lensfrex 1 year ago
parent 8d15e6987f
commit 5834522f12
Signed by: lensfrex
GPG Key ID: 947ADABD8533C476
  1. 10
      _config.yml
  2. 1138
      package-lock.json
  3. 1
      package.json
  4. 28
      source/404.html
  5. 5
      source/_discarded/Untitled.md
  6. 97
      source/_discarded/mysql踩坑.md
  7. 5
      source/_discarded/对docker容器使用ufw不生效的问题.md
  8. 8
      source/_drafts/docker-ufw.md
  9. 5
      source/_drafts/jackson-time-format.md
  10. 15
      source/_drafts/linux-permission.md
  11. 6
      source/_drafts/mybatis-plus-mysql-json.md
  12. 6
      source/_drafts/mysql-33060.md
  13. 5
      source/_drafts/spring-configuration.md
  14. 5
      source/_drafts/string-equals.md
  15. 18
      source/_posts/hello-world.md
  16. 4
      source/about/index.md
  17. BIN
      source/assets/wallpaper-2311325.jpg
  18. BIN
      source/assets/wallpaper-2572384.jpg
  19. BIN
      source/assets/wallpaper-878514.jpg
  20. 192
      source/backend_tutorial/HTTP,Servlet和Tomcat.md
  21. 6
      source/backend_tutorial/index.md
  22. 4
      source/categories/index.md
  23. 12
      source/giants/index.md
  24. BIN
      source/images/pasted-0.png
  25. 12
      source/ipv6/index.md
  26. 8
      source/microBlog/index.md
  27. 341
      source/nginx-docs/beginners-guide.md
  28. 506
      source/nginx-docs/configure.md
  29. 144
      source/nginx-docs/control.md
  30. 10
      source/nginx-docs/index.md
  31. 23
      source/nginx-docs/install.md
  32. 350
      source/nginx-docs/linux-packages.md
  33. 0
      source/notes/cpp_ref.md
  34. 4
      source/notes/index.md
  35. 3
      source/tags/index.md
  36. 9
      source/teleport-public/index.md
  37. 31
      source/teleport/index.md

@ -3,12 +3,12 @@
## Source: https://github.com/hexojs/hexo/ ## Source: https://github.com/hexojs/hexo/
# Site # Site
title: Hexo title: test site
subtitle: '' subtitle: 'subtitle'
description: '' description: 'description description description description'
keywords: keywords:
author: John Doe author: lensfrex
language: en language: zh-cn
timezone: '' timezone: ''
# URL # URL

1138
package-lock.json generated

File diff suppressed because it is too large Load Diff

@ -7,7 +7,6 @@
}, },
"dependencies": { "dependencies": {
"hexo": "^6.3.0", "hexo": "^6.3.0",
"hexo-browsersync": "^0.3.0",
"hexo-generator-archive": "^2.0.0", "hexo-generator-archive": "^2.0.0",
"hexo-generator-category": "^2.0.0", "hexo-generator-category": "^2.0.0",
"hexo-generator-index": "^3.0.0", "hexo-generator-index": "^3.0.0",

@ -0,0 +1,28 @@
<html xmlns="http://www.w3.org/TR/REC-html40"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body lang="ZH-CN" style="word-wrap:break-word;">
<div class="WordSection1" style="">
<p class="MsoNormal" align="center" style="text-align:center;">
<b>
<br>
<span style="font-size: 40.0pt;">嗯?</span>
</b>
</p>
<p class="MsoNormal" align="center" style="text-align:center">
</p>
<p></p>
<p class="MsoNormal" align="center" style="text-align:center">
<span lang="EN-US" style="">
<img width="204" height="183" src="https://oss-img.ciduid.top/static/kazuha.png">
</span>
</p>
<p class="MsoNormal" align="center" style="text-align: center;">
<span style="font-size: 17.0pt;line-height: 2;font-family: -webkit-body;">啊哈!<br>
是不是来错地方了?<br><br><a href="https://huhu.ciduid.top" style="font-family: sans-serif;">快回去吧~</a></span>
</p>
</div>
</body></html>

@ -0,0 +1,5 @@
title: Untitled
author: lensfrex
date: 2022-07-09 21:45:47
tags:
---

@ -0,0 +1,97 @@
title: mysql踩坑
author: lensfrex
date: 2022-04-04 10:33:10
tags:
---
sudo /usr/bin/mysqld_safe &
het@iZbp1hzgpnnozttvvbihj7Z:/$ sudo find -name mysql.sock
find: ‘./proc/277011’: No such file or directory
het@iZbp1hzgpnnozttvvbihj7Z:/$ sudo find -name mysqladmincd^C
het@iZbp1hzgpnnozttvvbihj7Z:/$ cd etc/mysql
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql$ ls
conf.d debian.cnf debian-start my.cnf my.cnf.fallback mysql.cnf mysql.conf.d
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql$ cd conf.d
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/conf.d$ ls
mysql.cnf mysqldump.cnf
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/conf.d$ cd ../
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql$ la
-bash: la: command not found
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql$ ls
conf.d debian.cnf debian-start my.cnf my.cnf.fallback mysql.cnf mysql.conf.d
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql$ cd mysql.conf.d
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ ls
mysql.cnf mysqld.cnf
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ sudo nvim mysql.cnf
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ sudo nvim mysqld.cnf
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ sudo service mysql start
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ sudo nvim mysqld.cnf
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ ls /var/run/mysqld/
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ sudo nvim mysqld.cnf
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ nvim /var/log/mysql/error.log
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ ls /var/log/mysql/
ls: cannot open directory '/var/log/mysql/': Permission denied
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ sudo nvim /var/log/mysql/error.log
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ sudo nvim mysqld.cnf
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ sudo service mysql start
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$
het@iZbp1hzgpnnozttvvbihj7Z:/etc/mysql/mysql.conf.d$ cd /etc/init.d
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ ls
aegis console-setup.sh hddtemp netfilter-persistent pppd-dns ssh
apparmor cron hwclock.sh network-manager procps status-server
apport cups irqbalance nginx-debug pulseaudio-enable-autospawn sysstat
atd cups-browsed keyboard-setup.sh ntp pureftpd udev
avahi-daemon dbus kmod php7.4-fpm resolvconf ufw
bluetooth fio lightdm plymouth rsync uuidd
boinc-client gdm3 lm-sensors plymouth-log rsyslog vsftpd
chrony grub-common mysql postfix screen-cleanup x11-common
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ cd mysql
-bash: cd: mysql: Not a directory
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ nvim mysql
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ sudo mysql
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ sudo ./mysql
Usage: /etc/init.d/mysql start|stop|restart|reload|force-reload|status
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ sudo ./mysql start
Starting mysql (via systemctl): mysql.service.
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ sudo netstat -lapn | grep mysql
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ safe_mysqld&
[1] 285411
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ -bash: safe_mysqld: command not found
[1]+ Exit 127 safe_mysqld
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ safe_mysqld&
[1] 285486
-bash: safe_mysqld: command not found
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ ^C
[1]+ Exit 127 safe_mysqld
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ safe_mysqld
-bash: safe_mysqld: command not found
het@iZbp1hzgpnnozttvvbihj7Z:/etc/init.d$ cd /
het@iZbp1hzgpnnozttvvbihj7Z:/$ sudo find -name mysqld_safe
./usr/bin/mysqld_safe
het@iZbp1hzgpnnozttvvbihj7Z:/$ /usr/bin/mysqld_safe &
[1] 286015
het@iZbp1hzgpnnozttvvbihj7Z:/$ /usr/bin/mysqld_safe: 653: cannot create /var/log/mysql/error.log: Permission denied
Logging to '/var/log/mysql/error.log'.
2022-04-04T02:31:05.698613Z mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
/usr/bin/mysqld_safe: 144: cannot create /var/log/mysql/error.log: Permission denied
/usr/bin/mysqld_safe: 1: eval: cannot create /var/log/mysql/error.log: Permission denied
/usr/bin/mysqld_safe: 916: cannot create /var/log/mysql/error.log: Permission denied
rm: cannot remove '/var/lib/mysql/iZbp1hzgpnnozttvvbihj7Z.pid.shutdown': Permission denied
2022-04-04T02:31:05.715768Z mysqld_safe mysqld from pid file /var/lib/mysql/iZbp1hzgpnnozttvvbihj7Z.pid ended
/usr/bin/mysqld_safe: 144: cannot create /var/log/mysql/error.log: Permission denied
^C
[1]+ Done /usr/bin/mysqld_safe
het@iZbp1hzgpnnozttvvbihj7Z:/$ sudo /usr/bin/mysqld_safe &
[1] 286238
het@iZbp1hzgpnnozttvvbihj7Z:/$ 2022-04-04T02:31:13.353776Z mysqld_safe Logging to '/var/log/mysql/error.log'.
2022-04-04T02:31:13.384979Z mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
het@iZbp1hzgpnnozttvvbihj7Z:/$ sudo netstat -lapn | grep mysql
tcp 0 0 127.0.0.1:33060 0.0.0.0:* LISTEN 286417/mysqld
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 286417/mysqld
unix 2 [ ACC ] STREAM LISTENING 256439674 286417/mysqld /var/run/mysqld/mysqlx.sock
unix 2 [ ACC ] STREAM LISTENING 256439696 286417/mysqld /var/run/mysqld/mysqld.sock
het@iZbp1hzgpnnozttvvbihj7Z:/$ sudo nginx
het@iZbp1hzgpnnozttvvbihj7Z:/$

@ -0,0 +1,5 @@
title: 对docker容器使用ufw不生效的问题
author: lensfrex
date: 2022-07-29 15:42:50
tags:
---

@ -0,0 +1,8 @@
title: 对docker容器使用uwf不生效的问题
author: lensfrex
date: 2022-07-29 16:07:16
tags:
---
"iptables": true
但是docker内部就没法访问外网了

@ -0,0 +1,5 @@
title: jackson中日期格式的自动处理
author: lensfrex
date: 2022-07-15 21:18:14
tags:
---

@ -0,0 +1,15 @@
title: linux的权限代码含义解释
author: lensfrex
tags:
- 学习
- linux
- 权限管理
categories:
- 学习
- linux
date: 2022-04-29 16:56:00
---
最近接触到linux的权限管理,一些权限代码对于很多稍微用过linux的人来说很熟悉,什么`755`, `777`,`700`等等,但如果深入了解的话,就只能是背书似的去背有什么作用,但这些“7”、“6”、“0”究竟是些什么还是糊里糊涂(比如我←_←)。
所以在这里为了更加熟悉这些东西,在这里讲讲linux里边权限代码的数字的含义。

@ -0,0 +1,6 @@
title: mybatis-plus-mysql-json
author: lensfrex
date: 2022-07-15 21:38:08
tags:
---
@TableName(value = "notices_basic", autoResultMap = true)

@ -0,0 +1,6 @@
title: 关于mysql的33060端口问题
author: lensfrex
date: 2022-07-29 16:41:49
tags:
---
今天把项目部署到服务器上,由于

@ -0,0 +1,5 @@
---
title: spring-configuration
author: lensfrex
tags:
---

@ -0,0 +1,5 @@
title: Java字符串equals()方法的一些小细节
author: lensfrex
date: 2022-07-18 10:27:49
tags:
---

@ -1,6 +1,18 @@
title: Hello World title: 第一篇文章...
date: 2013-12-24 17:49:32
tags: tags:
- 闲聊
- 日常
categories:
- 闲聊
- 日常
author: lenfrex
cover: https://oss-img.ciduid.top/blog/covers/cover(15).png
date: 2022-02-23 17:34:00
--- ---
很久以前就试着建blog了,但是都只是在本地上跑服务器,最近想想好像前几个月在阿里云上买了一年的服务器好久一直没没动过🤦(捂脸),所以就打算在这里搭个blog和其他的东西玩玩。
Welcome to [Hexo](http://zespia.tw/hexo)! This is your very first post. Check [documentation](http://zespia.tw/hexo/docs) to learn how to use. 从一开始是想用wordpress搭的,但是折腾了一整天之后还是决定用hexo作为框架吧。
仔细想想确实没什么特别花哨的需求,只需要静态的网站页面就够了,用hexo不用太折腾,(而且js还是懂点,有问题有时直接改代码就好了🤣)
*// 前几天交了备案,等着通过~~(不得不说可真是麻烦)~~,到时候直接用80/443端口就能访问,像普通网站一样,再也不用单独带一个端口号来访问了...(  ̄︿ ̄)*

@ -0,0 +1,4 @@
---
title: about
date: 2022-02-23 20:01:17
---

Binary file not shown.

