Help us understand the problem. What is going on with this article?

nginx事前準備から動作テストまでのメモ

More than 1 year has passed since last update.

以下は、CentOS 5, 6, 7上でnginxを構築した際のメモ。

ngx_slowfs_cache-1.10、ngx_cache_purge-2.3、zlib-1.2.11、openssl-1.0.2lを使用、かつPerlはspawn-fcgi、PHPはphp-fpmを使用して作動させることにしました。

事前準備

[root@localhost ~]# useradd -s /sbin/nologin nginx               ← nginxユーザー作成
[root@localhost ~]# mkdir -p /var/{log,run}/nginx                ← log,runディレクトリ作成
[root@localhost ~]# chown nginx:nginx /var/{log,run}/nginx/      ← log,runディレクトリ権限変更
[root@localhost ~]# mkdir -p /var/cache/nginx/{proxy_cache,temp} ← proxy_cache,tempディレクトリ作成
[root@localhost ~]# chown -R nginx:nginx /var/cache/nginx        ← nginxディレクトリ以下の権限変更
[root@localhost ~]# mkdir -p /var/www/html                       ← htmlディレクトリ作成
[root@localhost ~]# chown -R nginx:nginx /var/www                ← wwwディレクトリ以下の権限変更
[root@localhost ~]# yum -y install pcre pcre-devel               ← pcre,pcre-develパッケージをインストール
[root@localhost ~]# cd /usr/local/src                            ← ソースのダウンロードおよび解凍ディレクトリへ移動

nginx-1.13.4

[root@localhost ~]# wget http://nginx.org/download/nginx-1.13.4.tar.gz ← ダウンロード
[root@localhost ~]# tar zxvf nginx-1.13.4.tar.gz                       ← 解凍

ngx_slowfs_cache-1.10

[root@localhost ~]# wget http://labs.frickle.com/files/ngx_slowfs_cache-1.10.tar.gz ← ダウンロード
[root@localhost ~]# tar zxvf ngx_slowfs_cache-1.10.tar.gz                           ← 解凍

ngx_cache_purge-2.3

[root@localhost ~]# wget http://labs.frickle.com/files/ngx_cache_purge-2.3.tar.gz ← ダウンロード
[root@localhost ~]# tar zxvf ngx_cache_purge-2.3.tar.gz                           ← 解凍

zlib-1.2.11

[root@localhost ~]# wget http://zlib.net/fossils/zlib-1.2.11.tar.gz ← ダウンロード
[root@localhost ~]# tar zxvf zlib-1.2.11.tar.gz                     ← 解凍

openssl-1.0.2l

[root@localhost ~]# wget https://www.openssl.org/source/openssl-1.0.2l.tar.gz ← ダウンロード
[root@localhost ~]# tar zxvf openssl-1.0.2l.tar.gz                            ← 解凍

ゴミの削除

[root@localhost ~]# rm -f *.tar.gz

nginxのコンパイルおよびインストール

[root@localhost ~]# cd nginx-1.13.4/
[root@localhost ~]# ./configure --prefix=/etc/nginx \
              --sbin-path=/usr/sbin/nginx \
              --conf-path=/etc/nginx/nginx.conf \
              --error-log-path=/var/log/nginx/error.log \
              --http-log-path=/var/log/nginx/access.log \
              --lock-path=/var/lock/nginx.lock \
              --pid-path=/var/run/nginx.pid \
              --add-module=/usr/local/src/ngx_cache_purge-2.3 \
              --add-module=/usr/local/src/ngx_slowfs_cache-1.10 \
              --with-zlib=/usr/local/src/zlib-1.2.11 \
              --with-openssl=/usr/local/src/openssl-1.0.2l \
              --with-http_addition_module \
              --with-http_ssl_module \
              --with-http_realip_module
[root@localhost ~]# make && make install
[root@localhost ~]# echo $? ← 戻り値確認

initスクリプト作成(CentOS 5, 6)

[root@localhost ~]# vim /etc/init.d/nginx ← initスクリプト作成
-------------------------ここから-------------------------
#!/bin/sh
# nginx - this script starts and stops the nginx daemon
#
# chkconfig:   - 85 15
# description:  Nginx is an HTTP(S) server, HTTP(S) reverse \
#               proxy and IMAP/POP3 proxy server
# processname: nginx
# config:      /etc/nginx/nginx.conf
# config:      /etc/sysconfig/nginx
# pidfile:     /var/run/nginx.pid

