GNU/Linux {docs}

LEMP

Important directories and files

  • /usr/share/nginx/conf/
  • /usr/share/defaults/php/php-fpm.d/www.conf
  • /etc/nginx/ (created by us)
  • /etc/nginx/conf.d (created by us)
  • /var/www/

Nginx

$ sudo swupd update
$ sudo swupd bundle-add web-server-basic
$ sudo mkdir -p /etc/nginx/conf.d
$ sudo cp /usr/share/nginx/conf/nginx.conf.example /etc/nginx/nginx.conf
$ sudo cp /usr/share/nginx/conf/server.conf.example /etc/nginx/conf.d/default.conf
$ sudo cp /usr/share/defaults/etc/hosts /etc/hosts

Edit /etc/nginx/conf.d/default.conf: $ sudo nano /etc/nginx/conf.d/default.conf

server {
  listen 80;
  server_name localhost;
  location / {
     root html;
     index index.html index.htm;
  }
  error_page 500 502 503 504 /50x.html;
  location = /50x.html {
     root html;
  }
  # pass the PHP scripts to FastCGI server listening on    /run/php-fpm.sock
  #
  location ~ \.php$ {
     root html;
     # mitigate httpoxy.org type vulnerabilities
     fastcgi_param HTTP_PROXY "";
     fastcgi_pass unix:/run/php-fpm.sock;
     fastcgi_index index.php;
     include /usr/share/nginx/conf/fastcgi.conf;
  }
  # deny access to .htaccess files, if Apache's document root
  # concurs with nginx's one
  #
  location ~ /\.ht {
     deny all;
  }
}

PHP

$ sudo swupd update
$ sudo swupd bundle-add php-basic
$ sudo cp -R /usr/share/defaults/php/php-fpm.d/ /etc
$ sudo cp /usr/share/defaults/php/php-fpm.conf /etc/php-fpm.conf
$ sudo sed -ie 's/include=\/usr\/share\/defaults\/php\/php-fpm.d\/[*].conf/include=\/etc\/php-fpm.d\/*.conf'/ /etc/php-fpm.conf

Edit /etc/php-fpm.d/www.conf file so it ends up like this:

...
user = httpd
group = httpd
...
listen.owner = httpd
listen.group = httpd

Add a parameter within php-fpm.service: $ sudo systemctl edit --full php-fpm.service

Then, change the line:

ExecStart=/usr/sbin/php-fpm --nodaemonize

to:

ExecStart=/usr/sbin/php-fpm --nodaemonize --fpm-config /etc/php-fpm.conf

MariaDB

$ sudo swupd bundle-add database-basic
$ sudo systemctl start mariadb

Set MariaDB root user password:

$ sudo mysql_secure_installation
Enter current password for root (enter for none): ## Press Enter
Set root password? [Y/n]## Press Enter
New password:## Enter password
Re-enter new password: ## Re-enter password
Remove anonymous users? [Y/n]## Press Enter
Disallow root login remotely? [Y/n]## Press Enter
Remove test database and access to it? [Y/n]## Press Enter
Reload privilege tables now? [Y/n]## Press Enter

Enable and start LEMP

$ sudo systemctl enable nginx php-fpm mariadb
$ sudo systemctl start nginx php-fpm