Last active
June 22, 2021 08:05
-
-
Save rehmatworks/499236ebd00f35b04aa5dbe2df13c0de to your computer and use it in GitHub Desktop.
Install, optimize & configure NGINX on Ubuntu 20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Become root | |
| sudo su | |
| # Update apt package cache | |
| apt update | |
| # Install NGINX | |
| apt install nginx | |
| # Creae a non-sudo user | |
| adduser johndoe | |
| # Remove default directories | |
| rm -rf /etc/nginx/sites-enabled /etc/nginx/sites-available | |
| # Remove default NGINX conf | |
| rm /etc/nginx/nginx.conf | |
| # Update NGINX conf | |
| cat > /etc/nginx/nginx.conf <<EOL | |
| user johndoe; | |
| worker_processes auto; | |
| pid /run/nginx.pid; | |
| include /etc/nginx/modules-enabled/*.conf; | |
| worker_rlimit_nofile 100000; | |
| error_log /var/log/nginx/error.log crit; | |
| events { | |
| worker_connections 4000; | |
| use epoll; | |
| multi_accept on; | |
| } | |
| http { | |
| open_file_cache max=200000 inactive=20s; | |
| open_file_cache_valid 30s; | |
| open_file_cache_min_uses 2; | |
| open_file_cache_errors on; | |
| access_log off; | |
| sendfile on; | |
| tcp_nopush on; | |
| client_max_body_size 100M; | |
| tcp_nodelay on; | |
| gzip on; | |
| gzip_min_length 10240; | |
| gzip_comp_level 1; | |
| gzip_vary on; | |
| gzip_disable msie6; | |
| gzip_proxied expired no-cache no-store private auth; | |
| gzip_types | |
| text/css | |
| text/javascript | |
| text/xml | |
| text/plain | |
| text/x-component | |
| application/javascript | |
| application/x-javascript | |
| application/json | |
| application/xml | |
| application/rss+xml | |
| application/atom+xml | |
| font/truetype | |
| font/opentype | |
| application/vnd.ms-fontobject | |
| image/svg+xml; | |
| reset_timedout_connection on; | |
| client_body_timeout 30; | |
| send_timeout 30; | |
| keepalive_timeout 90; | |
| keepalive_requests 100; | |
| include /etc/nginx/mime.types; | |
| include /etc/nginx/conf.d/*.conf; | |
| include /etc/nginx/vhosts.d/*; | |
| } | |
| EOL | |
| # Creae vhost dir | |
| mkdir /etc/nginx/vhosts.d | |
| # Add an example.com domain | |
| mkdir /home/johndoe/example.com && \ | |
| chown -R johndoe:johndoe /home/johndoe/example.com | |
| cat /etc/nginx/vhosts.d/example.com.conf <<EOL | |
| server { | |
| listen 80; | |
| server_name example.com; | |
| access_log off; | |
| location / { | |
| root /home/johndoe/example.com; | |
| } | |
| } | |
| EOL | |
| # Test NGINX conf | |
| nginx -t | |
| # Restart NGINX if all OK | |
| service nginx restart | |
| # Install certbot | |
| snap install certbot --classic | |
| # Install SSL | |
| certbot | |
| # All done! The domain's document root is /home/johndoe/example.com. SSH user johndoe should be used to manage data in that directory. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment