wordprssd(数据库名);

    2>删除用户

    drop user 'oldboy'@'localhost'
    生效用户:flush privileges(删除用户的时候使用)

    3.3.5更新权限信息:修改用户信息之后需要跟新权限信息

    3.3.6备份操作

    1>导出所有的数据库

    mysqldump -uroot -p -all-database >/root/all.sql
    mysqldump -uroot -p -A >/root/all.sql

    3.3.7恢复数据库

    mysql -uroot -p </root/all.sql

    3.3.8打包压缩导出的数据库

    tar、zip与unzip、gzip与gzip -d

    注:退出用Ctrl+d,不要使用Ctrl+c

    3.4 配置PHP

    由于nginx运行起来是nginx用户,且为了和PHP很好的沟通,估让PHP运行起来也应该是nginx用户,所以要进行以下修改

    [root@web01 ~]# egrep  -n '^user|^group' /etc/php-fpm.d/www.conf 
    8:user = nginx
    10:group = nginx
    
    

    启动服务

    systemctl restart php-fpm.service 
    
    

    检查端口

    [root@web01 ~]# ss -lntup|grep 9000
    tcp    LISTEN     0      128    127.0.0.1:9000                  *:*                   users:(("php-fpm",pid=15344,fd=9),("php-fpm",pid=15343,fd=9),("php-fpm",pid=15342,fd=9),("php-fpm",pid=15341,fd=9),("php-fpm",pid=15340,fd=9),("php-fpm",pid=15339,fd=7))
    
    

    检查进程

    [root@web01 ~]# ps -ef |grep php 
    root     15339     1  0 12:42 ?        00:00:00 php-fpm: master process (/etc/php-fpm.conf)
    nginx    15340 15339  0 12:42 ?        00:00:00 php-fpm: pool www
    nginx    15341 15339  0 12:42 ?        00:00:00 php-fpm: pool www
    nginx    15342 15339  0 12:42 ?        00:00:00 php-fpm: pool www
    nginx    15343 15339  0 12:42 ?        00:00:00 php-fpm: pool www
    nginx    15344 15339  0 12:42 ?        00:00:00 php-fpm: pool www
    root     15348  3551  0 12:43 pts/0    00:00:00 grep --color=auto php
    
    

    3.5 检查与测试

    3.5.1 检查nginx与php之间连接是否OK

    [root@web01 /usr/share/nginx/html/blog]# cat info.php 
    <?php
    phpinfo();
    ?>
    
    
    image

    3.5.2 检查php与MySQL连接是否OK

    [root@web01 /usr/share/nginx/html/blog]# cat mysqli.php 
    <?php
    $servername = "localhost";
    $username = "wordpress";
    $password = "123456";
    
    // 创建连接
    $conn = mysqli_connect($servername, $username, $password);
    
    // 检测连接
    if (!$conn) {
        die("Connection failed: " . mysqli_connect_error());
    }
    echo "php连接MySQL数据库成功";
    ?>
    
    
    image

    3.6 搭建wordpress博客(代码上线)

    官网:https://cn.wordpress.org/

    1>下载wordpress博客的源码,上传到虚拟机中,并解压之后将wordpress的所有内容移动到blog目录下
    mv wordpress/* /usr/share/nginx/html/blog/

    [root@web01 ~]# ll /usr/share/nginx/html/blog
    total 208
    -rw-r--r--  1 root   root         16 Jun  5 10:12 index.html
    -rw-r--r--  1 nobody nfsnobody   420 Dec  1  2017 index.php
    -rw-r--r--  1 root   root         20 Jun  6 12:53 info.php
    -rw-r--r--  1 nobody nfsnobody 19935 Jan  2 04:37 license.txt
    -rw-r--r--  1 root   root        288 Jun  6 13:03 mysqli.php
    -rw-r--r--  1 nobody nfsnobody  7447 Apr  9 06:59 readme.html
    -rw-r--r--  1 nobody nfsnobody  6919 Jan 12 14:41 wp-activate.php
    drwxr-xr-x  9 nobody nfsnobody  4096 May 22 02:24 wp-admin
    -rw-r--r--  1 nobody nfsnobody   369 Dec  1  2017 wp-blog-header.php
    -rw-r--r--  1 nobody nfsnobody  2283 Jan 21 09:34 wp-comments-post.php
    -rw-r--r--  1 nobody nfsnobody  2898 Jan  8 12:30 wp-config-sample.php
    drwxr-xr-x  4 nobody nfsnobody    52 May 22 02:24 wp-content
    -rw-r--r--  1 nobody nfsnobody  3847 Jan  9 16:37 wp-cron.php
    drwxr-xr-x 20 nobody nfsnobody  8192 May 22 02:24 wp-includes
    -rw-r--r--  1 nobody nfsnobody  2502 Jan 16 13:29 wp-links-opml.php
    -rw-r--r--  1 nobody nfsnobody  3306 Dec  1  2017 wp-load.php
    -rw-r--r--  1 nobody nfsnobody 39574 Apr 16 06:39 wp-login.php
    -rw-r--r--  1 nobody nfsnobody  8403 Dec  1  2017 wp-mail.php
    -rw-r--r--  1 nobody nfsnobody 18962 Mar 29 03:04 wp-settings.php
    -rw-r--r--  1 nobody nfsnobody 31085 Jan 17 00:51 wp-signup.php
    -rw-r--r--  1 nobody nfsnobody  4764 Dec  1  2017 wp-trackback.php
    -rw-r--r--  1 nobody nfsnobody  3068 Aug 17  2018 xmlrpc.php
    [root@web01 ~]# mv wordpress /usr/share/nginx/html/blog/
    
    

    修改blog站点目录的所有者及属组为nginx

    [root@web01 /usr/share/nginx/html/blog]# chown -R nginx.nginx wordpress/
    [root@web01 /usr/share/nginx/html/blog]# ls -ld wordpress/
    drwxr-xr-x 5 nginx nginx 4096 May 22 02:24 wordpress/
    [root@web01 /usr/share/nginx/html/blog]# 
    
    

    2>在浏览器输入http://10.0.0.7

    image image image image image image image

    补充:
    查看网关的方法:

    route -n
    ip r
    ip route

    [root@web01 /etc/nginx/conf.d]# route -n
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    0.0.0.0         10.0.0.254      0.0.0.0         UG    0      0        0 eth0
    10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
    169.254.0.0     0.0.0.0         255.255.0.0     U     1002   0        0 eth0
    169.254.0.0     0.0.0.0         255.255.0.0     U     1003   0        0 eth1
    172.16.1.0      0.0.0.0         255.255.255.0   U     0      0        0 eth1
    [root@web01 /etc/nginx/conf.d]# ip r 
    default via 10.0.0.254 dev eth0 
    10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.7 
    169.254.0.0/16 dev eth0 scope link metric 1002 
    169.254.0.0/16 dev eth1 scope link metric 1003 
    172.16.1.0/24 dev eth1 proto kernel scope link src 172.16.1.7 
    [root@web01 /etc/nginx/conf.d]# ip route 
    default via 10.0.0.254 dev eth0 
    10.0.0.0/24 dev eth0 proto kernel scope link src 10.0.0.7 
    169.254.0.0/16 dev eth0 scope link metric 1002 
    169.254.0.0/16 dev eth1 scope link metric 1003 
    172.16.1.0/24 dev eth1 proto kernel scope link src 172.16.1.7 
    
    

    相关文章

      网友评论

          本文标题:nginx的location规则和LNMP部署

          本文链接:https://www.haomeiwen.com/subject/fqyzxctx.html