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0

nginx="/usr/sbin/nginx"
prog=$(basename $nginx)

sysconfig="/etc/sysconfig/$prog"
lockfile="/var/lock/subsys/nginx"
pidfile="/var/run/${prog}.pid"

NGINX_CONF_FILE="/etc/nginx/nginx.conf"

[ -f $sysconfig ] && . $sysconfig

start() {
   [ -x $nginx ] || exit 5
   [ -f $NGINX_CONF_FILE ] || exit 6
   echo -n $"Starting $prog: "
   daemon $nginx -c $NGINX_CONF_FILE
   retval=$?
   echo
   [ $retval -eq 0 ] && touch $lockfile
   return $retval
}

stop() {
   echo -n $"Stopping $prog: "
   killproc -p $pidfile $prog
   retval=$?
   echo
   [ $retval -eq 0 ] && rm -f $lockfile
   return $retval
}

restart() {
   configtest_q || return 6
   stop
   start
}

reload() {
   configtest_q || return 6
   echo -n $"Reloading $prog: "
   killproc -p $pidfile $prog -HUP
   echo
}

configtest() {
   $nginx -t -c $NGINX_CONF_FILE
}

configtest_q() {
   $nginx -t -q -c $NGINX_CONF_FILE
}

rh_status() {
   status $prog
}

rh_status_q() {
   rh_status >/dev/null 2>&1
}

# Upgrade the binary with no downtime.
upgrade() {
   local oldbin_pidfile="${pidfile}.oldbin"

   configtest_q || return 6
   echo -n $"Upgrading $prog: "
   killproc -p $pidfile $prog -USR2
   retval=$?
   sleep 1
   if [[ -f ${oldbin_pidfile} && -f ${pidfile} ]];  then
       killproc -p $oldbin_pidfile $prog -QUIT
       success $"$prog online upgrade"
       echo
       return 0
   else
       failure $"$prog online upgrade"
       echo
       return 1
   fi
}

# Tell nginx to reopen logs
reopen_logs() {
   configtest_q || return 6
   echo -n $"Reopening $prog logs: "
   killproc -p $pidfile $prog -USR1
   retval=$?
   echo
   return $retval
}

case "$1" in
   start)
       rh_status_q && exit 0
       $1
       ;;
   stop)
       rh_status_q || exit 0
       $1
       ;;
   restart|configtest|reopen_logs)
       $1
       ;;
   force-reload|upgrade)
       rh_status_q || exit 7
       upgrade
       ;;
   reload)
       rh_status_q || exit 7
       $1
       ;;
   status|status_q)
       rh_$1
       ;;
   condrestart|try-restart)
       rh_status_q || exit 7
       restart
           ;;
   *)
       echo $"Usage: $0 {start|stop|reload|configtest|status|force-reload|upgrade|restart|reopen_logs}"
       exit 2
esac
-------------------------ここまで-------------------------
[root@localhost ~]# chmod 755 /etc/init.d/nginx

serviceスクリプト作成(CentOS 7)

[root@localhost ~]# vim /lib/systemd/system/nginx.service ← serviceスクリプト作成
-------------------------ここから-------------------------
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target
-------------------------ここまで-------------------------
[root@localhost ~]# systemctl daemon-reload

EPELのインストール(CentOS 5, 6)

[root@localhost ~]# rpm -ivh http://ftp.riken.jp/Linux/fedora/epel/6/i386/epel-release-6-8.noarch.rpm   ← CentOS6(32ビット)の場合
[root@localhost ~]# rpm -ivh http://ftp.riken.jp/Linux/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm ← CentOS6(64ビット)の場合
[root@localhost ~]# rpm -ivh http://ftp.riken.jp/Linux/fedora/epel/5/i386/epel-release-5-4.noarch.rpm   ← CentOS5(32ビット)の場合
[root@localhost ~]# rpm -ivh http://ftp.riken.jp/Linux/fedora/epel/5/x86_64/epel-release-5-4.noarch.rpm ← CentOS5(64ビット)の場合

EPELのインストール(CentOS 7)

