• nginx 下载链接：http://nginx.org/download/nginx-1.18.0.tar.gz
• centos7 镜像下载链接：http://mirrors.aliyun.com/centos/7/isos/x86_64/
• 也可以在服务器上面：wget http://nginx.org/download/nginx-1.18.0.tar.gz 

1.创建基础目录（已经有的话，请跳过）

# 用来存储我们下载好的一些文件或者软件
mkdir -p /home/service
# 用来存储配置文件
mkdir -p /home/config
# 用来存储日志
mkdir -p /home/logs
# sh脚本
mkdir -p /home/sh

安装wget：yum install wget

2. 下载解压nginx（复制全部，粘贴运行就好了）

# 没有wget 的话，yum install wget
cd /home/service
wget http://nginx.org/download/nginx-1.18.0.tar.gz
tar -xzvf nginx-1.18.0.tar.gz
cd nginx-1.18.0

3. 执行安装（复制全部，粘贴运行就好了）

yum -y install gcc pcre pcre-devel zlib openssl openssl-devel
cd /home/service/nginx-1.18.0
./configure --prefix=/home/service/nginx --with-http_ssl_module
make install

4. 设置nginx自启文件（复制全部，粘贴运行就好了）

mkdir -p /home/config/nginx
cat <<'EOF'> /home/config/nginx/nginx.service
[Unit]
Description=nginx
After=network.target

[Service]
Type=forking
ExecStart=/home/service/nginx/sbin/nginx -c /home/service/nginx/conf/nginx.conf
ExecReload=/home/service/nginx/sbin/nginx restart
ExecStop=/home/service/nginx/sbin/nginx  stop
PrivateTmp=true
[Install]
WantedBy=multi-user.target
EOF

cp /home/config/nginx/nginx.service /lib/systemd/system/nginx.service

5. 编写nginx配置（复制全部，粘贴运行就好了）

mkdir -p /home/logs/nginx
mkdir -p /home/config/nginx/
mkdir -p /home/config/nginx/conf.d
cat <<'EOF'> /home/service/nginx/conf/nginx.conf
#user nginx nginx;
#user root;
worker_processes  auto;

error_log  /home/logs/nginx/error.log warn;
#pid        /var/run/nginx.pid;

worker_rlimit_nofile 65535;
events {
    use epoll;
        worker_connections  65535;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
    fastcgi_intercept_errors on;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /home/logs/nginx/access.log  main;
    limit_conn_zone $binary_remote_addr zone=conn:10m;
    limit_req_zone $binary_remote_addr zone=allips:10m rate=50r/s;

    server_names_hash_bucket_size 128;
    client_header_buffer_size 128k;
    large_client_header_buffers 4 128k;
    client_max_body_size 20m;
    client_body_timeout 120;
    server_tokens off;
    sendfile        on;
    tcp_nopush     on;

    keepalive_timeout  65;
    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 128k;
    gzip on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_comp_level 2;
    gzip_vary on;
    gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
    
    include /home/config/nginx/conf.d/*.conf;
}
EOF

# 软链
ln -s /home/service/nginx/conf/nginx.conf /home/config/nginx/

6. 编写80监听转发配置（复制全部，粘贴运行就好了）

cat <<'EOF'> /home/config/nginx/conf.d/nginx.conf
#此配置文件为websocket
map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

#upstream dist {
    #server  127.0.0.1:8123;
#}

#80端口转向443
#server {
  #listen 80;
  #server_name 域名.com,www.域名.com;
  #return 301 https://www.域名.com$request_uri;
#}

#非www重定向www
#server {
 #listen 443;
 #server_name 域名.com;
 #return 301 https://www.域名.com$request_uri;
#}

server {
        listen       80;
        #listen       443 default_server ssl;
        #server_name  www.域名.com;
        server_name  localhost;
        root /home/service/nginx/html;
        index index.html index.htm;
        
        #location ~*\.(gif|jpg|jpeg|png|bmp|swf|css|js|html)$ {
        #   root /home/service/nginx/html;
        #}
 
        #下载目录
        #location /download {
            #rewrite ^/download/(.*)$ /$1 break;
            #add_header   Content-Type     "application/octet-stream;charset=utf-8";
            #add_header   Content-Disposition "attachment; filename*=utf-8'zh_cn'$arg_n";
            #root /home/www/html/downloadF;
            #autoindex on;
            #autoindex_exact_size off;
        #}

         #配置https
         #ssl_certificate /home/config/nginx/sslfile/1_www.域名.com_bundle.crt;
         #ssl_certificate_key /home/config/nginx/sslfile/2_www.域名.com.key;
         #ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
         #ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
         #ssl_prefer_server_ciphers on;
         #ssl_session_cache   shared:SSL:10m;
         #ssl_session_timeout 10m;
         #ssl_buffer_size 1400;

location /api {
                 proxy_http_version 1.1;
                 proxy_set_header Connection "";
                 proxy_connect_timeout 60s;
                 proxy_read_timeout 60s;
                 proxy_send_timeout 60s;
                 proxy_buffer_size 512k;
                 proxy_buffering  on;
                 proxy_buffers   8 512k;
                 proxy_busy_buffers_size 1024k;
                 proxy_max_temp_file_size 100M;
                 proxy_pass http://127.0.0.1:8080; #http://dist
                 proxy_redirect              off;
                 proxy_set_header            Host $host;
                 proxy_set_header            X-real-ip $remote_addr;
                 proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;
                 proxy_set_header Upgrade $http_upgrade;
                 proxy_set_header Connection 'upgrade';
                 proxy_set_header Origin "";
                 #限制TCP并发连接数100/s
                 limit_conn conn 100;
         }
}
EOF

systemctl enable nginx.service
systemctl start nginx.service
service nginx status

7. 防火墙开启80端口（复制全部，粘贴运行就好了）

yum -y install firewalld
systemctl start firewalld.service
chkconfig --level 35 firewalld on
firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --reload
firewall-cmd --list-ports

8. 测试访问