Installing NGINX on Debian-based Linux Distributions

Installing NGINX on Debian-based Linux Distributions
Photo by Kevin Horvat / Unsplash

When it comes to running a web server for all of my online projects, NGINX is the first that comes to mind for me. By default, it follows my guidelines of running a piece of software – meaning that the software is security-minded, performance-driven, and honestly, really easy to manage all the aspects of it.

NGINX is most likely the most popular web server software in the world, and it's well known for being the backbone of some of the biggest sites on the internet to date. It is a lightweight choice that can be used as either a web server and or reverse proxy, and pretty much fits most people's needs without too much configuration and setup.

In the following guide, I will be walking you through how to install NGINX on Debian-based Linux Distributions (Distros), as well as adding some common firewall rules and setting up a server block for a domain.

Installation

NGINX is usually always available via Debian-based Distros' repositories, so we will be able to install it using the apt package system.

The following command will install NGINX and any required dependencies on the webserver for us.

sudo apt install nginx

Firewall Adjustments

Part of making sure our server is secure is by adjusting the firewall. The package which we recommend for this is ufw. The following commands will first see if the firewall is enabled, then allow the required ports to be opened as needed, and finally enable the firewall to run the NGINX web server.

sudo ufw status
sudo ufw allow 22 
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable
sudo ufw status

First, we are going to check the status of ufw. It is going to say that the status is `inactive` to begin. Next, we are going to open port 22 for SSH/SFTP traffic, then port 80 for HTTP or normal traffic, and finally port 443 for SSL/TLS or secure web traffic. After the ports are opened, we are going to enable the firewall rules. All other ports will be blocked besides the ones we opened. Finally, we will check the status of the firewall again. The following should be the output.

Status: active

To                         Action      From
--                         ------      ----
22                         ALLOW       Anywhere
80                         ALLOW       Anywhere
443                        ALLOW       Anywhere
22 (v6)                    ALLOW       Anywhere (v6)
80 (v6)                    ALLOW       Anywhere (v6)
443 (v6)                   ALLOW       Anywhere (v6)

Finalize Installation

At the end of the installation process, your Linux distro will start the NGINX web server. The web server should always be up and running. We are able to check this with the systemd init system. To check if the webserver is running, run the following command.

sudo systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2020-04-20 16:08:19 UTC; 3 days ago
     Docs: man:nginx(8)
 Main PID: 2369 (nginx)
    Tasks: 2 (limit: 1153)
   Memory: 3.5M
   CGroup: /system.slice/nginx.service
           ├─2369 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
           └─2380 nginx: worker process

The output right above will confirm that the NGINX web server has started and is currently running. You can access the default NGINX landing page by visiting your website and or IP address that points to the webserver.

Server Block Setup

Server Blocks – pretty similar to Virtual Hosts in Apache's Web Server) – can be used to set up and configure a website on a domain name. The server blocks can also allow you to host multiple websites on the same web server by making their own server blocks for each separate site. I will set up a domain called your_domain, but you should replace this with your own domain name.

NGINX has one server block enabled by default. This block is configured to serve websites out of the directory at /var/www/html. While this works well for a single site, it can become unwieldy if you are hosting multiple sites. Instead of modifying and using the/var/www/html directory, I am going to create a directory structure within the /var/www directory for our your_domain.

sudo mkdir /var/www/your_domain
sudo chown -R $USER:$USER /var/www/your_domain
sudo chmod -R 755 /var/www/your_domain

The following three commands right above will create the directory that is going to house the website. The first command creates the directory folder where you can place public-facing files such as index.html, style.css, and images for a website. The second command assigns ownership to be able to upload, modify, and delete files from the directory as needed. Then the final command sets the correct permissions to allow the owner to read, write, and execute the files while granting only read and execute permissions to groups and others.

In order for Nginx to serve this content, it’s necessary to create a server block with the correct directives. Instead of modifying the default configuration file directly, let’s make a new one at /etc/nginx/sites-available/your_domain.conf.

sudo nano /etc/nginx/sites-available/your_domain```

Next, I  will provide a simple and minimalistic server block that needs to be updated with your domain name which you are using for the server_name and root /var/www/your_domain respectfully.

server {
        listen 80;
        listen [::]:80;

        root /var/www/your_domain/html;
        index index.html index.htm index.nginx-debian.html;

        server_name your_domain www.your_domain;

        location / {
                try_files $uri $uri/ =404;
        }
}```

I think you have noticed how I have updated the root and server_name configuration to our new directory. Next, I will enable the file by creating a link from it to the sites-enabled directory, which Nginx reads from during startup:

sudo ln -s /etc/nginx/sites-available/your_domain /etc/nginx/sites-enabled/

If there aren’t any problems, restart Nginx to enable your changes:

sudo systemctl restart nginx

Nginx should now be serving your domain name. You can test this by navigating to http://your_domain. It will be displaying the default NGINX file, 404 error, or a 403 error because there are no found files.

Conclusion

Now that the webserver is officially installed, you have many options for the type of content to serve to the public. There are a lot of different technologies that we can use to create an amazing user experience for people who visit our website.