After

Width:  |  Height:  |  Size: 725 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 215 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 604 KiB

@ -0,0 +1,192 @@
# 学习Servlet和Tomcat
## 前置任务:了解学习HTTP
如果你选了网络工程导论这门课,并且已经了解了HTTP相关的知识,则可以跳过本节,直接开主线任务:[传送点](####Teleport1),但是也可以重新开始学习这部分的内容。
想了解更多:[HTTP | MDN](https://developer.mozilla.org/zh-CN/docs/Web/HTTP)
### HTTP介绍
超文本传输协议(HyperText Transfer Protocol,HTTP)是一个应用层协议。所谓协议,就是数据传输格式的一个约定。
HTTP最初设计是用来传输html页面这种纯文本数据的,但是实际上只要声明好header,传输什么都是可以的,图片,文件等等,或者也可以摇身一变,变成另一个协议(grpc, 基于http2)来使用,总之,http其实是非常灵活的。
### HTTP消息
一个规范的,完整的HTTP消息结构是这样的:
请求(GET方法):
地址:`https://github.com`
```http
GET / HTTP/1.1
Host: github.com
authority: github.com
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
accept-language: zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36 Edg/113.0.1774.35
content-length: 0
```
请求(POST方法,带请求体):
地址:`http://bkjx.wust.edu.cn/Logon.do?method=logon`
```http
POST /Logon.do?method=logon HTTP/1.1
Host: bkjx.wust.edu.cn
Proxy-Connection: Keep-Alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6
Cache-Control: no-cache
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Cookie: bzb_njw=303511D07EF501147333F6B099D16CB9; SERVERID=122
Origin: http://bkjx.wust.edu.cn
Pragma: no-cache
Referer: http://bkjx.wust.edu.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36 Edg/113.0.1774.35
Content-Length: 94
userAccount=&userPassword=&encoded=dMcs2P8fNag0n1d03f0UVgu02^%^257F^%^25QF^%^25pcs0Ygd4fbgHs69
```
响应(header内容精简过):
```http
HTTP/1.1 200 OK
Server: GitHub.com
Date: Sat, 13 May 2023 02:59:34 GMT
Content-Type: text/html; charset=utf-8
Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Language, Accept-Encoding, Accept, X-Requested-With
content-language: en-US
ETag: W/"bfeda72459b363617514a4f13882cece"
Set-Cookie: _octo=GH1.1.496438640.1683116779; Path=/; Domain=github.com; Expires=Mon, 13 May 2024 02:59:39 GMT; Secure; SameSite=Lax
Accept-Ranges: bytes
Transfer-Encoding: chunked
<!DOCTYPE html>
<html lang="en" data-a11y-animated-images="system">
<head>
<meta charset="utf-8">
<link rel="dns-prefetch" href="https://github.githubassets.com">
...(还有一堆的网页内容)
```
请求和响应的消息体长得还挺像的,估计大家都能看出来了。
#### 第一行 -『起始行』与『状态行』
http请求消息中,第一行为『起始行』:
- `GET / HTTP/1.1`
- `GET /background.png HTTP/1.0`
- `POST /Logon.do?method=logon HTTP/1.1`
起始行分为三个部分,分别定义了请求方法,请求目标和当前请求使用的http协议版本
第一个部分为『[请求方法](https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Methods)』,一般有GET, POST, OPTIONS, PUT等好多种,但是实际使用几乎就只有GET和POST两种。
随后紧接着的部分是『请求目标』,在普通的http请求中也可以简单理解为请求路径,也就是咱们看到的浏览器地址后面的部分(xxx.com/abcd/efg中的/abcd/efg,bkjx.wust.edu.cn/Logon.do?method=logon中的/Logon.do?method=logon部分)
在部分场合下,请求目标有时也是一个绝对路径的URL,如当使用HTTP代理访问网站时,浏览器向代理服务器(如软件)发送的数据也是一个http请求,只不过真实的请求放在了body部分,代理程序只负责原样发送数据:`CONNECT google.com:443 HTTP/1.1`
这里就抄一下MDN的介绍:
> - 一个绝对路径,末尾跟上一个 '?' 和查询字符串。这是最常见的形式,称为原始形式(origin form),被 GET、POST、HEAD 和 OPTIONS 方法所使用。
> - - POST / HTTP/1.1
> - - GET /background.png HTTP/1.0
> - - HEAD /test.html?query=alibaba HTTP/1.1
> - - OPTIONS /anypage.html HTTP/1.0
> - 一个完整的 URL,被称为绝对形式(absolute form),主要在使用 GET 方法连接到代理时使用。GET http://developer.mozilla.org/en-US/docs/Web/HTTP/Messages HTTP/1.1
> - 由域名和可选端口(以 ':' 为前缀)组成的 URL 的 authority 部分,称为 authority form。仅在使用 CONNECT 建立 HTTP 隧道时才使用。CONNECT developer.mozilla.org:80 HTTP/1.1
> - 星号形式(asterisk form),一个简单的星号('*'),配合 OPTIONS 方法使用,代表整个服务器。OPTIONS * HTTP/1.1
最后的一部分为『HTTP版本』,声明了这次请求使用的http版本。目前常用的版本有`HTTP/1.1`,`HTTP/2`,`HTTP/3`。
> 另外,和其他HTTP版本不同的是,HTTP/3版本是在基于UDP的QUIC协议之上实现传输的,QUIC是与TCP和UDP等同级(传输层)的协议,而其他的HTTP版本都是在TCP协议上实现的,
对于响应消息,第一行为『状态行』。
- `HTTP/1.1 200 OK`
- `HTTP/1.1 404 Not Found`
- `HTTP/1.1 500 Internal Server Error` **(心 脏 骤 停)**
也是三个部分。
响应的状态行就挺简单的了。
第一个就不用说了。
第二个则为『状态码』,就是咱们常见的404, 200这些,表明了服务端处理请求的结果状态。
第三个部分则为『状态文本』,其实就是状态码的描述。
有哪些状态码,可以[自行了解了解](https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Status),最好记得一些常用的状态码的含义,要是乱抛状态码给前端有的是一顿毒打(
当然,在许多场合中,业务状态(成功,认证错误,参数错误等等)一般并不通过状态码表示,而是200响应,在响应消息体里边体现错误;但是也有状态码和消息体都体现的情况。具体还是要跟前端和客户端的小伙伴商量约定好规范和文档,按照团队的规范和文档行事,能少很多不必要的麻烦。
#### 『标头』(Header)
请求和响应的消息体过了第一行之后,就到了『标头』(header)部分了,一般咱们把这玩意叫『请求头』和『响应头』。
http消息的header实际上就是一个键值对,格式为`Key: Value`,一行一个
需要注意的是,这里的key是不分大小写的,例如`Host`,`host`,`HOST`,`hOST`都是同一个东西。
同一个key的Header也可以有多个值,因此,在各种http库中,获取到的header值都是一个List<String>
比如:
```
Set-Cookie: logged_in=no; Path=/; Domain=github.com; Expires=Mon, 13 May 2024 02:59:39 GMT; HttpOnly; Secure; SameSite=Lax
Set-Cookie: access_token=abcdefg; Path=/; Domain=github.com; Expires=Mon, 13 May 2024 02:59:39 GMT; Secure; SameSite=Lax
```
虽然如此,但是除非有必要(例如上面的例子中给客户端返回Cookie),在响应或者请求的时候最好不要这么干,即使可以这么干,否则在对方处理的时候会很麻烦。
一般来说,咱们会经常见到这些请求头或者响应头:
> - `Host`: 请求的目标主机,通常是在同一个ip和端口上有多个不同的服务时,提供给nginx或者apache等类似的其他的反代网关判断究竟应该执行哪个配置块时使用的。
> - `User-Agent`: 表明请求客户端信息,一般格式为`程序名/版本`,当然,也可以添加其他额外的信息,如firefox的ua:`Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/111.0`
> - `Content-Type`: 请求/响应传输数据的类型,即下一节中body部分数据的格式。按照规范,这个字段的值应该使用MIME type格式,这里是一些[常用的MIME类型](https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Common_types)。
> - `Accept`: 能接受的数据格式,一般为用逗号`,`分隔开的若干个MIME type格式
> - `Accept-Encoding`: 指定能够接受的响应数据编码,和`Accept`不同的是,`Accept`指定的是body部分的数据格式,但是这里指定的是整个响应的数据编码,通常是压缩算法,如`gzip, deflate, br`,设置了这个值后,如果服务端支持,响应的时候会对整个HTTP消息进行相应的压缩后,再返回响应给客户端,客户端需要进行解压解码后再进行处理。一般http框架和web框架都能自动进行自动的处理。
> - `Referer`: 说明请求是从哪里来的
> - `Cookie`: 向服务器请求时附带的一些信息,就是咱们常说的cookie,浏览器在请求的时候如果有相对应的Cookie,会自动附带上这些Cookie进行请求。
> - `Set-Cookie`: 服务端响应回来的Cookie,浏览器看到这个header之后就会根据这个header的值去保存cookie到浏览器里边。下次请求cookie对应规则的地址时会自动附带这些信息,即上一条中的Cookie字段。
Cookie一般用于用户的识别和身份认证以及一些额外信息的保存。[了解更多关于Cookie的东西](https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Cookies)
实际上,很多header值只是作为一个参考,作为后端开发,不应该过于信赖前端/客户端发来的数据,后端程序必须要对前端/客户端做充足的数据校验,如`Content-Type`,前端/客户端可以在请求的时候在`Content-Type`字段里说他发了`image/png`图片,但是可能实际上发来的数据是一个程序,如果不做任何校验直接保存到服务器上,那可就麻烦大了。
一般来说,很多http请求和web服务框架都能帮咱们写好这些通用的请求头和响应头,不用咱们过于操心,当然,如果有需求更改的话也能更改好。
这里对header的作用描述不一定十分的准确,可以查看相关的文档了解详细详情:[HTTP 标头(header)](https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers),Ctrl+F直接一搜就到
#### 『主体』(body)
在前面的header定义完之后,需要各一行空行,才到http消息中的『主体』部分。
这个body部分就是这个请求真正想要传输的数据。
这部分可以是纯文本,也可以是二进制,都行,只要Content-Type说好了就行,没说的话,一般也行,但是得看后端处不处理了,一些后端框架不会帮你自动判断Body格式,或者不同的Content-Type处理的方式不同,如果请求的时候没有设置对,可能会有些麻烦事。
> 另外,上面的起始行/状态行和header行以及body和上面几行中间间隔的空行,和windows一样,使用的换行符都为CRLF,也就是`\r\n`,而不是linux/unix常用的`\n`。当然,这个知道就好了,库会帮咱们处理好的。
### HTTPS
HTTPS就是加密后的HTTP,'S'就是"Secure"。一般使用TLS来加密。原始的http消息经过全部加密后,再进行传输。只要中间偷听的人拿不到密钥,就不可能知道除了请求的ip以外任何的http信息。
关于现代TLS加密的机制,可以去看看[这篇文章](https://zhuanlan.zhihu.com/p/43789231)
一般约定http跑在80端口上,而https跑在443端口上,但是也可以用其他端口。
我的建议是,https能上就上。
#### Teleport1
## 主线任务:Servlet,Tomcat
## Servlet
在开始Tomcat的学习之前,咱们先要了解Servlet。

