This will install a LEMP stack on Ubuntu 18.04 but with no SSL certificate (local developement). To add a LetsEncrypt certificate on a development server, see here
1. Update Software
$ sudo apt update
$ sudo apt upgrade2. Install Nginx
$ sudo apt install nginxEnable Nginx to auto start when Ubuntu is booted by running:
$ sudo systemctl enable nginxStart Nginx with this command:
$ sudo systemctl start nginxCheck status:
$ systemctl status nginxoutput should be similar to:
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: en
Active: active (running) since Mon 2018-08-13 11:39:05 UTC; 1min 27s ago
Docs: man:nginx(8)
Main PID: 4979 (nginx)
Tasks: 2 (limit: 507)
CGroup: /system.slice/nginx.service
├─4979 nginx: master process /usr/sbin/nginx -g daemon on; master_pro
└─4983 nginx: worker processPress the letter “q” to quit.
To check Nginx version:
$ nginx -voutput:
nginx version: nginx/1.14.0 (Ubuntu)Now type in the public IP address of your Ubuntu 18.04 server in the browser address bar. You should see the “Welcome to Nginx” Web page, which means Nginx Web server is running properly. If you are installing LEMP on your local Ubuntu 18.04 computer, then type 127.0.0.1 or localhost in the browser address bar. Note: when using an IPv6 address place the entire address inside square brackets, e.g. [xxxx:xxxx:x:xxxx:xxxx:xxxx:xxxx:xxxx]
3. Install MariaDB
This will install MariaDB 10.4 (the latest stable version as of this writing). To update or change the MariaDB repository download location, see How to Install / Upgrade To MariaDB 10.4 on Ubuntu 18.04 / 20.04
$ sudo apt-get install software-properties-common
$ sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
$ sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.4/ubuntu focal main'Once the key is imported and the repository added you can install MariaDB 10.4 from the MariaDB repository with:
$ sudo apt update
$ sudo apt install mariadb-server mariadb-clientCheck status:
$ systemctl status mariadboutput should be similar to:
● mariadb.service - MariaDB 10.4.13 database server
Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/mariadb.service.d
└─migrated-from-my.cnf-settings.conf
Active: active (running) since Sat 2020-06-06 15:40:47 UTC; 18s ago
Docs: man:mysqld(8)
https://mariadb.com/kb/en/library/systemd/
Main PID: 30666 (mysqld)
Status: "Taking your SQL requests now..."
Tasks: 31 (limit: 1152)
CGroup: /system.slice/mariadb.service
└─30666 /usr/sbin/mysqldPress the letter “q” to quit.
If it’s not running, start it with this command:
$ sudo systemctl start mariadbTo enable MariaDB to automatically start at boot time, run:
$ sudo systemctl enable mariadbNow run the post installation security script.
$ sudo mysql_secure_installationSince you just installed mariadb there will be no password set yet so when asked for current root password just hit the “Enter” key. Then it will ask if you would like to set a root password. Press the letter ‘y' and enter a secure password. You can press the “Enter” key to all of the following prompts (defaults to ‘y') to secure the installation.
By default, the MaraiDB package on Ubuntu uses unix_socket to authenticate user login, which basically means you can use username and password of the OS to log into MariaDB console. So you can run the following command to login without providing MariaDB root password.
$ sudo mariadb -u rootTo exit, run:
exit;Check MariaDB server version information.
$ mariadb --versionoutput:
mariadb Ver 15.1 Distrib 10.1.34-MariaDB, for debian-linux-gnu (x86_64) using readline 5.24. Install PHP7.4
Add PPA
$ sudo add-apt-repository ppa:ondrej/php
$ sudo apt updateInstall PHP7.4
$ sudo apt install php7.4-fpm php7.4-common php7.4-mysql php7.4-xml php7.4-xmlrpc php7.4-curl php7.4-gd php7.4-imagick php7.4-cli php7.4-dev php7.4-imap php7.4-mbstring php7.4-opcache php7.4-soap php7.4-zip php7.4-intl php7.4-json php7.4-readline -yStart php7.4-fpm:
$ sudo systemctl start php7.4-fpmEnable auto-start at boot time:
$ sudo systemctl enable php7.4-fpmCheck status:
$ systemctl status php7.4-fpmoutput:
php7.4-fpm.service - The PHP 7.4 FastCGI Process Manager
Loaded: loaded (/lib/systemd/system/php7.4-fpm.service; enabled; vendor prese
Active: active (running) since Sat 2020-06-06 13:53:20 UTC; 1min 2s ago
Docs: man:php-fpm7.4(8)
Main PID: 26629 (php-fpm7.4)
Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/se
Tasks: 3 (limit: 1152)
CGroup: /system.slice/php7.4-fpm.service
├─26629 php-fpm: master process (/etc/php/7.4/fpm/php-fpm.conf)
├─26648 php-fpm: pool www
└─26649 php-fpm: pool wwwPress the letter “q” to quit.
