nginx: 软件包 ubuntu安装nginx centos安装 nginx

支持的发行版和版本
安装说明
     RHEL/CentOS
     Debian
     Ubuntu
     SLES
     Alpine
     Amazon Linux
Source Packages
Dynamic Modules
Signatures

支持的发行版和版本

nginx 软件包可用于以下 Linux 发行版和版本:

RHEL/CentOS

版本 支持的平台
7.4+ x86_64, ppc64le, aarch64/arm64
8.x x86_64, aarch64/arm64, s390x

Debian

版本 支持的平台
10.x “buster” x86_64, i386, aarch64/arm64
11.x “bullseye” x86_64, aarch64/arm64

Ubuntu

版本 支持的平台
18.04 “bionic” x86_64, aarch64/arm64
20.04 “focal” x86_64, aarch64/arm64, s390x
21.10 “impish” x86_64, aarch64/arm64
22.04 “jammy” x86_64, aarch64/arm64

SLES

版本 支持的平台
12 SP5+ x86_64
15 SP2+ x86_64

Alpine

版本 支持的平台
3.12 x86_64, aarch64/arm64
3.13 x86_64, aarch64/arm64
3.14 x86_64, aarch64/arm64
3.15 x86_64, aarch64/arm64

Amazon Linux

版本 支持的平台
2 (LTS) x86_64, aarch64/arm64

安装说明

在新机器上首次安装 nginx 之前,您需要设置 nginx 软件包存储库。之后,您可以从存储库安装和更新 nginx.

RHEL/CentOS

安装必备组件: 

sudo yum install yum-utils

要设置 yum 存储库,请使用以下内容创建名为 /etc/yum.repos.d/nginx.repo 的文件: 

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

默认情况下,使用稳定 nginx 包的存储库。如果您想使用主线 nginx 包,请运行以下命令: 

sudo yum-config-manager --enable nginx-mainline

要安装 nginx,请运行以下命令: 

sudo yum install nginx

当提示接受 GPG 密钥时,接受它。

Debian

安装必备组件: 

sudo apt install curl gnupg2 ca-certificates lsb-release debian-archive-keyring

导入官方 nginx 签名密钥,以便 apt 可以验证包的真实性。获取密钥: 

curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
    | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null

要为稳定的 nginx 包设置 apt 存储库,请运行以下命令: 

echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/debian `lsb_release -cs` nginx" \
    | sudo tee /etc/apt/sources.list.d/nginx.list

如果您想使用主线 nginx 包,请运行以下命令: 

echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/mainline/debian `lsb_release -cs` nginx" \
    | sudo tee /etc/apt/sources.list.d/nginx.list

设置存储库固定,以优先选择我们的软件包而不是系统提供的软件包 

echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
    | sudo tee /etc/apt/preferences.d/99nginx

要安装 nginx,请运行以下命令: 

sudo apt update
sudo apt install nginx

Ubuntu

安装必备组件: 

sudo apt install curl gnupg2 ca-certificates lsb-release ubuntu-keyring

导入官方 nginx 签名密钥,以便 apt 可以验证包的真实性。获取密钥: 

curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
    | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null

要为稳定的 nginx 包设置 apt 存储库,请运行以下命令: 

echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" \
    | sudo tee /etc/apt/sources.list.d/nginx.list

如果您想使用主线 nginx 包,请运行以下命令: 

echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/mainline/ubuntu `lsb_release -cs` nginx" \
    | sudo tee /etc/apt/sources.list.d/nginx.list

设置存储库固定以更喜欢我们的包而不是系统提供的包: 

echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
    | sudo tee /etc/apt/preferences.d/99nginx

要安装 nginx,请运行以下命令: 

sudo apt update
sudo apt install nginx

SLES

安装必备组件: 

sudo zypper install curl ca-certificates gpg2

要为稳定的 nginx 包设置 zypper 存储库,请运行以下命令: 

sudo zypper addrepo --gpgcheck --type yum --refresh --check \
    'http://nginx.org/packages/sles/$releasever_major' nginx-stable

如果您想使用主线 nginx 包,请运行以下命令: 

sudo zypper addrepo --gpgcheck --type yum --refresh --check \
    'http://nginx.org/packages/mainline/sles/$releasever_major' nginx-mainline

接下来,导入官方 nginx 签名密钥,以便 zypper/rpm 可以验证包的真实性。获取密钥: 

curl -o /tmp/nginx_signing.key https://nginx.org/keys/nginx_signing.key

最后,将密钥导入 rpm 数据库: 

sudo rpmkeys --import /tmp/nginx_signing.key

要安装 nginx,请运行以下命令: 

sudo zypper install nginx

Alpine

安装必备组件: 

sudo apk add openssl curl ca-certificates

要为稳定的 nginx 包设置 apk 存储库,请运行以下命令: 

printf "%s%s%s%s\n" \
    "@nginx " \
    "http://nginx.org/packages/alpine/v" \
    `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \
    "/main" \
    | sudo tee -a /etc/apk/repositories