@ -0,0 +1,6 @@
title: 后端教程
date: 2023-05-13 15:50:00
---
### 后端教程
这里是后端教程的首页。

@ -0,0 +1,4 @@
---
title: categories
date: 2022-02-23 20:01:42
---

@ -0,0 +1,12 @@
title: 大佬们
date: 2022-03-07 15:17:03
---
*这里收录了一些大佬们的链接,有空可以去逛逛哦*
---
[柳婼 の blog – 我不管,反正我最萌~ (liuchuo.net)](https://www.liuchuo.net/)
[Monkeyhbd - 猴猴的奇妙屋 (cn)](http://www.monkeyhbd.cn/)
[Monkeyhbd - 猴猴的奇妙屋 (global)](http://www.monkeyhbd.com/)

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.7 KiB

@ -0,0 +1,12 @@
title: ipv6
date: 2022-03-20 16:55:43
---
#### **本小破站已支持ipv6!**
当您支持使用ipv6方式访问时,将会自动切换成ipv6地址进行传输
以下链接是本站的纯ipv6版。
如果您无法通过该链接访问,可能是您并不支持ipv6访问
https://ipv6.ciduid.top

@ -0,0 +1,8 @@
title: 只言片语
date: 2022-03-07 15:20:44
---
*这里记录的是一些零碎的小事情,因为没必要单独开一个文章,所以就在这里单独放一个页面*
---
- gitlab居然要4gb的内存...像我这种2gb的低配服还是算了吧...刚刚装上去卡得不得了...后来还是卸了,转用gitea了

@ -0,0 +1,341 @@
title: 初级教程
cover: https://res.ciduid.top/blog/covers/cover(8).jpg
date: 2022-08-06 16:52:03
---
> 读nginx文档的时候突然想自己试着把文档翻一翻了...
>
> 这些翻译并没有严格按照英语语法去对应中文,而是经过自己的一点修改
>
> 翻译得并不是很好,只是自己学习文档的同时顺便翻译翻译,还请见谅....
>
> 将来会不定期更新的...要是哪天弃坑了也不是不可能...
## Beginner’s Guide / 初级教程
This guide gives a basic introduction to nginx and describes some simple
tasks that can be done with it. It is supposed that nginx is already
installed on the reader’s machine. If it is not, see the [Installing nginx](https://nginx.org/en/docs/install.html) page. This guide describes how to start and stop nginx, and reload its configuration, explains the structure of the configuration file and describes how to set up nginx to serve out static content, how to configure nginx as a proxy server, and how to connect it with a FastCGI application.
本教程介绍了一些基本的nginx指令及其相关用法和使用场景,该教程假定nginx已经安装在您的设备上,如果您还未安装nginx,请前往“[安装nginx](https://nginx.org/en/docs/install.html)”进行安装。
该教程主要内容有:
- 启动与停止nginx以及配置文件的热重载
- 配置文件的结构
- 如何使用nginx来分发静态内容
- 如何将nginx配置为一个代理服务器,以及如何通过FastCGI来连接其他应用。
nginx has one master process and several worker processes. The main purpose of the master process is to read and **evaluate** configuration, and maintain worker processes. Worker processes do actual processing of requests. nginx employs **event-based model** and **OS-dependent mechanisms** to efficiently **distribute** requests among worker processes. The number of worker processes is defined in the configuration file and may be fixed for a given configuration or automatically adjusted to the number of available CPU cores (see [worker_processes](https://nginx.org/en/docs/ngx_core_module.html#worker_processes)).
nginx在运行中会创建一个master进程和若干个worker进程。master进程主要用于读取并验证配置文件以及worker进程的**维护**,而真正的请求则是由worker进程来处理。
nginx采用**事件驱动模型**以及**系统相关机制**来高效地将请求**分发**给各个worker进程,worker进程的数量被定义在配置文件中,但是,这个数量可能会固定为配置文件所设置的大小,也有可能会调整为可用的CPU内核数。详见:[worker进程](https://nginx.org/en/docs/ngx_core_module.html#worker_processes)
The way nginx and its modules work is determined in the configuration file. By default, the configuration file is named `nginx.conf` and placed in the directory `/usr/local/nginx/conf`, `/etc/nginx`, or `/usr/local/etc/nginx`.
nginx及其相关的模块的工作方式是由配置文件决定的。nginx的配置文件默认为`nginx.conf`,该文件一般位于`/usr/local/nginx/conf`、`/etc/nginx`或` /usr/local/etc/nginx`这几个文件夹中。
#### 启动、停止以及热重载配置文件 / Starting, Stopping, and Reloading Configuration
To start nginx, run the executable file. Once nginx is started, it can be controlled by **invoking** the executable with the `-s` parameter. Use the following **syntax**:
要启动nginx,只需运行nginx的二进制可执行文件即可。nginx启动后,使用`-s`参数**调用**可执行文件就能控制nginx的启停以及配置文件重载。以下是相关调用**语法**:
> nginx -s *signal*
Where *signal* may be one of the following:
`signal`应为一下几种情况:
- `stop` — 快速停止
- `quit` — “优雅”地停止
- `reload` — 重新加载配置文件
- `reopen` — 重新打开日志文件
For example, to stop nginx processes with waiting for the worker processes to finish serving current requests, the following command can be executed:
例如,要使nginx的worker进程结束完当前所有的请求之后再停止,应当这样执行:
> nginx -s quit
*This command should be executed under the same user that started nginx.*
*该命令应当由启动nginx的用户执行*
Changes made in the configuration file will not be applied until the command to reload configuration is sent to nginx or it is restarted. To reload configuration, execute:
如果对配置文件进行了修改,这些修改不会立即生效。您应当将执行重载配置文件命令发送给nginx或者直接将其重启。
若要重载配置文件,请执行:
> nginx -s reload
Once the master process receives the signal to reload configuration, it checks the **syntax validity** of the new configuration file and tries to apply the configuration provided in it. If this is a success, the master process starts new worker processes and sends messages to old worker processes, requesting them to shut down. Otherwise, the master process rolls back the changes and continues to work with the old configuration. Old worker processes, receiving a command to shut down, stop accepting new connections and continue to service current requests until all such requests are serviced. After that, the old worker processes exit.
master进程一旦接收到这个重载配置文件的信号,其会检查配置文件**语法的正确性**然后尝试应用这些修改。如果成功,master进程则会启动新的worker进程并且将消息发送给旧的worker进程,要求其停止。否则master进程不会去应用这些更改,并继续以旧的配置来工作。
旧的worker进程收到关闭命令后,不会再接受新的连接请求,但仍在进行的请求仍会被处理,直到这些请求完成。最后,旧的worker进程就会退出。
A signal may also be sent to nginx processes with the help of Unix tools such as the `kill` utility. In this case a signal is sent directly to a process with a given process ID. The process ID of the nginx master process is written, by default, to the `nginx.pid` in the directory `/usr/local/nginx/logs` or `/var/run`. For example, if the master process ID is 1628, to send the QUIT signal resulting in nginx’s graceful shutdown, execute:
控制信号也可以通过一些例如`kill`等Unix工具来发送给nginx进程。这样就可以通过指定的PID来直接向nginx进程发送信号。这些nginx PID默认记录在`nginx.pid`文件中,该文件一般位于`/usr/local/nginx/logs`或`/var/run`文件夹中。
例如,master进程的PID为1628,要向其发送`QUIT`信号来将nginx“优雅”地关闭,应当这样执行命令:
> kill -s QUIT 1628
For getting the list of all running nginx processes, the `ps` utility may be used, for example, in the following way:
要获得所有的nginx进程信息,可以使用`ps`命令,例如:
> ps -ax | grep nginx
For more information on sending signals to nginx, see [Controlling nginx](https://nginx.org/en/docs/control.html).
想要了解更多的关于将信号发送至nginx进程的方法,详见:[控制nginx](https://nginx.org/en/docs/control.html)
#### 配置文件结构 / Configuration File’s Structure
nginx consists of modules which are controlled by **directives** specified in the configuration file. Directives are divided into simple directives and block directives. A simple directive consists of the name and parameters **separated** by spaces and ends with a **semicolon**(`;`). A block directive has the same structure as a simple directive, but instead of the semicolon it ends with a set of additional instructions surrounded by **braces** (`{` and `}`). If a block directive can have other directives inside braces, it is called a context (examples: [events](https://nginx.org/en/docs/ngx_core_module.html#events), [http](https://nginx.org/en/docs/http/ngx_http_core_module.html#http), [server](https://nginx.org/en/docs/http/ngx_http_core_module.html#server), and [location](https://nginx.org/en/docs/http/ngx_http_core_module.html#location)).
nginx是由多个模块构成的,而这些模块是由配置文件中设定的**指令**控制的。
这些指令分成数个基本指令和指令块。一条基本指令包括指令名及若干个以空格**分隔**的参数,并且以`;`(**分号**)结束。指令块跟基本指令有相似的结构,但跟基本指令不同的是,指令块不以分号结束,而是以一组**大括号**括起来的附加指令结束。如果一个指令块的大括号里边包括有其他的指令,则会被称为~~*“context”*~~(姑且也成为块吧...)(例如:[events块](https://nginx.org/en/docs/ngx_core_module.html#events)、[http块](https://nginx.org/en/docs/http/ngx_http_core_module.html#http)、 [server块](https://nginx.org/en/docs/http/ngx_http_core_module.html#server)以及[location块](https://nginx.org/en/docs/http/ngx_http_core_module.html#location))
Directives placed in the configuration file outside of any contexts are considered to be in the [main](https://nginx.org/en/docs/ngx_core_module.html) context. The `events` and `http` directives reside in the `main` context, `server` in `http`, and `location` in `server`.
The rest of a line after the `#` sign is considered a comment.
放置在任何块之外的指令被视作是放置于main块当中。`events`和`http`指令块是放在main块中的;`server`块是放在`http`块中的;而`location`块则又放置在`server`块中
在一行中以`#`开始的部分则会被视作注释。
#### 处理静态内容请求 / Serving Static Content
An important web server task is serving out files (such as images or static HTML pages). You will implement an example where, depending on the request, files will be served from different local directories: `/data/www` (which may contain HTML files) and `/data/images` (containing images). This will require editing of the configuration file and setting up of a [server](https://nginx.org/en/docs/http/ngx_http_core_module.html#server) block inside the [http](https://nginx.org/en/docs/http/ngx_http_core_module.html#http) block with two [location](https://nginx.org/en/docs/http/ngx_http_core_module.html#location) blocks.
传输文件(例如图像或者静态HTML页面之类的数据)是网络服务中非常重要的一部分。
你在这里将会实现一个根据请求来从本地目录`/data/www`(包含了HTML文件)和`/data/image`(包含了图像)对外分提供文件的例子。
这需要你编辑配置文件并在http块中设置一个server块,而在这个server块中又包含有两个location块。
First, create the `/data/www` directory and put an `index.html` file with any text content into it and create the `/data/images` directory and place some images in it.
首先,创建`/data/www`目录,并将一个`index.html`文件放置于其中,文件内容文本随意;同时还应当创建好`/data/images`目录,并把一些图片放进去。
Next, open the configuration file. The default configuration file already includes several examples of the `server` block, mostly **commented out**. For now comment out all such blocks and start a new `server` block:
接着,打开配置文件。默认的配置文件已经包含有一些`server`块的例子了,大部分是被**注释掉**的。现在,把所有的类似的块都给注释掉,然后自己新建一个`server`块。
```nginx
http {
server {
}
}
```
Generally, the configuration file may include several `server` blocks [distinguished](https://nginx.org/en/docs/http/request_processing.html) by ports on which they [listen](https://nginx.org/en/docs/http/ngx_http_core_module.html#listen) to and by [server names](https://nginx.org/en/docs/http/server_names.html). Once nginx decides which `server` processes a request, it tests the URI specified in the request’s header against the parameters of the `location` directives defined inside the `server` block.
通常来说,配置文件可能会包含好几个`server`块,这些`server`块是根据其[侦听的端口(listen)](https://nginx.org/en/docs/http/ngx_http_core_module.html#listen)以及[服务器名(server_name)](https://nginx.org/en/docs/http/server_names.html)来进行[区分](https://nginx.org/en/docs/http/request_processing.html)的,nginx会把在请求头中指定的URI参数与在`server`块中`location`指令的参数进行匹配。
Add the following `location` block to the `server` block:
在`server`块添加一个像这样的`location`块:
```nginx
loaction / {
root /data/www;
}
```
This `location` block specifies the “`/`” prefix compared with the URI from the request. For matching requests, the URI will be added to the path specified in the [root](https://nginx.org/en/docs/http/ngx_http_core_module.html#root) directive, that is, to `/data/www`, to form the path to the requested file on the local file system. If there are several matching `location` blocks nginx selects the one with the longest prefix. The `location` block above provides the shortest prefix, of length one, and so only if all other `location` blocks fail to provide a match, this block will be used.
Next, add the second `location` block:
(前缀(路径)匹配规则)这个`location`块指定了与之相配的URI路径`/`。对于匹配到的请求,这个URI会被添加到在[root](https://nginx.org/en/docs/http/ngx_http_core_module.html#root)指令中设定的路径,也就是`/data/www`,以形成请求本地文件的路径。如有多个`location`块能被匹配到,nginx会使用路径最长的那个`location`块。上述示例中的`location`块只提供了最短的路径,长度为1,所以在只有其他路径都匹配不到的时候才会被使用。
接着,添加第二个`location`块:
```nginx
location /images/ {
root /data;
}
```
It will be a match for requests starting with `/images/` (`location /` also matches such requests, but has shorter prefix).
The resulting configuration of the `server` block should look like this:
这能够使其匹配到以`/images/`开头的请求(当然`location /`也能被匹配到,但它的路径更短,所以不会被使用)。
最终这个`server`块是这样子的:
```nginx
server {
location / {
root /data/www;
}
location /images/ {
root /data;
}
}
```
This is already a working configuration of a server that listens on the standard port 80 and is accessible on the local machine at `http://localhost/`. In response to requests with URIs starting with `/images/`, the server will send files from the `/data/images` directory. For example, in response to the `http://localhost/images/example.png` request nginx will send the `/data/images/example.png` file. If such file does not exist, nginx will send a response **indicating** the 404 error. Requests with URIs not starting with `/images/` will be **mapped onto** the `/data/www` directory. For example, in response to the `http://localhost/some/example.html` request nginx will send the `/data/www/some/example.html` file.
现在,这个`server`块侦听在80端口上,在本地计算机通过地址`http://localhost/`就能访问到。
对于以`/images/`为开头的请求,服务器会从`/data/images/`目录获取文件,并将文件数据返回。
- 例如:对于请求`http://localhost/images/example.png`,nginx将会把`/data/images/example.png`文件发送出去。
如果文件不存在,nginx会发送**表示**404错误的响应。除了`/images/`为开头的请求,其他的请求都会被**映射到**`/data/www`文件夹中。
- 例如:对于请求`http://localhost/some/example.html`,nginx将会把`/data/www/some/example.html`文件发送出去。
To apply the new configuration, start nginx if it is not yet started or send the `reload` signal to the nginx’s master process, by executing:
为了使配置生效,启动nginx(如果nginx没有启动起来的话),或者通过执行以下命令来将`reload`命令发送给nginx的master进程:
> nginx -s reload
In case something does not work as expected, you may try to find out the reason in `access.log` and `error.log` files in the directory `/usr/local/nginx/logs` or `/var/log/nginx`.
如果因为各种原因,nginx并没有像预期的那样工作,你应该去在`/usr/local/nginx/logs` 或者 `/var/log/nginx`的日志文件`access.log`和`error.log`那里看看出什么问题了。
#### 设置一个简单的反代服务器 / Setting Up a Simple Proxy Server
One of the **frequent** uses of nginx is setting it up as a proxy server, which means a server that receives requests, **passes** them to the proxied servers, **retrieves** responses from them, and sends them to the clients.
nginx的另一个**常用**的用法是将其设成一个代理服务器,这意味着发送到服务器的请求会被路由**转发**到被代理的服务器上,并且相应的响应也会被转发回客户端(请求者)。
We will configure a basic proxy server, which serves requests of images with files from the local directory and sends all other requests to a proxied server. In this example, both servers will be defined on a single nginx **instance**.
这里,我们将会设置一个基本的代理服务器,来实现将本地的图片请求发送出去,并且把其他所有的请求交给被代理的服务器。在这个例子中,两个服务器(被代理服务器、代理服务器)都是设定在同一个nginx**实例**上的。
First, define the proxied server by adding one more `server` block to the nginx’s configuration file with the following contents:
首先,新增一个`server`块到nginx的配置文件中,像下面那样,以便新增一个被代理服务器:
```nginx
server {
listen 8080;
root /data/up1;
location / {
}
}
```
This will be a simple server that listens on the port 8080 (previously, the `listen` directive has not been specified since the standard port 80 was used) and maps all requests to the `/data/up1` directory on the local file system. Create this directory and put the `index.html` file into it. Note that the `root` directive is placed in the `server` context. Such `root` directive is used when the `location` block selected for serving a request does not include its own `root` directive.
这样,一个侦听在8080端口的服务器就成了(在之前的例子中,由于没有定义`listen`,因此侦听的是默认的80端口),在这个服务器中,所有的请求都会映射到本地文件系统的`/data/up1`目录中。把这个目录创建好,然后把`index.html`放在里边。
这里的`root`指令是放在`server`部分的。像这种在`location`外的`root`指令是`location`里面没有指定`root`的时候生效的
Next, use the server configuration from the previous section and modify it to make it a proxy server configuration. In the first `location` block, put the [proxy_pass](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass) directive with the protocol, name and port of the proxied server specified in the parameter (in our case, it is `http://localhost:8080`):
接着,用回之前的例子,改一改,来让这个配置文件设置成一个代理服务器的配置文件。在第一个`location`里边,加入[proxy_pass](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass)指令,在其参数中带上想要代理的服务器的协议、名称(地址)以及端口,在我们的这个例子中,应该写成`http://localhost:8080`。
```nginx
server {
location / {
proxy_pass http://localhost:8080;
}
location /images/ {
root /data;
}
}
```
We will modify the second `location` block, which currently maps requests with the `/images/` prefix to the files under the `/data/images` directory, to make it match the requests of images with typical file extensions. The modified `location` block looks like this:
修改第二个`location`块,它能把路径为`/images/`开头的的请求路由到`/data/images`目录下,并且只匹配后缀为`.gif`、`.jpg`或`.png`的文件请求。
修改后的`location`块如下所示:
```nginx
location ~ \.(gif|jpg|png)$ {
root /data/images;
}
```
The parameter is a regular expression matching all URIs ending with `.gif`, `.jpg`, or `.png`. A regular expression should be preceded with `~`. The corresponding requests will be mapped to the `/data/images` directory.
这个参数是一个正则表达式,能匹配所有以`.gif`、`.jpg`或`.png`结尾的URI。正则表达式前面应加上`~`。相应的请求将被映射到`/data/images`目录中。
When nginx selects a `location` block to serve a request it first checks [location](https://nginx.org/en/docs/http/ngx_http_core_module.html#location) directives that specify prefixes, remembering `location` with the longest prefix, and then checks regular expressions. If there is a match with a regular expression, nginx picks this `location` or, otherwise, it picks the one remembered earlier.
The resulting configuration of a proxy server will look like this:
当nginx选择用哪一个`location`块来处理请求时,它首先检查指定路径的[location](https://nginx.org/en/docs/http/ngx_http_core_module.html#location)指令,然后再检查用正则表达式的`location`。如果有匹配,nginx会就选择这个用正则表达式作为参数的`location`,否则就使用路径最长的`location`块来处理请求。
最终的配置是这样的:
```nginx
server {
location / {
proxy_pass http://localhost:8080/;
}
location ~ \.(gif|jpg|png)$ {
root /data/images;
}
}
```
This server will filter requests ending with `.gif`, `.jpg`, or `.png` and map them to the `/data/images` directory (by adding URI to the `root` directive’s parameter) and pass all other requests to the proxied server configured above.
To apply new configuration, send the `reload` signal to nginx as described in the previous sections.
There are many [more](https://nginx.org/en/docs/http/ngx_http_proxy_module.html) directives that may be used to further configure a proxy connection.
现在,这个`server`能够处理以`.gif`、`.jpg`或`.png`结尾的请求,并将它们映射到`/data/images`目录(通过在`root`指令的参数中添加URI路径作为真实文件路径),其他的请求就会转发到配置好的被代理服务器上。
要让配置生效,还是想上面那样,运行`nginx -s reload`。
有[很多指令](https://nginx.org/en/docs/http/ngx_http_proxy_module.html)可以用来进一步配置代理连接。
#### Setting Up FastCGI Proxying / FastCGI代理设置
nginx can be used to route requests to FastCGI servers which run applications built with various frameworks and programming languages such as PHP.
The most basic nginx configuration to work with a FastCGI server includes using the [fastcgi_pass](https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_pass) directive instead of the `proxy_pass` directive, and [fastcgi_param](https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_param) directives to set parameters passed to a FastCGI server. Suppose the FastCGI server is accessible on `localhost:9000`. Taking the proxy configuration from the previous section as a basis, replace the `proxy_pass` directive with the `fastcgi_pass` directive and change the parameter to `localhost:9000`. In PHP, the `SCRIPT_FILENAME` parameter is used for determining the script name, and the `QUERY_STRING` parameter is used to pass request parameters. The resulting configuration would be:
nginx可以用来路由请求到FastCGI服务器,以便运行用各种框架和编程语言(如PHP)构建的应用程序。
在这里的配置中,代理转发用的是[fastcgi_pass](https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_pass)指令而不是`proxy_pass`指令;[fastcgi_param](https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_param)指令是用来设置传递给FastCGI服务器的参数。
假设我们的FastCGI服务器运行在`localhost:9000`上。
以上一节的代理配置为基础,将`proxy_pass`指令改成`fastcgi_pass`,把参数改成`localhost:9000`。
在PHP中,`SCRIPT_FILENAME`参数用来确定脚本名称,`QUERY_STRING`参数是用来用于传递请求参数的。
最终的配置是这样的:
```nginx
server {
location / {
fastcgi_pass localhost:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
}
location ~ \.(gif|jpg|png)$ {
root /data/images;
}
}
```
This will set up a server that will route all requests except for requests for static images to the proxied server operating on `localhost:9000` through the FastCGI protocol.
这样,nginx就会通过FastCGI协议把所有的请求(除了那些图像的静态请求)路由到运行在`localhost:9000`的FastCGI服务器上。

