Skip to main content

Nginx

Nginx Proxy Deployment

  1. Download the Nginx installation package

    wget https://pdpublic.mingdao.com/private-deployment/offline/common/nginx-1.28.0-glibc2.17-amd64.tar.gz

  2. Extract the Nginx installation package to the installation directory

    tar xf nginx-1.28.0-glibc2.17-amd64.tar.gz -C /usr/local/

  3. Create configuration and log storage directories

    mkdir -p /usr/local/nginx/conf/conf.d /data/logs/weblogs/

  4. Write the Nginx main configuration file

    cat > /usr/local/nginx/conf/nginx.conf <<\EOF
    user  nobody;
    worker_processes  auto;
    worker_cpu_affinity auto;
    worker_rlimit_nofile 204800;
    pid        nginx.pid;
    events {
        use epoll;
        worker_connections 20480;
    }
    http {
        include       mime.types;
        default_type  application/octet-stream;
        server_tokens off;

        log_format main "$http_x_forwarded_for | $time_local | $request | $status | $body_bytes_sent | "
                    "$request_body | $content_length | $http_referer | $http_user_agent | "
                    "$http_cookie | $remote_addr | $hostname | $upstream_addr | $upstream_response_time | $request_time";

        server_names_hash_bucket_size 128;
        client_header_buffer_size 8k;
        client_max_body_size 10M;
        large_client_header_buffers 4 32k;
        sendfile       on;
        tcp_nopush     on;
        tcp_nodelay    on;
        proxy_buffer_size     64k;
        proxy_buffers         4 128k;
        keepalive_timeout  10;
        open_file_cache max=102400 inactive=60s;
        open_file_cache_valid 30s;
        open_file_cache_min_uses 1;
        resolver_timeout     10s;
        underscores_in_headers on;

        gzip  on;
        gzip_proxied any;
        gzip_disable "msie6";
        gzip_vary on;
        gzip_min_length 1024;
        gzip_comp_level 8;
        gzip_buffers 16 8k;
        gzip_types text/plain text/css application/json application/x-javascript application/javascript text/xml application/xml application/xml+rss text/javascript image/jpeg image/gif image/png;
        proxy_http_version 1.1;
        include conf.d/*.conf;
    }
    EOF

  5. Configure the host proxy file

    cat > /usr/local/nginx/conf/conf.d/hap.conf <<\EOF
    upstream hap {
        server 192.168.10.20:8880;
        server 192.168.10.21:8880;
        server 192.168.10.22:8880;
    }

    server {
        listen 80;
        server_name hap.domain.com;
        access_log /data/logs/weblogs/hap.domain.com.log main;
        error_log /data/logs/weblogs/hap.domain.com.error.log;

        underscores_in_headers on;
        client_max_body_size    2048m;
        gzip  on;
        gzip_proxied any;
        gzip_disable "msie6";
        gzip_vary on;
        gzip_min_length 512;
        gzip_comp_level 6;
        gzip_buffers 16 8k;
        gzip_types text/plain text/css application/json application/x-javascript application/javascript application/octet-stream text/xml application/xml application/xml+rss text/javascript image/jpeg image/gif image/png;

        location / {
            set $real_ip '';
            if ($http_x_real_ip) {
                set $real_ip $http_x_real_ip;
            }
            if ($http_x_real_ip = '') {
                set $real_ip $remote_addr;
            }
            proxy_set_header X-Real-IP $real_ip;
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://hap;
        }

        # Required for IM
        location ~ /mds2 {
            proxy_set_header Host $http_host;
            proxy_hide_header X-Powered-By;
            proxy_set_header X-NginX-Proxy true;
            proxy_pass http://hap;
            proxy_redirect off;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection upgrade;
        }
    }
    EOF

  6. Start Nginx

    Check the Nginx configuration file format

    /usr/local/nginx/sbin/nginx -t

    Start Nginx

    /usr/local/nginx/sbin/nginx

  7. Add to startup on boot

    echo "/usr/local/nginx/sbin/nginx" >> /etc/rc.local
    chmod +x /etc/rc.d/rc.local

Nginx Log Scheduled Rotation

  1. Create directories to store configuration files and old logs

    mkdir -p /usr/local/logrotate-config
    mkdir -p /data/logs/weblogs/oldlogs

  2. Create the configuration file

    cat > /usr/local/logrotate-config/nginx <<\EOF
    /data/logs/weblogs/*.log {
    create 0664 nobody root
    daily
    dateext
    dateformat -%Y-%m-%d
    dateyesterday
    rotate 180
    missingok
    ifempty
    compress
    delaycompress
    olddir /data/logs/weblogs/oldlogs
    sharedscripts
    postrotate
        /bin/kill -USR1 `cat /usr/local/nginx/nginx.pid 2>/dev/null` 2>/dev/null || true
    endscript
    }
    EOF

  3. Check the configuration file

    logrotate -d -f /usr/local/logrotate-config/nginx
    • Note to check debug output. If any error occurs, further troubleshooting is required.

  4. Execute crontab -e to write the following scheduled task into the configuration

    # Use Logrotate Cut Nginx Logs 
    0 0 * * * /usr/sbin/logrotate -f /usr/local/logrotate-config/nginx >/dev/null 2>&1