$
sudo
useradd
-g 100 -u 200 user_00
$
sudo
groupadd -g 300 www
$
sudo
useradd
-g 300 -u 300 -s
/sbin/nologin
www
$
sudo
mkdir
-p
/usr/local/services/src
$
sudo
chown
-R user_00.usrs
/usr/local/services
$
su
- user_00
$
cd
/usr/local/services/src
|
$ wget http:
//luajit
.org
/download/LuaJIT-2
.1.0-beta2.
tar
.gz
$
tar
xf LuaJIT-2.1.0-beta1.
tar
.gz
$
cd
LuaJIT-2.1.0-beta1
$
make
PREFIX=
/usr/local/services
$
make
install
PREFIX=
/usr/local/services
$
echo
"/usr/local/services/lib"
|
sudo
tee
-a
/etc/ld
.so.conf
$
sudo
ldconfig
|
$ wget http:
//tengine
.taobao.org
/download/tengine-2
.1.2.
tar
.gz
$ wget
ftp
:
//ftp
.lanet.lv
/pub/unix/security/libmd5-0
.8.2b.
tar
.gz
$ wget https:
//sourceforge
.net
/projects/pcre/files/pcre/8
.39
/pcre-8
.39.
tar
.gz
/download
$ wget https:
//www
.openssl.org
/source/openssl-1
.0.2j.
tar
.gz
$ .
/configure
\
--prefix=
/usr/local/services/tengine-2
.1.2 \
--user=www \
--group=www \
--with-http_ssl_module \
--with-http_lua_module \
--with-http_realip_module \
--with-http_stub_status_module \
--with-http_gzip_static_module \
--with-sha1=
/usr
\
--with-openssl=
/usr/local/services/src/openssl-1
.0.2j \
--with-md5=
/usr/local/services/src/md5
\
--with-pcre=
/usr/local/services/src/pcre-8
.39 \
--with-luajit-inc=
/usr/local/services/include/luajit-2
.1 \
--with-luajit-lib=
/usr/local/services/lib
\
--without-select_module --without-poll_module \
--without-http_userid_module \
--without-mail_pop3_module \
--without-mail_imap_module >
/dev/null
$
make
>
/dev/null
&&
make
install
>
/dev/null
$
cd
/usr/local/services/tengine-2
.1.2
$
mkdir
{temp,conf
/sites-
{available,enabled}}
$
sudo
chown
www.www temp
|
$
cd
/usr/local/services/tengine-2
.1.2
/conf
$
cat
nginx.conf
user www www;
worker_processes 2;
worker_cpu_affinity auto;
pid logs
/nginx
.pid;
error_log logs
/error
.log error;
#Specifies the value for maximum file descriptors that can be opened by this process.
events {
use epoll;
worker_connections 102400;
}
worker_rlimit_nofile 102400;
http {
include mime.types;
server_info off;
server_tokens off;
server_tag off;
default_type application
/octet-stream
;
real_ip_header X-Forwarded-For;
set_real_ip_from 172.31.0.0
/16
;
log_format main
'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $request_time $upstream_response_time $host'
;
server_names_hash_bucket_size 256;
client_header_buffer_size 256k;
large_client_header_buffers 8 128k;
client_max_body_size 8m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 60;
proxy_connect_timeout 100s;
proxy_read_timeout 300;
proxy_send_timeout 300;
proxy_buffer_size 512k;
proxy_buffers 16 256k;
proxy_busy_buffers_size 512k;
proxy_temp_file_write_size 512k;
proxy_ignore_client_abort on;
gzip
on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text
/plain
application
/javascript
application
/x-javascript
text
/css
application
/xml
text
/javascript
;
gzip_vary on;
charset utf-8;
access_log logs
/access
.log main;
log_not_found off;
ssi on;
ssi_silent_errors on;
ssi_types text
/shtml
;
fastcgi_temp_path temp
/fastcgi_temp
;
client_body_temp_path temp
/client_body_temp
;
proxy_temp_path temp
/proxy_temp
;
scgi_temp_path temp
/scgi_temp
;
uwsgi_temp_path temp
/uwsgi_temp
;
#error_page 500 502 503 504 /50x.html;
#error_page 400 403 405 408 404 /40x.html;
req_status_zone server
"$host"
256M;
req_status_zone_add_indicator server $limit;
upstream appname {
server 127.0.0.1:8000 weight=1;
server 127.0.0.2:8000 weight=1;
keepalive 600;
check interval=5000 rise=2 fall=5 timeout=1000
type
=http;
check_keepalive_requests 100;
check_http_send
"HEAD / HTTP/1.0\r\nConnection: keep-alive\r\n\r\n"
;
check_http_expect_alive http_2xx http_3xx;
}
server {
listen 80 default;
server_name _;
return
444;
access_log off;
}
include sites-enabled/*.conf;
}
|
$
cd
/usr/local/services/tengine-2
.1.2
/conf/sites-available
$
cat
www.soa.com.conf
server {
listen 80;
server_name www.soa.com;
root
/data/apps/soa/appname
;
req_status server;
location / {
index index.html index.jsp;
try_files $uri $uri/ @proxy;
}
location @proxy {
proxy_pass http:
//appname
;
}
location ~ \.jsp$ {
proxy_redirect off;
proxy_pass http:
//www
.esearchapi.com;
proxy_http_version 1.1;
proxy_set_header Connection
""
;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ~ .*\.(js|css)?$ {
expires 12h;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp)$ {
expires 1d;
}
}
|
$
cd
/usr/local/services/tengine-2
.1.2
/conf/sites-available
$
cat
127.0.0.1.conf
server {
listen 80;
server_name 127.0.0.1;
access_log off;
set
$limit 0;
if
($arg_limit =
'1'
) {
set
$limit 1; }
location
/stats
{
stub_status on;
}
location
/upstream_stats
{
check_status;
}
location
/request_stats
{
req_status_show;
req_status_show_field req_total conn_total bytes_in bytes_out rt
http_200 http_404 http_403 http_500 http_502 http_503 http_504
http_2xx http_3xx http_4xx http_5xx http_other_status $limit;
}
}
|