实验操作步骤
- 安装ngix
这里使用命令:
sudo apt install nginx
2. icestone@icestone-nb:~$ sudo apt install nginx 3. [sudo] icestone 的密码: 4. 正在读取软件包列表... 完成 5. 正在分析软件包的依赖关系树... 完成 6. 正在读取状态信息... 完成 7. 将会同时安装下列软件: 8. libnginx-mod-http-geoip2 libnginx-mod-http-image-filter libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-stream libnginx-mod-stream-geoip2 nginx-common nginx-core 9. 下列【新】软件包将被安装: 10. libnginx-mod-http-geoip2 libnginx-mod-http-image-filter libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-stream libnginx-mod-stream-geoip2 nginx nginx-common nginx-core 11. 升级了 0 个软件包,新安装了 9 个软件包,要卸载 0 个软件包,有 2 个软件包未被升级。 12. 需要下载 696 kB 的归档。 13. 解压缩后会消耗 2,395 kB 的额外空间。 14. 您希望继续执行吗? [Y/n] Y 2.调整防火墙: sudo ufw app list 15. icestone@icestone-nb:~$ sudo ufw allow 'Nginx HTTP' 16. 规则已添加 17. 规则已添加 (v6) 18. icestone@icestone-nb:~$ sudo ufw allow 'Nginx HTTPS' 19. 规则已添加 20. 规则已添加 (v6) 21. icestone@icestone-nb:~$ sudo ufw allow 'Nginx Full' 22. 规则已添加 23. 规则已添加 (v6)
查看结果:
sudo ufw status
24. icestone@icestone-nb:~$ sudo ufw status 25. 状态: 激活 26. 27. 至 动作 来自 28. - -- -- 29. ALLOW Anywhere 30. 80/tcp ALLOW Anywhere 31. 443/tcp ALLOW Anywhere
success
3.检查web服务:
systemctl status nginx
32. icestone@icestone-nb:~$ systemctl status nginx 33. ● nginx.service - A high performance web server and a reverse proxy server 34. Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) 35. Active: active (running) since Thu 2022-11-10 23:07:21 CST; 1h 14min ago 36. Docs: man:nginx(8) 37. Process: 21371 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS) 38. Process: 21374 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
success
39. 访问;
http://localhost/
2.开启https:
40. 修改配置文件
这里由于使用的ubuntu22.04
修改 /etc/nginx/sites-available/default
添加:
41. 42. server{ 43. listen 443 ssl; 44. listen [::]:443 ssl; 45. root /app/; 46. index index.html; 47. server_name laotie666.xyz www.laotie666.xyz; 48. }
2.申请一个自签证书:
49. icestone@icestone-nb:/app$ openssl req -new -x509 -nodes -out server.crt -keyout server.key 50. ...+.........+...+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+..+.+...+..+...+.........+...+..................+....+......+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.....+.....+...+....+..+...+...................
查看当前目录:
51. icestone@icestone-nb:/app$ ll 52. 总用量 20 53. drwxrwxrwx 3 root root 4096 11月 11 02:29 ./ 54. drwxr-xr-x 25 root root 4096 11月 11 00:39 ../ 55. -rw------- 1 icestone icestone 0 11月 11 02:27 ca.key 56. lrwxrwxrwx 1 icestone icestone 20 11月 11 02:26 openssl.cnf -> /etc/ssl/openssl.cnf* 57. -rw-rw-r-- 1 icestone icestone 1363 11月 11 02:29 server.crt 58. -rw------- 1 icestone icestone 1704 11月 11 02:29 server.key
crt和key文件生成了,将其配置在nginx的配置中:
修改/etc/nginx/sites-available/default:
在与原来server上修改
59. sserver { 60. listen 443 ssl; 61. index index.html index.htm index.nginx-debian.html; 62. 63. server_name icestone.art www.icestone.art; 64. 65. location ~ \.php$ { 66. fastcgi_split_path_info ^(.+\.php)(/.+)$; 67. fastcgi_pass unix:/run/php-fpm/www.sock; 68. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 69. fastcgi_index index.php; 70. include fastcgi_params; 71. } 72. ssl_certificate /app/server.crt; 73. ssl_certificate_key /app/server.key; 74. }
这里icestone.art使我们即将使用的域名,域名在、etc/hosts下直接添加并刷新即可,
要注意Linux下回环地址是0.0.0.0
75. https访问:
点查看证书:
强制访问:
76. 安装php
sudo apt install php libapache2-mod-php
77. icestone@icestone-nb:/app$ sudo apt install php-fpm 78. 正在读取软件包列表... 完成 79. 正在分析软件包的依赖关系树... 完成 80. 正在读取状态信息... 完成 81. 将会同时安装下列软件: 82. php8.1-fpm
注意这里显示安装的是php8.1-fpm,运行检查:
systemctl status php8.1-fpm
83. icestone@icestone-nb:/app$ systemctl status php8.1-fpm 84. ● php8.1-fpm.service - The PHP 8.1 FastCGI Process Manager 85. Loaded: loaded (/lib/systemd/system/php8.1-fpm.service; enabled; vendor preset: enabled)
success
配置php运行端口和允许端口:
修改 /etc/php/8.1/pool.d/www.conf
修改下面三个:
86. ;下面这个注释掉 87. ;listen = /run/php/php8.1-fpm.sock 88. ;修改: 89. listen = localhost:81 90. listen.allowed_clients = 127.0.0.1
修改nginx中监听php的端口;
修改 /etc/nginx/sites-available/default
主要修改80端口和443端口下启动页面,监听php的端口:
91. server { 92. listen 80 default_server; 93. listen [::]:80 default_server; 94. index index.php index.html index.htm index.nginx-debian.html; 95. root /app/www/; 96. server_name icestone.art www.icestone.art _; 97. location / { 98. try_files $uri $uri/ /index.php$is_args$args; 99. } 100. location ~ \.php$ { 101. fastcgi_split_path_info ^(.+\.php)(/.+)$; 102. fastcgi_pass localhost:81; 103. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 104. fastcgi_index index.php; 105. include fastcgi_params; 106. } 107. } 108. 109. server { 110. listen 443 ssl; 111. index index.php index.html index.htm index.nginx-debian.html; 112. root /app/www/; 113. server_name icestone.art www.icestone.art; 114. location / { 115. try_files $uri $uri/ /index.php$is_args$args; 116. } 117. location ~ \.php$ { 118. fastcgi_split_path_info ^(.+\.php)(/.+)$; 119. fastcgi_pass localhost:81; 120. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 121. fastcgi_index index.php; 122. include fastcgi_params; 123. } 124. ssl_certificate /app/server.crt; 125. ssl_certificate_key /app/server.key; 126. } 127.
nginx和php重启,访问浏览器端:
原文链接:https://blog.csdn.net/ice_stone_kai/article/details/127838484
© 版权声明
声明📢本站内容均来自互联网,归原创作者所有,如有侵权必删除。
本站文章皆由CC-4.0协议发布,如无来源则为原创,转载请注明出处。
THE END