nginxのインストールと設定

インストール

# yum -y install nginx
Loaded plugins: fastestmirror, priorities, security
Loading mirror speeds from cached hostfile
 * epel: ftp.iij.ad.jp
 * sl: ftp.riken.jp
 * sl-security: ftp.riken.jp
102 packages excluded due to repository priority protections
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package nginx.x86_64 0:1.0.14-1.el6 will be installed
--> Processing Dependency: libxslt.so.1(LIBXML2_1.0.18)(64bit) for package: nginx-1.0.14-1.el6.x86_64
--> Processing Dependency: libxslt.so.1(LIBXML2_1.0.11)(64bit) for package: nginx-1.0.14-1.el6.x86_64
--> Processing Dependency: gd for package: nginx-1.0.14-1.el6.x86_64
--> Processing Dependency: GeoIP for package: nginx-1.0.14-1.el6.x86_64
--> Processing Dependency: libxslt.so.1()(64bit) for package: nginx-1.0.14-1.el6.x86_64
--> Processing Dependency: libgd.so.2()(64bit) for package: nginx-1.0.14-1.el6.x86_64
--> Processing Dependency: libexslt.so.0()(64bit) for package: nginx-1.0.14-1.el6.x86_64
--> Processing Dependency: libGeoIP.so.1()(64bit) for package: nginx-1.0.14-1.el6.x86_64
--> Running transaction check
---> Package GeoIP.x86_64 0:1.4.8-1.el6 will be installed
---> Package gd.x86_64 0:2.0.35-10.el6 will be installed
--> Processing Dependency: libXpm.so.4()(64bit) for package: gd-2.0.35-10.el6.x86_64
---> Package libxslt.x86_64 0:1.1.26-2.el6 will be installed
--> Running transaction check
---> Package libXpm.x86_64 0:3.5.8-2.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================
 Package             Arch               Version                    Repository        Size
==========================================================================================
Installing:
 nginx               x86_64             1.0.14-1.el6               epel             375 k
Installing for dependencies:
 GeoIP               x86_64             1.4.8-1.el6                epel             620 k
 gd                  x86_64             2.0.35-10.el6              sl               141 k
 libXpm              x86_64             3.5.8-2.el6                sl                58 k
 libxslt             x86_64             1.1.26-2.el6               sl               449 k

Transaction Summary
==========================================================================================
Install       5 Package(s)

Total download size: 1.6 M
Installed size: 5.3 M
Downloading Packages:
(1/5): GeoIP-1.4.8-1.el6.x86_64.rpm                                | 620 kB     00:00     
(2/5): gd-2.0.35-10.el6.x86_64.rpm                                 | 141 kB     00:00     
(3/5): libXpm-3.5.8-2.el6.x86_64.rpm                               |  58 kB     00:00     
(4/5): libxslt-1.1.26-2.el6.x86_64.rpm                             | 449 kB     00:00     
(5/5): nginx-1.0.14-1.el6.x86_64.rpm                               | 375 kB     00:00     
------------------------------------------------------------------------------------------
Total                                                     1.7 MB/s | 1.6 MB     00:00     
warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
Importing GPG key 0x0608B895:
 Userid : EPEL (6) 
 Package: epel-release-6-5.noarch (@sl)
 From   : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : GeoIP-1.4.8-1.el6.x86_64                                               1/5 
  Installing : libXpm-3.5.8-2.el6.x86_64                                              2/5 
  Installing : gd-2.0.35-10.el6.x86_64                                                3/5 
  Installing : libxslt-1.1.26-2.el6.x86_64                                            4/5 
  Installing : nginx-1.0.14-1.el6.x86_64                                              5/5 

Installed:
  nginx.x86_64 0:1.0.14-1.el6                                                             

Dependency Installed:
  GeoIP.x86_64 0:1.4.8-1.el6     gd.x86_64 0:2.0.35-10.el6  libXpm.x86_64 0:3.5.8-2.el6 
  libxslt.x86_64 0:1.1.26-2.el6 

Complete!

起動設定と起動

自動起動に設定し、サービスを起動。

# chkconfig nginx on
# service nginx start
nginx を起動中:                                            [  OK  ]
# nginx -v
nginx version: nginx/1.0.14

基本構成

サーバーのCPU数を確認する。

# cat /proc/cpuinfo | grep proc
processor : 0
processor : 1
processor : 2

さくらVPSの2GBプランなので、プロセッサ数は3。 /etc/nginx/nginx.confを編集し、基本的な設定を行う。

user              nginx;
worker_processes  3;

error_log  /var/log/nginx/error.log;

pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
    use epoll;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    server_tokens   off;
    sendfile        on;
    tcp_nodelay     on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    #keepalive_timeout  65;

    fastcgi_read_timeout 300;

    gzip  on;
    gzip_proxied any;
    gzip_comp_level 2;
    gzip_disable "MSIE [1-6].(?!.*SV1)";
    gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    # Upstream to abstract backend connection(s) for PHP
    upstream backend {
        server unix:/var/run/php-fpm.sock;
    }

    # Load config files from the /etc/nginx/conf.d directory
    # The default server is in conf.d/default.conf
    include /etc/nginx/conf.d/*.conf;
}

/etc/nginx/conf.d/virtual.confを編集。

server {
    listen      80;
    server_name blog.lumiukko.jp;
    root        /var/www/html/blog/;

    access_log /var/log/nginx/blog.log main;
    error_log  /var/log/nginx/blog.log;

    client_max_body_size 32M;

    include /etc/nginx/global/restrictions.conf;
    include /etc/nginx/global/wordpress.conf;
}

/etc/nginx/globalディレクトリを作成。

# cd /etc/nginx
# mkdir global

restrictions.confファイルを作成。

# Global restrictions configuration file.
# Designed to be included in any server {} block.

location = /favicon.ico {
        log_not_found off;
        access_log off;
}

location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
}

# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
}

# Deny access to any files with a .php extension in the uploads directory
location ~* ^/wp-content/uploads/.*.php$ {
        deny all;
        access_log off;
        log_not_found off;
}

location ~* ^/wp-content/themes/lumiukko/make.*.php$ {
        deny all;
        access_log off;
        log_not_found off;
}

wordpress.confファイルを作成。

# WordPress single blog rules.
# Designed to be included in any server {} block.

# This order might seem weird - this is attempted to match last if rules below fail.
# http://wiki.nginx.org/HttpCoreModule
location / {
        try_files $uri $uri/ /index.php?q=$uri&$args;
}

# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;

# Directives to send expires headers and turn off 404 error logging.
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        expires 7d;
        log_not_found off;
}

# Uncomment one of the lines below for the appropriate caching plugin (if used).
include global/wordpress-w3-total-cache.conf;

# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ \.php$ {
        # Zero-day exploit defense.
        # http://forum.nginx.org/read.php?2,88845,page=3
        # Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine.  And then cross your fingers that you won't get hacked.
        #try_files $uri =404;

        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

        include fastcgi_params;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_pass backend;
}

wordpress-w3-total-cache.confファイルを作成。

# touch wordpress-w3-total-cache.conf

中身は、w3 total cacheプラグインをセットアップする際に編集します。

nginxを再起動

# service nginx restart
nginx を停止中:                                            [  OK  ]
nginx を起動中:                                            [  OK  ]