一、背景介绍
因此,为了解决这一问题,我们可以借助于Nginx这样的高性能、高可用的HTTP和反向代理服务器软件搭建一个内部文件服务系统。通过配置Nginx以提供文件上传下载服务,所有授权的用户和系统都能在一个统一且安全的接口下进行高效便捷的文件传输,同时又不违背堡垒机环境下对权限控制的要求。这样既确保了数据的安全性,也显著提高了日常运维工作的效率。
二、搭建部署
-
下载Nginx安装包,进入nginx官网,下载一个稳定版本安装包,下载地址:https://nginx.org/en/download.html
yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel3. 编译安装,把下载好的nginx源码包上传的服务器指定目录/usr/local/pack/,解压并创建nginx存放的目录,在执行编译;
# cd /usr/local/pack/
# tar -xf nginx-1.24.0.tar.gz
# mkdir /usr/local/nginx-1.24.0
# ./configure --prefix=/usr/local/nginx-1.24.0 --with-http_stub_status_module --with-http_ssl_module
# make && make install
# ln -s /usr/local/nginx-1.24.0 /usr/local/nginx#!/bin/sh
source ~/.bash_profile
USER=root
ngxbase=/usr/local/nginx
NGINX=/usr/local/nginx/sbin/nginx
PIDFILE=/usr/local/nginx/nginx.pid
CONF=/usr/local/nginx/conf/nginx.conf
proc=`ps -ef |grep nginx |grep process|grep -v grep |wc -l`
nginx_status() {
if [ $proc -gt 0 ]; then
echo "nginx is running"
return 0
else
if [ $PIDFILE ];then rm -rf $PIDFILE; fi
echo "nginx has stopped."
return 1
fi
}
start() {
if [ $proc -gt 0 ]; then
echo "nginx is already running"
return 1
else {
echo -n 'nginx is starting...'
$NGINX -c "$CONF" -p "$ngxbase"
sleep 3
if test -s $PIDFILE; then
echo ' done.'
return 0
else
echo ' fail.'
return 1
fi
}
fi
}
stop() {
if [ -s ${PIDFILE} ]; then
if [ `ps -ef |grep nginx |grep process|grep -v grep| wc -l` -eq 0 ]; then
rm -f ${PIDFILE} 2>/dev/null
echo "nginx already stop"
else
$NGINX -c "$CONF" -p $ngxbase -s stop
echo -n 'nginx is stopping.'
sleep 2;echo -n '.'
sleep 2;echo -n '.'
if [ "$(ps -ef |grep nginx |grep master|grep -v grep)" ]; then
kill -9 $PIDFILE >/dev/null 2>&1
status="$?"
rm -f ${NGINX_PID} 2>/dev/null
fi
echo "nginx stop success"
fi
else
if [ `ps -ef |grep nginx |grep process|grep -v grep| wc -l` -eq 0 ]; then
echo "nginx already stop"
else
$NGINX -c "$CONF" -p $ngxbase -s stop
echo -n 'nginx is stopping.'
sleep 2;echo -n '.'
sleep 2;echo -n '.'
if [ "$(ps -ef |grep nginx |grep -v grep)" ]; then
kill -9 $PIDFILE >/dev/null 2>&1
status="$?"
rm -f ${NGINX_PID} 2>/dev/null
fi
echo "nginx stop success"
fi
fi
}
reload() {
if [ $proc -gt 0 ]; then
$NGINX -c "$CONF" -p "$ngxbase" -s reload
if [ $? -eq 0 ]; then
echo 'nginx reload configure... done.'
return 1
else
exit 1
fi
else
echo 'nginx has stopped.'
fi
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
status)
status="0"
nginx_status || status="$?"
