搭建web服务器要求如下:
1.web服务器的主机ip:172.25.254.100
root@server101 桌面\]# vmset.sh 100
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/3)
\[root@server101 桌面\]# ifconfig
eth0: flags=4163\ mtu 1500
inet 172.25.254.100 netmask 255.255.255.0 broadcast 172.25.254.255
inet6 fe80::9b83:9bbf:15db:3ba3 prefixlen 64 scopeid 0x20\
ether 00:0c:29:4b:1a:e5 txqueuelen 1000 (Ethernet)
RX packets 1403 bytes 2053091 (1.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1038 bytes 60260 (58.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2.web服务器的默认访问目录为/var/www/html,默认发布内容为default's page
(1)安装nginx.x86_64
\[root@server101 桌面\]# dnf install nginx.x86_64 -y
已安装:
nginx-1:1.20.1-14.el9_2.1.x86_64
nginx-core-1:1.20.1-14.el9_2.1.x86_64
nginx-filesystem-1:1.20.1-14.el9_2.1.noarch
redhat-logos-httpd-90.4-2.el9.noarch
完毕!
(2)开启服务
\[root@server101 \~\]# systemctl enable --now nginx.service
Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.
(3)关闭防火墙并查看状态
\[root@server101 桌面\]# systemctl disable firewalld
\[root@server101 桌面\]# systemctl stop firewalld
\[root@server101 桌面\]# systemctl status firewalld
○ firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; prese\>
Active: inactive (dead)
Docs: man:firewalld(1)
(3)编辑 vim /etc/nginx/nginx.conf
server {
listen 80;
listen \[::\]:80;
server_name _;
#root /usr/share/nginx/html;
root /var/www/html;
index index.html;
(4)编辑完成后,wq退出保存,查错,无错后重启服务,查看访问目录,没有的话就创一个。
\[root@server101 nginx\]# vim /etc/nginx/nginx.conf
\[root@server101 nginx\]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
\[root@server101 nginx\]# systemctl restart nginx.service
\[root@server101 nginx\]# mkdir -p /var/www/html
\[root@server101 nginx\]# echo default's page \> /var/www/html/index.html
(5)测试:
\[root@server101 nginx\]# curl 172.25.254.100
default's page

3.站点news.timinglee.org默认发布目录为/var/www/virtual/timinglee.org/news
默认发布内容为 news.timinglee.org
(1)编辑 vim /etc/nginx/nginx.conf
注释server顶部的include /etc/nginx/conf.d/\*.conf;
#include /etc/nginx/conf.d/\*.conf;
server {
listen 80;
listen \[::\]:80;
server_name _;
随后复制一份到server的末端
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
include /etc/nginx/default.d/\*.conf;
接着进入/etc/nginx/conf.d/,并进行编辑子目录文件
\[root@server100 \~\]# vim /etc/nginx/nginx.conf
\[root@server100 \~\]# cd /etc/nginx/conf.d/
\[root@server100 conf.d\]# pwd
/etc/nginx/conf.d
\[root@server100 conf.d\]# vim vhosts.conf
子目录内容
server {
listen 80;
server_name news.timinglee.org;
root /var/www/virtual/timinglee.org/news;
index index.html;
}
\[root@server100 conf.d\]# mkdir -p /var/www/virtual/timinglee.org/news
创建默认发布内容
\[root@server100 conf.d\]# echo news.timinglee.org \> /var/www/virtual/timinglee.org/news/index.html
本地解析
\[root@server101 conf.d\]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.254.100 server100.timinglee.org
测试
root@server101 \~\]# curl news.timinglee.org
curl: (6) Could not resolve host: news.timinglee.org
4.站点login.timinglee.org在被访问时必须强制走加密协议,其默认发布目录为/var/www/virtual/timinglee.org/login
默认发布内容为login.timinglee.org
编辑子目录文件
server{
listen 80;
server_name login.timinglee.org;
root /var/www/virtual/timinglee.org/login;
index index.html;
}
创建发目录路径
\[root@server100 conf.d\]# mkdir -p /var/www/virtual/timinglee.org/login
默认发布内容
root@server100 conf.d\]# echo login.timinglee.org \> /var/www/virtual/timinglee.org/login/index.html
创建加密文件
\[root@server100 \~\]# mkdir /etc/nginx/certs
\[root@server100 \~\]# openssl req -newkey rsa:2048 -nodes -sha256 -keyout /etc/nginx/certs/timinglee.org.key -x509 -days 365 -out /etc/nginx/certs/timinglee.org.crt
..+.+...........+.......+.....+.......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\*......+.......+...+........+....+...+......+..+...+....+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\*.......+.....+.............+..+....+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.....+..+.......+........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\*.+............+....+..+.......+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\*...+.....+....+..+...+......+.+......+.....+...............+....+.....+.+........+.........+............+....+.....+.+...+.....+.......+.....................+...+......+..............+......+.+...+.....+......+..........+...+..+.........+.+........+...+.......+...+.........+....................+.+........+.+......+.....+.............+..+.......+.....+.+......+...+...+.....+.......+..+...+......+.......+...+............+........+..........+...............+......+...+.....+.+.........+........+.........+...+......................+...+..+...+......+......+...............+.+............+..+...+......+.+...........+...+.......+........................+...+..+...+.......+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) \[XX\]:CN
State or Province Name (full name) \[\]:Shanghai
Locality Name (eg, city) \[Default City\]:Xi'an
Organization Name (eg, company) \[Default Company Ltd\]:timinglee
Organizational Unit Name (eg, section) \[\]:webserver
Common Name (eg, your name or your server's hostname) \[\]:www.timinglee.org
Email Address \[\]:admin@timinglee.org
接着编辑子目录文件
erver { listen 443 ssl;
server_name login.timinglee.org;
ssl_certificate "/etc/nginx/certs/timinglee.org.crt";
ssl_certificate_key "/etc/nginx/certs/timinglee.org.key";
root /var/www/virtual/timinglee.org/login;
index index.html;
}
强制加密
server {
listen 80;
server_name login.timinglee.org;
rewrite \^/(.\*)$ https://login.timinglee.org/$1 permanent;
检错
\[root@server101 conf.d\]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
无误后重启服务
\[root@server101 conf.d\]# systemctl restart nginx.service