这是一个NGINX的超前测试和补丁版本,由hakasenyang好像是一位韩国朋友。其特点就是前瞻性使用了nginx的开发版,OPENSSL的开发版,一些等价加密算法的补丁,以及加密算法的补丁。同时包含了
- 安装系统依赖软件,其中包含了一些nginx扩展组件需要的依赖。其中一些是额外扩展组件需要的依赖。
yum -y install jemalloc-devel libuuid-devel libatomic libatomic_ops-devel expat-devel unzip autoconf automake libtool gd-devel libmaxminddb-devel libxslt-devel libxml2-devel gcc-c++ curl perl perl-core pcre-devel zlib-devel make unzip libuuid-devel
如果安装依赖时候出现Transaction check error: package perl-4:5.16.3-295.el7.x86_64 is already installed package unzip-6.0-21.el7.x86_64 is already installed 类似错误,请删除对应的软件,然后安装依赖,据说是因为系统版本和Yum源版本出现了冲突。
2. 添加用于运行nginx的用户名和用户组
/usr/sbin/groupadd -f www /usr/sbin/useradd -g www www
3. 下载源码
git clone https://github.com/hakasenyang/nginx-build.git --recursive
4. 生产配置文件,修改你想要的版本和软件名称
cp config.inc.example config.inc
你可以编辑./src/core/nginx.h 更改版本值和文件名
也可以编辑config.inc进行必要的配置
5.安装
sudo ./auto.sh
6.增加系统服务,测试
建立系统服务文件:
/lib/systemd/system/nginx.service
内容为:
[Unit] Description=The NGINX HTTP and reverse proxy server After=syslog.target network-online.target remote-fs.target nss-lookup.target Wants=network-online.target [Service] Type=forking PIDFile=/run/nginx.pid ExecStartPre=/usr/sbin/nginx -t ExecStart=/usr/sbin/nginx ExecReload=/usr/sbin/nginx -s reload ExecStop=/bin/kill -s QUIT $MAINPID PrivateTmp=true [Install] WantedBy=multi-user.target
测试如下,如果正常输出即为正常
nginx -v nginx -t systemctl restart nginx systemctl enable nginx
7. 建立自己的vhost
编辑nginx.conf
vim /etc/nginx/nginx.conf
在倒数第二行花括号前增加
include vhost/*.conf;
建立vhost文件夹
mkdir -p /etc/nginx/vhost
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /usr/local/nginx/conf/ssl/xxx.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/yyy.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_buffer_size 1400;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
server_name your.domain www.your.domain;
access_log /data/wwwlogs/your.domain_nginx.log combined;
index index.html index.htm index.php;
root /data/wwwroot/your.domain;
if ($ssl_protocol = "") { return 301 https://$host$request_uri; }
if ($host != zach.vip) { return 301 $scheme://your.domain$request_uri; }
location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ {
valid_referers none blocked *.zach.vip zach.vip www.zach.vip;
if ($invalid_referer) {
return 403;
}
}
}
至此,就可以用你域名访问你的网站了,后续我们再来编译php版本。
发表回复