Install and set-up LEMP (Linux Nginx MariaDB and PHP) stack in ArchLinux

Install and set-up LEMP (Linux Nginx MariaDB and PHP) stack in ArchLinux

In this tutorial we will show you how to install and set-up LEMP (Linux Nginx MariaDB and PHP) stack in ArchLinux system.


1. MAKE SURE THE ARCHLINUX SYSTEM IS UP TO DATE


First log in to your VPS as ROOT via SSH. Once you are in the first thing you need to do is to downloads the package lists from the repositories and “update” them to get information on the newest versions of packages and their dependencies using pacman. To do that type:

pacman -Syyu

2. INSTALL AND CONFIGURE MARIADB DATABASE SERVER

To install MariaDB database server using pacman type:

pacman -S mariadb

Once the installation is done you can configure MariaDB by editing the my.cnf configuration file:

nano /etc/mysql/my.cnf

once the file is edited add the following to the [mysqld] section:

bind-address = 127.0.0.1

Save and close the file and restart MariaDB for the changes to take effects:

systemctl restart mysqld

next add MariaDB it to system’s startup so that each time the system is rebooted the MariaDB service can start automatically:

systemctl enable mysqld

You can also run the post install script to setup some basic security for MariaDB:

mysql_secure_installation
  • Enter current password for root (enter for none):
  • Set root password? [Y/n] y
  • Remove anonymous users? [Y/n] y
  • Disallow root login remotely? [Y/n] y
  • Remove test database and access to it? [Y/n] y
  • Reload privilege tables now? [Y/n] y

and setup the my.cnf client configuration for the root account. To do that edit:

nano ~/.my.cnf

and add:

[client]
user=root
password=
#socket=/var/lib/mysql/mysql.sock #centos
#socket=/var/run/mysqld/mysqld.sock #gentoo, debian
socket=/run/mysqld/mysqld.sock #archlinux

3. INSTALL AND CONFIGURE NGINX HTTP SERVER

To install Nginx using pacman and configure Nginx main configuration file located at /etc/nginx/nginx.conf type the following commands:

pacman -S nginx

create a backup of the configuration file:

cp /etc/nginx/nginx.conf{,.orig}

edit the file:

nano /etc/nginx/nginx.conf

and add the following:

user              http;
worker_processes  2;

error_log  /var/log/nginx/error.log;

events {
    worker_connections  1024;
    use epoll;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;

    keepalive_timeout  30;
    server_tokens off;

    connection_pool_size 256;
    client_header_buffer_size 1k;
    large_client_header_buffers 4 2k;
    request_pool_size 4k;

    output_buffers 1 32k;
    postpone_output 1460;

    gzip on;
    gzip_disable "MSIE [1-6]\.(?!.*SV1)";
    gzip_http_version 1.1;
    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;

    include /etc/nginx/sites-enabled/*;
}

Save and close the file.
The worker_processes option is determined by the number of CPU’s the machine has. In my case, the cubbieboard2 has 2 CPU cores as shown by lscpu

Next, we will use Debian server block management style using sites-available and sites-enabled

mkdir -p /etc/nginx/sites-{available,enabled}

and add Nginx server block that will serve a static website/content. To do that edit:

nano /etc/nginx/sites-available/your_web_site.com

and add:

server {
    listen 80;
    root /srv/http/your_web_site.com;
    server_name your_web_site.com;
    access_log /var/log/nginx/your_web_site-access;
    #access_log off;
    error_log /var/log/nginx/your_web_site-error error;

    location / {
        root /srv/http/your_web_site.com;
        index  index.html index.htm;
    }

    ## caches
    include /etc/nginx/conf.d/caches.conf;
}

Since I’m referencing to /etc/nginx/conf.d/caches.conf we will need to create this file, so:

mkdir -p /etc/nginx/conf.d

edit the file:

nano /etc/nginx/conf.d/caches.conf

and add:

## caches
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
    access_log off;
    expires max;
}
location ~* \.(js)$ {
    access_log      off;
    log_not_found   off;
    expires         7d;
}
location ~* \.(woff|svg)$ {
    access_log      off;
    log_not_found   off;
    expires         30d;
}
location ~ /\.ht {
    deny  all;
}

Save and close the file.

