nginx-1.18.0.tar.gz
<pre class="prettyprint linenums" >
---
- hosts: all
become: yes
tasks:
- name: Install necessary packages
yum:
name: "{{ item }}"
state: present
loop:
- pcre
- pcre-devel
- openssl-devel
- name: Create nginx user with no login shell and no home directory
user:
name: nginx
shell: /sbin/nologin
createhome: no
- name: Check if nginx user exists
command: id nginx
register: nginx_user_check
changed_when: false
failed_when: "'no such user' in nginx_user_check.stderr"
- name: Ensure tools directory exists
file:
path: /home/yunwei/tools
state: directory
owner: yunwei
group: yunwei
mode: '0755'
- name: Download nginx tarball
get_url:
url: http://nginx.org/download/nginx-1.18.0.tar.gz
dest: /home/yunwei/tools/nginx-1.18.0.tar.gz
- name: Extract nginx tarball
unarchive:
src: /home/yunwei/tools/nginx-1.18.0.tar.gz
dest: /home/yunwei/tools/
remote_src: yes
- name: Ensure application directory exists
file:
path: /application/
state: directory
mode: '0755'
- name: Configure nginx
command: >
./configure --prefix=/data/nginx
--user=nginx --group=nginx
--with-http_ssl_module
--with-http_stub_status_module
--with-stream
args:
chdir: /home/yunwei/tools/nginx-1.18.0/
- name: Compile and install nginx
command: make && make install
args:
chdir: /home/yunwei/tools/nginx-1.18.0/
- name: Create nginx symbolic link
file:
src: /data/nginx/
dest: /application/nginx
state: link
- name: Start nginx
command: /data/nginx/sbin/nginx
- name: Check nginx is listening on port 80
wait_for:
port: 80
state: started
#!/bin/sh
## 安装依赖包
yum install pcre pcre-devel openssl-devel -y
##创建nginx用户,但是不容许登录
useradd nginx -s/sbin/nologin -M
#查看用户
id nginx
#进入一个下载目录自己而定,没有tools目录需要创建 mkdir -p /home/yunwei/tools
cd /home/yunwei/tools
#下载nginx
wget http://nginx.org/download/nginx-1.10.1.tar.gz
http://nginx.org/download/nginx-1.27.1.tar.gz
#解压
tar -zxvf nginx-1.10.1.tar.gz
#进入目录编译
cd /home/yunwei/tools/nginx-1.10.1
#编译参数其中注意--prefix= 后面跟的是安装目录,建议根据自己的安装目录而定,如果用我们的需要创建 mkdir -p /application/
./configure --prefix=/data/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-stream
##编译
make && make install
##创建软连接,如果目录改变需要改变
ln -s /application/nginx-1.10.1/ /application/nginx
##启动nginx
/application/nginx/sbin/nginx
##查看端口
netstat -lntup|grep nginx
TLS SNI support enabled
configure arguments: --prefix=/opt/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_stub_status_module --with-stream
stream {
upstream cloudsocket {
hash $remote_addr consistent;
# $binary_remote_addr;
server 192.168.3.203:37296 max_fails=3 fail_timeout=10s;
server 192.168.3.204:37296 max_fails=3 fail_timeout=10s;
server 192.168.3.211:37296 max_fails=3 fail_timeout=10s;
server 192.168.3.213:37296 max_fails=3 fail_timeout=10s;
}
server {
listen 3306;#数据库服务器监听端口
proxy_connect_timeout 10s;
proxy_timeout 300s;#设置客户端和代理服务之间的超时时间,如果5分钟内没操作将自动断开。
proxy_pass cloudsocket;
}
upstream redissocket {
hash $remote_addr consistent;
# $binary_remote_addr;
server 192.168.3.203:37383 max_fails=3 fail_timeout=10s;
server 192.168.3.204:37383 max_fails=3 fail_timeout=10s;
server 192.168.3.211:37383 max_fails=3 fail_timeout=10s;
server 192.168.3.213:37383 max_fails=3 fail_timeout=10s;
}
server {
listen 6379;#数据库服务器监听端口
proxy_connect_timeout 10s;
proxy_timeout 300s;#设置客户端和代理服务之间的超时时间,如果5分钟内没操作将自动断开。
proxy_pass redissocket;
}
}
方法一:yum方式
1、yum安装
安装依赖包
[root@localhost ~]# yum install -y curl gcc openssl-devel libnl3-devel net-snmp-devel
[root@localhost ~]# yum install -y keepalived
2、初始化及启动
[root@localhost ~]# systemctl start keepalived //启动keepalived
[root@localhost ~]# systemctl enable keepalived //加入开机启动keepalived
[root@localhost ~]# systemctl restart keepalived //重新启动keepalived
[root@localhost ~]# systemctl status keepalived //查看keepalived状态
user root;
worker_processes auto;
error_log logs/error.log;
events {
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 32k;
gzip_http_version 1.1;
gzip_comp_level 9;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/jpeg image/gif image/png application/javascript;
gzip_vary on;
sendfile on;
keepalive_timeout 65;
server_tokens off;
log_format json '{"timestamp":"$time_iso8601",'
'"server_addr":"$server_addr",'
'"client_ip":"$remote_addr",'
'"size":$body_bytes_sent,'
'"response_time":$request_time,'
'"upstream_time":"$upstream_response_time",'
'"upstream_host":"$upstream_addr",'
'"http_host":"$host",'
'"url":"$uri",'
'"xff":"$http_x_forwarded_for",'
'"referer":"$http_referer",'
'"user_agent":"$http_user_agent",'
'"status":"$status"}';
include vhost/*.conf;
}
[root@kcxt-nginx1 vhost]# cat l.feierlaiedu.com.conf
server {
listen 80;
server_name l.feierlaiedu.com;
# 配置IP验证 升级时开启
# if ($http_x_forwarded_for !~* 61.50.105.206 ) {return 403;}
location ~* \.(gif|jpg|jpeg|bmp|png|ico|txt|js|css|woff|woff2|ttf)$
{
if ($http_x_forwarded_for = 61.50.105.206 ) {
proxy_pass http://172.16.1.249:812;
}
#root /data/webmj/live.feierlaiedu.com;
root /www/kcxt-live-h5-production;
expires 4h;
access_log off;
}
location / {
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# 配置IP验证 升级时开启
if ($http_x_forwarded_for = 61.50.105.206 ) {
proxy_pass http://172.16.1.249:812;
}
#root /data/webmj/live.feierlaiedu.com;
root /www/kcxt-live-h5-production;
# 配置IP验证 升级时开启
# if ($http_x_forwarded_for !~* 61.50.105.206 ) {return 403;}
try_files $uri $uri/ /index.html;
index index.html;
add_header Cache-Control "no-cache, no-store"; # 防止微信缓存配置,如果需要强制刷新就 取消# 否则 # 注释
access_log /data/nginx/logs/live_access.log json;
error_log /data/nginx/logs/live_error.log;
}
# error_page 403 404 400 303 500 502 503 504 https://qnunion.feierlaiedu.com/kcschool/updating.html;
}
/www/guanwang/dist-test
有需要可以联系微信xuebao19930721和加入微信群
