Installation of LEMP environment on Ubuntu 16.04 Graphic wizard

Guide

LEMP is an abbreviation that represents a set of packages (annotations ①l:linux Os,e:nginx Web servers, m:mysql/mariadb databases, and p:php server Dynamic programming languages), which are used to build dynamic Web applications and Web pages. This tutorial will teach you how to install LEMP (Nginx and MariaDB and PHP7) on Ubuntu 16.04 servers.

Step 1: Install the Nginx server installing Nginx in Ubuntu 16.04

Nginx is an advanced, resource-optimized Web server program that is used to present web pages to visitors on the Internet. We start with the installation of Nginx server and use the APT command to get the Nginx program from Ubuntu's official software repository.

$ sudo apt-get install Nginx

Check Nginx network port connection and status

Then enter the "netstat" and "systemctl" commands to confirm that the Nginx process has started and is bound to port 80.

$ netstat-tlpn

$ sudo systemctl status Nginx.service

validating Nginx Web pages

When you confirm that the service process has started, you can open a browser, use the HTTP protocol to access your server IP address or domain name, browse Nginx's default Web page.

Http://IP-Address

Step 2: Enable the Nginx http/2.0 protocol backing up Nginx Web site configuration Files

Support for the HTTP/2.0 protocol is included by default in Nginx binaries for the latest release of Ubuntu 16.04, which can only be connected over SSL and ensures a huge increase in the speed of loading pages.

To enable the Nginx protocol, first locate the Web site configuration file provided by Nginx, and enter the following command to backup the configuration file.

$ cd/etc/nginx/sites-available/$ sudo mv default Default.backup

Enable Nginx HTTP 2 protocol

Then, create a new default file with a text editor and enter the following:

server {Listen 443 SSL http2 Default_server;listen [::]:443 SSL HTTP2 default_server;root/var/www/html;index index.html I Ndex.htm index.php;server_name 192.168.1.13;location/{try_files $uri $uri/= 404;} Ssl_certificate/etc/nginx/ssl/nginx.crt;ssl_certificate_key/etc/nginx/ssl/nginx.key;ssl_protocols TLSv1 TLSv1.1 Tlsv1.2;ssl_prefer_server_ciphers on;ssl_ciphers eecdh+chacha20:eecdh+aes128:rsa+aes128:eecdh+aes256:rsa+aes256: eecdh+3des:rsa+3des:! Md5;ssl_dhparam/etc/nginx/ssl/dhparam.pem;ssl_session_cache Shared:ssl:20m;ssl_session_timeout 180m;resolver 8.8.8.8 8.8.4.4;add_header strict-transport-security "max-age=31536000; #includeSubDomains" Always;location ~ \.php$ { Include Snippets/fastcgi-php.conf;fastcgi_pass Unix:/run/php/php7.0-fpm.sock;} Location ~/\.ht {deny all;}} server {Listen 80;listen [::]:80;server_name 192.168.1.13;return 301 https://$server _name$request_uri;}

The above configuration fragment adds the HTTP2 parameter to all SSL listening instructions to enable "http/2.0".

The last paragraph added to the server configuration above is used to redirect all non-SSL traffic to the SSL/TLS default host. Then use your host's IP address or DNS record (preferably with FQDN name) to replace the parameters of the "SERVER_NAME" option.

generate an Nginx SSL certificate and key

After you follow the steps above to edit the default configuration file for Nginx, use these commands to generate, view, and review the SSL certificate and key.

Complete the creation of the certificate with your customized settings, note that the Common Name is set to match your DNS FQDN record or the server IP address.

$ sudo mkdir/etc/nginx/ssl$ sudo openssl req-x509-nodes-days 365-newkey Rsa:2048-keyout/etc/nginx/ssl/nginx.key-ou t/etc/nginx/ssl/nginx.crt$ ls/etc/nginx/ssl/

Create a Diffie-hellman key

Use a strong DH encryption algorithm by entering the following command, which modifies the files that were configured by the previous configuration file Ssl_dhparam.

$ sudo OpenSSL dhparam-out/etc/nginx/ssl/dhparam.pem 2048

Check the configuration of Nginx

When the Diffie-hellman key is generated, verify that the Nginx configuration file is correct and can be applied by the Nginx Network Service program. Then run the following command to restart the daemon to see what has changed.

