Установка nginx на FreeBSD

Устанавливаем nginx 1.10 на FreeBSD 10.3
Возьмем nginx из портов, поэтому, сперва их следует обновить

portsnap update

1	portsnap update

Затем необходимо указать, что мы будем использовать в качестве ssl OpenSSL.

echo 'DEFAULT_VERSIONS+=ssl=openssl' >> /etc/make.conf

1	echo 'DEFAULT_VERSIONS+=ssl=openssl' >> /etc/make.conf

# cd /usr/ports/www/nginx
# make config-recursive

1 2	# cd /usr/ports/www/nginx # make config-recursive

Выбираем настройки по-умолчанию

# make install clean

1	# make install clean

Добавляем nginx в автозагрузку

# echo 'nginx_enable="YES"' >> /etc/rc.conf

1	# echo 'nginx_enable="YES"' >> /etc/rc.conf

Редактируем файл настроек. Я приведу пример с двумя виртуальными серверами, на одном из которых будут настройки для OpenCart, а на другом WordPress.

# nano /usr/local/etc/nginx/nginx.conf
load_module /usr/local/libexec/nginx/ngx_http_geoip_module.so;
load_module /usr/local/libexec/nginx/ngx_http_geoip2_module.so;
load_module /usr/local/libexec/nginx/ngx_mail_module.so;
load_module /usr/local/libexec/nginx/ngx_stream_module.so;

user  www;
worker_processes  2;

error_log  /var/log/nginx/error.log  debug;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {

geoip_country /usr/local/share/GeoIP/GeoIP.dat;
    map $geoip_country_code $allowed_country {
        default no;
        RU yes;
        UA yes;
        BY yes;
}

    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';


    access_log  /var/log/nginx/access.log  main;
    client_header_timeout 3m;
    client_body_timeout 3m;
    send_timeout 3m;
    client_max_body_size 50m;
    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;
    server_names_hash_bucket_size 64;

    gzip  on;

    include /usr/local/etc/nginx/sites-enabled/*;
}

# nano /usr/local/etc/nginx/nginx.conf

load_module /usr/local/libexec/nginx/ngx_http_geoip_module.so;

load_module /usr/local/libexec/nginx/ngx_http_geoip2_module.so;

load_module /usr/local/libexec/nginx/ngx_mail_module.so;

load_module /usr/local/libexec/nginx/ngx_stream_module.so;

user www;

worker_processes 2;

error_log /var/log/nginx/error.log debug;

pid /var/run/nginx.pid;

events {

worker_connections 1024;

}

http {

geoip_country /usr/local/share/GeoIP/GeoIP.dat;

map $geoip_country_code $allowed_country {

default no;

RU yes;

UA yes;

BY yes;

}

include mime.types;

default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main;

client_header_timeout 3m;

client_body_timeout 3m;

send_timeout 3m;

client_max_body_size 50m;

sendfile on;

#tcp_nopush on;

keepalive_timeout 65;

server_names_hash_bucket_size 64;

gzip on;

include /usr/local/etc/nginx/sites-enabled/*;

}

Создадим файлы с настройками наших виртуальных серверов и символические ссылки для того, чтобы nginx их загрузил

# touch /usr/local/etc/nginx/sites-available/00-default.conf
# touch /usr/local/etc/nginx/sites-available/01-site1.conf
# touch /usr/local/etc/nginx/sites-available/02-site2.conf
# ls -s /usr/local/etc/nginx/sites-enabled/00-default.conf /usr/local/etc/nginx/sites-available/00-default.conf
# ls -s /usr/local/etc/nginx/sites-enabled/01-site1.conf /usr/local/etc/nginx/sites-available/01-site1.conf
# ls -s /usr/local/etc/nginx/sites-enabled/02-site2.conf /usr/local/etc/nginx/sites-available/02-site2.conf

# touch /usr/local/etc/nginx/sites-available/00-default.conf

# touch /usr/local/etc/nginx/sites-available/01-site1.conf

# touch /usr/local/etc/nginx/sites-available/02-site2.conf

# ls -s /usr/local/etc/nginx/sites-enabled/00-default.conf /usr/local/etc/nginx/sites-available/00-default.conf

# ls -s /usr/local/etc/nginx/sites-enabled/01-site1.conf /usr/local/etc/nginx/sites-available/01-site1.conf

# ls -s /usr/local/etc/nginx/sites-enabled/02-site2.conf /usr/local/etc/nginx/sites-available/02-site2.conf

Файл 00-default.conf нужен для того, чтобы получать доступ только к сайтам, размещенным на сервере.

