实验操作步骤
- 安装ngix
这里使用命令:
sudo apt install nginx
2.icestone@icestone-nb:~$ sudo apt install nginx3.[sudo] icestone 的密码: 4.正在读取软件包列表... 完成5.正在分析软件包的依赖关系树... 完成6.正在读取状态信息... 完成 7.将会同时安装下列软件:8. libnginx-mod-http-geoip2 libnginx-mod-http-image-filter libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-stream libnginx-mod-stream-geoip2 nginx-common nginx-core9.下列【新】软件包将被安装:10. libnginx-mod-http-geoip2 libnginx-mod-http-image-filter libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-stream libnginx-mod-stream-geoip2 nginx nginx-common nginx-core11.升级了 0 个软件包,新安装了 9 个软件包,要卸载 0 个软件包,有 2 个软件包未被升级。12.需要下载 696 kB 的归档。13.解压缩后会消耗 2,395 kB 的额外空间。14.您希望继续执行吗? [Y/n] Y2.调整防火墙:sudo ufw app list15.icestone@icestone-nb:~$ sudo ufw allow 'Nginx HTTP'16.规则已添加17.规则已添加 (v6)18.icestone@icestone-nb:~$ sudo ufw allow 'Nginx HTTPS'19.规则已添加20.规则已添加 (v6)21.icestone@icestone-nb:~$ sudo ufw allow 'Nginx Full'22.规则已添加23.规则已添加 (v6)
查看结果:
sudo ufw status
24.icestone@icestone-nb:~$ sudo ufw status25.状态: 激活26.27.至 动作 来自28.- -- --29. ALLOW Anywhere 30.80/tcp ALLOW Anywhere 31.443/tcp ALLOW Anywhere
success
检查web服务:
systemctl status nginx
32.icestone@icestone-nb:~$ systemctl status nginx33.● nginx.service - A high performance web server and a reverse proxy server34. Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)35. Active: active (running) since Thu 2022-11-10 23:07:21 CST; 1h 14min ago36. Docs: man:nginx(8)37. Process: 21371 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)38. Process: 21374 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
success
39. 访问;
http://localhost/
开启https:
40. 修改配置文件
这里由于使用的ubuntu22.04
修改 /etc/nginx/sites-available/default
添加:
41.# 下面是我自己写的配置:42.server{43. listen 443 ssl;44. listen [::]:443 ssl;45. root /app/;46. index index.html;47. server_name laotie666.xyz www.laotie666.xyz;48.}
申请一个自签证书:
49.icestone@icestone-nb:/app$ openssl req -new -x509 -nodes -out server.crt -keyout server.key50....+.........+...+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+..+.+...+..+...+.........+...+..................+....+......+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.....+.....+...+....+..+...+...................
查看当前目录:
51.icestone@icestone-nb:/app$ ll52.总用量 2053.drwxrwxrwx 3 root root 4096 11月 11 02:29 ./54.drwxr-xr-x 25 root root 4096 11月 11 00:39 ../55.-rw------- 1 icestone icestone 0 11月 11 02:27 ca.key56.lrwxrwxrwx 1 icestone icestone 20 11月 11 02:26 openssl.cnf -> /etc/ssl/openssl.cnf*57.-rw-rw-r-- 1 icestone icestone 1363 11月 11 02:29 server.crt58.-rw------- 1 icestone icestone 1704 11月 11 02:29 server.key
crt和key文件生成了,将其配置在nginx的配置中:
修改/etc/nginx/sites-available/default:
在与原来server上修改
59. sserver {60. listen 443 ssl;61. index index.html index.htm index.nginx-debian.html;62.63. server_name icestone.art www.icestone.art;64.65. location ~ \.php$ {66. fastcgi_split_path_info ^(.+\.php)(/.+)$;67. fastcgi_pass unix:/run/php-fpm/www.sock;68. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;69. fastcgi_index index.php;70. include fastcgi_params;71. }72. ssl_certificate /app/server.crt;73. ssl_certificate_key /app/server.key;74.}
这里icestone.art使我们即将使用的域名,域名在、etc/hosts下直接添加并刷新即可,
要注意Linux下回环地址是0.0.0.0
75. https访问:
点查看证书:
强制访问:
76. 安装php
sudo apt install php libapache2-mod-php
77.icestone@icestone-nb:/app$ sudo apt install php-fpm78.正在读取软件包列表... 完成79.正在分析软件包的依赖关系树... 完成80.正在读取状态信息... 完成 81.将会同时安装下列软件:82. php8.1-fpm
注意这里显示安装的是php8.1-fpm,运行检查:
systemctl status php8.1-fpm
83.icestone@icestone-nb:/app$ systemctl status php8.1-fpm84.● php8.1-fpm.service - The PHP 8.1 FastCGI Process Manager85. Loaded: loaded (/lib/systemd/system/php8.1-fpm.service; enabled; vendor preset: enabled)
success
配置php运行端口和允许端口:
修改 /etc/php/8.1/pool.d/www.conf
修改下面三个:
86.;下面这个注释掉87.;listen = /run/php/php8.1-fpm.sock88.;修改:89.listen = localhost:8190.listen.allowed_clients = 127.0.0.1
修改nginx中监听php的端口;
修改 /etc/nginx/sites-available/default
主要修改80端口和443端口下启动页面,监听php的端口:
91.server {92. listen 80 default_server;93. listen [::]:80 default_server;94. index index.php index.html index.htm index.nginx-debian.html;95. root /app/www/;96. server_name icestone.art www.icestone.art _;97. location / {98. try_files $uri $uri/ /index.php$is_args$args;99. }100. location ~ \.php$ {101. fastcgi_split_path_info ^(.+\.php)(/.+)$;102. fastcgi_pass localhost:81;103. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;104. fastcgi_index index.php;105. include fastcgi_params;106. }107.}108.109.server {110. listen 443 ssl;111. index index.php index.html index.htm index.nginx-debian.html;112. root /app/www/;113. server_name icestone.art www.icestone.art;114. location / {115. try_files $uri $uri/ /index.php$is_args$args;116. }117. location ~ \.php$ {118. fastcgi_split_path_info ^(.+\.php)(/.+)$;119. fastcgi_pass localhost:81;120. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;121. fastcgi_index index.php;122. include fastcgi_params;123. }124. ssl_certificate /app/server.crt;125. ssl_certificate_key /app/server.key;126.}127.
nginx和php重启,访问浏览器端:
来源地址:https://blog.csdn.net/ice_stone_kai/article/details/127838484