在 VMWare Player 上面安裝了 CentOS 6.4 64bits, 然後想安裝 Nginx 1.5.0, 包含 GeoIP 以及 SPDY 的功能.

確認系統版本

uname -a
cat /etc/redhat-release

前置工作

安裝必要的 packages (由於有些 repo 沒有 GeoIP package, 所以需要增加新的 repo)

yum install gcc automake make -y
yum install pcre-devel zlib-devel openssl-devel -y
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install GeoIP-devel GeoIP -y

下載與編譯 Nginx 1.5.0

wget http://nginx.org/download/nginx-1.5.0.tar.gz
tar xvzf nginx-1.5.0.tar.gz
cd nginx-1.5.0
./configure \
    --prefix=/etc/nginx \
    --sbin-path=/usr/sbin/nginx \
    --conf-path=/etc/nginx/nginx.conf \
    --error-log-path=/var/log/nginx/error.log \
    --http-log-path=/var/log/nginx/access.log \
    --pid-path=/var/run/nginx.pid \
    --lock-path=/var/run/nginx.lock \
    --http-client-body-temp-path=/var/cache/nginx/client_temp \
    --http-proxy-temp-path=/var/cache/nginx/proxy_temp \
    --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
    --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
    --http-scgi-temp-path=/var/cache/nginx/scgi_temp \
    --user=nginx \
    --group=nginx \
    --with-http_ssl_module \
    --with-http_spdy_module \
    --with-http_addition_module \
    --with-http_realip_module \
    --with-http_sub_module \
    --with-http_dav_module \
    --with-http_flv_module \
    --with-http_mp4_module \
    --with-http_gunzip_module \
    --with-http_gzip_static_module \
    --with-http_geoip_module \
    --with-http_random_index_module \
    --with-http_secure_link_module \
    --with-http_stub_status_module \
    --with-mail \
    --with-mail_ssl_module \
    --with-file-aio \
    --with-ipv6

make
sudo make install

準備 GeoIP database

cd /etc/nginx/
mkdir /etc/nginx/geoip
cd /etc/nginx/geoip/
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
gunzip GeoIP.dat.gz
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
gunzip GeoLiteCity.dat.gz

環境設定

useradd nginx
mkdir -p /var/cache/nginx/client_temp
echo /usr/sbin/nginx > /etc/rc.local

第三行是把 Nginx 加入到啟動腳本中.

再來, 修改 /etc/sysconfig/iptables, 增加一行 -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT 開放 port 80. 然後重新啟動 iptables 防火牆:

/etc/init.d/iptables restart

Nginx 設定

修改 /etc/nginx.conf, 新增以下幾行:

http {
        geoip_country /etc/nginx/geoip/GeoIP.dat;       # the country IP database
        geoip_city    /etc/nginx/geoip/GeoLiteCity.dat; # the city IP database
    
        log_format  main '$geoip_city_country_code - $geoip_city - $remote_addr - $remote_user '
                     '[$time_local] "$request" '
                     '$status $body_bytes_sent "$http_referer" '
                     '"$http_user_agent" "$http_x_forwarded_for"';
    
    access_log    /var/log/nginx/access.log  main;
    error_log     /var/log/nginx/error.log main;
    
    include /etc/nginx/proxy.conf;
        ...
}

修改 /etc/nginx/fastcgi_params:

fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
fastcgi_param GEOIP_COUNTRY_CODE3 $geoip_country_code3;
fastcgi_param GEOIP_COUNTRY_NAME $geoip_country_name;

fastcgi_param GEOIP_CITY_COUNTRY_CODE $geoip_city_country_code;
fastcgi_param GEOIP_CITY_COUNTRY_CODE3 $geoip_city_country_code3;
fastcgi_param GEOIP_CITY_COUNTRY_NAME $geoip_city_country_name;
fastcgi_param GEOIP_REGION $geoip_region;
fastcgi_param GEOIP_CITY $geoip_city;
fastcgi_param GEOIP_POSTAL_CODE $geoip_postal_code;
fastcgi_param GEOIP_CITY_CONTINENT_CODE $geoip_city_continent_code;
fastcgi_param GEOIP_LATITUDE $geoip_latitude;
fastcgi_param GEOIP_LONGITUDE $geoip_longitude;

增加 /etc/nginx/proxy.conf:

### SET GEOIP Variables ###
proxy_set_header GEOIP_COUNTRY_CODE $geoip_country_code;
proxy_set_header GEOIP_COUNTRY_CODE3 $geoip_country_code3;
proxy_set_header GEOIP_COUNTRY_NAME $geoip_country_name;

proxy_set_header GEOIP_CITY_COUNTRY_CODE $geoip_city_country_code;
proxy_set_header GEOIP_CITY_COUNTRY_CODE3 $geoip_city_country_code3;
proxy_set_header GEOIP_CITY_COUNTRY_NAME $geoip_city_country_name;
proxy_set_header GEOIP_REGION $geoip_region;
proxy_set_header GEOIP_CITY $geoip_city;
proxy_set_header GEOIP_POSTAL_CODE $geoip_postal_code;
proxy_set_header GEOIP_CITY_CONTINENT_CODE $geoip_city_continent_code;
proxy_set_header GEOIP_LATITUDE $geoip_latitude;
proxy_set_header GEOIP_LONGITUDE $geoip_longitude;

後記

有空的時候, 應該要:

  • 寫 chef cookbook 來自動化上面這些操作.
  • 測試 SPDY
  • 測試 WebSocket

References