@ -0,0 +1,506 @@
## Building nginx from Sources
The build is configured using the `configure` command. It defines various aspects of the system, including the methods nginx is allowed to use for connection processing. At the end it creates a `Makefile`.
The `configure` command supports the following parameters:
`--help`
prints a help message.
``--prefix=`*path*` ``
defines a directory that will keep server files. This same directory will also be used for all relative paths set by `configure` (except for paths to libraries sources) and in the `nginx.conf` configuration file. It is set to the `/usr/local/nginx` directory by default.
``--sbin-path=`*path*` ``
sets the name of an nginx executable file. This name is used only during installation. By default the file is named `` `*prefix*`/sbin/nginx``.
``--modules-path=`*path*` ``
defines a directory where nginx dynamic modules will be installed. By default the `` `*prefix*`/modules`` directory is used.
``--conf-path=`*path*` ``
sets the name of an `nginx.conf` configuration file. If needs be, nginx can always be started with a different configuration file, by specifying it in the command-line parameter ``-c `*file*` ``. By default the file is named `` `*prefix*`/conf/nginx.conf``.
``--error-log-path=`*path*` ``
sets the name of the primary error, warnings, and diagnostic file. After installation, the file name can always be changed in the `nginx.conf` configuration file using the [error_log](https://nginx.org/en/docs/ngx_core_module.html#error_log) directive. By default the file is named `` `*prefix*`/logs/error.log``.
``--pid-path=`*path*` ``
sets the name of an `nginx.pid` file that will store the process ID of the main process. After installation, the file name can always be changed in the `nginx.conf` configuration file using the [pid](https://nginx.org/en/docs/ngx_core_module.html#pid) directive. By default the file is named `` `*prefix*`/logs/nginx.pid``.
``--lock-path=`*path*` ``
sets a prefix for the names of lock files. After installation, the value can always be changed in the `nginx.conf` configuration file using the [lock_file](https://nginx.org/en/docs/ngx_core_module.html#lock_file) directive. By default the value is `` `*prefix*`/logs/nginx.lock``.
``--user=`*name*` ``
sets the name of an unprivileged user whose credentials will be used by worker processes. After installation, the name can always be changed in the `nginx.conf` configuration file using the [user](https://nginx.org/en/docs/ngx_core_module.html#user) directive. The default user name is nobody.
``--group=`*name*` ``
sets the name of a group whose credentials will be used by worker processes. After installation, the name can always be changed in the `nginx.conf` configuration file using the [user](https://nginx.org/en/docs/ngx_core_module.html#user) directive. By default, a group name is set to the name of an unprivileged user.
``--build=`*name*` ``
sets an optional nginx build name.
``--builddir=`*path*` ``
sets a build directory.
`--with-select_module`
`--without-select_module`
enables or disables building a module that allows the server to work with the `select()` method. This module is built automatically if the platform does not appear to support more appropriate methods such as kqueue, epoll, or /dev/poll.
`--with-poll_module`
`--without-poll_module`
enables or disables building a module that allows the server to work with the `poll()` method. This module is built automatically if the platform does not appear to support more appropriate methods such as kqueue, epoll, or /dev/poll.
`--with-threads`
enables the use of [thread pools](https://nginx.org/en/docs/ngx_core_module.html#thread_pool).
`--with-file-aio`
enables the use of [asynchronous file I/O](https://nginx.org/en/docs/http/ngx_http_core_module.html#aio) (AIO) on FreeBSD and Linux.
`--with-http_ssl_module`
enables building a module that adds the [HTTPS protocol support](https://nginx.org/en/docs/http/ngx_http_ssl_module.html) to an HTTP server. This module is not built by default. The OpenSSL library is required to build and run this module.
`--with-http_v2_module`
enables building a module that provides support for [HTTP/2](https://nginx.org/en/docs/http/ngx_http_v2_module.html). This module is not built by default.
`--with-http_realip_module`
enables building the [ngx_http_realip_module](https://nginx.org/en/docs/http/ngx_http_realip_module.html) module that changes the client address to the address sent in the specified header field. This module is not built by default.
`--with-http_addition_module`
enables building the [ngx_http_addition_module](https://nginx.org/en/docs/http/ngx_http_addition_module.html) module that adds text before and after a response. This module is not built by default.
`--with-http_xslt_module`
`--with-http_xslt_module=dynamic`
enables building the [ngx_http_xslt_module](https://nginx.org/en/docs/http/ngx_http_xslt_module.html) module that transforms XML responses using one or more XSLT stylesheets. This module is not built by default. The [libxml2](http://xmlsoft.org/) and [libxslt](http://xmlsoft.org/XSLT/) libraries are required to build and run this module.
`--with-http_image_filter_module`
`--with-http_image_filter_module=dynamic`
enables building the [ngx_http_image_filter_module](https://nginx.org/en/docs/http/ngx_http_image_filter_module.html) module that transforms images in JPEG, GIF, PNG, and WebP formats. This module is not built by default.
`--with-http_geoip_module`
`--with-http_geoip_module=dynamic`
enables building the [ngx_http_geoip_module](https://nginx.org/en/docs/http/ngx_http_geoip_module.html) module that creates variables depending on the client IP address and the precompiled [MaxMind](http://www.maxmind.com/) databases. This module is not built by default.
`--with-http_sub_module`
enables building the [ngx_http_sub_module](https://nginx.org/en/docs/http/ngx_http_sub_module.html) module that modifies a response by replacing one specified string by another. This module is not built by default.
`--with-http_dav_module`
enables building the [ngx_http_dav_module](https://nginx.org/en/docs/http/ngx_http_dav_module.html) module that provides file management automation via the WebDAV protocol. This module is not built by default.
`--with-http_flv_module`
enables building the [ngx_http_flv_module](https://nginx.org/en/docs/http/ngx_http_flv_module.html) module that provides pseudo-streaming server-side support for Flash Video (FLV) files. This module is not built by default.
`--with-http_mp4_module`
enables building the [ngx_http_mp4_module](https://nginx.org/en/docs/http/ngx_http_mp4_module.html) module that provides pseudo-streaming server-side support for MP4 files. This module is not built by default.
`--with-http_gunzip_module`
enables building the [ngx_http_gunzip_module](https://nginx.org/en/docs/http/ngx_http_gunzip_module.html) module that decompresses responses with “`Content-Encoding: gzip`” for clients that do not support “gzip” encoding method. This module is not built by default.
`--with-http_gzip_static_module`
enables building the [ngx_http_gzip_static_module](https://nginx.org/en/docs/http/ngx_http_gzip_static_module.html) module that enables sending precompressed files with the “`.gz`” filename extension instead of regular files. This module is not built by default.
`--with-http_auth_request_module`
enables building the [ngx_http_auth_request_module](https://nginx.org/en/docs/http/ngx_http_auth_request_module.html) module that implements client authorization based on the result of a subrequest. This module is not built by default.
`--with-http_random_index_module`
enables building the [ngx_http_random_index_module](https://nginx.org/en/docs/http/ngx_http_random_index_module.html) module that processes requests ending with the slash character (‘`/`’) and picks a random file in a directory to serve as an index file. This module is not built by default.
`--with-http_secure_link_module`
enables building the [ngx_http_secure_link_module](https://nginx.org/en/docs/http/ngx_http_secure_link_module.html) module. This module is not built by default.
`--with-http_degradation_module`
enables building the `ngx_http_degradation_module` module. This module is not built by default.
`--with-http_slice_module`
enables building the [ngx_http_slice_module](https://nginx.org/en/docs/http/ngx_http_slice_module.html) module that splits a request into subrequests, each returning a certain range of response. The module provides more effective caching of big responses. This module is not built by default.
`--with-http_stub_status_module`
enables building the [ngx_http_stub_status_module](https://nginx.org/en/docs/http/ngx_http_stub_status_module.html) module that provides access to basic status information. This module is not built by default.
`--without-http_charset_module`
disables building the [ngx_http_charset_module](https://nginx.org/en/docs/http/ngx_http_charset_module.html) module that adds the specified charset to the “Content-Type” response header field and can additionally convert data from one charset to another.
`--without-http_gzip_module`
disables building a module that [compresses responses](https://nginx.org/en/docs/http/ngx_http_gzip_module.html) of an HTTP server. The zlib library is required to build and run this module.
`--without-http_ssi_module`
disables building the [ngx_http_ssi_module](https://nginx.org/en/docs/http/ngx_http_ssi_module.html) module that processes SSI (Server Side Includes) commands in responses passing through it.
`--without-http_userid_module`
disables building the [ngx_http_userid_module](https://nginx.org/en/docs/http/ngx_http_userid_module.html) module that sets cookies suitable for client identification.
`--without-http_access_module`
disables building the [ngx_http_access_module](https://nginx.org/en/docs/http/ngx_http_access_module.html) module that allows limiting access to certain client addresses.
`--without-http_auth_basic_module`
disables building the [ngx_http_auth_basic_module](https://nginx.org/en/docs/http/ngx_http_auth_basic_module.html) module that allows limiting access to resources by validating the user name and password using the “HTTP Basic Authentication” protocol.
`--without-http_mirror_module`
disables building the [ngx_http_mirror_module](https://nginx.org/en/docs/http/ngx_http_mirror_module.html) module that implements mirroring of an original request by creating background mirror subrequests.
`--without-http_autoindex_module`
disables building the [ngx_http_autoindex_module](https://nginx.org/en/docs/http/ngx_http_autoindex_module.html) module that processes requests ending with the slash character (‘`/`’) and produces a directory listing in case the [ngx_http_index_module](https://nginx.org/en/docs/http/ngx_http_index_module.html) module cannot find an index file.
`--without-http_geo_module`
disables building the [ngx_http_geo_module](https://nginx.org/en/docs/http/ngx_http_geo_module.html) module that creates variables with values depending on the client IP address.
`--without-http_map_module`
disables building the [ngx_http_map_module](https://nginx.org/en/docs/http/ngx_http_map_module.html) module that creates variables with values depending on values of other variables.
`--without-http_split_clients_module`
disables building the [ngx_http_split_clients_module](https://nginx.org/en/docs/http/ngx_http_split_clients_module.html) module that creates variables for A/B testing.
`--without-http_referer_module`
disables building the [ngx_http_referer_module](https://nginx.org/en/docs/http/ngx_http_referer_module.html) module that can block access to a site for requests with invalid values in the “Referer” header field.
`--without-http_rewrite_module`
disables building a module that allows an HTTP server to [redirect requests and change URI of requests](https://nginx.org/en/docs/http/ngx_http_rewrite_module.html). The PCRE library is required to build and run this module.
`--without-http_proxy_module`
disables building an HTTP server [proxying module](https://nginx.org/en/docs/http/ngx_http_proxy_module.html).
`--without-http_fastcgi_module`
disables building the [ngx_http_fastcgi_module](https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html) module that passes requests to a FastCGI server.
`--without-http_uwsgi_module`
disables building the [ngx_http_uwsgi_module](https://nginx.org/en/docs/http/ngx_http_uwsgi_module.html) module that passes requests to a uwsgi server.
`--without-http_scgi_module`
disables building the [ngx_http_scgi_module](https://nginx.org/en/docs/http/ngx_http_scgi_module.html) module that passes requests to an SCGI server.
`--without-http_grpc_module`
disables building the [ngx_http_grpc_module](https://nginx.org/en/docs/http/ngx_http_grpc_module.html) module that passes requests to a gRPC server.
`--without-http_memcached_module`
disables building the [ngx_http_memcached_module](https://nginx.org/en/docs/http/ngx_http_memcached_module.html) module that obtains responses from a memcached server.
`--without-http_limit_conn_module`
