Nginx/ja

nginx は強固で小さく高性能なウェブサーバ / リバースプロキシサーバです. Apache や lighttpd と同様に支持されているウェブサーバとして良い選択肢です.

インストール
パッケージのインストールを始める前に、まずはNginx向けの適切なUSEフラグを設定します.

Expanded USE flags
Nginx uses modules to enhance its features. To simplify the maintenance of this modular approach, the nginx ebuild uses expanded USE ( USE_EXPAND ) flags to denote which modules should be installed.


 * HTTP related modules can be enabled through the NGINX_MODULES_HTTP variable
 * Mail related modules can be enabled through the NGINX_MODULES_MAIL variable
 * Third party modules can be enabled through the NGINX_ADD_MODULES variable

These variables need to be set in. Their descriptions can be found in and.

例えば、 モジュールを有効にするには:

The above will overwrite the default value of NGINX_MODULES_HTTP and set it to. To enable the  module without overwriting the default NGINX_MODULES_HTTP value, the following USE flag notation can be specified in :

Emerge
With the USE flags set, install :

Installation verification
The default nginx configuration defines a virtual server with the root directory set to. However due to, the nginx ebuild will only create the directory and without an index file. To have a working default configuration, create the directory and and simple index file:

nginxパッケージはinitサービススクリプトをインストールし、それを使ってシステム管理者はnginxを停止、起動、及び再起動することができます. nginxサービスを起動するには次のコマンドを実行します:

To verify that nginx is properly running, point a web browser to the http://localhost address or use a command-line web tool like :

設定
nginxの設定はファイルを通して行います.

単一サイト利用
以下は、(PHPのような)ダイナミック生成を用いない単一サイト利用の例です.

複数サイト利用
複数のファイルに設定を分割する為、 ディレクティブを利用することが可能です:

PHP サポート
PHPサポートを有効化する為には、次の行をnginxの設定ファイルに追加してください. この例ではnginxとPHPプロセスはUNIXソケットを介して情報を交換します.

To support this setup, PHP needs to be built with FastCGI Process Manager support, which is handled through the  USE flag:

USEフラグを有効にして PHP を再ビルドします:

Review the configuration and add following line:

Set the timezone in the php-fpm file. Substitute the  text in the FileBox below with the appropriate timezone information:

Start the daemon:

Add to the default runlevel:

Reload with changed configuration:

IP アドレスのアクセスリスト
The next example shows how to allow access to a particular URL (in this case ) only to:


 * certain hosts (e.g. 192.0.2.1 127.0.0.1)
 * and IP networks (e.g. 198.51.100.0/24)

ベーシック認証
nginx allows limiting access to resources by validating the user name and password:

The file can be generated using:

TLS サポート
It is warmly suggested to support only TLS and disable known insecure ciphers.

The ebuild provides stock self signed certificates in

Forward secrecy
The diffie-hellman certificate can be created using :

サードパーティー製モジュール
Download third party module source and move it to. Manually compile the selected Nginx module, then add the following line to :

Rebuild nginx with the third party module enabled:

OpenRC
Start nginx:

nginx の停止:

Add nginx to the default runlevel:

Restart the nginx service:

トラブルシューティング
In case of problems, the following commands can help troubleshoot the situation.

Validate configuration
Verify that the running nginx configuration has no errors:

By running with the   option, it will validate the configuration file without actually starting the  daemon.

Verify processes are running
Check if processes are running:

Verify bound addresses and ports
Verify nginx daemon is listening on the right TCP port (such as 80 for HTTP or 443 for HTTPS):

参考

 * Apache - インターネット上で最も多く使われている HTTP サーバー
 * Lighttpd - 高速かつ軽量なウェブサーバー

外部の情報

 * http://nginx.org/en/docs/beginners_guide.html - A beginner's guide. Helpful for those who do not know much about.
 * http://nginx.com/resources/admin-guide/ - The administration guide. Helpful for web administrators who have been working in the field.
 * http://wiki.nginx.org/Main - The nginx wiki.
 * https://github.com/h5bp/server-configs-nginx - H5BP nginx config.