Skip to content

Instantly share code, notes, and snippets.

@saosangmo

saosangmo/install-LEMP-on-ubuntu-20.04-minimal.md

Forked from nd3w/install-nginx-mariadb-phpfpm-on-ubuntu-20.04.md
Last active December 23, 2021 11:10
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save saosangmo/02eb53114a017cb63363cdeeca1132cc to your computer and use it in GitHub Desktop.
Save saosangmo/02eb53114a017cb63363cdeeca1132cc to your computer and use it in GitHub Desktop.
Download ZIP
Install LEMP on Ubuntu 20.04 with Let Encrypts
Raw
install-LEMP-on-ubuntu-20.04-minimal.md

How to Install Nginx, MariaDB, PHP-FPM on Ubuntu 20.04 Minimal

This is a way to install and set up Nginx, MariaDB and PHP 8.1 (mode PHP-FPM), Certbot on Ubuntu 20.04.

$ sudo apt update

Nginx

$ sudo apt install nginx -y
$ sudo systemctl start nginx
$ sudo systemctl enable nginx

Firewall Setup

$ sudo ufw allow ssh
$ sudo ufw allow http
$ sudo ufw enable

MariaDB

$ sudo apt install mariadb-server mariadb-client -y
$ sudo mysql_secure_installation

Follow the instruction to what you need. After it ends, try to login:

$ sudo mysql -u root -p

And if you can not login with error message like Access denied for user 'root'@'localhost' let's log in to mysql using sudo first

$ sudo mysql -u root -p

In order to create a password, first we have to hash the string first:

SELECT PASSWORD('verysecretchangeit');

For example we get this hashed string: *54958E764CE10E50764C2EECBB71D01F08549980

ALTER USER root@localhost IDENTIFIED BY PASSWORD '*54958E764CE10E50764C2EECBB71D01F08549980';

Restart MariaDB service

$ sudo service mariadb restart

Now, you have access to account root.

Installing PHP 8.1

Nginx uses PHP-FPM and for convenient, we use Ondrej Sury's PPA, so we can install multiple versions of PHP.

$ sudo apt install software-properties-common
$ sudo add-apt-repository ppa:ondrej/php && sudo apt update
$ sudo apt install -y php8.1 php8.1-fpm php8.1-curl php8.1-gd php8.1-mbstring php8.1-mysql php8.1-xml php8.1-xmlrpc php8.1-fileinfo php-pear
$ sudo service php8.1-fpm start

Check if PHP operated using Netstat:

$ netstat -pl | grep php

You're good to go if the result is similar to the text below:

(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
unix  2      [ ACC ]     STREAM     LISTENING     30323    -                    /run/php/php8.1-fpm.sock

Nginx and PHP-FPM Configuration

$ nano /etc/nginx/nginx.conf

Uncomment the following lines.

keepalive_timeout 2;
server_tokens off;

Add more row to increase max upload file size

client_max_body_size 200m

Save the config file.

$ nano sites-available/default

Add or change this line:

location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
}

Save it and exit.

Test nginx config and make sure there's no error

$ sudo nginx -t

then restart the service

$ sudo systemctl reload nginx

PHP-FPM Configuration

Go to /etc/php/8.1/fpm and edit php.ini file

Uncomment cgi.fix_pathinfo, change value to 0

cgi.fix_pathinfo=0

Save and exit.

Increase max upload file size from PHP application

sed -i "s/post_max_size =.*/post_max_size = 100M/g" /etc/php/8.1/fpm/php.ini
sed -i "s/upload_max_filesize =.*/upload_max_filesize = 100M/g" /etc/php/8.1/fpm/php.ini

Reload PHP-FPM service

$ sudo service php8.1-fpm restart

Install Let’s Encrypt on Your Domain

sudo apt install certbot python3-certbot-nginx

Then you can run command to enable SSL for your domain

sudo certbot --nginx -d example.com -d www.example.com

Install Firewall

apt-get install ufw

Allow ssh and nginx service

sudo ufw allow 22/tcp
sudo ufw allow 'Nginx Full'

Pls double check your rule before enable firewall

sudo ufw enable
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment