- 搭建web服务器
1.1、配置主机IP以及软件仓库搭建
root@server129 \~\]# vmset.sh 100 //主机IP配置为172.25.254.100 1.2、查看搭建web服务器所需的软件包 \[root@server100 \~\]# dnf search nginx ================ 名称 精准匹配:nginx ================= nginx.x86_64 : A high performance web server and reverse proxy server 1.3、安装nginx.x86_64服务 \[root@server100 \~\]# dnf install nginx.x86_64 1.4、开启nginx服务 \[root@server100 \~\]# systemctl enable --now nginx.service Created symlink /etc/systemd/system/multi-user.target.wants/nginx.service → /usr/lib/systemd/system/nginx.service. 1.5、查看火墙状态 \[root@server100 \~\]# systemctl status firewalld //如果火墙开启将火墙关闭 \[root@server100 \~\]# systemctl stop firewalld 2.1、修改默认访问目录 \[root@server100 \~\]# vim /etc/nginx/nginx.conf //主配置文件路径 server { listen 80; listen \[::\]:80; server_name _; root /var/www/html; ......... 2.2、创建发布路径所需目录 \[root@server100 \~\]# mkdir -p /var/www/html 2.3、创建发布文件内容 \[root@server100 \~\]# echo default page \> /var/www/html/index.html 2.4、修改读取的默认文件 server { listen 80; listen \[::\]:80; server_name _; root /var/www/html; index index.html; //默认文件 3.1、对站点news.timinglee.org的默认发布目录 (首先要先将主配置文件的server上一行的inculde复制一份并注释掉,粘贴到server后面) #include /etc/nginx/conf.d/\*.conf; server { listen 80; listen \[::\]:80; server_name _; root /var/www/html; index index.html; # Load configuration files for the default server block. include /etc/nginx/default.d/\*.conf; error_page 404 /404.html; location = /404.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } Include /etc/nginx/conf.d/\*.conf; 3.2、创建子目录配置文件 \[root@server100 \~\]# cd /etc/nginx/conf.d/ //路径 \[root@server100 conf.d\]# vim vhosts.conf //子目录文件 server { //子目录文件配置内容 listen 80; server_name news.timinglee.org; root /var/www/virtual/timinglee.org/news; index index.html; } 3.3、创建默认发布路径目录 \[root@server100 \~\]# mkdir -p /var/www/virtual/timinglee.org/news 3.4、创建发布文件内容 \[root@server100 \~\]# echo news.timinglee.org \> /var/www/virtual/timinglee.org/news/index.html 3.5、测试 1、在测试端做本地的dns解析 \[root@server100 \~\]# vim /etc/hosts //文件路径 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.25.254.100 server100.timinglee.org news.timinglee.org //配置内容 2、"curl"测试 (1)测试前检查nginx的配置文件是否正常 \[root@server100 \~\]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful (2)测试无误重启服务 \[root@server100 \~\]# systemctl restart nginx.service (3)测试 \[root@server100 \~\]# curl 172.25.254.100 //测试第二问的100的IP default page \[root@server100 \~\]# curl news.timinglee.org //测试站点news.timinglee news.timinglee.org {在真机中测试: 1. 首先要在win11下做本地域名解析, 找到记事本,右键以管理员身份打开, 路径C:\\Windows\\System32\\drivers\\etc\\hosts 在最后面做域名解析: 172.25.254.100 news.timinglee.org 2、在浏览器中测试:网址中输入IP地址或news域名即可访问到 } 4.1、站点login.timinglee.org的默认发布目录 /var/www/virtual/timinglee.org/login 4.3、配置子目录文件 \[root@server100 \~\]# vim /etc/nginx/conf.d/vhosts.conf server { listen 80; server_name login.timinglee.org; root /var/www/virtual/timinglee.org/login; index index.html; } 4.4、创建发布文件路径 \[root@server100 \~\]# mkdir -p /var/www/virtual/timinglee.org/login 4.5、创建默认发布文件内容 \[root@server100 \~\]# echo login.timinglee.org \> /var/www/virtual/timinglee.org/login/index.html 4.6、站点login.timinglee.org在被访问时必须强制走加密协议 \[root@server100 \~\]# mkdir /etc/nginx/certs //创建加密文件目录 \[root@server100 \~\]# openssl req -newkey rsa:2048 -nodes -sha256 -keyout /etc/nginx/certs/timinglee.org.key -x509 -days 365 -out /etc/nginx/certs/timinglee.org.crt //加密密钥及证书认证 ....+..+.......+..+....+......+...+........+......................+............+...........+....+........+...+....+......+.....+...+.........+...............+.+.........+...+........+.+...+..+................+...+.....+....+........+.........+......+.......+......+...........+....+..+....+...+............+......+..+......+.+......+.......................+.+......+..............+...+..........+.....+......+....+...+........+.+......+.........+.....+...+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ----- Country Name (2 letter code) \[XX\]:CN //加密认证信息 State or Province Name (full name) \[\]:Shanxi Locality Name (eg, city) \[Default City\]:Xi'an Organization Name (eg, company) \[Default Company Ltd\]:timinglee Organizational Unit Name (eg, section) \[\]:webserver Common Name (eg, your name or your server's hostname) \[\]:www.timinglee.org Email Address \[\]:admin@liu.org \[root@server100 \~\]# vim /etc/nginx/conf.d/vhosts.conf //打开子配置文件 server { //信息加密 listen 443 ssl; server_name login.timinglee.org; ssl_certificate "/etc/nginx/certs/timinglee.org.crt"; ssl_certificate_key "/etc/nginx/certs/timinglee.org.key"; root /var/www/virtual/timinglee.org/login; index index.html; } server { //强制加密配置内容 listen 80; server_name login.timinglee.org; rewrite \^/(.\*)$ https://login.timinglee.org/$1 permanent; } 4.7、检查,重启nginx服务 \[root@server100 \~\]# nginx -t nginx: \[warn\] conflicting server name "login.timinglee.org" on 0.0.0.0:80, ignored nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful \[root@server100 \~\]# systemctl restart nginx.service 4.8、测试 首先要在win11下做本地域名解析, 找到记事本,右键以管理员身份打开, 路径C:\\Windows\\System32\\drivers\\etc\\hosts 在最后面做域名解析: 172.25.254.100 news.timinglee.org login.timinglee.org