$ sudo nginx-t$ sudo systemctl restart Nginx.service

Test Nginx HTTP 2.0 protocol

Type the following command to test that Nginx is using the http/2.0 protocol. Seeing H2 in the protocol indicates that Nginx has successfully configured to use the HTTP/2.0 protocol. All the latest browsers can support this protocol by default.

$ OpenSSL s_client-connect Localhost:443-nextprotoneg "

3rd Step: Install PHP 7 interpreter

With the help of the FastCGI process management program, Nginx can generate dynamic Web content using the PHP Dynamic language interpreter. FastCGI is able to install PHP-FPM binary packages from the official Ubuntu repository.

installing PHP 7 and PHP-FPM

Enter the following command in your server console to get the PHP7.0 and expansion pack, which allows PHP to communicate with the Nginx Network service process.

$ sudo apt install php7.0 php7.0-fpm

Open, verify PHP-FPM service installation

When the PHP7.0 interpreter is successfully installed, enter the following command to start or check the PHP7.0-FPM daemon:

$ sudo systemctl start php7.0-fpm$ sudo systemctl status php7.0-fpm

Enable PHP FastCGI

The current Nginx configuration file has been configured to use PHP FPM to provide dynamic content.

This part of the server configuration given below allows Nginx to use the PHP interpreter, so there is no need to make any other changes to the Nginx configuration file.

Location ~ \.php$ {include Snippets/fastcgi-php.conf;fastcgi_pass unix:/run/php/php7.0-fpm.sock;}

Below is the contents of the Nginx default configuration file. You may need to modify or uncomment the code in it.

Create a PHP Info file

To test the PHP-FPM-enabled Nginx server, create a PHP test configuration file info.php with the following command. Then use http://IP_or domain/info.php this URL to view the configuration.

$ sudo su-c ' echo ' < php phpinfo ();?> "|tee/var/www/html/info.php"

Check PHP FastCGI for information

Check HTTP2.0 protocol information

Check to see if the server declares support for the HTTP/2.0 protocol, and navigate to the $_server[' Server_protocol ' in the PHP variable area like this one.

Installing the PHP 7 module

In order to install additional PHP7.0 modules, use the APT search php7.0 command to find the PHP module and install it.

If you want to install WordPress or other CMS, you need to install the following PHP modules, these modules will be useful sooner or later.

$ sudo apt install php7.0-mcrypt php7.0-mbstring

To register these additional PHP modules, enter the following command to restart the php-fpm daemon.

$ sudo systemctl restart Php7.0-fpm.service

4th step: Install the MariaDB database Installing MariaDB

Finally, we need to MariaDB the database to store and manage the data of the website, only to complete the LEMP building.

Run the following command to install the MariaDB database management system and restart the PHP-FPM service to communicate with the database using the MySQL module.

$ sudo apt install mariadb-server mariadb-client php7.0-mysql$ sudo systemctl restart Php7.0-fpm.service

Secure installation of the MariaDB

To secure the MariaDB, run a security script from the binary package provided in the Ubuntu repositories, which will ask you to set a root password, remove the anonymous user, disable the root user telnet, and remove the test database.

Enter the following command to run the script and confirm all the selections. Refer to the following.

$ sudo mysql_secure_installation

user rights for MariaDB

Configure MariaDB so that ordinary users can access the database without the sudo privileges of the system. Open the MySQL command line interface with root user rights and run the following command:

$ sudo mysqlmariadb> use MySQL; mariadb> Update user set plugin= ' where user= ' root '; mariadb> flush Privileges; mariadb> EXITMARIADB User Rights

View the MariaDB database

Finally, by executing the following command to log in to the MariaDB database, you can execute commands in any database without the need for root privileges:

$ mysql-u root-p-e ' show databases '

All right! Now that you have a LEMP environment configured on an Ubuntu 16.04 server, you can deploy complex, dynamic network applications that interact with the database.

Note ①: (LCTT: Why use LEMP instead of LNMP abbreviations?) According to Https://lemp.io/'s explanation: Nginx's pronunciation is engine-x, an important pronunciation rather than an initial letter, and Lemp is actually readable, and lnmp looks just like an alphabet. ）
Before looking at the tutorial, please review the installation of Ubuntu 16.04 Server version: (http://www.tecmint.com/installation-of-ubuntu-16-04-server-edition/)

Installation of LEMP environment on Ubuntu 16.04 Graphic wizard