Change Apache to nginx notes

In fact, I have been switching Apache to nginx for many years, but I have never been too tired. It may also be because of the old age. Of course, the main reason is that there is no pressure. Currently, all my applications run well under Apache and are familiar with Apache configuration. However, the performance advantage of nginx is always there, which is an unstoppable temptation.

Last week, when I got together with Ling Hu and his helper, I installed nginx in Ubuntu on my mobile phone. However, the version of ubuntu 9.04 was too old and I didn't try again. Later, the Ubuntu was replaced by a cell phone and has not been reinstalled. In the past two days, I installed a configuration on Ubuntu 12.04 on the working machine. Later, it was officially deployed on a Debian server. Take notes by the way.

Install

Ubuntu 12.04 is simple.

apt-get install nginx php5-cgi php5-cli php5-fpm php-doc

But In Debian 6 is troublesome, because apt does not have a php5-fpm, only the source code installation, or use this source:

# In sources. add the following source sudo echo "Deb http://php53.dotdeb.org stable all">/etc/APT/sources in list. list # Or: Deb http://packages.dotdeb.org stable all # if necessary can also add: Deb-Src http://packages.dotdeb.org stable all # Add keywget http://www.dotdeb.org/dotdeb.gpgcat dotdeb. GPG | sudo apt-key add-RM dotdeb. gpgsudo apt-Get updatesudo apt-Get install php5-fpm

Initial Configuration

First, disable the Automatic startup of apapche. You can use sysv-RC-conf to configure it.

Then configure PHP-FPM to modify these files:

/etc/php5/fpm/php.ini/etc/php5/fpm/php-fpm.conf/etc/php5/fpm/pool.d/www.conf

The first is the configuration related to PhP. here we need to have this sentence:

cgi.fix_pathinfo = 0;

For the reason, see the notes in the nginx default configuration file.

The second configuration is related to FPM, and there is usually nothing to change.

The last one is web-related configuration. You can modify the FPM listening port number or something here.

Basic nginx Configuration

The main configuration files are:

/etc/nginx/nginx.conf/etc/nginx/conf.d/*.conf/etc/nginx/sites-enabled/*

Basically, nginx does not need to be modified. conf. All configurations related to the full site http can be placed in Conf. d /*. in Conf, the configurations of each virtual host are placed in sites-enabled.

Refer to the public configuration content of the whole site:

log_format main '$remote_addr - $remote_user [$time_local] "$request" '                '$status $body_bytes_sent "$http_referer" '                '"$http_user_agent" "$http_x_forwarded_for"';charset utf-8;

Note that the charset setting cannot ensure that the output must be UTF-8. Static files are generally okay, but for dynamic content (such as from PHP or Python wsgi), even if the returned content is indeed UTF-8 encoded, but if the encoding method is not specified in the HTTP Response Header, nginx will be the ISO-8859-1 by default, even if UTF-8 is specified here, it is useless, the result is that garbled characters are displayed in browsers such as Firefox (Some browsers recognize the Meta In the webpage, not necessarily according to the encoding method specified by the HTTP Response Header ).

There are two solutions: one is a temporary solution-Add a ISO-8859-1 to the nginx configuration charset_map of UTF-8 (the content is empty, of course, this will happen when the real ISO-8859-1 content will be garbled ). The other, of course, is permanent-Add the HTTP response header content to the dynamic content and specify the encoding method.

Refer to Virtual Host Configuration:

server {listen   80; ## listen for ipv4; this line is default and impliedserver_name yoursite.com www.yoursite.com;root /home/username/www;index index.html index.htm index.php;     error_log   /var/log/nginx/yoursite.error.log warn;     access_log  /var/log/nginx/yoursite.access.log main;        location = /favicon.ico {                log_not_found off;                access_log off;        }        location = /robots.txt {                allow all;                log_not_found off;                access_log off;        }        location / {                # This is cool because no php is touched for static content.                # include the "?$args" part so non-default permalinks doesn't break when using query string                try_files $uri $uri/ /index.php?$args;        }         location ~ \.php$ {                #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini                fastcgi_pass   127.0.0.1:9000;                fastcgi_index  index.php;                fastcgi_param  SCRIPT_FILENAME  /home/username/www$fastcgi_script_name;                include        fastcgi_params;                fastcgi_intercept_errors on;        }         location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {                expires max;                log_not_found off;        }location ~ /\.ht {deny all;}}

This configuration is modified according to the official WordPress configuration of nginx. Note that if one line of script_filename is displayed, the PHP page will be blank when this line is missing, but the HTTP response is 200 without errors. If this line is incorrect, HTML will be displayed normally, but PHP display 404 cannot be found.

Start nginx and php5-fpm after configuration is complete.

sudo /etc/init.d/php5-fpm startsudo /etc/init.d/nginx start

The stop method is similar:

sudo /etc/init.d/php5-fpm stopsudo /etc/init.d/nginx stop

SSL Configuration

This configuration is simple, basically the same as Apache. The part generated by the certificate will not be mentioned. It is all done using OpenSSL. However, nginx uses the. CRT/. Key File by default. Apache can also use the. pem file. In fact, you can manually split the. pem file into. CRT/. Key.

The basic configuration is as follows:

Server {Listen 443; # Listen for IPv4 SERVER_NAME yoursite.com; SSL on; ssl_certificate/etc/nginx/SSL/nginx. CRT; ssl_certificate_key/etc/nginx/SSL/nginx. key; ssl_session_timeout 5 m; ssl_protocols SSLv3 tlsv1; ssl_ciphers all :! ADH :! Export56: RC4 + RSA: + high: + medium: + low: + SSLv3: + exp; ssl_prefer_server_ciphers on; error_log/var/log/nginx/yoursite. error. log warn; access_log/var/log/nginx/yoursite. access. log main; # other configurations are the same as HTTP # For example, location/Webalizer {root/home/username/WWW; index index.html Autoindex off ;}}

In addition, pay attention to is: The php5-fpm side is not know whether to Use https nginx side, so with $ _ server ['https'] will get a blank string, you need to set it like this:

Location ~ \. PHP $ {fastcgi_pass 127.0.0.1: 9000; fastcgi_index index. PHP; fastcgi_param script_filename/home/username/WWW $ fastcgi_script_name; # Pay attention to this sentence: fastcgi_param HTTPS on; Include fastcgi_params; fastcgi_intercept_errors on ;}

Gevent-wsgi Configuration

Take web. py as an example. First, you need to modify the Web. py code to use gevent-wsgi (although this is only a reference implementation, but the performance is still very good ).

if __name__ == "__main__":    from gevent import socket    from gevent import monkey    monkey.patch_all()    from gevent.wsgi import WSGIServer    import pwd     sys.stdout = sys.stderr    SOCK = "/var/www/sockets/webpy.sock"    pe = pwd.getpwnam('www-data')    sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)    try:        os.remove(SOCK)    except OSError:        pass    sock.bind(SOCK)    os.chown(SOCK, pe.pw_uid, pe.pw_gid)    os.chmod(SOCK, 0770)    sock.listen(256)    WSGIServer(sock, app.wsgifunc()).serve_forever()

After modification, the corresponding socket of the listener can be started.

python /home/username/webpy/start-gevent.py 2>> /var/log/nginx/webpy.log &

Second, modify nginx and forward the request to the Web. py + gevent-wsgi listening socket.

Reference Configuration:

location /webpy {        try_files $uri @webpy;    }    location @webpy {        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_set_header Host $http_host;        proxy_pass http://unix:/var/www/sockets/webpy.sock;    }    location /webpy/static {        root /var/www;        autoindex off;    }

Close the job.