disables building the [ngx_http_limit_conn_module](https://nginx.org/en/docs/http/ngx_http_limit_conn_module.html) module that limits the number of connections per key, for example, the number of connections from a single IP address.
`--without-http_limit_req_module`
disables building the [ngx_http_limit_req_module](https://nginx.org/en/docs/http/ngx_http_limit_req_module.html) module that limits the request processing rate per key, for example, the processing rate of requests coming from a single IP address.
`--without-http_empty_gif_module`
disables building a module that [emits single-pixel transparent GIF](https://nginx.org/en/docs/http/ngx_http_empty_gif_module.html).
`--without-http_browser_module`
disables building the [ngx_http_browser_module](https://nginx.org/en/docs/http/ngx_http_browser_module.html) module that creates variables whose values depend on the value of the “User-Agent” request header field.
`--without-http_upstream_hash_module`
disables building a module that implements the [hash](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#hash) load balancing method.
`--without-http_upstream_ip_hash_module`
disables building a module that implements the [ip_hash](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#ip_hash) load balancing method.
`--without-http_upstream_least_conn_module`
disables building a module that implements the [least_conn](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#least_conn) load balancing method.
`--without-http_upstream_random_module`
disables building a module that implements the [random](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#random) load balancing method.
`--without-http_upstream_keepalive_module`
disables building a module that provides [caching of connections](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive) to upstream servers.
`--without-http_upstream_zone_module`
disables building a module that makes it possible to store run-time state of an upstream group in a shared memory [zone](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#zone).
`--with-http_perl_module`
`--with-http_perl_module=dynamic`
enables building the [embedded Perl module](https://nginx.org/en/docs/http/ngx_http_perl_module.html). This module is not built by default.
``--with-perl_modules_path=`*path*` ``
defines a directory that will keep Perl modules.
``--with-perl=`*path*` ``
sets the name of the Perl binary.
``--http-log-path=`*path*` ``
sets the name of the primary request log file of the HTTP server. After installation, the file name can always be changed in the `nginx.conf` configuration file using the [access_log](https://nginx.org/en/docs/http/ngx_http_log_module.html#access_log) directive. By default the file is named `` `*prefix*`/logs/access.log``.
``--http-client-body-temp-path=`*path*` ``
defines a directory for storing temporary files that hold client request bodies. After installation, the directory can always be changed in the `nginx.conf` configuration file using the [client_body_temp_path](https://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_temp_path) directive. By default the directory is named `` `*prefix*`/client_body_temp``.
``--http-proxy-temp-path=`*path*` ``
defines a directory for storing temporary files with data received from proxied servers. After installation, the directory can always be changed in the `nginx.conf` configuration file using the [proxy_temp_path](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_temp_path) directive. By default the directory is named `` `*prefix*`/proxy_temp``.
``--http-fastcgi-temp-path=`*path*` ``
defines a directory for storing temporary files with data received from FastCGI servers. After installation, the directory can always be changed in the `nginx.conf` configuration file using the [fastcgi_temp_path](https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_temp_path) directive. By default the directory is named `` `*prefix*`/fastcgi_temp``.
``--http-uwsgi-temp-path=`*path*` ``
defines a directory for storing temporary files with data received from uwsgi servers. After installation, the directory can always be changed in the `nginx.conf` configuration file using the [uwsgi_temp_path](https://nginx.org/en/docs/http/ngx_http_uwsgi_module.html#uwsgi_temp_path) directive. By default the directory is named `` `*prefix*`/uwsgi_temp``.
``--http-scgi-temp-path=`*path*` ``
defines a directory for storing temporary files with data received from SCGI servers. After installation, the directory can always be changed in the `nginx.conf` configuration file using the [scgi_temp_path](https://nginx.org/en/docs/http/ngx_http_scgi_module.html#scgi_temp_path) directive. By default the directory is named `` `*prefix*`/scgi_temp``.
`--without-http`
disables the [HTTP](https://nginx.org/en/docs/http/ngx_http_core_module.html) server.
`--without-http-cache`
disables HTTP cache.
`--with-mail`
`--with-mail=dynamic`
enables POP3/IMAP4/SMTP [mail proxy](https://nginx.org/en/docs/mail/ngx_mail_core_module.html) server.
`--with-mail_ssl_module`
enables building a module that adds the [SSL/TLS protocol support](https://nginx.org/en/docs/mail/ngx_mail_ssl_module.html) to the mail proxy server. This module is not built by default. The OpenSSL library is required to build and run this module.
`--without-mail_pop3_module`
disables the [POP3](https://nginx.org/en/docs/mail/ngx_mail_pop3_module.html) protocol in mail proxy server.
`--without-mail_imap_module`
disables the [IMAP](https://nginx.org/en/docs/mail/ngx_mail_imap_module.html) protocol in mail proxy server.
`--without-mail_smtp_module`
disables the [SMTP](https://nginx.org/en/docs/mail/ngx_mail_smtp_module.html) protocol in mail proxy server.
`--with-stream`
`--with-stream=dynamic`
enables building the [stream module](https://nginx.org/en/docs/stream/ngx_stream_core_module.html) for generic TCP/UDP proxying and load balancing. This module is not built by default.
`--with-stream_ssl_module`
enables building a module that adds the [SSL/TLS protocol support](https://nginx.org/en/docs/stream/ngx_stream_ssl_module.html) to the stream module. This module is not built by default. The OpenSSL library is required to build and run this module.
`--with-stream_realip_module`
enables building the [ngx_stream_realip_module](https://nginx.org/en/docs/stream/ngx_stream_realip_module.html) module that changes the client address to the address sent in the PROXY protocol header. This module is not built by default.
`--with-stream_geoip_module`
`--with-stream_geoip_module=dynamic`
enables building the [ngx_stream_geoip_module](https://nginx.org/en/docs/stream/ngx_stream_geoip_module.html) module that creates variables depending on the client IP address and the precompiled [MaxMind](http://www.maxmind.com/) databases. This module is not built by default.
`--with-stream_ssl_preread_module`
enables building the [ngx_stream_ssl_preread_module](https://nginx.org/en/docs/stream/ngx_stream_ssl_preread_module.html) module that allows extracting information from the [ClientHello](https://datatracker.ietf.org/doc/html/rfc5246#section-7.4.1.2) message without terminating SSL/TLS. This module is not built by default.
`--without-stream_limit_conn_module`
disables building the [ngx_stream_limit_conn_module](https://nginx.org/en/docs/stream/ngx_stream_limit_conn_module.html) module that limits the number of connections per key, for example, the number of connections from a single IP address.
`--without-stream_access_module`
disables building the [ngx_stream_access_module](https://nginx.org/en/docs/stream/ngx_stream_access_module.html) module that allows limiting access to certain client addresses.
`--without-stream_geo_module`
disables building the [ngx_stream_geo_module](https://nginx.org/en/docs/stream/ngx_stream_geo_module.html) module that creates variables with values depending on the client IP address.
`--without-stream_map_module`
disables building the [ngx_stream_map_module](https://nginx.org/en/docs/stream/ngx_stream_map_module.html) module that creates variables with values depending on values of other variables.
`--without-stream_split_clients_module`
disables building the [ngx_stream_split_clients_module](https://nginx.org/en/docs/stream/ngx_stream_split_clients_module.html) module that creates variables for A/B testing.
`--without-stream_return_module`
disables building the [ngx_stream_return_module](https://nginx.org/en/docs/stream/ngx_stream_return_module.html) module that sends some specified value to the client and then closes the connection.
`--without-stream_set_module`
disables building the [ngx_stream_set_module](https://nginx.org/en/docs/stream/ngx_stream_set_module.html) module that sets a value for a variable.
`--without-stream_upstream_hash_module`
disables building a module that implements the [hash](https://nginx.org/en/docs/stream/ngx_stream_upstream_module.html#hash) load balancing method.
`--without-stream_upstream_least_conn_module`
disables building a module that implements the [least_conn](https://nginx.org/en/docs/stream/ngx_stream_upstream_module.html#least_conn) load balancing method.
`--without-stream_upstream_random_module`
disables building a module that implements the [random](https://nginx.org/en/docs/stream/ngx_stream_upstream_module.html#random) load balancing method.
`--without-stream_upstream_zone_module`
disables building a module that makes it possible to store run-time state of an upstream group in a shared memory [zone](https://nginx.org/en/docs/stream/ngx_stream_upstream_module.html#zone).
`--with-google_perftools_module`
enables building the [ngx_google_perftools_module](https://nginx.org/en/docs/ngx_google_perftools_module.html) module that enables profiling of nginx worker processes using [Google Performance Tools](https://github.com/gperftools/gperftools). The module is intended for nginx developers and is not built by default.
`--with-cpp_test_module`
enables building the `ngx_cpp_test_module` module.
``--add-module=`*path*` ``
enables an external module.
``--add-dynamic-module=`*path*` ``
enables an external dynamic module.
`--with-compat`
enables dynamic modules compatibility.
``--with-cc=`*path*` ``
sets the name of the C compiler.
``--with-cpp=`*path*` ``
sets the name of the C preprocessor.
``--with-cc-opt=`*parameters*` ``
sets additional parameters that will be added to the CFLAGS variable. When using the system PCRE library under FreeBSD, `--with-cc-opt="-I /usr/local/include"` should be specified. If the number of files supported by `select()` needs to be increased it can also be specified here such as this: `--with-cc-opt="-D FD_SETSIZE=2048"`.
``--with-ld-opt=`*parameters*` ``
sets additional parameters that will be used during linking. When using the system PCRE library under FreeBSD, `--with-ld-opt="-L /usr/local/lib"` should be specified.
``--with-cpu-opt=`*cpu*` ``
enables building per specified CPU: `pentium`, `pentiumpro`, `pentium3`, `pentium4`, `athlon`, `opteron`, `sparc32`, `sparc64`, `ppc64`.
`--without-pcre`
disables the usage of the PCRE library.
`--with-pcre`
forces the usage of the PCRE library.
``--with-pcre=`*path*` ``
sets the path to the sources of the PCRE library. The library distribution needs to be downloaded from the [PCRE](http://www.pcre.org/) site and extracted. The rest is done by nginx’s `./configure` and `make`. The library is required for regular expressions support in the [location](https://nginx.org/en/docs/http/ngx_http_core_module.html#location) directive and for the [ngx_http_rewrite_module](https://nginx.org/en/docs/http/ngx_http_rewrite_module.html) module.
``--with-pcre-opt=`*parameters*` ``
sets additional build options for PCRE.
`--with-pcre-jit`
builds the PCRE library with “just-in-time compilation” support (1.1.12, the [pcre_jit](https://nginx.org/en/docs/ngx_core_module.html#pcre_jit) directive).
`--without-pcre2`
disables use of the PCRE2 library instead of the original PCRE library (1.21.5).
``--with-zlib=`*path*` ``
sets the path to the sources of the zlib library. The library distribution (version 1.1.3 — 1.2.11) needs to be downloaded from the [zlib](http://zlib.net/) site and extracted. The rest is done by nginx’s `./configure` and `make`. The library is required for the [ngx_http_gzip_module](https://nginx.org/en/docs/http/ngx_http_gzip_module.html) module.
``--with-zlib-opt=`*parameters*` ``
sets additional build options for zlib.
``--with-zlib-asm=`*cpu*` ``
enables the use of the zlib assembler sources optimized for one of the specified CPUs: `pentium`, `pentiumpro`.
`--with-libatomic`
forces the libatomic_ops library usage.
``--with-libatomic=`*path*` ``
sets the path to the libatomic_ops library sources.
``--with-openssl=`*path*` ``
sets the path to the OpenSSL library sources.
``--with-openssl-opt=`*parameters*` ``
sets additional build options for OpenSSL.
`--with-debug`
enables the [debugging log](https://nginx.org/en/docs/debugging_log.html).
Example of parameters usage (all of this needs to be typed in one line):
> ./configure
> --sbin-path=/usr/local/nginx/nginx
> --conf-path=/usr/local/nginx/nginx.conf
> --pid-path=/usr/local/nginx/nginx.pid
> --with-http_ssl_module
> --with-pcre=../pcre2-10.39
> --with-zlib=../zlib-1.2.11
After configuration, nginx is compiled and installed using `make`.

