unit4.web服务的部署及高级优化方案

Yk_GSDN2024-04-28 20:01

搭建web服务器要求如下:

1.web服务器的主机ip:172.25.254.100

[root@server101 桌面]# vmset.sh 100

连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/3)

[root@server101 桌面]# ifconfig

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

inet 172.25.254.100 netmask 255.255.255.0 broadcast 172.25.254.255

inet6 fe80::9b83:9bbf:15db:3ba3 prefixlen 64 scopeid 0x20<link>

ether 00:0c:29:4b:1a:e5 txqueuelen 1000 (Ethernet)

RX packets 1403 bytes 2053091 (1.9 MiB)

RX errors 0 dropped 0 overruns 0 frame 0

TX packets 1038 bytes 60260 (58.8 KiB)

TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

2.web服务器的默认访问目录为/var/www/html,默认发布内容为default's page

(1)安装nginx.x86_64

[root@server101 桌面]# dnf install nginx.x86_64 -y

已安装:

nginx-1:1.20.1-14.el9_2.1.x86_64

nginx-core-1:1.20.1-14.el9_2.1.x86_64

nginx-filesystem-1:1.20.1-14.el9_2.1.noarch

redhat-logos-httpd-90.4-2.el9.noarch

完毕!

(2)开启服务

[root@server101 ~]# systemctl enable --now nginx.service

Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service.

(3)关闭防火墙并查看状态

[root@server101 桌面]# systemctl disable firewalld

[root@server101 桌面]# systemctl stop firewalld

[root@server101 桌面]# systemctl status firewalld

○ firewalld.service - firewalld - dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; prese>

Active: inactive (dead)

Docs: man:firewalld(1)

(3)编辑 vim /etc/nginx/nginx.conf

server {

listen 80;

listen [::]:80;

server_name _;

#root /usr/share/nginx/html;

root /var/www/html;

index index.html;

(4)编辑完成后,wq退出保存,查错,无错后重启服务,查看访问目录,没有的话就创一个。

[root@server101 nginx]# vim /etc/nginx/nginx.conf

[root@server101 nginx]# nginx -t

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok

nginx: configuration file /etc/nginx/nginx.conf test is successful

[root@server101 nginx]# systemctl restart nginx.service

[root@server101 nginx]# mkdir -p /var/www/html

[root@server101 nginx]# echo default's page > /var/www/html/index.html

(5)测试:

[root@server101 nginx]# curl 172.25.254.100

default's page

3.站点news.timinglee.org默认发布目录为/var/www/virtual/timinglee.org/news

默认发布内容为 news.timinglee.org

(1)编辑 vim /etc/nginx/nginx.conf

注释server顶部的include /etc/nginx/conf.d/*.conf;

#include /etc/nginx/conf.d/*.conf;

server {

listen 80;

listen [::]:80;

server_name _;

随后复制一份到server的末端

error_page 500 502 503 504 /50x.html;

location = /50x.html {

}

}

include /etc/nginx/default.d/*.conf;

接着进入/etc/nginx/conf.d/,并进行编辑子目录文件

[root@server100 ~]# vim /etc/nginx/nginx.conf

[root@server100 ~]# cd /etc/nginx/conf.d/

[root@server100 conf.d]# pwd

/etc/nginx/conf.d

[root@server100 conf.d]# vim vhosts.conf

子目录内容

server {

listen 80;

server_name news.timinglee.org;

root /var/www/virtual/timinglee.org/news;

index index.html;

}

[root@server100 conf.d]# mkdir -p /var/www/virtual/timinglee.org/news

创建默认发布内容

[root@server100 conf.d]# echo news.timinglee.org > /var/www/virtual/timinglee.org/news/index.html

本地解析

[root@server101 conf.d]# vim /etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

172.25.254.100 server100.timinglee.org

测试

root@server101 ~]# curl news.timinglee.org

curl: (6) Could not resolve host: news.timinglee.org

4.站点login.timinglee.org在被访问时必须强制走加密协议,其默认发布目录为/var/www/virtual/timinglee.org/login

默认发布内容为login.timinglee.org

编辑子目录文件

server{

listen 80;

server_name login.timinglee.org;

root /var/www/virtual/timinglee.org/login;

index index.html;

