Niginx的优化（可直接运行）

##修改版本号
sed -i '/#define NGINX_VERSION/c\\    #define NGINX_VERSION  "1.1.1" ' /opt/nginx-1.18.0/src/core/nginx.h
sed -i '/#define NGINX_VER          "nginx\\/" NGINX_VERSION/c\\    #define NGINX_VER "IIS" NGINX_VERSION ' /opt/nginx-1.18.0/src/core/nginx.h
cd /opt/nginx-1.18.0/
./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module
make -j4 && make install
sed -i '/default_type  application\\/octet-stream;/a\\    server_tokens on;' /usr/local/nginx/conf/nginx.conf
systemctl restart nginx
curl -I http://192.168.92.30

##修改用户和组
sed -i '/#user  nobody;/c\\user nginx nginx;' /usr/local/nginx/conf/nginx.conf
systemctl restart nginx
ps aux | grep nginx

##缓存时间
sed -i '48 a           location ~ \\\\.(gif|jpg|jepg|png|bmp|ico)$ {\\n        root html;\\n        expires 1d;\\n    }' /usr/local/nginx/conf/nginx.conf
systemctl restart nginx

##日志切割 每天一点执行一次
touch /opt/fenge.sh
echo '
#!/bin/bash
#Filename: fenge.sh
day=$(date -d " -1 day " "+%Y%m%d")
logs_path="/var/log/nginx"
pid_path="/usr/local/nginx/logs/nginx.pid"
[ -d $logs_path ] || mkdir -p $logs_path     
mv /usr/local/nginx/logs/access.log ${logs_path}/kgc.com-access.log-$day
kill -USR1 $(cat $pid_path)
find $logs_path -mtime +30 -exec rm -rf {} \\; ' > /opt/fenge.sh

chmod +x /opt/fenge.sh
/opt/fenge.sh
ls /var/log/nginx
ls /usr/local/nginx/logs/access.log 
echo "0 1 * * * /opt/fenge.sh" >> /etc/crontab
/bin/systemctl restart crond.service

##连接超时
sed -i '/keepalive_timeout  65;/c\\    keepalive_timeout 65 60;\\n    client_header_timeout 80;\\n    client_body_timeout 80; ' /usr/local/nginx/conf/nginx.conf
systemctl restart nginx

##更改进程数（进程与CPU绑定）
sed -i  '/worker_processes/c\\worker_processes  auto;\\nworker_cpu_affinity 0001 0010 0100 1000;'  /usr/local/nginx/conf/nginx.conf
systemctl restart nginx
##配置网页压缩    
sed -i  '/#gzip  on;/c\\gzip on;    \\ngzip_min_length 1k;\\ngzip_buffers 4 64k;\\ngzip_http_version 1.1;\\ngzip_comp_level 6;\\ngzip_vary on;\\ngzip_types text/plain text/javascript application/x-javascript text/css text/xml application/xml application/xml+rss image/jpg image/jpeg image/png image/gif application/x-httpd-php application/javascript application/json;'  /usr/local/nginx/conf/nginx.conf

##防盗链
sed -i '/#access_log  logs\\/host.access.log  main;/a\\\\tlocation ~* \\\\.(jpg|gif|swf)$ {\\n\\t\\tvalid_referers none blocked *.kgc.com kgc.com;\\n\\t\\tif ( $invalid_referer ) {\\n\\t\\t\\trewrite ^/ http://www.kgc.com/error.png;\\n\\t\\t\\t#return 403;\\n\\t\\t\\t}\\n\\t}'  /usr/local/nginx/conf/nginx.conf

##fpm参数优化
sed -i '/pm.max_children=/c\\pm.max_children=20' /usr/local/php/etc/php-fpm.d/www.conf
sed -i '/pm.start_servers =/c\\pm.start_servers = 5' /usr/local/php/etc/php-fpm.d/www.conf
sed -i '/pm.min_spare_servers =/c\\pm.min_spare_servers = 2' /usr/local/php/etc/php-fpm.d/www.conf
sed -i '/pm.max_spare_servers =/c\\pm.max_spare_servers = 8' /usr/local/php/etc/php-fpm.d/www.conf

systemctl restart php
kill -USR2 `cat /usr/local/php/var/run/php-fpm.pid`
netstat -anpt | grep 9000

##内核优化
sed -i '/#<domain>      <type>  <item>         <value>/a\\*              soft      nofile         65536\\n*              soft      nproc         32000\\n*              soft      memlock    unlimited' /etc/security/limits.conf
echo "net.ipv4. tcp_tw_reuse = 1
net.ipv4. tcp_ tw_ recycle = 1
net.ipv4. tcp_ timestamps = 1" >> /etc/sysctl.conf