@ -0,0 +1,144 @@
title: 控制nginx
cover: https://res.ciduid.top/blog/covers/cover(8).jpg
date: 2022-08-06 16:52:03
---
## Controlling nginx
[修改配置 Changing Configuration](https://nginx.org/en/docs/control.html#reconfiguration)
[日志切割 Rotating Log-files](https://nginx.org/en/docs/control.html#logs)
[热更新 Upgrading Executable on the Fly](https://nginx.org/en/docs/control.html#upgrade)
nginx can be controlled with signals. The process ID of the master process is written to the file `/usr/local/nginx/logs/nginx.pid` by default. This name may be changed at configuration time, or in `nginx.conf` using the [pid](https://nginx.org/en/docs/ngx_core_module.html#pid) directive. The master process supports the following signals:
nginx可以用信号来控制,nginx主进程ID默认写在`/usr/local/nginx/logs/nginx.pid`文件中。这个文件的位置可以在编译配置的时候指定,或者在`nginx.conf`中使用[pid](https://nginx.org/en/docs/ngx_core_module.html#pid)指令指定。
主进程支持以下信号的控制
> | | |
> | --- | --- |
> | TERM, INT | fast shutdown |
> | QUIT | graceful shutdown |
> | HUP | changing configuration, keeping up with a changed time zone (only for FreeBSD and Linux), starting new worker processes with a new configuration, graceful shutdown of old worker processes |
> | USR1 | re-opening log files |
> | USR2 | upgrading an executable file |
> | WINCH | graceful shutdown of worker processes |
> | | |
> | --- | --- |
> | TERM, INT | 快速关闭 |
> | QUIT | 平稳关闭 |
> | HUP | 用于一般用于配置文件更改,修改时区(仅适用于FreeBSD和Linux)时使用,用新的配置启动新的worker进程,平稳关闭旧的worker进程 |
> | USR1 | 重新打开日志文件 |
> | USR2 | 升级可执行文件 |
> | WINCH | 平稳关闭worker进程 |
Individual worker processes can be controlled with signals as well, though it is not required. The supported signals are:
单个worker进程也能用信号来控制,不过这不是必须的
支持的信号有
> | | |
> | --- | --- |
> | TERM, INT | fast shutdown |
> | QUIT | graceful shutdown |
> | USR1 | re-opening log files |
> | WINCH | abnormal termination for debugging (requires [debug_points](https://nginx.org/en/docs/ngx_core_module.html#debug_points) to be enabled) |
> | | |
> | --- | --- |
> | TERM, INT | 快速关闭 |
> | QUIT | 平稳关闭 |
> | USR1 | 重新打开日志文件 |
> | WINCH | 用于调试的非正常终止 (需要启用[debug_points](https://nginx.org/en/docs/ngx_core_module.html#debug_points)) |
#### Changing Configuration
In order for nginx to re-read the configuration file, a HUP signal should be sent to the master process. The master process first checks the syntax validity, then tries to apply new configuration, that is, to open log files and new listen sockets. If this fails, it rolls back changes and continues to work with old configuration. If this succeeds, it starts new worker processes, and sends messages to old worker processes requesting them to shut down gracefully. Old worker processes close listen sockets and continue to service old clients. After all clients are serviced, old worker processes are shut down.
为了让nginx重新读取配置文件,应该向主进程发送一个HUP信号。主进程首先检查语法的有效性,然后尝试应用新的配置,也就是打开日志文件和新的监听套接字。如果失败了,它就回滚变化,继续用旧的配置工作。如果成功了,它会启动新的工作进程,并向旧的工作进程发送消息,要求它们优雅地关闭。旧的工作进程关闭监听套接字,继续为旧的客户提供服务。在所有客户都得到服务后,旧的工作进程被关闭。
Let’s illustrate this by example. Imagine that nginx is run on FreeBSD and the command
> ps axw -o pid,ppid,user,%cpu,vsz,wchan,command | egrep '(nginx|PID)'
produces the following output:
> PID PPID USER %CPU VSZ WCHAN COMMAND
> 33126 1 root 0.0 1148 pause nginx: master process /usr/local/nginx/sbin/nginx
> 33127 33126 nobody 0.0 1380 kqread nginx: worker process (nginx)
> 33128 33126 nobody 0.0 1364 kqread nginx: worker process (nginx)
> 33129 33126 nobody 0.0 1364 kqread nginx: worker process (nginx)
If HUP is sent to the master process, the output becomes:
> PID PPID USER %CPU VSZ WCHAN COMMAND
> 33126 1 root 0.0 1164 pause nginx: master process /usr/local/nginx/sbin/nginx
> 33129 33126 nobody 0.0 1380 kqread nginx: worker process is shutting down (nginx)
> 33134 33126 nobody 0.0 1368 kqread nginx: worker process (nginx)
> 33135 33126 nobody 0.0 1368 kqread nginx: worker process (nginx)
> 33136 33126 nobody 0.0 1368 kqread nginx: worker process (nginx)
One of the old worker processes with PID 33129 still continues to work. After some time it exits:
> PID PPID USER %CPU VSZ WCHAN COMMAND
> 33126 1 root 0.0 1164 pause nginx: master process /usr/local/nginx/sbin/nginx
> 33134 33126 nobody 0.0 1368 kqread nginx: worker process (nginx)
> 33135 33126 nobody 0.0 1368 kqread nginx: worker process (nginx)
> 33136 33126 nobody 0.0 1368 kqread nginx: worker process (nginx)
#### Rotating Log-files
In order to rotate log files, they need to be renamed first. After that USR1 signal should be sent to the master process. The master process will then re-open all currently open log files and assign them an unprivileged user under which the worker processes are running, as an owner. After successful re-opening, the master process closes all open files and sends the message to worker process to ask them to re-open files. Worker processes also open new files and close old files right away. As a result, old files are almost immediately available for post processing, such as compression.
#### Upgrading Executable on the Fly
In order to upgrade the server executable, the new executable file should be put in place of an old file first. After that USR2 signal should be sent to the master process. The master process first renames its file with the process ID to a new file with the `.oldbin` suffix, e.g. `/usr/local/nginx/logs/nginx.pid.oldbin`, then starts a new executable file that in turn starts new worker processes:
> PID PPID USER %CPU VSZ WCHAN COMMAND
> 33126 1 root 0.0 1164 pause nginx: master process /usr/local/nginx/sbin/nginx
> 33134 33126 nobody 0.0 1368 kqread nginx: worker process (nginx)
> 33135 33126 nobody 0.0 1380 kqread nginx: worker process (nginx)
> 33136 33126 nobody 0.0 1368 kqread nginx: worker process (nginx)
> 36264 33126 root 0.0 1148 pause nginx: master process /usr/local/nginx/sbin/nginx
> 36265 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
> 36266 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
> 36267 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
After that all worker processes (old and new ones) continue to accept requests. If the WINCH signal is sent to the first master process, it will send messages to its worker processes, requesting them to shut down gracefully, and they will start to exit:
> PID PPID USER %CPU VSZ WCHAN COMMAND
> 33126 1 root 0.0 1164 pause nginx: master process /usr/local/nginx/sbin/nginx
> 33135 33126 nobody 0.0 1380 kqread nginx: worker process is shutting down (nginx)
> 36264 33126 root 0.0 1148 pause nginx: master process /usr/local/nginx/sbin/nginx
> 36265 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
> 36266 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
> 36267 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
After some time, only the new worker processes will process requests:
> PID PPID USER %CPU VSZ WCHAN COMMAND
> 33126 1 root 0.0 1164 pause nginx: master process /usr/local/nginx/sbin/nginx
> 36264 33126 root 0.0 1148 pause nginx: master process /usr/local/nginx/sbin/nginx
> 36265 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
> 36266 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
> 36267 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
It should be noted that the old master process does not close its listen sockets, and it can be managed to start its worker processes again if needed. If for some reason the new executable file works unacceptably, one of the following can be done:
- Send the HUP signal to the old master process. The old master process will start new worker processes without re-reading the configuration. After that, all new processes can be shut down gracefully, by sending the QUIT signal to the new master process.
- Send the TERM signal to the new master process. It will then send a message to its worker processes requesting them to exit immediately, and they will all exit almost immediately. (If new processes do not exit for some reason, the KILL signal should be sent to them to force them to exit.) When the new master process exits, the old master process will start new worker processes automatically.
If the new master process exits then the old master process discards the `.oldbin` suffix from the file name with the process ID.
If upgrade was successful, then the QUIT signal should be sent to the old master process, and only new processes will stay:
> PID PPID USER %CPU VSZ WCHAN COMMAND
> 36264 1 root 0.0 1148 pause nginx: master process /usr/local/nginx/sbin/nginx
> 36265 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
> 36266 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)
> 36267 36264 nobody 0.0 1364 kqread nginx: worker process (nginx)

