How To Install LEMP Stack on Ubuntu 18.04

This will install a LEMP stack on Ubuntu 18.04 but with no SSL certificate (local developement). To add a LetsEncrypt certificate on a development server, see here

1. Update Software

$ sudo apt update
$ sudo apt upgrade

2. Install Nginx

$ sudo apt install nginx

Enable Nginx to auto start when Ubuntu is booted by running:

$ sudo systemctl enable nginx

Start Nginx with this command:

$ sudo systemctl start nginx

Check status:

$ systemctl status nginx

output should be similar to:

● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: en
   Active: active (running) since Mon 2018-08-13 11:39:05 UTC; 1min 27s ago
     Docs: man:nginx(8)
 Main PID: 4979 (nginx)
    Tasks: 2 (limit: 507)
   CGroup: /system.slice/nginx.service
           ├─4979 nginx: master process /usr/sbin/nginx -g daemon on; master_pro
           └─4983 nginx: worker process

Press the letter “q” to quit.

To check Nginx version:

$ nginx -v

output:

nginx version: nginx/1.14.0 (Ubuntu)

Now type in the public IP address of your Ubuntu 18.04 server in the browser address bar. You should see the “Welcome to Nginx” Web page, which means Nginx Web server is running properly. If you are installing LEMP on your local Ubuntu 18.04 computer, then type 127.0.0.1 or localhost in the browser address bar. Note: when using an IPv6 address place the entire address inside square brackets, e.g. [xxxx:xxxx:x:xxxx:xxxx:xxxx:xxxx:xxxx]

3. Install MariaDB

$ sudo apt install mariadb-server mariadb-client

Check status:

$ systemctl status mariadb

output should be similar to:

● mariadb.service - MariaDB 10.1.34 database server
   Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset:
   Active: active (running) since Mon 2018-08-13 11:50:06 UTC; 2min 2s ago
     Docs: man:mysqld(8)
           https://mariadb.com/kb/en/library/systemd/
 Main PID: 6294 (mysqld)
   Status: "Taking your SQL requests now..."
    Tasks: 27 (limit: 507)
   CGroup: /system.slice/mariadb.service
           └─6294 /usr/sbin/mysqld

Press the letter “q” to quit.

If it’s not running, start it with this command:

$ sudo systemctl start mariadb

To enable MariaDB to automatically start at boot time, run:

$ sudo systemctl enable mariadb

Now run the post installation security script.

$ sudo mysql_secure_installation

Since you just installed mariadb there will be no password set yet so when asked for current root password just hit the “Enter” key. Then it will ask if you would like to set a root password. Press the letter ‘y’ and enter a secure password. You can press the “Enter” key to all of the following prompts (defaults to ‘y’) to secure the installation.

By default, the MaraiDB package on Ubuntu uses unix_socket to authenticate user login, which basically means you can use username and password of the OS to log into MariaDB console. So you can run the following command to login without providing MariaDB root password.

$ sudo mariadb -u root

To exit, run:

exit;

Check MariaDB server version information.

$ mariadb --version

output:

mariadb  Ver 15.1 Distrib 10.1.34-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2

4. Install PHP7.2

$ sudo apt install php7.2 php7.2-fpm php7.2-mysql php-common php7.2-cli php7.2-common php7.2-json php7.2-opcache php7.2-readline php7.2-mbstring php7.2-xml php7.2-gd php7.2-curl

Start php7.2-fpm:

$ sudo systemctl start php7.2-fpm

Enable auto-start at boot time:

$ sudo systemctl enable php7.2-fpm

Check status:

$ systemctl status php7.2-fpm

output:

● php7.2-fpm.service - The PHP 7.2 FastCGI Process Manager
   Loaded: loaded (/lib/systemd/system/php7.2-fpm.service; enabled; vendor prese
   Active: active (running) since Mon 2018-08-13 12:04:08 UTC; 1min 39s ago
     Docs: man:php-fpm7.2(8)
 Main PID: 16512 (php-fpm7.2)
   Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/se
    Tasks: 3 (limit: 507)
   CGroup: /system.slice/php7.2-fpm.service
           ├─16512 php-fpm: master process (/etc/php/7.2/fpm/php-fpm.conf)
           ├─16525 php-fpm: pool www
           └─16526 php-fpm: pool www

Press the letter “q” to quit.