server {
    listen 80 default_server;
    server_name "";
    access_log /dev/null;
    error_log /dev/null;
    return 444;

if ($allowed_country = no){
    return 444;
}
}

server {

listen 80 default_server;

server_name "";

access_log /dev/null;

error_log /dev/null;

return 444;

if ($allowed_country = no){

return 444;

}

В файле 01-site1.conf приведен пример настройки для OpenCart

server {
if ($allowed_country = no) {
    return 444;
}
    listen 80;
    server_name shop.sitename.ru;
    root /data/www/shop.sitename.ru/htdocs;

    index index.php index.html index.htm;
    access_log /data/www/shop.sitename.ru/log/access.log main;
    error_log /data/www/shop.sitename.ru/log/error.log;
    client_max_body_size 50m;
    # GZIP
    gzip on;
    gzip_disable "msie6";
    gzip_comp_level 5;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;

    location /admin {
        index index.php;
    }
    location / {
        try_files $uri @opencart;
    }

    location @opencart {
        rewrite ^/(.+)$ /index.php?_route_=$1 last;
}

    location ~* ^.+.(js|css|png|jpg|jpeg|gif|ico)$ {
        access_log off;
        expires max;
}

    if (!-e $request_filename) {
        rewrite ^/(.*)$ /index.php?_route_=$1 last;
}

location ~ \.php$ {
        fastcgi_pass   unix:/tmp/php-fpm.sock;
        fastcgi_index index.php;

fastcgi_param DOCUMENT_ROOT /data/www/shop.sitename.ru/htdocs/;
fastcgi_param SCRIPT_FILENAME /data/www/shop.sitename.ru/htdocs$fastcgi_script_name;
fastcgi_param PATH_TRANSLATED /data/www/shop.sitename.ru/htdocs$fastcgi_script_name;

include fastcgi_params;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;

fastcgi_param X_REAL_IP $remote_addr;
fastcgi_param REMOTE_ADDR $remote_addr;

fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}

location = /favicon.ico {
        log_not_found off;
        access_log off;
}

location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
}
        location ~ /\.ht {
        deny all;
}
}

server {

if ($allowed_country = no) {

return 444;

}

listen 80;

server_name shop.sitename.ru;

root /data/www/shop.sitename.ru/htdocs;

index index.php index.html index.htm;

access_log /data/www/shop.sitename.ru/log/access.log main;

error_log /data/www/shop.sitename.ru/log/error.log;

client_max_body_size 50m;

# GZIP

gzip on;

gzip_disable "msie6";

gzip_comp_level 5;

gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;

location /admin {

index index.php;

}

location / {

try_files $uri @opencart;

}

location @opencart {

rewrite ^/(.+)$ /index.php?_route_=$1 last;

}

location ~* ^.+.(js|css|png|jpg|jpeg|gif|ico)$ {

access_log off;

expires max;

}

if (!-e $request_filename) {

rewrite ^/(.*)$ /index.php?_route_=$1 last;

}

location ~ \.php$ {

fastcgi_pass unix:/tmp/php-fpm.sock;

fastcgi_index index.php;

fastcgi_param DOCUMENT_ROOT /data/www/shop.sitename.ru/htdocs/;

fastcgi_param SCRIPT_FILENAME /data/www/shop.sitename.ru/htdocs$fastcgi_script_name;

fastcgi_param PATH_TRANSLATED /data/www/shop.sitename.ru/htdocs$fastcgi_script_name;

include fastcgi_params;

fastcgi_param QUERY_STRING $query_string;

fastcgi_param REQUEST_METHOD $request_method;

fastcgi_param CONTENT_TYPE $content_type;

fastcgi_param CONTENT_LENGTH $content_length;

fastcgi_param X_REAL_IP $remote_addr;

fastcgi_param REMOTE_ADDR $remote_addr;

fastcgi_intercept_errors on;

fastcgi_ignore_client_abort off;

fastcgi_connect_timeout 60;

fastcgi_send_timeout 180;

fastcgi_read_timeout 180;

fastcgi_buffer_size 128k;

fastcgi_buffers 4 256k;

fastcgi_busy_buffers_size 256k;

fastcgi_temp_file_write_size 256k;

}

location = /favicon.ico {

log_not_found off;

access_log off;

}

location = /robots.txt {

allow all;

log_not_found off;

access_log off;

}

location ~ /\.ht {

deny all;

}

Пример настройки файла 02-site2.conf для WordPress

server {
if ($allowed_country = no) {
    return 404;
}
    listen 80;
    server_name blog.sitename.ru;
    root /data/www/sdn.tovy.ru/htdocs;

    index index.php index.html index.htm;
    access_log /data/www/blog.sitename.ru/log/access.log main;
    error_log /data/www/blog.sitename.ru/log/error.log;
    client_max_body_size 50m;

