13_搭建Nginx服务器、配置网页认证、基于域名的虚拟主机、ssl虚拟主机
官方yum源:
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1
pc7
1. 安装nginx
]# yum -y install nginx
]# nginx
]# nginx -V
nginx version: nginx/1.16.1
]# netstat -anptu | grep nginx
]# curl http://10.10.11.10
物理机:
firefox http://10.10.11.10/
2. 配置用户认证
]# cd /etc/nginx/conf.d
conf.d]# cp -p default.conf default.conf.bak
conf.d]# vim default.conf
...
server_name localhost;
auth_basic "Input Password";
auth_basic_user_file "/usr/local/nginx/pass";
...
conf.d]# yum -y install httpd-tools
conf.d]# htpasswd -c /etc/nginx/conf.d/pass tom1
conf.d]# htpasswd /etc/nginx/conf.d/pass tom2 # 追加用户,不使用-c选项
conf.d]# cat /etc/nginx/conf.d/pass
tom1:$apr1$UL9KCacj$OieKdhwxB6QXk48g8aq80/
tom2:$apr1$BLccaaL7$sVlr9y7YfGVaDQEGWNI5s1
conf.d]# nginx -s reload
物理机测试:
]# firefox http://10.10.11.10
(要输入账户、密码,注意清除浏览器缓存)
3. 基于域名的虚拟主机
conf.d]# vim default.conf
www.a.com 配置了用户认证
server {
listen 80;
server_name www.a.com;
auth_basic "Input Password";
auth_basic_user_file "/usr/local/nginx/pass";
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
www.b.com 未配置用户认证
server {
listen 80;
server_name www.b.com;
location / {
root /usr/share/nginx/www;
index index.html index.htm;
}
]# mkdir /usr/local/nginx/www
]# echo "www" > /usr/local/nginx/www/index.html
]# nginx -s reload
物理机测试:
]# vim /etc/hosts
10.10.11.10 www.a.com www.b.com
]# firefox http://www.a.com (输入用户名,密码访问)
]# firefox http://www.b.com ;
4.SSL虚拟主机
]# cd /etc/nginx/
nginx]# openssl genrsa > cert.key //生成私钥
nginx# openssl req -new -x509 -key cert.key > cert.pem # 生成证书
nginx]# ls
cert.key cert.pem ...
nginx]# vim conf.d/default.conf
server {
listen 443 ssl; # 要改
server_name www.b.com;
ssl_certificate cert.pem;
ssl_certificate_key cert.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /usr/share/nginx/www;
index index.html index.htm;
}
}
]# nginx -s reload
物理机访问:
]# vim /etc/hosts
10.10.11.10 www.a.com www.b.com
]# firefox https://www.b.com #信任证书后可以访问