[root@localhost ~]# rpm -ivh http://ftp.riken.jp/Linux/fedora/epel/7/x86_64/e/epel-release-7-8.noarch.rpm

spawn-fcgiのダウンロードおよび解凍

[root@localhost ~]# yum -y install fcgi fcgi-devel spawn-fcgi
[root@localhost ~]# ln -s /usr/bin/perl /usr/local/bin/perl
[root@localhost ~]# cd /usr/local/src
[root@localhost ~]# wget http://github.com/gnosek/fcgiwrap/tarball/master -O fcgiwrap.tar.gz
[root@localhost ~]# tar zxvf fcgiwrap.tar.gz

spawn-fcgiのコンパイルおよびインストール

[root@localhost ~]# cd gnosek-fcgiwrap-*
[root@localhost ~]# autoreconf -i
[root@localhost ~]# ./configure
[root@localhost ~]# make && make install
[root@localhost ~]# echo $? ← 戻り値確認
[root@localhost ~]# vim /etc/sysconfig/spawn-fcgi
-------------------------ここから-------------------------
OPTIONS="-u nginx -g nginx -a 127.0.0.1 -p 9001 -P /var/run/spawn-fcgi.pid -- /usr/local/sbin/fcgiwrap" ← 追加
-------------------------ここまで-------------------------

spawn-fcgiの自動起動設定およびサービス起動(CentOS 5, 6)

[root@localhost ~]# chkconfig spawn-fcgi on
[root@localhost ~]# chkconfig --list | grep spawn-fcgi
spawn-fcgi          0:off   1:off   2:on    3:on    4:on    5:on    6:off
[root@localhost ~]# /etc/rc.d/init.d/spawn-fcgi start

spawn-fcgiの自動起動設定およびサービス起動(CentOS 7)

[root@localhost ~]# systemctl enable spawn-fcgi.service
[root@localhost ~]# systemctl list-unit-files | grep spawn-fcgi
spawn-fcgi.service                               enabled
[root@localhost ~]# systemctl start spawn-fcgi

php-fpmのダウンロードおよびインストール

[root@localhost ~]# yum --enablerepo=epel install php-fpm
[root@localhost ~]# vim /etc/php-fpm.d/www.conf
-------------------------ここから-------------------------
; user = apache  ← コメントアウト
user = nginx     ← 追加
; group = apache ← コメントアウト
group = nginx    ← 追加
-------------------------ここまで-------------------------

php-fpmの自動起動設定およびサービス起動(CentOS 5, 6)

[root@localhost ~]# chkconfig php-fpm on
[root@localhost ~]# chkconfig --list | grep php-fpm
php-fpm         0:off   1:off   2:on    3:on    4:on    5:on    6:off
[root@localhost ~]# /etc/rc.d/init.d/php-fpm start

php-fpmの自動起動設定およびサービス起動(CentOS 7)

[root@localhost ~]# systemctl enable php-fpm.service
[root@localhost ~]# systemctl list-unit-files | grep php-fpm
nginx.service                               enabled
[root@localhost ~]# systemctl start php-fpm

nginx.conf編集

[root@localhost ~]# vim /etc/nginx/nginx.conf
-------------------------ここから-------------------------
user                    nginx;
worker_processes        auto;
worker_cpu_affinity     auto;
worker_rlimit_nofile    1024;
error_log               /var/log/nginx/error.log;
pid                     /var/run/nginx.pid;

events {
    worker_connections  1024;
    use epoll;
    multi_accept on;
}

http {
    log_format    main  '$remote_addr - $remote_user [$time_local] "$request" '
                        '$status $body_bytes_sent "$http_referer" '
                        '"$http_user_agent" "$http_x_forwarded_for"';
    include             mime.types;
    default_type        application/octet-stream;
    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    gzip                on;
    keepalive_timeout   65;
    types_hash_max_size 2048;
    proxy_cache_path    /var/cache/nginx/proxy_cache levels=1:2 keys_zone=czone:4m inactive=7d max_size=50m;
    proxy_temp_path     /var/cache/nginx/temp;
    proxy_cache         czone;
    proxy_cache_key     "$scheme://$host$request_uri";
    proxy_set_header    Host               $host;
    proxy_set_header    X-Real-IP          $remote_addr;
    proxy_set_header    Remote-Addr        $remote_addr;
    proxy_set_header    X-Forwarded-Host   $host;
    proxy_set_header    X-Forwarded-Server $host;
    proxy_set_header    X-Forwarded-For    $proxy_add_x_forwarded_for;
    proxy_send_timeout  30;
    proxy_read_timeout  60;
    include             /etc/nginx/conf.d/*;
}
-------------------------ここまで-------------------------