exit $status
;;
*)
echo "Usage: $0 (start|stop|reload|status)"
exit 0
;;
esac
exit 0# mv /usr/local/nginx/conf/nginx/nginx.conf /usr/local/nginx/conf/nginx/nginx.conf.bk
# vi /usr/local/nginx/conf/nginx/nginx.conf
worker_processes 2;
pid /usr/local/nginx/nginx.pid;
error_log /usr/local/nginx/logs/error.log warn;
events {
worker_connections 1024;
}
http {
server_tokens off; # 隐藏版本号
include /usr/local/nginx/conf/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /usr/local/nginx/logs/access.log main;
client_body_temp_path /usr/local/nginx/conf/client_body_temp 1 2;
proxy_temp_path /usr/local/nginx/conf/proxy_temp;
fastcgi_temp_path /usr/local/nginx/conf/fastcgi_temp;
uwsgi_temp_path /usr/local/nginx/conf/uwsgi_temp;
scgi_temp_path /usr/local/nginx/conf/scgi_temp;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
gzip on;
# 启用gzip压缩的最小文件;小于设置值的文件将不会被压缩
gzip_min_length 1k;
# gzip 压缩级别 1-10
gzip_comp_level 2;
# 进行压缩的文件类型。
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
# 是否在http header中添加Vary: Accept-Encoding,建议开启
gzip_vary on;
client_max_body_size 1G;
include /usr/local/nginx/conf.d/*.conf;
}6. 添加服务实例,用于下载文件,下载目录为/usr/local/nginx/html/download;
# mkdir /usr/local/nginx/conf.d/*
# mkdir /usr/local/nginx/html/download
# vi /usr/local/nginx/conf.d/download.conf
server {
listen 8882;
server_name localhost;
location ^~ /download/ {
alias /usr/local/nginx/html/download;
if ($request_filename ~* ^.*?.(txt|doc|pdf|rar|gz|zip|docx|exe|xlsx|ppt|pptx|jpg|png)$) {
add_header Content-Disposition attachment;
add_header Content-Type application/octet-stream;
}
sendfile on; # 开启高效文件传输模式
autoindex on; # 开启目录文件列表
autoindex_exact_size on; # 显示出文件的确切大小,单位是bytes
autoindex_localtime on; # 显示的文件时间为文件的服务器时间
autoindex_format html; # 显示索引页面文件风格,默认html
limit_rate 1024k; # 限速,默认不限速
charset utf-8,gbk; # 避免中文乱码
}
}7. 启动nginx服务
# sh nginx.sh start
8. 下载功能验证,进入存放文件的目录,新建几个测试的文本,然后浏览器访问http://ip:port/download/,上面新建的测试文本就可以通过浏览器页面下载,也可以登录到终端通过wget 或curl命令就可以下载。
# cd download/
# touch {1..5}.txt
三、开启登陆认证
1. 添加认证配置 ,修改nginx配置,在location下添加认证的配置。
auth_basic "Some description";
auth_basic_user_file /usr/local/nginx/passwd; # 自定义一个绝对路径的密码文件
2. 创建认证账号,passwd默认格式为用户:密码,可以有多个
# yum install -y httpd-tools
# openssl passwd -apr1 123456
# cat /usr/local/nginx/passwd
nginx:$apr1$7KS9VvNK$2qZPNy6JKeCKWv83bpnGB/3. 重新加载配置, 并访问文件服务器的地址,此时就会出现登录认证的窗口,输入上面配置的用户密码就可以下载文件。
# sh nginx.sh reload
-
上传agent包,把zabbix-agent的一键部署包上传到nginx文件服务的下载目录。
2. 登陆到客户端,下载Agent安装包并执行安装命令,就可以一步实现agent的安装,大大提高了运维的工作效率。
curl -u nginx:nginx http://12.68.148.2:8882/download/linux_agent_new.tar -o /tmp/linux_agent_new.tar && tar -xf /tmp/linux_agent_new.tar -C /tmp/ && sh /tmp/linux_agent/agent_install.sh install
MUSIC
♬..♩~ ♫. ♪..
END
原文始发于微信公众号(Linux运维之旅):超实用!利用Nginx实现文件下载,效率翻倍
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
文章由极客之音整理,本文链接:https://www.bmabk.com/index.php/post/273693.html