    # GZIP
    gzip on;
    gzip_disable "msie6";
    gzip_comp_level 5;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;

    location /wp-admin {
        index index.php;
    }
    location / {
        try_files $uri @wordpress;
    }

    location @wordpress {
        rewrite ^/(.+)$ /index.php?=$1 last;
}

    location ~* ^.+.(js|css|png|jpg|jpeg|gif|ico)$ {
        access_log off;
        expires max;
}

    if (!-e $request_filename) {
        rewrite ^/(.*)$ /index.php?_route_=$1 last;
}

location ~ \.php$ {
        fastcgi_pass   unix:/tmp/php-fpm.sock;
        fastcgi_index index.php;

fastcgi_param DOCUMENT_ROOT /data/www/blog.sitename.ru/htdocs/;
fastcgi_param SCRIPT_FILENAME /data/www/blog.sitename.ru/htdocs$fastcgi_script_name;
fastcgi_param PATH_TRANSLATED /data/www/blog.sitename.ru/htdocs$fastcgi_script_name;

include fastcgi_params;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;

fastcgi_param X_REAL_IP $remote_addr;
fastcgi_param REMOTE_ADDR $remote_addr;

fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}

location = /favicon.ico {
        log_not_found off;
        access_log off;
}

location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
}
        location ~ /\.ht {
        deny all;
}
}

server {

if ($allowed_country = no) {

return 404;

}

listen 80;

server_name blog.sitename.ru;

root /data/www/sdn.tovy.ru/htdocs;

index index.php index.html index.htm;

access_log /data/www/blog.sitename.ru/log/access.log main;

error_log /data/www/blog.sitename.ru/log/error.log;

client_max_body_size 50m;

# GZIP

gzip on;

gzip_disable "msie6";

gzip_comp_level 5;

gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;

location /wp-admin {

index index.php;

}

location / {

try_files $uri @wordpress;

}

location @wordpress {

rewrite ^/(.+)$ /index.php?=$1 last;

}

location ~* ^.+.(js|css|png|jpg|jpeg|gif|ico)$ {

access_log off;

expires max;

}

if (!-e $request_filename) {

rewrite ^/(.*)$ /index.php?_route_=$1 last;

}

location ~ \.php$ {

fastcgi_pass unix:/tmp/php-fpm.sock;

fastcgi_index index.php;

fastcgi_param DOCUMENT_ROOT /data/www/blog.sitename.ru/htdocs/;

fastcgi_param SCRIPT_FILENAME /data/www/blog.sitename.ru/htdocs$fastcgi_script_name;

fastcgi_param PATH_TRANSLATED /data/www/blog.sitename.ru/htdocs$fastcgi_script_name;

include fastcgi_params;

fastcgi_param QUERY_STRING $query_string;

fastcgi_param REQUEST_METHOD $request_method;

fastcgi_param CONTENT_TYPE $content_type;

fastcgi_param CONTENT_LENGTH $content_length;

fastcgi_param X_REAL_IP $remote_addr;

fastcgi_param REMOTE_ADDR $remote_addr;

fastcgi_intercept_errors on;

fastcgi_ignore_client_abort off;

fastcgi_connect_timeout 60;

fastcgi_send_timeout 180;

fastcgi_read_timeout 180;

fastcgi_buffer_size 128k;

fastcgi_buffers 4 256k;

fastcgi_busy_buffers_size 256k;

fastcgi_temp_file_write_size 256k;

}

location = /favicon.ico {

log_not_found off;

access_log off;

}

location = /robots.txt {

allow all;

log_not_found off;

access_log off;

}

location ~ /\.ht {

deny all;

}

Теперь надо проверить, нет ли ошибок в наших файлах конфигурации.

# nginx -t
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful

# nginx -t

nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok

nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful

Все в порядке. Наш Web сервер на FreeBSD готов. Запускаем nginx и проверяем, нормально ли запустился

# service nginx start
# sockstat | grep nginx
www      nginx      3488  10 tcp4   *:80                  *:*
www      nginx      3488  11 stream -> ??
root     nginx      3487  3  stream -> ??
root     nginx      3487  10 tcp4   *:80                  *:*
root     nginx      3487  11 stream -> ??

# service nginx start

# sockstat | grep nginx

www nginx 3488 10 tcp4 *:80 *:*

www nginx 3488 11 stream -> ??

root nginx 3487 3 stream -> ??

root nginx 3487 10 tcp4 *:80 *:*

root nginx 3487 11 stream -> ??

Все в порядке, сервер запущен и слушает 80-й порт.

Добавить комментарий Отменить ответ