Centos系统yum安装的nginx如果何止GeoIP2模块
前期步骤
nginx本身是没有GeoIP2的模块的需要对nginx进行重新编译才能使用
查看nginx模块的详细信息
nginx -V
仔细查看模块
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments:
--prefix=/usr/share/nginx
--sbin-path=/usr/sbin/nginx
--modules-path=/usr/lib64/nginx/modules
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log
--http-client-body-temp-path=/var/lib/nginx/tmp/client_body
--http-proxy-temp-path=/var/lib/nginx/tmp/proxy
--http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi
--http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi
--http-scgi-temp-path=/var/lib/nginx/tmp/scgi
--pid-path=/run/nginx.pid
--lock-path=/run/lock/subsys/nginx
--user=nginx
--group=nginx
--with-file-aio
--with-ipv6
--with-http_auth_request_module
--with-http_ssl_module
--with-http_v2_module
--with-http_realip_module
--with-http_addition_module
--with-http_xslt_module=dynamic
--with-http_image_filter_module=dynamic
--with-http_geoip_module=dynamic
--with-http_sub_module
--with-http_dav_module
--with-http_flv_module
--with-http_mp4_module
--with-http_gunzip_module
--with-http_gzip_static_module
--with-http_random_index_module
--with-http_secure_link_module
--with-http_degradation_module
--with-http_slice_module
--with-http_stub_status_module
--with-http_perl_module=dynamic
--with-mail=dynamic
--with-mail_ssl_module
--with-pcre
--with-pcre-jit
--with-stream=dynamic
--with-stream_ssl_module
--with-google_perftools_module
--with-debug
--with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong
--param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic'
--with-ld-opt='-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E'
安装依赖
yum install -y wget perl-ExtUtils-Embed readline-devel zlib-devel pam-devel libxml2-devel libxslt-devel gd-devel GeoIP-devel autoconf-2.69-11.el7.noarch gcc libxml2 libxml2-dev openldap-devel python-devel gcc-c++ openssl-devel cmakepcre-develnanowget gcc gcc-c++ ncurses-devel perl pcre-devel libtool libsysfs automake openssl openssl-devel redhat-rpm-config.noarch unzip libmaxminddb libunwind.x86_64 -y
下载国家及城市数据
数据文件是.mmdb的文件,安装ngx_http_geoip2_module的依赖库libmaxminddb,libmaxminddb已经在yum安装依赖时安装,文章最后会在附录中拥有编译安装的方式
wget https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz
wget https://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz
mkdir /etc/nginx/GeoIP2/
tar xvf GeoLite2-City.tar.gz -C /etc/nginx/GeoIP2/
tar xvf GeoLite2-Country.tar.gz -C /etc/nginx/GeoIP2/
mv /etc/nginx/GeoIP2/GeoLite2-City*/ /etc/nginx/GeoIP2/GeoLite2-City/
mv /etc/nginx/GeoIP2/GeoLite2-Country*/ /etc/nginx/GeoIP2/GeoLite2-Country/
验证数据文件
mmdblookup --file /etc/nginx/GeoIP2/GeoLite2-City/GeoLite2-City.mmdb --ip 8.8.8.8
{
"continent":
{
"code":
"NA" <utf8_string>
"geoname_id":
6255149 <uint32>
"names":
{
"de":
"Nordamerika" <utf8_string>
"en":
"North America" <utf8_string>
"es":
"Norteamérica" <utf8_string>
"fr":
"Amérique du Nord" <utf8_string>
"ja":
"北アメリカ" <utf8_string>
"pt-BR":
"América do Norte" <utf8_string>
"ru":
"Северная Америка" <utf8_string>
"zh-CN":
"北美洲" <utf8_string>
}
}
"country":
{
"geoname_id":
6252001 <uint32>
"iso_code":
"US" <utf8_string>
"names":
{
"de":
"USA" <utf8_string>
"en":
"United States" <utf8_string>
"es":
"Estados Unidos" <utf8_string>
"fr":
"États-Unis" <utf8_string>
"ja":
"アメリカ合衆国" <utf8_string>
"pt-BR":
"Estados Unidos" <utf8_string>
"ru":
"США" <utf8_string>
"zh-CN":
"美国" <utf8_string>
}
}
"location":
{
"accuracy_radius":
1000 <uint16>
"latitude":
37.751000 <double>
"longitude":
-97.822000 <double>
"time_zone":
"America/Chicago" <utf8_string>
}
"registered_country":
{
"geoname_id":
6252001 <uint32>
"iso_code":
"US" <utf8_string>
"names":
{
"de":
"USA" <utf8_string>
"en":
"United States" <utf8_string>
"es":
"Estados Unidos" <utf8_string>
"fr":
"États-Unis" <utf8_string>
"ja":
"アメリカ合衆国" <utf8_string>
"pt-BR":
"Estados Unidos" <utf8_string>
"ru":
"США" <utf8_string>
"zh-CN":
"美国" <utf8_string>
}
}
}
下载geoip2模块的代码
此代码参与nginx的编译
wget https://github.com/leev/ngx_http_geoip2_module/archive/master.zip
unzip master
mv ngx_http_geoip2_module-master /usr/local/src/ngx_http_geoip2_module
