1

sudo yum install yum-utils

1

vim /etc/yum.repos.d/nginx.repo

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

1

sudo dnf makecache

1

sudo dnf install nginx

1

systemctl enable nginx --now

1

nginx -v

1

sudo yum remove nginx

1

sudo mkdir -p /var/www/domain-com

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

1
2

cd /etc/nginx/conf.d/
sudo mv default.conf default.conf.bak

1

sudo touch /etc/nginx/conf.d/example.com.conf

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

server {
    listen       80;
    listen       [::]:80;

    server_name example.com www.example.com;
    
    if ($host != 'example.com' && $host != 'www.example.com') {
        return 444;
    }

    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

server {
    listen       80;
    listen       [::]:80;

    server_name example.com www.example.com;
    
    if ($host != 'example.com' && $host != 'www.example.com') {
        return 444;
    }

    #access_log  /var/log/nginx/host.access.log  main;

    location /web {
        root   /opt;
        index  index.html index.htm;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

server {
    # SSL configuration
    listen                443 ssl;
    listen                [::]:443 ssl;
    http2                 on;

    server_name           www.example.com;

  	if ($host != 'www.example.com') {
    	return 444;
  	}
    
    ssl_certificate       /etc/ssl/example-com/fullchain.cer;
    ssl_certificate_key   /etc/ssl/example-com/example.com.key;
    ssl_session_timeout   60m;
    ssl_session_cache     shared:MozSSL:10m;

    # intermediate configuration
    ssl_protocols         TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
    ssl_prefer_server_ciphers on;

    # HSTS (ngx_http_headers_module is required) (31536000 seconds)
    #add_header Strict-Transport-Security "max-age=31536000" always;

    location / {
        root /usr/share/nginx/html;
        index index.html index.htm;
    }

    error_page 500 502 503 504 /50x.html;

    location = /50x.html {
        root /usr/share/nginx/html;
    }

    error_page 404 /404.html;

    location = /404.html {
        root /usr/share/nginx/html;
    }
}

server {
    listen        80;
    listen        [::]:80;

    server_name www.example.com;
    
    return 301 https://$host$request_uri;
}

1

sudo nginx -t

1

nginx -t -c /etc/nginx/nginx.conf

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

events {
  ...
}

http {
    server {
        ...
    }

    server {
        ...
    }
}

1

sudo nginx -s reload