Tech News

How To Set Up LEMP Stack (Linux, Enginx, MariaDB, PHP) on Ubuntu 19.10


The LEMP software stack is a group of software that can be used to serve dynamic web pages and web applications. This is an acronym that describes a Linux operating system, with an Nginx (pronounced like “Engine-X”) web server. The backend data is stored in the MariaDB database and the dynamic processing is handled by PHP.

This tutorial demonstrates how to install a LEMP stack on an Ubuntu 19.10 server. The Ubuntu operating system takes care of the first requirement. We will describe how to get the rest of the components up and running.

Prerequisites

Before you begin this guide, you should have a regular, non-root user account on your Ubuntu 19.10 server with sudo privileges.

Installing the Nginx Web Server

Since this is our first time using apt for this session, start off by updating your server’s package index. Following that, install the server:

sudo apt updatesudo apt install -y nginx

On Ubuntu 19.10, Nginx is configured to start running upon installation.

If you have the ufw firewall running, you will need to allow connections to Nginx. Nginx registers itself with ufw upon installation, so the procedure is rather straightforward.

It is recommended that you enable the most restrictive profile that will still allow the traffic you want. Since you haven't configured SSL for your server in this guide, you will only need to allow traffic on port 80.

Enable this by typing:

sudo ufw allow 'Nginx HTTP'
sudo ufw allow 'OpenSSH'

sudo ufw enable
sudo ufw status

Output
Status: active

To                         Action      From
--                         ------      ----     
Nginx HTTP                 ALLOW       Anywhere                 
OpenSSH                    ALLOW       Anywhere                           
Nginx HTTP (v6)            ALLOW       Anywhere (v6)            
OpenSSH (v6)               ALLOW       Anywhere (v6)

sudo systemctl enable nginx
sudo systemctl restart nginx

Installing MariaDB

MariaDB is a database management system. Basically, it will organize and provide access to databases where your website or app can store information.

Again, use apt to acquire and install this software:

sudo apt install -y mariadb-server

Securing MariaDB

When the installation is complete, run a simple security script that comes pre-installed with MariaDB which will remove some dangerous defaults and lock down access to your database system. Start the interactive script by running:

sudo mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n
... skipping.

By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

At this point, your database system is now set up and you can move on to installing PHP.

Installing PHP

Since Nginx does not contain native PHP processing like some other web servers, you will need to install php-fpm, which stands for "fastCGI process manager". We will tell Nginx to pass PHP requests to this software for processing.

Install the php-fpm module along with an additional helper package, php-mysql, which will allow PHP to communicate with your database backend. The installation will pull in the necessary PHP core files. Do this by typing:

sudo apt install -y php-fpm php-mysql

You now have all of the required LEMP stack components installed, but you still need to make a few configuration changes in order to tell Nginx to use the PHP processor for dynamic content.

Now open a new server block configuration file within the /etc/nginx/sites-available/ directory. In this example, the new server block configuration file is named sample.com, although you can name yours whatever you’d like:

sudo nano /etc/nginx/sites-available/sample.com

Add the following content, which was taken and slightly modified from the default server block configuration file, to your new server block configuration file:

server {
        listen 80;
        root /var/www/html;
        index index.php index.html index.htm index.nginx-debian.html;
        server_name sample.com;

        location / {
                try_files $uri $uri/ =404;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        }

        location ~ /\.ht {
                deny all;
        }
}

After adding this content, save and close the file. Enable your new server block by creating a symbolic link from your new server block configuration file (in the /etc/nginx/sites-available/ directory) to the /etc/nginx/sites-enabled/ directory:

sudo ln -s /etc/nginx/sites-available/sample.com /etc/nginx/sites-enabled/

Then, unlink the default configuration file from the /sites-enabled/ directory:

sudo unlink /etc/nginx/sites-enabled/default

Test your new configuration file for syntax errors by typing:

sudo nginx -t

Output
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

If any errors are reported, go back and recheck your file before continuing.

When you are ready, reload Nginx to make the necessary changes:

sudo systemctl reload nginx

Creating a PHP File to Test Configuration

To do this, use your text editor to create a test PHP file called info.php in your document root:

sudo nano /var/www/html/info.php

Enter the following lines into the new file. This is valid PHP code that will return information about your server:

<?php
phpinfo();
?>

When you are finished, save and close the file.

Now, you can visit this page in your web browser by visiting your server's domain name or IP address followed by /info.php:

http://your_server_domain_or_IP/info.php


You should see a web page that has been generated by PHP with information about your server:

If you see a page that looks like this, you've set up PHP processing with Nginx successfully.


Wrapping up
A LEMP stack is a powerful platform that will allow you to set up and serve nearly any website or application from your server.

No comments

Comments with links will not be published.