Nginx代理Google

Nginx代理Google

下载

1.oneinstack

wget http://mirrors.linuxeye.com/oneinstack-full.tar.gz

安装oneinstack

1
2
3
tar xzf oneinstack-full.tar.gz
cd oneinstack
./install.sh #这里仅安装Nginx

下载Nginx所需模块

1
2
3
4
5
6
7
8
9
10
cd oneinstack/src
git clone https://github.com/cuber/ngx_http_google_filter_module
git clone https://github.com/yaoweibin/ngx_http_substitutions_filter_module
wget http://mirrors.linuxeye.com/oneinstack/src/pcre-8.41.tar.gz
wget http://mirrors.linuxeye.com/oneinstack/src/openssl-1.0.2j.tar.gz

#解压
tar xzf pcre-8.41.tar.gz
tar xzf openssl-1.0.2j.tar.gz
tar xzf nginx-1.12.2.tar.gz

编译安装Nginx

1
2
3
4
5
6
7
8
9
10
11
12
13
14
cd nginx-1.12.2/

./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module \
--with-http_v2_module --with-http_ssl_module --with-ipv6 --with-http_gzip_static_module \
--with-http_realip_module --with-http_flv_module --with-openssl=../openssl-1.0.2j \
--with-pcre=../pcre-8.41 --with-pcre-jit --with-ld-opt='-ljemalloc' \
--add-module=../ngx_http_google_filter_module \
--add-module=../ngx_http_substitutions_filter_module

make
mv /usr/local/nginx/sbin/nginx{,_`date +%m%d`} #备份现有nginx
cp objs/nginx /usr/local/nginx/sbin/ #更新nginx
nginx -t #检查nginx语法
service nginx restart

安装Let’s Encrypt

1
2
cd /root/oneinstack
./addons.sh #安装Let's Encrypt

添加虚拟主机

1
2
cd /root/oneinstack
./vhost.sh



修改配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
server_name fuck.happyhack.cn;
ssl_certificate /usr/local/nginx/conf/ssl/fuck.happyhack.cn.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/fuck.happyhack.cn.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_buffer_size 1400;
#add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
access_log /data/wwwlogs/fuck.happyhack.cn_nginx.log combined;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
location / {
google on;
google_scholar on;
google_language zh-CN; #zh-CN
#google_language en; #zh-CN
}
}
server {
listen 80;
server_name fuck.happyhack.cn;

rewrite ^(.*)$ https://$host$1 permanent;
}

注意坑点

在配置好nginx之后,重启失败,查看日志是

1
bind() to 0.0.0.0:80 failed (98: Address already in use)

端口被占用

1
2
3
4
5
6
7
server {
listen 80;
#添加这行
listen [::]:80 ipv6only=on default_server;
server_name fuck.happyhack.cn;
rewrite ^(.*)$ https://$host$1 permanent;
}

重启nginx还是报错。重启服务器Bingo!哈哈😄

参考链接

原作者博文