@ -0,0 +1,10 @@
# 目录
1. [Beginner's Guide](https://huhu.ciduid.top/nginx-docs/beginners-guide.html)
2. [Configure](https://huhu.ciduid.top/nginx-docs/configure.html)
3. [Control](https://huhu.ciduid.top/nginx-docs/control.html)
4. [Install](https://huhu.ciduid.top/nginx-docs/install.html)
- [Linux Packages](https://huhu.ciduid.top/nginx-docs/linux-packages.html)

@ -0,0 +1,23 @@
# 安装nginx / Installing nginx
nginx can be installed differently, depending on the operating system.
根据系统的不一样,有很多种办法来安装nginx
## 在Linux上安装 / Installation on Linux
For Linux, nginx [packages](https://nginx.org/en/linux_packages.html) from nginx.org can be used.
对于linux,您可以使用来自nginx.org的[nginx软件包](https://nginx.org/en/linux_packages.html)
## 在FreeBSD上安装 / Installation on FreeBSD
On FreeBSD, nginx can be installed either from the [packages](https://docs.freebsd.org/en/books/handbook/ports/#pkgng-intro) or through the [ports](https://docs.freebsd.org/en/books/handbook/ports/#ports-using) system. The ports system provides greater flexibility, allowing selection among a wide range of options. The port will compile nginx with the specified options and install it.
在FreeBSD上,nginx可以从[packages](https://docs.freebsd.org/en/books/handbook/ports/#pkgng-intro)或通过[ports](https://docs.freebsd.org/en/books/handbook/ports/#ports-using)系统安装。ports系统提供了更大的灵活性,允许在大量的选项中进行选择。pors能够根据特定的选项来编译nginx并安装。
## 从源码安装 / Building from Sources
If some special functionality is required, not available with packages and ports, nginx can also be compiled from source files. While more flexible, this approach may be complex for a beginner. For more information, see [Building nginx from Sources](https://nginx.org/en/docs/configure.html).
如果您想要一些特别的功能,而这些功能是软件包和ports都没法提供,可以从源码编译安装nginx。虽然这种方法更加灵活,但对初学者来说可能比较复杂。详情可见[从源码构建nginx](https://nginx.org/en/docs/configure.html)。

