对一些独立的应用,我觉得还是自己编译来的放心一些,这些应用一般不会频繁升级,自己编译定制选项比rpm会更有效率一些,比如Apache、Nginx等,记录备忘如下:

1、获取源码

cd /usr/local/src
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.30.tar.gz
wget http://www.nginx.org/download/nginx-1.2.1.tar.gz

2、编译安装

tar zxvf pcre-8.30.tar.gz
tar zxvf nginx-1.2.1.tar.gz

cd nginx-1.2.1
./configure --with-pcre=/usr/local/src/pcre-8.30 --with-openssl=/usr --user=www --group=www --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/var/run/nginx.pid --lock-path=/var/lock/subsys/nginx --with-http_realip_module --with-http_sub_module --with-http_stub_status_module --with-http_gzip_static_module --with-cc-opt='-O2 -g -m64 -mtune=generic'

注:这个是我的定制版的Nginx,之前修改过nginx源码里的一些东西,所以上面的部分编译参数会有些奇怪,注意--with-cc-opt部分,另外,上面的配置选项,指定了执行文件、配置文件和日志目录与临时目录的位置,指定了启动nginx的用户为www,这个是没有使用nginx或者nobody,是因为有时我会在机器上同时安装apache,也会用这个www用户启动,当有用户上传文件的时候,文件的所有者会是同一个用户,以免出现权限问题。

3、建立启动脚本,添加服务

shell>vi /etc/rc.d/init.d/nginx
#!/bin/bash
# nginx Startup script for the Nginx HTTP Server
# it is v.0.0.2 version.
# chkconfig: - 85 15
# description: Nginx is a high-performance web and proxy server.
# It has a lot of features, but it's not for everyone.
# processname: nginx
# pidfile: /var/run/nginx.pid
# config: /usr/local/nginx/conf/nginx.conf
nginxd=/usr//sbin/nginx
nginx_config=/etc/nginx/nginx.conf
nginx_pid=/var/run/nginx.pid
RETVAL=0
prog="nginx"
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -x $nginxd ] || exit 0
# Start nginx daemons functions.
start() {
if [ -e $nginx_pid ];then
echo "nginx already running...."
exit 1
fi
echo -n $"Starting $prog: "
daemon $nginxd -c ${nginx_config}
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/nginx
return $RETVAL
}
# Stop nginx daemons functions.
stop() {
echo -n $"Stopping $prog: "
killproc $nginxd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/nginx /usr/local/nginx/logs/nginx.pid
}
reload() {
echo -n $"Reloading $prog: "
#kill -HUP `cat ${nginx_pid}`
killproc $nginxd -HUP
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;

status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|reload|status|help}"
exit 1
esac
exit $RETVAL

加入服务并自启动

chmod +x /etc/rc.d/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
service nginx start

安装php与fastcgi支持,我是通过yum方式安装的,图个省事

yum -y install php php-devel mysql mysql-server mysql-devel memcached php-pecl-memcache php-fpm
yum -y install php-mysql php-gd php-xml php-mcrypt php-mbstring php-pear php-snmp libdbi-dbd-mysql

记得修改fastcgi_params或者fastcgi.conf,添加:

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;

一些注意事项

1、如何彻底屏蔽掉Nginx的banner

为了安全或者某些个人的原因,如果要屏蔽掉nginx的banner,要修改以下几个位置:

src/http/ngx_http_header_filter_module.c
src/http/ngx_http_special_response.c
src/core/nginx.h

按照网上绝大部分文章的说法是仅仅修改nginx.h,那么只在一种情况下这种修改是有效的:把server_tokens设置为on;但是,此时在404/403等各种内置错误页面面内看到的底部banner提示也仍然是nginx,所以,必须修改上述的三个文件才能全部屏蔽掉

2、如何修改Nginx的默认错误页面
我这里不是指通过修改nginx.conf或者虚拟主机设置来“指定”错误页面,而是要彻彻底底的修改掉Nginx默认编译进去的404,方法很简单,修改 src/http/ngx_http_special_response.c,在这个文件靠近底部的地方有3xx到5xx各种错误页面的代码

3、如何关闭错误日志
通过error-log off;这种写法是关闭不掉的,如果是通过rpm安装的话,会在/usr/share/nginx下产生一个文件,文件名就是off,错误日志都会写到这里。如果是编译安装的话根据编译路径也一定会生成这个文件。正确的关闭方法是:

error_log /dev/null crit;

加上crit是指只记录级别为严重的错误,日志记录到/dev/null,即空

如果想要默认关闭所有站点的日志,那么可以修改nginx.conf,在http{}里加上:

access_log off;
error_log /dev/null crit;

如果需要给个别主机开启日志,那么在该主机的server{}段内单独指定access_log和error_log即可。

4、Nginx的日志是如何分级的

#define NGX_LOG_STDERR            0
#define NGX_LOG_EMERG             1
#define NGX_LOG_ALERT             2
#define NGX_LOG_CRIT              3
#define NGX_LOG_ERR               4
#define NGX_LOG_WARN              5
#define NGX_LOG_NOTICE            6
#define NGX_LOG_INFO              7
#define NGX_LOG_DEBUG             8

