lamess / Nginx编译安装

Created Thu, 27 Jun 2024 11:52:30 +0800 Modified Wed, 26 Mar 2025 14:28:41 +0800
671 Words
Nginx Linux

Nginx编译安装

软件下载

从官网下载最新的Nginx源码包。

wget https://nginx.org/download/nginx-1.26.1.tar.gz

编译期间还需要使用OpenSSL和PCRE2以及Zlib,下载各自的最新版本文件。

wget https://www.openssl.org/source/openssl-3.3.1.tar.gz
wget https://github.com/PCRE2Project/pcre2/releases/download/pcre2-10.44/pcre2-10.44.tar.gz
wget https://www.zlib.net/zlib-1.3.1.tar.gz

安装相关依赖

使用编译相关的依赖软件。

dnf install gcc make pcre-devel openssl-devel zlib-devel libxslt-devel gd-devel perl-devel gperftools-devel -y

全功能编译

从YUM源内安装的Nginx,使用nginx -V命令查询其安装参数。参考这个安装参数进行编译。
这里使用了--with-openssl-opt--with-zlib-opt-with-pcre-opt参数直接指定相关软件的路径而不需要另外编译安装。

./configure \
--prefix=/usr/local/nginx \
--with-openssl-opt=/opt/openssl-3.3.1 \
--with-zlib-opt=/opt/zlib-1.3.1 \
--with-pcre-opt=/opt/pcre2-10.44 \
--with-http_flv_module \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-file-aio \
--with-http_v2_module \
--with-http_addition_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_sub_module \
--with-http_dav_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_degradation_module \
--with-http_slice_module \
--with-http_perl_module=dynamic \
--with-http_auth_request_module \
--with-mail=dynamic \
--with-mail_ssl_module \
--with-pcre-jit \
--with-stream=dynamic \
--with-stream_ssl_module \
--with-google_perftools_module \
--with-debug \
--with-cc-opt='-O2 -g -grecord-gcc-switches -pipe -fstack-protector-strong -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection' \
--with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,-E'
make
make install
安装nginx-http-flv-module 
git clone https://github.com/winshining/nginx-http-flv-module.git
./configure \
--prefix=/usr/local/nginx \
--with-openssl-opt=/opt/openssl-3.3.1 \
--with-zlib-opt=/opt/zlib-1.3.1 \
--with-pcre-opt=/opt/pcre2-10.44 \
--add-module=/opt/nginx-http-flv-module \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-file-aio \
--with-http_v2_module \
--with-http_addition_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_sub_module \
--with-http_dav_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_degradation_module \
--with-http_slice_module \
--with-http_perl_module=dynamic \
--with-http_auth_request_module \
--with-mail=dynamic \
--with-mail_ssl_module \
--with-pcre-jit \
--with-stream=dynamic \
--with-stream_ssl_module \
--with-google_perftools_module \
--with-debug \
--with-cc-opt='-O2 -g -grecord-gcc-switches -pipe -fstack-protector-strong -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection' \
--with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,-E'
make
make install
基础功能编译 
./configure \
--prefix=/usr/local/nginx \
--add-module=/opt/nginx-http-flv-module-1.2.11 \
--with-openssl-opt=/opt/openssl-1.1.1w \
--with-zlib-opt=/opt/zlib-1.3.1 \
--with-http_stub_status_module \
--with-http_ssl_module \
--with-http_realip_module \
--with-pcre-opt=/opt/pcre2-10.44 \
--with-http_stub_status_module
make
make install

创建用户并授权。

groupadd nginx
useradd -g nginx -s /bin/false nginx
chown -R nginx:nginx /usr/local/nginx/

增加软链接。

ln -s /usr/local/nginx/sbin/nginx /usr/sbin/nginx

安装完成后,部署systemd监控,按需修改执行文件路径为实际的路径即可。

cat > /usr/lib/systemd/system/nginx.service << EOF
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target

[Service]
User=nginx
Group=nginx
LimitNOFILE=65535
LimitNPROC=65535
Type=forking
PIDFile=/usr/local/nginx/nginx.pid
# Nginx will fail to start if /usr/local/nginx/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running \`nginx -t\` from the cmdline.
ExecStartPre=/usr/bin/rm -f /usr/local/nginx/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/bin/kill -s HUP \$MAINPID
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=mixed
PrivateTmp=true

[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload

这里使用/usr/local/nginx/nginx.pid存放pid文件,需要对应地将nginx.conf中的pid配置为相同的路径。

pid        /usr/local/nginx/nginx.pid;