Next, add a server block which will pass all PHP requests to PHP-FPM socket:

nano /etc/nginx/sites-available/your_web_site.com

and add:

server {
    listen 80;
    server_name your_web_site.com;
    rewrite ^(.*) http://your_web_site.com$1 permanent;
}

server {
    listen 443 default;
    server_name your_web_site.com;

    ssl    on;
    ssl_certificate        /etc/nginx/SSL/your_web_site.com.chained.crt;
    ssl_certificate_key    /etc/nginx/SSL/your_web_site.com.key;
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;

    access_log /var/log/nginx/your_web_site.ssl-access;
    #access_log off;
    error_log /var/log/nginx/your_web_site.ssl-error error;

    client_max_body_size 5m;
    client_body_timeout 60;

    root /srv/http/your_web_site.com/;
    index  index.html index.php;

    # root directory
    location / {
        try_files $uri $uri/ @rewrites;
    }

    location @rewrites {
        rewrite ^ /index.php last;
    }

    ## caches
    include /etc/nginx/conf.d/caches.conf;

    ## php block
    location ~ \.php?$ {
        try_files $uri =404;
        include fastcgi_params;

        fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
        #fastcgi_pass 127.0.0.1:9001;

        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_intercept_errors on;
        fastcgi_split_path_info ^(.+\.php)(.*)$;
        fastcgi_hide_header X-Powered-By;
    }
}

Save and close the file, and enable the newly created Nginx server blocks using:

cd /etc/nginx/sites-enabled
ln -s /etc/nginx/sites-available/your_web_site.com
ln -s /etc/nginx/sites-available/your_web_site.com

Next, copy my SSL certificate and key to /etc/nginx/SSL and test, start and enable Nginx on the system

nginx -t
systemctl restart nginx
systemctl enable nginx

4. INSTALL AND CONFIGURE THE PHP-FPM SERVER

To install PHP-FPM using pacman type:

pacman -S php-fpm

edit /etc/php/php.ini and change/uncomment the following:

cgi.fix_pathinfo=0
date.timezone = Europe/Skopje
memory_limit = 64M
expose_php = Off

Save and close the file.

Next, set-up /etc/php/php-fpm.conf by adding the the following:

echo -e "include=/etc/php/fpm.d/*.conf\n" > /etc/php/php-fpm.conf
echo -e "[global]\npid = /run/php-fpm/php-fpm.pid" >> /etc/php/php-fpm.conf
echo -e "emergency_restart_threshold = 10" >> /etc/php/php-fpm.conf
echo -e "emergency_restart_interval = 1m" >> /etc/php/php-fpm.conf
echo -e "process_control_timeout = 10\n" >> /etc/php/php-fpm.conf

Set-up aPHP-FPM pool in /etc/php/fpm.d/www-pool.conf. To do that edit:

nano /etc/php/fpm.d/www-pool.conf

and add:

[php-serve]
;listen = 127.0.0.1:9001
listen = /run/php-fpm/php-fpm.sock
user = http
group = http
listen.owner = http
listen.group = http
listen.mode = 0660
request_slowlog_timeout = 5s
slowlog = /var/log/php-fpm.log
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 10
pm.start_servers = 3
pm.min_spare_servers = 2
pm.max_spare_servers = 4
pm.max_requests = 400
listen.backlog = -1
pm.status_path = /status
request_terminate_timeout = 120s
rlimit_files = 131072
rlimit_core = unlimited
catch_workers_output = yes
php_value[session.save_handler] = files
;php_value[session.save_path] = /var/lib/php/session
php_admin_value[error_log] = /var/log/php-fpm-error.log
php_admin_flag[log_errors] = on

restart PHP-FPM and add it on system’s start-up using:

systemctl restart php-fpm
systemctl enable php-fpm

To enable MySQL/MariaDB support in PHP, uncomment the mysql extension in /etc/php/php.ini file and reload php-fpm. To do that edit:

nano /etc/php/php.ini

and uncomment the following lines:

extension=mysqli.so
extension=mysql.so
extension=pdo_mysql.so

Save and close the file and restart php-fpm for the changes to take effects:

systemctl restart php-fpm

EXTRA

To be able to deploy Laravel application you need the Mcrypt PHP extension:

pacman -S php-mcrypt
vim +/mcrypt.so /etc/php/php.ini
systemctl restart php-fpm

If you’re one of our Linux VPS Hosting customers we can help you to install and set-up LEMP (Linux Nginx MariaDB and PHP) stack on your virtual server for you free of charge. Just contact us and some of our experts will complete your request immediately.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>