インクルード用コンフィグファイル作成

[root@localhost ~]# mkdir /etc/nginx/conf.d ← インクルード用コンフィグディレクトリ作成
[root@localhost ~]# vim /etc/nginx/conf.d/<コンフィグファイル名>.conf
-------------------------ここから-------------------------
server {
        listen                  80;
        server_name             <ホスト名/IPアドレス>;
        access_log              /var/log/nginx/<ホスト名/IPアドレス>.access.log;
        error_log               /var/log/nginx/<ホスト名/IPアドレス>.error.log;
        location / {
                root                    /var/www/html;
                index                   index.html index.htm;
        }
        location ~ [^/]\.cgi(/|$) {
                fastcgi_split_path_info ^(.+\.cgi)(/.+)$;
                if (!-f $document_root$fastcgi_script_name) {
                        return 404;
                }
                root                    /var/www/html;
                fastcgi_pass            127.0.0.1:9001;
                fastcgi_index           index.cgi;
                fastcgi_buffers         8 16k;
                fastcgi_buffer_size     32k;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;
                fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
                include                 fastcgi_params;
        }
        location ~ [^/]\.php(/|$) {
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                if (!-f $document_root$fastcgi_script_name) {
                        return 404;
                }
                root                    /var/www/html;
                fastcgi_pass            127.0.0.1:9000;
                fastcgi_index           index.php;
                fastcgi_buffers         8 16k;
                fastcgi_buffer_size     32k;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_path_info;
                fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
                include                 fastcgi_params;
        }
        location ~ /purge(/.*) {
                allow                   127.0.0.1;
                deny                    all;
                proxy_cache_purge       czone "$scheme://$host$1$is_args$args";
        }
}
-------------------------ここまで-------------------------

nginxのログローテーション設定

[root@localhost ~]# vim /etc/logrotate.d/nginx
-------------------------ここから-------------------------
/var/log/nginx/*log {
    daily
    rotate 31
    dateext
    missingok
    notifempty
    sharedscripts
    compress
    postrotate
        /sbin/service nginx reload > /dev/null 2>/dev/null || true
    endscript
}
-------------------------ここまで-------------------------

nginxの自動起動設定およびサービス起動(CentOS 5, 6)

[root@localhost ~]# chkconfig nginx on
[root@localhost ~]# chkconfig --list | grep nginx
nginx           0:off   1:off   2:on    3:on    4:on    5:on    6:off
[root@localhost ~]# /etc/init.d/nginx start

nginxの自動起動設定およびサービス起動(CentOS 7)

[root@localhost ~]# systemctl enable nginx.service
[root@localhost ~]# systemctl list-unit-files | grep nginx
nginx.service                               enabled
[root@localhost ~]# systemctl start nginx.service

Perlの動作テスト

[root@localhost ~]# vim /var/www/html/index.cgi
-------------------------ここから-------------------------
#!/usr/bin/perl
print "Content-type: text/plain\n\n";
print `perl -v`;
print `perl -V`;
print `find \`perl -e 'print "@INC"'\` -name '*.pm' -print`;
-------------------------ここまで-------------------------
[root@localhost ~]# chown nginx:nginx /var/www/html/index.cgi
[root@localhost ~]# chmod 775 /var/www/html/index.cgi
[root@localhost ~]# curl http://<ホスト名/IPアドレス>/index.cgi

PHPの動作テスト

[root@localhost ~]# vim /var/www/html/index.php
-------------------------ここから-------------------------
<?php
  phpinfo();
?>
-------------------------ここまで-------------------------
[root@localhost ~]# chown nginx:nginx /var/www/html/index.php
[root@localhost ~]# chmod 775 /var/www/html/index.php
[root@localhost ~]# curl http://<ホスト名/IPアドレス>/index.php
bloodia
Apple製品大好きな怠惰人。趣味は筋トレ、格闘技・プロレス観戦、ツーリング(2014年引退)、カラオケ、食べ歩き。高尿酸血症とカリウム欠乏症を患い中。適当な事を適当な塩梅で適当につぶやいています。
https://www.bloodia.net/
Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
No comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
ユーザーは見つかりませんでした