@ -0,0 +1,350 @@
## nginx: Linux packages
[Supported distributions and versions](https://nginx.org/en/linux_packages.html#distributions)
[Installation instructions](https://nginx.org/en/linux_packages.html#instructions)
     [RHEL/CentOS](https://nginx.org/en/linux_packages.html#RHEL-CentOS)
     [Debian](https://nginx.org/en/linux_packages.html#Debian)
     [Ubuntu](https://nginx.org/en/linux_packages.html#Ubuntu)
     [SLES](https://nginx.org/en/linux_packages.html#SLES)
     [Alpine](https://nginx.org/en/linux_packages.html#Alpine)
     [Amazon Linux](https://nginx.org/en/linux_packages.html#Amazon-Linux)
[Source Packages](https://nginx.org/en/linux_packages.html#sourcepackages)
[Dynamic Modules](https://nginx.org/en/linux_packages.html#dynmodules)
[Signatures](https://nginx.org/en/linux_packages.html#signatures)
#### Supported distributions and versions
nginx packages are available for the following Linux distributions and versions:
[RHEL/CentOS](https://nginx.org/en/linux_packages.html#RHEL-CentOS)
> | Version | Supported Platforms |
> | ------- | ---------------------------- |
> | 7.4+ | x86_64, aarch64/arm64 |
> | 8.x | x86_64, aarch64/arm64, s390x |
> | 9.x | x86_64, aarch64/arm64, s390x |
[Debian](https://nginx.org/en/linux_packages.html#Debian)
> | Version | Supported Platforms |
> | --------------- | --------------------------- |
> | 10.x “buster” | x86_64, i386, aarch64/arm64 |
> | 11.x “bullseye” | x86_64, aarch64/arm64 |
[Ubuntu](https://nginx.org/en/linux_packages.html#Ubuntu)
> | Version | Supported Platforms |
> | -------------- | ---------------------------- |
> | 18.04 “bionic” | x86_64, aarch64/arm64 |
> | 20.04 “focal” | x86_64, aarch64/arm64, s390x |
> | 22.04 “jammy” | x86_64, aarch64/arm64, s390x |
[SLES](https://nginx.org/en/linux_packages.html#SLES)
> | Version | Supported Platforms |
> | ------- | ------------------- |
> | 12 SP5+ | x86_64 |
> | 15 SP2+ | x86_64 |
[Alpine](https://nginx.org/en/linux_packages.html#Alpine)
> | Version | Supported platforms |
> | ------- | --------------------- |
> | 3.13 | x86_64, aarch64/arm64 |
> | 3.14 | x86_64, aarch64/arm64 |
> | 3.15 | x86_64, aarch64/arm64 |
> | 3.16 | x86_64, aarch64/arm64 |
[Amazon Linux](https://nginx.org/en/linux_packages.html#Amazon-Linux)
> | Version | Supported platforms |
> | ------- | --------------------- |
> | 2 (LTS) | x86_64, aarch64/arm64 |
#### Installation instructions
Before you install nginx for the first time on a new machine, you need to set up the nginx packages repository. Afterward, you can install and update nginx from the repository.
#### RHEL/CentOS
Install the prerequisites:
> sudo yum install yum-utils
To set up the yum repository, create the file named `/etc/yum.repos.d/nginx.repo` with the following contents:
> [nginx-stable]
> name=nginx stable repo
> baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
> gpgcheck=1
> enabled=1
> gpgkey=https://nginx.org/keys/nginx_signing.key
> module_hotfixes=true
> [nginx-mainline]
> name=nginx mainline repo
> baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
> gpgcheck=1
> enabled=0
> gpgkey=https://nginx.org/keys/nginx_signing.key
> module_hotfixes=true
By default, the repository for stable nginx packages is used. If you would like to use mainline nginx packages, run the following command:
> sudo yum-config-manager --enable nginx-mainline
To install nginx, run the following command:
> sudo yum install nginx
When prompted to accept the GPG key, verify that the fingerprint matches `573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62`, and if so, accept it.
#### Debian
Install the prerequisites:
> sudo apt install curl gnupg2 ca-certificates lsb-release debian-archive-keyring
Import an official nginx signing key so apt could verify the packages authenticity. Fetch the key:
> curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
> | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
Verify that the downloaded file contains the proper key:
> gpg --dry-run --quiet --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
The output should contain the full fingerprint `573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62` as follows:
> pub rsa2048 2011-08-19 [SC] [expires: 2024-06-14]
> 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
> uid nginx signing key <signing-key@nginx.com>
If the fingerprint is different, remove the file.
To set up the apt repository for stable nginx packages, run the following command:
> echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
> http://nginx.org/packages/debian `lsb_release -cs` nginx" \
> | sudo tee /etc/apt/sources.list.d/nginx.list
If you would like to use mainline nginx packages, run the following command instead:
> echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
> http://nginx.org/packages/mainline/debian `lsb_release -cs` nginx" \
> | sudo tee /etc/apt/sources.list.d/nginx.list
Set up repository pinning to prefer our packages over distribution-provided ones:
> echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
> | sudo tee /etc/apt/preferences.d/99nginx
To install nginx, run the following commands:
> sudo apt update
> sudo apt install nginx
#### Ubuntu
Install the prerequisites:
> sudo apt install curl gnupg2 ca-certificates lsb-release ubuntu-keyring
Import an official nginx signing key so apt could verify the packages authenticity. Fetch the key:
> curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
> | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
Verify that the downloaded file contains the proper key:
> gpg --dry-run --quiet --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
The output should contain the full fingerprint `573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62` as follows:
> pub rsa2048 2011-08-19 [SC] [expires: 2024-06-14]
> 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
> uid nginx signing key <signing-key@nginx.com>
If the fingerprint is different, remove the file.
To set up the apt repository for stable nginx packages, run the following command:
> echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
> http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" \
> | sudo tee /etc/apt/sources.list.d/nginx.list
If you would like to use mainline nginx packages, run the following command instead:
> echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
> http://nginx.org/packages/mainline/ubuntu `lsb_release -cs` nginx" \
> | sudo tee /etc/apt/sources.list.d/nginx.list
Set up repository pinning to prefer our packages over distribution-provided ones:
> echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
> | sudo tee /etc/apt/preferences.d/99nginx
To install nginx, run the following commands:
> sudo apt update
> sudo apt install nginx
#### SLES
Install the prerequisites:
> sudo zypper install curl ca-certificates gpg2
To set up the zypper repository for stable nginx packages, run the following command:
> sudo zypper addrepo --gpgcheck --type yum --refresh --check \
> 'http://nginx.org/packages/sles/$releasever_major' nginx-stable
If you would like to use mainline nginx packages, run the following command instead:
> sudo zypper addrepo --gpgcheck --type yum --refresh --check \
> 'http://nginx.org/packages/mainline/sles/$releasever_major' nginx-mainline
Next, import an official nginx signing key so zypper/rpm could verify the packages authenticity. Fetch the key:
> curl -o /tmp/nginx_signing.key https://nginx.org/keys/nginx_signing.key
Verify that the downloaded file contains the proper key:
> gpg --with-fingerprint /tmp/nginx_signing.key
The output should contain the full fingerprint `573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62` as follows:
> pub 2048R/7BD9BF62 2011-08-19 [expires: 2024-06-14]
> Key fingerprint = 573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62
> uid nginx signing key <signing-key@nginx.com>
Finally, import the key to the rpm database:
> sudo rpmkeys --import /tmp/nginx_signing.key
To install nginx, run the following command:
> sudo zypper install nginx
#### Alpine
Install the prerequisites:
> sudo apk add openssl curl ca-certificates
To set up the apk repository for stable nginx packages, run the following command:
> printf "%s%s%s%s\n" \
> "@nginx " \
> "http://nginx.org/packages/alpine/v" \
> `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \
> "/main" \
> | sudo tee -a /etc/apk/repositories
If you would like to use mainline nginx packages, run the following command instead:
> printf "%s%s%s%s\n" \
> "@nginx " \
> "http://nginx.org/packages/mainline/alpine/v" \
> `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \
> "/main" \
> | sudo tee -a /etc/apk/repositories
Next, import an official nginx signing key so apk could verify the packages authenticity. Fetch the key:
> curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub
Verify that downloaded file contains the proper key:
> openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout
The output should contain the following modulus:
> Public-Key: (2048 bit)
> Modulus:
> 00:fe:14:f6:0a:1a:b8:86:19:fe:cd:ab:02:9f:58:
> 2f:37:70:15:74:d6:06:9b:81:55:90:99:96:cc:70:
> 5c:de:5b:e8:4c:b2:0c:47:5b:a8:a2:98:3d:11:b1:
> f6:7d:a0:46:df:24:23:c6:d0:24:52:67:ba:69:ab:
> 9a:4a:6a:66:2c:db:e1:09:f1:0d:b2:b0:e1:47:1f:
> 0a:46:ac:0d:82:f3:3c:8d:02:ce:08:43:19:d9:64:
> 86:c4:4e:07:12:c0:5b:43:ba:7d:17:8a:a3:f0:3d:
> 98:32:b9:75:66:f4:f0:1b:2d:94:5b:7c:1c:e6:f3:
> 04:7f:dd:25:b2:82:a6:41:04:b7:50:93:94:c4:7c:
> 34:7e:12:7c:bf:33:54:55:47:8c:42:94:40:8e:34:
> 5f:54:04:1d:9e:8c:57:48:d4:b0:f8:e4:03:db:3f:
> 68:6c:37:fa:62:14:1c:94:d6:de:f2:2b:68:29:17:
> 24:6d:f7:b5:b3:18:79:fd:31:5e:7f:4c:be:c0:99:
> 13:cc:e2:97:2b:dc:96:9c:9a:d0:a7:c5:77:82:67:
> c9:cb:a9:e7:68:4a:e1:c5:ba:1c:32:0e:79:40:6e:
> ef:08:d7:a3:b9:5d:1a:df:ce:1a:c7:44:91:4c:d4:
> 99:c8:88:69:b3:66:2e:b3:06:f1:f4:22:d7:f2:5f:
> ab:6d
> Exponent: 65537 (0x10001)
Finally, move the key to apk trusted keys storage:
> sudo mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/
To install nginx, run the following command:
> sudo apk add nginx@nginx
The `@nginx` tag should also be specified when installing packages with [dynamic modules](https://nginx.org/en/linux_packages.html#dynmodules):
> sudo apk add nginx-module-image-filter@nginx nginx-module-njs@nginx
#### Amazon Linux
Install the prerequisites:
> sudo yum install yum-utils
To set up the yum repository, create the file named `/etc/yum.repos.d/nginx.repo` with the following contents:
> [nginx-stable]
> name=nginx stable repo
> baseurl=http://nginx.org/packages/amzn2/$releasever/$basearch/
> gpgcheck=1
> enabled=1
> gpgkey=https://nginx.org/keys/nginx_signing.key
> module_hotfixes=true
> [nginx-mainline]
> name=nginx mainline repo
> baseurl=http://nginx.org/packages/mainline/amzn2/$releasever/$basearch/
> gpgcheck=1
> enabled=0
> gpgkey=https://nginx.org/keys/nginx_signing.key
> module_hotfixes=true
By default, the repository for stable nginx packages is used. If you would like to use mainline nginx packages, run the following command:
> sudo yum-config-manager --enable nginx-mainline
To install nginx, run the following command:
> sudo yum install nginx
When prompted to accept the GPG key, verify that the fingerprint matches `573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62`, and if so, accept it.
#### Source Packages
Packaging sources can be found in the [packaging sources repository](http://hg.nginx.org/pkg-oss).
The `default` branch holds packaging sources for the current mainline version, while `stable-*` branches contain latest sources for stable releases. To build binary packages, run `make` in `debian/` directory on Debian/Ubuntu, or in `rpm/SPECS/` on RHEL/CentOS/SLES/Amazon Linux, or in `alpine/` on Alpine.
Packaging sources are distributed under the same [2-clause BSD-like license](https://nginx.org/LICENSE) used by nginx.
#### Dynamic Modules
Main nginx package is built with all modules that do not require additional libraries to avoid extra dependencies. Since version 1.9.11, nginx supports [dynamic modules](https://nginx.org/en/docs/ngx_core_module.html#load_module) and the following modules are built as dynamic and shipped as separate packages:
> nginx-module-geoip
> nginx-module-image-filter
> nginx-module-njs
> nginx-module-perl
> nginx-module-xslt
#### Signatures
Since our [PGP keys](https://nginx.org/en/pgp_keys.html) and packages are located on the same server, they are equally trusted. It is highly advised to additionally verify the authenticity of the downloaded PGP key. PGP has the “Web of Trust” concept, when a key is signed by someone else’s key, that in turn is signed by another key and so on. It often makes possible to build a chain from an arbitrary key to someone’s key who you know and trust personally, thus verify the authenticity of the first key in a chain. This concept is described in details in [GPG Mini Howto](https://www.gnupg.org/howtos/en/GPGMiniHowto-1.html). Our keys have enough signatures, and their authenticity is relatively easy to check.

@ -0,0 +1,4 @@
title: 一些笔记
date: 2022-03-08 12:40:19
---
> 这里是一些笔记,因为大部分内容网上已经有很多人写过了,所以我就不单独开文章去写这些东西了。

@ -0,0 +1,3 @@
title: tags
date: 2022-02-23 19:52:57
---

@ -0,0 +1,9 @@
title: 传送点
cover: https://res.ciduid.top/blog/covers/cover(8).jpg
date: 2022-03-08 21:18:03
---
这里放了一些链接,只是给自己跳转方便用的...
- [lensfrex的小破站 | Trailblazer(预览版)](https://preview.ciduid.top)
- [gitea](https://git.ciduid.top)

@ -0,0 +1,31 @@
title: 传送点
password: zzzz
abstract: 喵喵喵?
message: '[守门人 - Rind]:......'
wrong_pass_message: 喵喵喵?
wrong_hash_message: temp?
date: 2022-03-08 21:18:03
---
这里放了一些链接,只是给自己跳转方便用的...
我知道前端加密用处不大...毕竟加密数据直接复制爆破密码就好了...这里只不过是防君子不防小人罢了...
不过也没什么好防的,毕竟真要搞什么事情直接端口扫描就知道有这些东西了...
说到底只是方便罢了
所以密码设得很简单
- [lensfrex的小破站 | Trailblazer](https://preview.ciduid.top)
- [Hexo admin](https://preview.ciduid.top/admin/#)
- [filebrowser](https://view-file.ciduid.top)
- [v2rayA](https://v2.ciduid.top)
- [qbittorrent web ui](https://qb.ciduid.top/qb)
- [内网穿透](https://connect.ciduid.top)
- [gitea](https://git.ciduid.top)
Loading…
Cancel
Save