Update config files
$ sudo nano /etc/php/7.4/fpm/pool.d/www.confFind the lines below:
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmpand delete the semi-colons so that it looks like this:
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmpCtrl+x to exit, then ‘Y' to save and exit.
Then, open the file located at /etc/php/7.4/fpm/php.ini:
$ sudo nano /etc/php/7.4/fpm/php.inifind (Ctrl+w) and change the following to your desired settings:
max_execution_time = 300
memory_limit = 512M
post_max_size = 100M
upload_max_filesize = 100Mand find the line:
;cgi.fix_pathinfo=1and delete the semicolon and set to 0:
cgi.fix_pathinfo=0Ctrl+x to exit, then ‘Y' to save and exit.
Restart PHP:
$ sudo systemctl restart php7.4-fpm5. Create Nginx Server Block
Remove the default symlink in sites-enabled directory by running the following command:
$ sudo rm /etc/nginx/sites-enabled/defaultRemove the default server block:
$ sudo rm /etc/nginx/sites-available/defaultCreate a brand new server block file under /etc/nginx/sites-available/ directory.
$ sudo nano /etc/nginx/sites-available/defaultPaste the following text into the file. The following snippet will make Nginx listen on IPv4 port 80 and IPv6 port 80 with a catch-all server name.
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}Ctrl+x to exit, then ‘y' to save and close. Create a link to site-enabled:
$ sudo ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/defaultThen test Nginx configurations.
$ sudo nginx -tIf the test is successful, reload Nginx.
$ sudo systemctl reload nginx6. Test PHP
Create a info.php file in the document root directory.
$ sudo nano /var/www/html/info.phpPaste the following PHP code into the file:
<?php phpinfo(); ?>Ctrl+x to exit, then ‘y' to save and close. Now in the browser address bar, enter server-ip-address/info.php. Replace sever-ip-address with your actual IP. If you follow this tutorial on your local computer, then type 127.0.0.1/info.php or localhost/info.php. If usig an IPv6 address, type the entire url like (include the square brackets): [xxxx:xxxx:x:xxxx:xxxx:xxxx:xxxx:xxxx]/info.php
You should see your server’s PHP information. This means PHP scripts can run properly with Nginx web server.
For your server’s security, you should delete info.php file now to prevent hacker seeing it.
$ sudo rm /var/www/html/info.php7. (Optional) Install PhpMyAdmin
$ sudo apt update
$ sudo apt install phpmyadminDuring the installation, it will prompt you to select a web server to configure. Nginx isn’t in the list, so press the Tab key and hit OK to skip this step.
Select ‘No' by pressing the Tab key and then “Enter” when you see the prompt below (since we already installed MariaDB):
Configure database for phpmyadmin with dbconfig-common?Next, update the default Nginx server block
$ sudo nano /etc/nginx/sites-available/defaultfind the block of code below:
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
}and add the code below after the block above:
# Phpmyadmin Configurations
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
#fastcgi_pass 127.0.0.1:9000;
#fastcgi_param HTTPS on; # <-- add this line
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
# Dealing with the uppercased letters
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}then reload nginx:
$ sudo systemctl reload nginxNow you can access phpmyadmin at http://127.0.0.1/phpmyadmin using the username ‘root' and the password you created when installing mariadb. If usig an IPv6 address, type the entire url like (include the square brackets): http://[xxxx:xxxx:x:xxxx:xxxx:xxxx:xxxx:xxxx]/phpmyadmin
REFERENCES
https://www.linuxbabe.com/ubuntu/install-lemp-stack-nginx-mariadb-php7-2-ubuntu-18-04-lts
https://www.linuxbabe.com/ubuntu/install-phpmyadmin-nginx-lemp-ubuntu-18-04-lts