#初次安装 wget http://nginx.org/download/nginx-1.10.0.tar.gz tar -zxvf nginx-1.10.0.tar.gz mkdir -p /opt/nginx # 启用ssl 启用security cd nginx-1.10.0 ./configure --add-module=/opt/ModSecurity-nginx --with-http_ssl_module make -j && make install #站点、证书、负载均衡等配置 #省略 #添加nginx服务随机启动 cat <<EOF > /lib/systemd/system/nginx.service [Unit] Description=nginx After=network.target [Service] Type=forking ExecStart=/opt/nginx/sbin/nginx -c /opt/nginx/conf/nginx.conf ExecReload=/opt/nginx/sbin/nginx -s reload ExecStop=/opt/nginx/sbin/nginx -s quit PrivateTmp=true [Install] WantedBy=multi-user.target EOF #查看添加的服务 systemctl list-units --type=service #ngin binary编译参数模板 # ./configure \ # --conf-path=/etc/nginx/nginx.conf \ # --add-module=../naxsi-master/naxsi_src/ \ # --error-log-path=/var/log/nginx/error.log \ # --http-client-body-temp-path=/var/lib/nginx/body \ # --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \ # --http-log-path=/var/log/nginx/access.log \ # --http-proxy-temp-path=/var/lib/nginx/proxy \ # --lock-path=/var/lock/nginx.lock \ # --pid-path=/var/run/nginx.pid \ # --user=nginx \ # --group=nginx \ # --with-http_ssl_module \ # --with-http_geoip_module \ # --with-http_stub_status_module # --without-mail_pop3_module \ # --without-mail_smtp_module \ # --without-mail_imap_module \ # --without-http_uwsgi_module \ # --without-http_scgi_module \ # --with-ipv6 \ # --prefix=/opt/nginx #nginx naxsi git clone https://github.com/nbs-system/naxsi.gi ./configure \ --add-module=../naxsi-master/naxsi_src/ \ --user=nginx \ --group=nginx \ --with-http_ssl_module \ --with-http_geoip_module \ --with-http_stub_status_module \ --without-mail_pop3_module \ --without-mail_smtp_module \ --without-mail_imap_module \ --without-http_uwsgi_module \ --without-http_scgi_module \ --prefix=/opt/nginx ##nginx naxsi cookie git clone https://github.com/nbs-system/naxsi.git git clone https://github.com/AirisX/nginx_cookie_flag_module.git ./configure \ --add-module=../naxsi/naxsi_src/ \ --add-module=../nginx_cookie_flag_module/ \ --user=nginx \ --group=nginx \ --with-http_v2_module \ --with-http_ssl_module \ --with-http_geoip_module \ --with-http_stub_status_module \ --without-mail_pop3_module \ --without-mail_smtp_module \ --without-mail_imap_module \ --without-http_uwsgi_module \ --without-http_scgi_module \ --prefix=/opt/nginx #模块添加或者版本升级过程 #重新configure ./configure --额外参数 #重新make make #千万不要make install #备份和使用新的nginx命令 \cp /opt/nginx/sbin/nginx /opt/nginx/sbin/nginx.bak_$(date +"%Y%m%d") \cp -f ./objs/nginx /opt/nginx/sbin/ #重启nginx服务 systemctl restart nginx #验证nginx版本信息 nginx -V