FreeBSD(Proxy服务器配置篇)
Proxy服务器(192.168.10.20)主要是负责终端客户的接入,为两台Squid缓存服务器提供均衡负载。现在我们就开始吧!
服务器网络配置
# ee /etc/rc.conf
ifconfig_lnc0="inet 192.168.10.20 netmask 255.255.255.0"
defaultrouter="192.168.10.10"
hostname="proxy.rd.bj"
# ee /etc/hosts
192.168.10.20 proxy.rd.bj
# ee /etc/resolv.conf
nameserver 192.168.10.40
网络环境配置好后,我们开始安装Nginx,在那里,告诉我
# whereis nginx
nginx: /usr/ports/www/nginx
# make config
# make showconfig #我的配置选项
===> The following configuration options are available for nginx-0.5.34:
DEBUG=off "Enable nginx debugging"
HTTP_MODULE=on "Enable HTTP module"
HTTP_ADDITION_MODULE=on "Enable http_addition module"
HTTP_DAV_MODULE=on "Enable http_webdav module"
HTTP_FLV_MODULE=on "Enable http_flv module"
HTTP_PERL_MODULE=on "Enable http_perl module"
HTTP_REALIP_MODULE=on "Enable http_realip module"
HTTP_REWRITE_MODULE=on "Enable http_rewrite module"
HTTP_SSL_MODULE=on "Enable http_ssl module"
HTTP_STATUS_MODULE=on "Enable http_stub_status module"
HTTP_SUB_MODULE=on "Enable http_sub module"
MAIL_MODULE=off "Enable IMAP4/POP3/SMTP proxy module"
MAIL_IMAP_MODULE=off "Enable IMAP4 proxy module"
MAIL_POP3_MODULE=off "Enable POP3 proxy module"
MAIL_SMTP_MODULE=off "Enable SMTP proxy module"
MAIL_SSL_MODULE=off "Enable mail_ssl module"
WWW=on "Enable html sample files"
===> Use 'make config' to modify these settings
# make install clean
又开始等待了 ...
终于完了,现在开始配置吧!
# cd /usr/local/etc/nginx
# ee nginx.conf #更改配置文件
我更改后的配置文件如下:
user www www;
worker_processes 1;
error_log /var/log/nginx_error.log;
pid /var/run/nginx.pid;
events {
use kqueue;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx_access.log main;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
client_header_buffer_size 1k;
large_client_header_buffers 4 4k;
output_buffers 1 32k;
postpone_output 1460;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
upstream mysvr {
server 192.168.10.30:3128 weight=5;
server 192.168.10.31:3128 weight=5;
}
server {
listen 80;
server_name www.rd.bj;
charset gbk;
access_log /var/log/nginx_host.access.log main;
location / {
proxy_pass http://mysvr/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
location /nginx {
stub_status on;
access_log on;
auth_basic "NginxStatus";
auth_basic_user_file /usr/local/etc/nginx/htpasswd;
}
}
}
保存配置文件退出后,现在对刚才设置的文件进行验证。
# rehash
# nginx -t
2007/12/27 15:42:52 [info] 25243#0: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
2007/12/27 15:42:52 [info] 25243#0: the configuration file /usr/local/etc/nginx/nginx.conf was tested successfully
Very good,没问题了,我们在配置文件中还设置了查看Nginx的状态信息,所以,现在我们还必需生成一个htppasswd文件,这时候我们得用到 Apache的htpasswd 工具了, 我们这台代理服务器上没有Apache,现在只能依靠web服务器的了,去那生成一个复制过来。
生成htppasswd文件的方法:
#htpasswd -c /tmp/htpassswd nginx
输入两次密码就完成了,然后把生成好的htpasswd文件拷贝到proxy的机器的/usr/local/etc/nginx目录下就行了。
如何在两台机器之间拷贝文件呢?scp出场了 ...
# scp /tmp/htpassswd [email protected]:/usr/local/etc/nginx
好了, 现在万事具备了,现在启动她吧!!!
# nginx
# ps -aux | grep nginx
root 804 0.0 3.4 4908 4288 ?? Ss 4:49PM 0:00.00 nginx: master process nginx (nginx)
www 805 0.0 13.8 18004 17404 ?? S 4:49PM 0:00.02 nginx: worker process (nginx)
root 807 0.0 0.3 536 416 p0 RL+ 4:49PM 0:00.00 grep nginx
现在用浏览器查看一下Nginx的状态,http://192.168.10.20/nginx输入用户名和密码进入,如图:
好了,Nginx也配置完成了。