Linux sugar (2)

date
Nov 23, 2022
slug
9fa4ea23095868910ef60fd038efd412
status
Published
tags
Linux
summary
This passage is a quick start guide to installing and configuring Nginx on a Linux server.
type
Post

Nginx quick start

Install and enable nginx

  • Install nginx: yum install nginx -y
  • Start nginx: sudo systemctl start nginx
  • Open the corresponding port on the server firewall.
After completing the above steps, you can access the nginx test page by visiting http://<your-domain>.

Configure server access path

Nginx provides web functionality for the server. In order for nginx to correctly display the blog to readers, the server access path needs to be modified in the nginx configuration file.
Open the nginx configuration file:
sudo vim /etc/nginx/nginx.conf
The default nginx configuration file looks like this:
#user  nobody;
worker_processes  1;
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    #keepalive_timeout  0;
    keepalive_timeout  65;
    #gzip  on;
     server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _; //Your domain name
        root /usr/share/nginx/html;  //Directory where website files are stored
        include /etc/nginx/default.d/*.conf;
        location / {
        }
        error_page 404 /404.html;
            location = /40x.html {
        }
        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }
}
    }
}

Add http block

We need to modify the server block in the http block:
 server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _; //Modify to your domain name
        root /usr/share/nginx/html;  //Directory where website files are stored
        include /etc/nginx/default.d/*.conf;
        location / {
        }
        error_page 404 /404.html;
            location = /40x.html {
        
        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }
}
  • Modify the server_name item to your registered domain name.
  • Modify the root item to the location where your static blog files are stored. For example, modify it to root /var/www/blog;
💡
The path of the static files can be chosen by yourself, but you must pay attention to the permissions of each folder in the path. They cannot be placed in a folder with drwx------ permissions.

Configure HTTPS

Use HTTPS protocol to prevent website hijacking.

Obtain Let's Encrypt certificate

  • yum install certbot
  • certbot certonly --email email --agree-tos --webroot -w /var/www/blog (display directory) -d domain name

Configure HTTPS for nginx

server {
    listen  80;
    server_name blog.qikqiak.com;
    rewrite ^(.*)$  <https://$host$1> permanent;
}  //Access HTTP, automatically jump to HTTPS
server
{
    listen 80 ssl;
    ssl_certificate /etc/letsencrypt/live/blog.qikqiak.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/blog.qikqiak.com/privkey.pem;
    server_name modify to domain name;
    root /var/www/blog;
}
Reload nginx -s reload

Add automated task to update certificate

$ crontab -l
30 4 1,7,21,28 * * root /usr/bin/certbot renew --renew-hook "/usr/sbin/nginx -s reload"

© 2PoL 2020 - 2025