5. Create Nginx Server Block

Remove the default symlink in sites-enabled directory by running the following command:

$ sudo rm /etc/nginx/sites-enabled/default

Remove the default server block:

$ sudo rm /etc/nginx/sites-available/default

Create a brand new server block file under /etc/nginx/sites-available/ directory.

$ sudo nano /etc/nginx/sites-available/default

Paste the following text into the file. The following snippet will make Nginx listen on IPv4 port 80 and IPv6 port 80 with a catch-all server name.

server {
	listen 80 default_server;
	listen [::]:80 default_server;

	# SSL configuration
	#
	# listen 443 ssl default_server;
	# listen [::]:443 ssl default_server;
	#
	# Note: You should disable gzip for SSL traffic.
	# See: https://bugs.debian.org/773332
	#
	# Read up on ssl_ciphers to ensure a secure configuration.
	# See: https://bugs.debian.org/765782
	#
	# Self signed certs generated by the ssl-cert package
	# Don't use them in a production server!
	#
	# include snippets/snakeoil.conf;

	root /var/www/html;

	index index.php index.html index.htm index.nginx-debian.html;

	server_name _;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ =404;
	}

	location ~ \.php$ {
		fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		include fastcgi_params;
		include snippets/fastcgi-php.conf;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	location ~ /\.ht {
		deny all;
	}
}

Ctrl+x to exit, then ‘y’ to save and close. Create a link to site-enabled:

$ sudo ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default

Then test Nginx configurations.

$ sudo nginx -t

If the test is successful, reload Nginx.

$ sudo systemctl reload nginx

6. Test PHP

Create a info.php file in the document root directory.

$ sudo nano /var/www/html/info.php

Paste the following PHP code into the file:

<?php phpinfo(); ?>

Ctrl+x to exit, then ‘y’ to save and close. Now in the browser address bar, enter server-ip-address/info.php. Replace sever-ip-address with your actual IP. If you follow this tutorial on your local computer, then type 127.0.0.1/info.php or localhost/info.php. If usig an IPv6 address, type the entire url like (include the square brackets): [xxxx:xxxx:x:xxxx:xxxx:xxxx:xxxx:xxxx]/info.php

You should see your server’s PHP information. This means PHP scripts can run properly with Nginx web server.

For your server’s security, you should delete info.php file now to prevent hacker seeing it.

$ sudo rm /var/www/html/info.php

7. (Optional) Install PhpMyAdmin

$ sudo apt update
$ sudo apt install phpmyadmin

During the installation, it will prompt you to select a web server to configure. Nginx isn’t in the list, so press the Tab key and hit OK to skip this step.

Select ‘No’ by pressing the Tab key and then “Enter” when you see the prompt below (since we already installed MariaDB):

Configure database for phpmyadmin with dbconfig-common?

Next, update the default Nginx server block

$ sudo nano /etc/nginx/sites-available/default

find the block of code below:

location ~ \.php$ {
		fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		include fastcgi_params;
		include snippets/fastcgi-php.conf;
	}

and add the code below after the block above:

# Phpmyadmin Configurations
    location /phpmyadmin {
       root /usr/share/;
       index index.php index.html index.htm;
       location ~ ^/phpmyadmin/(.+\.php)$ {
               try_files $uri =404;
               root /usr/share/;
               #fastcgi_pass 127.0.0.1:9000;
               #fastcgi_param HTTPS on; # <-- add this line
               fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
               fastcgi_index index.php;
               fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
               include fastcgi_params;
       }
       location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
               root /usr/share/;
       }
   }

   # Dealing with the uppercased letters
   location /phpMyAdmin {
       rewrite ^/* /phpmyadmin last;
   }

then reload nginx:

$ sudo systemctl reload nginx

Now you can access phpmyadmin at http://127.0.0.1/phpmyadmin using the username ‘root’ and the password you created when installing mariadb. If usig an IPv6 address, type the entire url like (include the square brackets): http://[xxxx:xxxx:x:xxxx:xxxx:xxxx:xxxx:xxxx]/phpmyadmin

REFERENCES

https://www.linuxbabe.com/ubuntu/install-lemp-stack-nginx-mariadb-php7-2-ubuntu-18-04-lts
https://www.linuxbabe.com/ubuntu/install-phpmyadmin-nginx-lemp-ubuntu-18-04-lts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.