一、安装
1.安装gcc & git
‘’’apt-get install build-essential git gcc g++ make’’’
2.下载Nginx、Pcre、Openssl、Zlib
‘’’
wget "http://nginx.org/download/nginx-1.7.8.tar.gz"
wget "ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.36.tar.gz"
wget "https://www.openssl.org/source/openssl-1.0.1j.tar.gz"
wget "http://zlib.net/zlib-1.2.8.tar.gz"
‘’’
3.下载Nginx扩展
‘’’
git clone https://github.com/cuber/ngx_http_google_filter_module
git clone https://github.com/yaoweibin/ngx_http_substitutions_filter_module
‘’’
4.解压缩
‘’’
tar xzvf nginx-1.7.8.tar.gz
tar xzvf pcre-8.36.tar.gz
tar xzvf openssl-1.0.1j.tar.gz
tar xzvf zlib-1.2.8.tar.gz
‘’’
5.编译、安装
‘’’
cd nginx-1.7.8
./configure \
–prefix=/opt/nginx-1.7.8 \
–with-pcre=../pcre-8.36 \
–with-openssl=../openssl-1.0.1j \
–with-zlib=../zlib-1.2.8 \
–with-http_ssl_module \
–add-module=../ngx_http_google_filter_module \
–add-module=../ngx_http_substitutions_filter_module
make
make install
‘’’
二、配置
1.ssl自签名证书
(生成https连接使用的,适合于自用,如果公用,还是应该去买一个):
‘’’
wget https://github.com/michaelliao/itranswarp.js/blob/master/conf/ssl/gencert.sh
./gencert.sh #运行,运行过程中需输入4次pass phrase,应保持一致
‘’’
之后,当前目录会出现4个文件:
- example.com.crt:自签名的证书,将此文件下载致本地计算机,加入“受信任的根证书”中,详情请谷歌
- example.com.csr:证书的请求
- example.com.key:不带口令的Key
- example.com.origin.key:带口令的Key
2.配置Nginx
‘’’
vi /opt/nginx-1.7.8/conf/nginx.conf
‘’’
修改为
#以下设置是为了强制使用https
server {
server_name <你的域名>;
listen 80;
resolver 8.8.8.8;
location / {#将此处的html替换为你的虚拟主机根目录
root html;
index index.html index.htm;
}#将404的页面重定向到https的首页,强制使用Https
error_page 404 https://你的域名/;
}
修改/opt/nginx-1.7.8/conf/nginx.conf中的https配置
server {
server_name <你的域名>;
listen 443 ssl;
ssl_certificate <你的证书> # 如:之前生成的 example.com.crt
ssl_certificate_key <你的私钥> # 如:之前生成的example.com.key
resolver 8.8.8.8;
location {
google on;
}
}
为了强制使用Https访问,修改/opt/nginx-1.7.8/html目录下的index.html文件内容为:
‘’’html
<html>
<meta http-equiv="refresh" content="0;url=https://你的域名/">
</html>
‘’’
三、启动
‘’’/opt/nginx-1.7.8/sbin/nginx’’’
开机自启动:
‘’’vi /etc/rc.local’’’
加入:
‘’’/opt/nginx-1.7.8/sbin/nginx’’’
完毕