}

创建发目录路径

[root@server100 conf.d]# mkdir -p /var/www/virtual/timinglee.org/login

默认发布内容

root@server100 conf.d]# echo login.timinglee.org > /var/www/virtual/timinglee.org/login/index.html

创建加密文件

[root@server100 ~]# mkdir /etc/nginx/certs

[root@server100 ~]# openssl req -newkey rsa:2048 -nodes -sha256 -keyout /etc/nginx/certs/timinglee.org.key -x509 -days 365 -out /etc/nginx/certs/timinglee.org.crt

..+.+...........+.......+.....+.......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*......+.......+...+........+....+...+......+..+...+....+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.......+.....+.............+..+....+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

.....+..+.......+........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+............+....+..+.......+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+.....+....+..+...+......+.+......+.....+...............+....+.....+.+........+.........+............+....+.....+.+...+.....+.......+.....................+...+......+..............+......+.+...+.....+......+..........+...+..+.........+.+........+...+.......+...+.........+....................+.+........+.+......+.....+.............+..+.......+.....+.+......+...+...+.....+.......+..+...+......+.......+...+............+........+..........+...............+......+...+.....+.+.........+........+.........+...+......................+...+..+...+......+......+...............+.+............+..+...+......+.+...........+...+.......+........................+...+..+...+.......+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

Country Name (2 letter code) [XX]:CN

State or Province Name (full name) []:Shanghai

Locality Name (eg, city) [Default City]:Xi'an

Organization Name (eg, company) [Default Company Ltd]:timinglee

Organizational Unit Name (eg, section) []:webserver

Common Name (eg, your name or your server's hostname) []:www.timinglee.org

Email Address []:admin@timinglee.org

接着编辑子目录文件

erver { listen 443 ssl;

server_name login.timinglee.org;

ssl_certificate "/etc/nginx/certs/timinglee.org.crt";

ssl_certificate_key "/etc/nginx/certs/timinglee.org.key";

root /var/www/virtual/timinglee.org/login;

index index.html;

}

强制加密

server {

listen 80;

server_name login.timinglee.org;

rewrite ^/(.*)$ https://login.timinglee.org/$1 permanent;

检错

[root@server101 conf.d]# nginx -t

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok

nginx: configuration file /etc/nginx/nginx.conf test is successful

无误后重启服务

[root@server101 conf.d]# systemctl restart nginx.service

相关推荐
丶21364 分钟前
【Nginx】在 Docker 上安装 Nginx 的详细指南
运维·nginx·docker
danplus18 分钟前
node发送邮件:如何实现Node.js发信功能?
服务器·node.js·外贸开发信·邮件群发·蜂邮edm邮件营销·邮件接口·营销邮件
神即道 道法自然 如来20 分钟前
Jenkins怎么设置每日自动执行构建任务?
运维·jenkins
BeyondESH32 分钟前
Linux线程同步—竞态条件和互斥锁(C语言)
linux·服务器·c++
wn53133 分钟前
【Go - 类型断言】
服务器·开发语言·后端·golang
hanniuniu1334 分钟前
详细解读,F5服务器负载均衡的技术优势
运维·服务器·负载均衡
鱼饼6号1 小时前
Prometheus 上手指南
linux·运维·centos·prometheus
PatrickYao04221 小时前
记一次安装discuz时遇到的错误
服务器
小宋10212 小时前
玩转RabbitMQ声明队列交换机、消息转换器
服务器·分布式·rabbitmq
m0_609000423 小时前
向日葵好用吗?4款稳定的远程控制软件推荐。
运维·服务器·网络·人工智能·远程工作
热门推荐
01RAG 实践- Ollama+RagFlow 部署本地知识库02组基轨迹建模 GBTM的介绍与实现(Stata 或 R)032024年高教社杯数学建模国赛C题超详细解题思路分析04Coze扣子平台完整体验和实践(附国内和国际版对比)05苍穹外卖面试总结06【2024数模国赛赛题思路公开】国赛B题思路丨附可运行代码丨无偿自提07yolov8实战第五天——yolov8+ffmpg实时视频流检测并进行实时推流——(推流,保姆教学)08CCF-CSP认证考试 202406-3 文本分词 100分题解09【2024高教社杯全国大学生数学建模竞赛】B题 生产过程中的决策问题——解题思路 代码 论文10浏览器插件——ModHeader 的分享和学习