》
编译nginx需要 google-pertools进行辅助
安装google-pertools前需要安装libunwind,libuwinde已经在yum安装依赖时安装,文章最后会在附录中拥有编译安装的方式
安装google-pertools
wget -c -O gperftools-2.4.tar.gz https://github.com/gperftools/gperftools/releases/download/gperftools-2.4/gperftools-2.4.tar.gz
tar xvf gperftools-2.4.tar.gz
cd gperftools-2.4
./configure
make check
make install
下载nginx代码
wget http://nginx.org/download/nginx-1.12.2.tar.gz
tar xvf nginx-1.12.2.tar.gz
cd nginx-1.12.2
编译nginx代码
- 生成Markfile文件
./configure \
--prefix=/usr/share/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib64/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--http-client-body-temp-path=/var/lib/nginx/tmp/client_body \
--http-proxy-temp-path=/var/lib/nginx/tmp/proxy \
--http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi \
--http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi \
--http-scgi-temp-path=/var/lib/nginx/tmp/scgi \
--pid-path=/run/nginx.pid \
--lock-path=/run/lock/subsys/nginx \
--user=nginx \
--group=nginx \
--with-ipv6 \
--with-http_auth_request_module \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_sub_module \
--with-file-aio \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_degradation_module \
--with-http_slice_module \
--with-http_stub_status_module \
--with-http_perl_module=dynamic \
--with-mail=dynamic \
--with-mail_ssl_module \
--with-pcre \
--with-pcre-jit \
--with-stream \
--with-stream_ssl_module \
--with-http_geoip_module=dynamic \
--add-module=/usr/local/src/ngx_http_geoip2_module \ #源代码不懂加入此行
--with-debug \
--with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic' \
--with-ld-opt='-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E'
- 编译
make
加载动态链接库否则nginx 会报错
echo "/usr/local/lib" >> /etc/ld.so.conf
ldconfig
编译好后执行编译出的nginx二进制文件,进行验证
nginx -t
验证如果没有问题将nginx的二进制文件复制到/usr/sbin/即可,切记备份源文件
配置nginx配置文件
我们队GeoIP2的目的是输出到日志中
vim /etc/nginx/nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
geoip2 /etc/nginx/GeoIP/GeoLite2-Country.mmdb{
$geoip2_data_country_code country iso_code ;
$geoip2_data_country_name source=$http_x_forwarded_for default=中国 country names zh-CN;
}
geoip2 /etc/nginx/GeoIP/GeoLite2-City.mmdb{
$geoip2_data_city_name source=$http_x_forwarded_for default=北京 city names zh-CN;
}
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main escape=json '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" '
'$request_time '
'"$geoip2_data_country_name" "$geoip2_data_city_name" ';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
查看日志结果
192.168.138.0 - [05/Jun/2019:11:14:59 +0000] "GET / HTTP/1.1" 304 0 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWe
bKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 0.000 "中国" "北京"
192.168.138.0 - [05/Jun/2019:11:20:09 +0000] "GET / HTTP/1.1" 304 0 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWe
bKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 0.000 "中国" "北京"
192.168.138.0 - [05/Jun/2019:11:20:16 +0000] "GET / HTTP/1.1" 304 0 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWe
bKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 0.000 "中国" "北京"
192.168.138.0 - [05/Jun/2019:11:20:27 +0000] "GET / HTTP/1.1" 304 0 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWe
bKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 0.000 "中国" "北京"
192.168.138.0 - [05/Jun/2019:11:20:28 +0000] "GET / HTTP/1.1" 304 0 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWe
bKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 0.000 "中国" "北京"
192.168.138.0 - [05/Jun/2019:11:20:29 +0000] "GET / HTTP/1.1" 304 0 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWe
bKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 0.000 "中国" "北京"
192.168.138.0 - [05/Jun/2019:11:20:29 +0000] "GET / HTTP/1.1" 304 0 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWe
bKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 0.000 "中国" "北京"
192.168.138.0 - [05/Jun/2019:11:20:29 +0000] "GET / HTTP/1.1" 304 0 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWe
bKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 0.000 "中国" "北京"