nginx detailed

nginx in each os

### CentOS 7.x
[root@elk1 local]# service nginx start
Redirecting to /bin/systemctl start  nginx.service
[root@elk1 local]# systemctl start nginx
[root@elk1 local]# systemctl stop nginx
[root@elk1 local]# ps -ef | grep nginx
root     17933  9025  0 20:47 pts/0    00:00:00 grep --color=auto nginx

[root@elk1 local]# systemctl start nginx
[root@elk1 local]# ps -ef | grep nginx
root     17952     1  0 20:48 ?        00:00:00 nginx: master process /usr/sbinnginx
nginx    17953 17952  0 20:48 ?        00:00:00 nginx: worker process
nginx    17954 17952  0 20:48 ?        00:00:00 nginx: worker process
root     17956  9025  0 20:48 pts/0    00:00:00 grep --color=auto nginx
[root@elk1 local]#

Ubuntu 14.x nginx ์„ค์น˜

sudo apt-get install nginx -y
  404  Not Found [IP: 54.179.105.228 80]
Err http://ap-northeast-2.ec2.archive.ubuntu.com/ubuntu/ trusty-updates/main nginx-core amd64 1.4.6-1ubuntu3.3
# ์œ„ ์—๋Ÿฌ๋ฅผ ๋งŒ๋‚˜๋ฉด
sudo sed -i 's/ap-northeast-2.ec2\.//g' /etc/apt/sources.list
sudo apt-get update

from: http://www.develople.com/blog/archives/108

sudo apt-get install nginx -y
sudo service nginx start
curl -i http://localhost
sudo chown -R ubuntu:ubuntu /var/log/nginx /usr/share/nginx/html
echo "<h1>Hello World</h1>" > /usr/share/nginx/html/hello.html

nginx ์„ค์น˜(for letsencrypt)

su
# ๊ฐœ๋ฐœ ๊ด€๋ จ ํŒจํ‚ค์ง€ ์„ค์น˜
yum install development #CentOS 7.x

# ์‚ฌ์šฉ์žid dev ์ƒ์„ฑ
adduser dev
passwd dev

# nginx ์„ค์น˜, ์‹œ์ž‘
yum install epel-release #centos7.*
yum install nginx -y
service nginx start #centos6.*
systemctl start nginx #centos7.*
curl -i http://localhost

# ํด๋” ์ ‘๊ทผ๊ถŒํ•œ ๋ณ€๊ฒฝ
chown -R dev:dev /var/log/nginx /usr/share/nginx/html

# html ํŒŒ์ผ ์ƒ์„ฑ
su - dev
echo "<h1>Hello World</h1>" > /usr/share/nginx/html/hello.html

htpasswd ์„ค์ •

sudo yum install httpd-tools
sudo htpasswd -c /etc/nginx/htpasswd.users kibanaadmin
sudo htpasswd /etc/nginx/htpasswd.users kenuheo
sudo vi /etc/nginx/nginx.conf
    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  localhost;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        auth_basic "Restricted Access";
        auth_basic_user_file /etc/nginx/htpasswd.users;
sudo service nginx restart

Reverse Proxy

    location / {
        sendfile off;
        proxy_pass         http://127.0.0.1:3000;
        proxy_redirect     default;
        proxy_http_version 1.1;
        proxy_set_header   Host              $host;
        proxy_set_header   X-Real-IP         $remote_addr;
        proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
        proxy_cache_bypass $http_upgrade;
        proxy_max_temp_file_size 0;
    }

client ip forward to WAS

        proxy_set_header        X-Real-Ip       $remote_addr;
        proxy_set_header        X-Fowarded-For  $remote_addr;

proxy ์•ˆ๋˜๋Š” ๊ฒฝ์šฐ

2017/03/31 06:03:21 [crit] 1915#0: *8 connect() to 127.0.0.1:3000 failed (13: Permission denied) while connecting to upstream, client: 223.38.60.90, server: _, request: "GET /poweredby.png HTTP/1.1", upstream: "http://127.0.0.1:3000/poweredby.png", host: "104.197.6.69", referrer: "http://104.197.6.69/"
sudo setsebool -P httpd_can_network_connect 1
sudo service nginx restart

centos6.* ๊ฒฝ์šฐ

nginx           x86_64           1.0.15-12.el6           @epel           1.1 M
vi /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/6/$basearch/
gpgcheck=0
enabled=1

config

max file upload

client_max_body_size 200M;

WebSocket ์ถ”๊ฐ€

proxy_set_header Upgrade $http_upgrade; # ws
proxy_set_header Connection "upgrade"; # ws

CentOS on GCP

# grep nginx /var/log/audit/audit.log | audit2allow -M nginx
# yum install policycoreutils-python -y
# semodule -i nginx.pp

๊ด€๋ จ

์ฐธ๊ณ 

What Else?
inflearn react api server -50% ํ• ์ธ์ฟ ํฐ: 15108-f2af1e086101 buy me a coffee