Ubuntu下编译部署Nginx

1

apt -y install libpcre3 libpcre3-dev openssl libssl-dev zlib1g-dev gcc make

1
2
3

cd /usr/local/src/
wget https://nginx.org/download/nginx-1.24.0.tar.gz
tar xf nginx-1.24.0.tar.gz

1
2
3

cd nginx-1.24.0/
./configure --prefix=/usr/local/nginx  --user=nobody --group=nobody --with-stream --with-http_realip_module --with-http_stub_status_module --with-http_sub_module --with-http_ssl_module --with-http_v2_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre --with-debug --with-stream_ssl_module --with-compat --with-http_dav_module
make && make install

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

vim /lib/systemd/system/nginx.service
[Unit]
Description=nginx
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true
Restart=always
LimitNOFILE=5000000

[Install]
WantedBy=multi-user.target

1

useradd -M nginx

1
2

 ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
 ln -s /usr/local/nginx/conf /etc/nginx

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120

user  nginx nginx;
worker_processes  2;
worker_rlimit_nofile 65535;
#load_module /usr/local/nginx/modules/ngx_http_modsecurity_module.so;


pid        /var/run/nginx.pid;
events {
    worker_connections 65535;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    server_tokens off;
    # vhost_traffic_status_zone;
    # vhost_traffic_status_filter_by_host on;

    rewrite_log off;
    charset  utf8;

    proxy_headers_hash_max_size 51200;
    proxy_headers_hash_bucket_size 6400;

    server_names_hash_bucket_size 128;
    client_header_buffer_size 512k;
    large_client_header_buffers 20 512k;
    proxy_ignore_client_abort on;
    proxy_set_header Host $http_host;
    proxy_set_header        X-Real-IP       $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

    #limit_req_zone $http_x_forwarded_for zone=news:50m rate=4500r/s;
    limit_req_zone $remote_addr  zone=news:50m rate=500r/s;
    limit_req_zone $arg_uid  zone=comment:50m rate=10r/s;
    limit_req_zone $arg_uid  zone=uidlimit:200m rate=20r/s;

    sendfile on;
    tcp_nopush     on;

    keepalive_timeout 30;
    client_max_body_size 100M;
    #client_body_buffer_size 128k;
    client_body_buffer_size 100M;
    client_body_temp_path /tmp/nginx;

    tcp_nodelay on;

    fastcgi_connect_timeout 300s;
    fastcgi_send_timeout 300s;
    fastcgi_read_timeout 300s;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 8 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 256k;

    set_real_ip_from 100.127.0.0/16;
    real_ip_header X-Forwarded-For;

    proxy_buffer_size   128k;
    proxy_buffers   4 256k;
    proxy_busy_buffers_size   256k;

    gzip on;
    gzip_min_length  1k;
    gzip_buffers     16 64k;
    gzip_http_version 1.1;
    gzip_comp_level 2;
    gzip_types       text/plain text/css text/xml text/json image/svg+xml application/xml application/json application/x-javascript application/javascript;
    gzip_vary on;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    # 202109282103000491811
    # map $upstream_response_time $temprt {
    #   default $upstream_response_time;
    #   ""      null;
    # }

    log_format json '{"@timestamp":"$time_iso8601",'
                    '"server_addr":"$server_addr",'
                    '"host":"$host",'
                    '"http_host":"$http_host",'
                    '"proxy_host":"$proxy_host",'
                    '"uri":"$uri",'
                    '"body_bytes_sent":"$body_bytes_sent",'
                    '"bytes_sent":"$body_bytes_sent",'
                    '"file_dir":"$request_filename",'
                    '"upstream_addr":"$upstream_addr",'
                    '"upstream_response_time":"$upstream_response_time",'
                    '"request_method":"$request_method",'
                    '"request_length":"$request_length",'
                    '"request_time":"$request_time",'
                    '"status":"$status",'
                    '"network_ip":"$http_network_ip",'
                    '"device_id":"$http_device_id",'
                    '"Authorization":"$http_Authorization",'
                    '"referer":"$http_referer",'
                    '"args":"$args",'
                    '"remote_addr":"$remote_addr",'
                    '"proxy_add_x_forwarded_for":"$proxy_add_x_forwarded_for",'
                    '"xff":"$http_x_forwarded_for",'
                    '"protocol":"$server_protocol",'
                    '"http_user_agent":"$http_user_agent",'
                    '"http_sn":"$http_sn",'
                    '"tid":"$http_tid",'
                    '"mcc":"$http_mcc",'
                    '"app":"$http_app",'
                    '"pn":"$http_pn",'
                    '"trace_id":"$http_trace_id",'
                    '"trans_id":"$http_trans_id",'
                    '"request_id":"$request_id",'
                    '"limit_rate":"$limit_rate"}';
    access_log /data/nginx/logs/access.log  json;
    error_log   /data/nginx/logs/error.log;

    include conf.d/*.conf;
}

1

mkdir -p /data/nginx/logs/

1
2
3

systemctl start nginx
systemctl enable nginx
systemctl status nginx