默认的错误等级则是:NGX_LOG_ERR
所以如果你需要详细的调试信息,你应该调整到DEBUG,记录会非常的详尽

5、如何开启Nginx的SSI

添加如下三行

    ssi on;
    ssi_silent_errors on;
    ssi_types text/shtml;

6、如何阻止未经许可的域名指向
修改nginx.conf,添加

    server{
       listen 80 default;
       return 404;
    }

7、如何实现Nginx解析静态,而Apache解析动态

一个简单的例子:

server {
 listen 80;
 server_name proxy.crsay.com;

#指定根目录和默认索引文件
 location / {
    root /www/htdocs/proxysite;
    index index.php index.html;

  # Nginx找不到文件时,转发请求给后端Apache
    error_page 404 @proxy;

#js/css与图片不记录日志,设置过期时间为1天
    location ~ .*\.(js|css)$ {
       access_log off;
       expires      1d;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
       access_log off;
       expires      1d;
    }
 }

#proxy_pass指定要处理php的服务器地址,如果用ip可以直接写,如果用域名,那么要修改/etc/hosts做本地指向
#动态文件.php请求转发给后端Apache
 location ~ \.php$ {
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass   http://apachesite:81;
 }

 location @proxy {
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_pass http://apachesite:81;
 }


#指定access日志,关闭error日志
 access_log /var/log/nginx/proxysite.crsay.com-access.log;
 error_log /dev/null crit;
}

8、nginx.conf设置的一些建议:
1)worker_rlimit_nofile和worker_connections的设置:
这个建议设置为系统ulimit -n得到的数字保持一致

2)gzip
压缩等级建议设置为2

3)log格式设置为如下,保证可以用作awstats分析

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

附录:

让Nginx支持Perl

1,安装perl的FCGI模块

perl -MCPAN -e shell
cpan[1]>install FCGI
cpan[1]>install FCGI::ProcManager
cpan[1]>exit

或者直接:

perl -MCPAN -e 'install FCGI'
perl -MCPAN -e 'install FCGI::ProcManager'

cpan中国镜像有两个,但有时候可能会连接不上,执行以下语句然后再安装

# perl -MCPAN -e shell
cpan> o conf urllist unshift  http://www.perl.com/CPAN/
cpan> o conf commit

2.获取fastcgi-wrapper.pl

wget http://www.ruby-forum.com/attachment/1583/fastcgi-wrapper.pl

3.开机启动
把文件保存在/usr/local/bin/里,编辑/etc/rc.local让其开机以daemon方式启动:

/usr/local/bin/fastcgi-wrapper.pl &

它会建立/var/run/nginx/perl_cgi-dispatch.sock这个sock,在Nginx的配置文件上要用到。
(确保运行nginx的用户对/var/run/nginx有读写的权限)

查看进程是否启动

ps aux|grep fcgi-wrapper.pl

4.建立perl.conf

    location ~ .*\.(pl|cgi)?$$ {
    gzip off; #gzip makes scripts feel slower since they have to complete before getting gzipped
    fastcgi_pass unix:/var/run/nginx/perl_cgi-dispatch.sock;
    fastcgi_index index.cgi;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   #fastcgi_param SCRIPT_FILENAME /var/www/awstats/wwwroot/cgi-bin$fastcgi_script_name;
    fastcgi_param QUERY_STRING $query_string;
    fastcgi_param REQUEST_METHOD $request_method;
    fastcgi_param CONTENT_TYPE $content_type;
    fastcgi_param CONTENT_LENGTH $content_length;
    fastcgi_param GATEWAY_INTERFACE CGI/1.1;
    fastcgi_param SERVER_SOFTWARE nginx;
    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    fastcgi_param REQUEST_URI $request_uri;
    fastcgi_param DOCUMENT_URI $document_uri;
    fastcgi_param DOCUMENT_ROOT $document_root;
    fastcgi_param SERVER_PROTOCOL $server_protocol;
    fastcgi_param REMOTE_ADDR $remote_addr;
    fastcgi_param REMOTE_PORT $remote_port;
    fastcgi_param SERVER_ADDR $server_addr;
    fastcgi_param SERVER_PORT $server_port;
    fastcgi_param SERVER_NAME $server_name;
}

5、修改Nginx配置文件
在server内添加

include perl.conf;

配置完成,重新启动nginx

nginx -s reload

6、测试 test.cgi

#!/usr/bin/perl
print "Content-type: text/html\n\n";
print "<html><body>Hello, world.</body></html>";

赋予执行权限

chmod +x test.cgi

7、一个简单的控制perl-fcgi的启动脚本

#!/bin/bash
echo
case $1 in

stop)
/bin/rm -f /var/run/nginx/perl_cgi-dispatch.sock
echo "FastCGI Perl Stopped."
;;

start)
/usr/local/bin/fastcgi-wrapper.pl &
echo "FastCGI Perl Started."
;;

status)
ps aux | grep fastcgi-wrapper
;;

restart)
/bin/rm -f /var/run/nginx/perl_cgi-dispatch.sock
echo "FastCGI Perl Stopped."
/usr/local/bin/fastcgi-wrapper.pl &
echo "FastCGI Perl Started."
;;

*)
echo "Usage: ./perl.sh start(stop|restart)"
;;

esac
echo