如果您想使用主线 nginx 包,请运行以下命令: 

printf "%s%s%s%s\n" \
    "@nginx " \
    "http://nginx.org/packages/mainline/alpine/v" \
    `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \
    "/main" \
    | sudo tee -a /etc/apk/repositories

接下来,导入官方 nginx 签名密钥,以便 apk 可以验证包的真实性。获取密钥: 

curl -o /tmp/nginx_signing.rsa.pub https://nginx.org/keys/nginx_signing.rsa.pub

验证下载的文件是否包含正确的密钥: 

openssl rsa -pubin -in /tmp/nginx_signing.rsa.pub -text -noout

输出应包含以下模数: 

Public-Key: (2048 bit)
Modulus:
    00:fe:14:f6:0a:1a:b8:86:19:fe:cd:ab:02:9f:58:
    2f:37:70:15:74:d6:06:9b:81:55:90:99:96:cc:70:
    5c:de:5b:e8:4c:b2:0c:47:5b:a8:a2:98:3d:11:b1:
    f6:7d:a0:46:df:24:23:c6:d0:24:52:67:ba:69:ab:
    9a:4a:6a:66:2c:db:e1:09:f1:0d:b2:b0:e1:47:1f:
    0a:46:ac:0d:82:f3:3c:8d:02:ce:08:43:19:d9:64:
    86:c4:4e:07:12:c0:5b:43:ba:7d:17:8a:a3:f0:3d:
    98:32:b9:75:66:f4:f0:1b:2d:94:5b:7c:1c:e6:f3:
    04:7f:dd:25:b2:82:a6:41:04:b7:50:93:94:c4:7c:
    34:7e:12:7c:bf:33:54:55:47:8c:42:94:40:8e:34:
    5f:54:04:1d:9e:8c:57:48:d4:b0:f8:e4:03:db:3f:
    68:6c:37:fa:62:14:1c:94:d6:de:f2:2b:68:29:17:
    24:6d:f7:b5:b3:18:79:fd:31:5e:7f:4c:be:c0:99:
    13:cc:e2:97:2b:dc:96:9c:9a:d0:a7:c5:77:82:67:
    c9:cb:a9:e7:68:4a:e1:c5:ba:1c:32:0e:79:40:6e:
    ef:08:d7:a3:b9:5d:1a:df:ce:1a:c7:44:91:4c:d4:
    99:c8:88:69:b3:66:2e:b3:06:f1:f4:22:d7:f2:5f:
    ab:6d
Exponent: 65537 (0x10001)

最后,将密钥移动到 apk 可信密钥存储中: 

sudo mv /tmp/nginx_signing.rsa.pub /etc/apk/keys/

要安装 nginx,请运行以下命令: 

sudo apk add nginx@nginx

在安装带有动态模块的软件包时,还应指定@nginx标记: 

sudo apk add nginx-module-image-filter@nginx nginx-module-njs@nginx

Amazon Linux

安装必备组件: 

sudo yum install yum-utils

要设置 yum 存储库,请使用以下内容创建名为/etc/yum.repos.d/nginx.repo的文件: 

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/amzn2/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/amzn2/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

默认情况下,使用稳定 nginx 包的存储库。如果您想使用主线 nginx 包,请运行以下命令: 

sudo yum-config-manager --enable nginx-mainline

要安装 nginx,请运行以下命令: 

sudo yum install nginx

当提示接受 GPG 密钥时, 接受它.

源码包

打包源可以在 打包源存储库中找到.

The default branch holds packaging sources for the current mainline version, while stable-* branches contain latest sources for stable releases. To build binary packages, run make in debian/ directory on Debian/Ubuntu, or in rpm/SPECS/ on RHEL/CentOS/SLES/Amazon Linux, or in alpine/ on Alpine.

Packaging sources are distributed under the same 2-clause BSD-like license used by nginx.

动态模块

主 nginx 包是用所有不需要额外库的模块构建的,以避免额外的依赖。从 1.9.11 版本开始,nginx 支持 动态模块 ,以下模块被构建为动态并作为单独的包提供: 

nginx-module-geoip
nginx-module-image-filter
nginx-module-njs
nginx-module-perl
nginx-module-xslt

签名

由于我们的PGP 密钥 和包位于同一台服务器上,因此它们同样受信任。强烈建议额外验证下载的 PGP 密钥的真实性。PGP 有“信任网络”的概念,当一个密钥由别人的密钥签名时,该密钥又由另一个密钥签名,依此类推。通常可以从任意密钥到您认识和信任的某人的密钥构建一个链,从而验证链中第一个密钥的真实性。这个概念在 GPG Mini Howto中有详细描述。我们的密钥有足够的签名,并且它们的真实性相对容易检查。