 |
This guide shows you how to install the LEMP stack (Nginx, MariaDB and PHP7.4) on Debian 11. A software stack is a collection of software tools bundled together. LEMP stands for Linux, Nginx (Engine-X), MariaDB/MySQL and PHP, all of which are open source and free to use. It is the most common software stack that supports dynamic websites and web applications. Linux is an operating system; Nginx is a web server; MariaDB/MySQL is a database server and PHP is a server-side scripting language responsible for creating dynamic web pages. In this guide, we are installing as root, if you have a normal one, use the sudo command.
|
The preconfigured server configuration is available on the order form.
1. Update software packages
Before we install the LEMP stack, it is recommended to update the repository and software packages. Run the following commands on Debian 11 OS.
apt update
apt upgrade
2. Install the Nginx web server
Nginx is a high performance web server that is very popular these days. It can also be used as a reverse proxy and caching server. Enter the following command to install the Nginx web server.
apt install nginx
After installing it, we can enable Nginx to start automatically at boot time by running the following command.
systemctl enable nginx
Then start Nginx with this command:
systemctl start nginx
Now check its status.
systemctl status nginx
Now enter the public IP address of your Debian 11 server in your browser's address bar. You should see a "Welcome to Nginx" web page, which means that the Nginx web server is working correctly. If you are installing LEMP on your local Debian 11 machine, enter 127.0.0.1 or localhost in your browser's address bar.
If the connection is refused or cannot be established, the firewall may be blocking incoming requests on TCP port 80. If you are using the iptables firewall, you need to run the following command to open TCP port 80.
iptables -I INPUT -p tcp --dport 80 -j ACCEPTIf you are using a UFW firewall, run this command to open TCP port 80.
ufw allow http
Now we need to make www-data (the Nginx user) the owner of the web directory. It is owned by the root user by default..
chown www-data:www-data /usr/share/nginx/html -R3. Install the MariaDB database server
MariaDB is a replacement for MySQL. It is developed by former members of the MySQL team who are concerned that Oracle might turn MySQL into a closed source product. Enter the following command to install MariaDB on Debian 11.
apt install mariadb-server mariadb-clientAfter installation, the MariaDB server should start automatically. Use systemctl to check its status.
systemctl status mariadbIf it is not running, start it with this command:
systemctl start mariadb
To allow MariaDB to start automatically at boot time, run
systemctl enable mariadb
Now run the security script after installation.
mysql_secure_installationWhen you are asked to enter the MariaDB root password, press the Enter key as the root password has not yet been set. Then type y to set the root password for the MariaDB server.
You can then press Enter to answer any remaining questions, which will remove the anonymous user, disable remote root login, and delete the test database. This step is the main requirement to secure the MariaDB database. (Note that Y is capitalized, which means this is the default answer.)
By default, Debian's MaraiDB package uses unix_socket for user authentication, which basically means you can use the OS username and password to login to the MariaDB console. So you can run the following command to login without providing the MariaDB root password.
mariadb -u root
Run to exit
exit;
4. Install PHP7.4
PHP7.4 is included in the Debian 11 repository and has a minor performance improvement over PHP7.3. Enter the following command to install PHP7.4 and some common extensions.
apt install php7.4 php7.4-fpm php7.4-mysql php-common php7.4-cli php7.4-common php7.4-json php7.4-opcache php7.4-readline php7.4-mbstring php7.4-xml php7.4-gd php7.4-curl
PHP extensions are usually required for content management systems (CMS) such as WordPress. For example, if php7.4-xml is missing from your installation, then some pages of your WordPress site may be blank and you may find an error in the Nginx error log, such as:
PHP Message: PHP Fatal Error: Unhandled Error: Undefined function call xml_parser_create()
Installing these PHP extensions will ensure that your CMS runs smoothly. Now run php7.4-fpm.
systemctl start php7.4-fpm
Enable autoplay during boot.
systemctl enable php7.4-fpm
Check status:
systemctl status php7.4-fpm
5. Create an Nginx server block
The Nginx server block is similar to the virtual host in Apache. We won't use the default server block because it's not suitable for running PHP code and if we change it it will turn into a mess. Therefore, remove the default symbolic link in the site-enabled directory by running the following command. (It is still available as /etc/nginx/sites-available/default.)
rm /etc/nginx/sites-enabled/default
Then use a command line text editor such as Nano to create a new server block file in the /etc/nginx/conf.d/ directory. Paste the following text into the file. The following snippet will make Nginx listen on IPv4 port 80 and IPv6 port 80 with the server's univalent name.
nano /etc/nginx/conf.d/default.conf
server {
listen 80;
listen [::]:80;
server_name _;
root /usr/share/nginx/html/;
index index.php index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
}
# A long browser cache lifetime can speed up repeat visits to your page
location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ {
access_log off;
log_not_found off;
expires 360d;
}
# disable access to hidden files
location ~ /\.ht {
access_log off;
log_not_found off;
deny all;
}
}
Save and close the file. (To save the file in the Nano text editor, press Ctrl+O, then press Enter to confirm. To exit, press Ctrl+X.)
Then test the Nginx configurations.
nginx -t
If the test is successful, restart Nginx.
systemctl reload nginx
6. Testing PHP
To test PHP-FPM with the Nginx web server, we need to create an info.php file in the webroot directory.
nano /usr/share/nginx/html/info.php
Save and close the file. Now in the browser address bar enter server-ip-address/info.php. Replace the server IP address with your actual IP address. If you are following this guide on your local machine, enter 127.0.0.1/info.php or localhost/info.php.
You will see your server's PHP information. This means that PHP scripts can work properly with the Nginx web server.
7. Automatic restart of Nginx
If for some reason your Nginx process is stopped, you need to run the following command to restart it.
systemctl restart nginx
Instead of manually typing this command, we can make Nginx restart automatically by editing the nginx.service systemd system module. To override the default systemd service configuration, we create a separate directory.
mkdir -p /etc/systemd/system/nginx.service.d/Then create a file in that directory.
nano /etc/systemd/system/nginx.service.d/restart.confAdd the following lines to the file, which will cause Nginx to automatically restart 5 seconds after a failure is detected. The default RetartSec is 100ms, which is way too short. Nginx may complain that "start request is retrying too fast" if RestartSec is not large enough.
[Service]
Restart=always
RestartSec=5s
Save and close the file. Then reload systemd for the changes to take effect.
systemctl daemon-reload
To test if this will work, kill Nginx with:
pkill nginx
Then check the status of Nginx. You will find that Nginx restarts automatically.
systemctl status nginxLEMP (Nginx, MariaDB and PHP7.4) successfully installed on Debian 11. All these steps have already been done in the Debian 11 preinstalled LEMP configuration for VPS servers in the order form.