Introduction Nginx is one of the most popular web hosts in the world and is responsible for hosting some of the largest and most trafficked sites on the internet. It is a lightweight option that can be used as a web server or reverse proxy.
In this guide, we will discuss how to install Nginx on your Ubuntu 20.04 server, adjust the firewall, manage the Nginx process, and configure server blocks to host more than one domain from a single server.
Before
you
begin this guide, you must have a normal, non-root user with sudo privileges configured on the server. You can learn how to set up a regular user account by following our Initial Server Setup Guide for Ubuntu 20.04.
You’ll also want to have registered a domain name before completing the last steps in this tutorial. For more information on setting up a domain name with DigitalOcean, see our Introduction to DigitalOcean DNS.
When you have an account available, log in as your non-root user to get started.
Step 1 – Installing
Nginx Because
Nginx is available in Ubuntu’s default repositories, it is possible to install it from these repositories using
the apt packaging system. Since this
is our first interaction with the apt packaging system in this session, we will update our local package index so that we have access to the most recent package listings. Next, we can
install nginx: sudo apt update sudo apt install nginx
After accepting the procedure, apt will install Nginx and any required dependencies on your server
.
Step 2 – Firewall Adjustment
Before trying Nginx, the firewall software must be adjusted to allow access to the service. Nginx registers as a service with ufw upon installation, so it’s easy to allow access to Nginx.
List the application
configurations that ufw knows how to work with by typing
:
- sudo ufw app
list
You must get a list of the application profiles
: OutputAvailable applications: Full Nginx Nginx HTTP Nginx HTTPS OpenSSH
As demonstrated in the output, there are three profiles available for
Nginx:
- Nginx Full: This profile opens both ports 80 (normal,
- 80 (normal, unencrypted web traffic) Nginx
- HTTPS: This profile opens only port 443 (TLS/SSL encrypted traffic)
unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic) Nginx HTTP: This profile opens only port
It is recommended that you enable the most restrictive profile that will still allow the traffic you have configured. At this time, we will only need to allow traffic on port 80.
You can
enable this
by typing: sudo ufw allow ‘Nginx HTTP’
You can verify the change by typing
:
- sudo ufw status
The output will indicate what HTTP traffic is allowed
: OutputStatus: active For action from – – – OpenSSH ALLOW Anywhere Nginx HTTP ALLOW Anywhere OpenSSH (v6) ALLOW Anywhere (v6)
- Nginx HTTP
(v6) ALLOW Anywhere (v6)
Step 3 – Checking the web server
At the end of the installation process, Ubuntu 20.04 starts Nginx. The web server should already be up and running.
We can check with the systemd init system to make sure the service is running by typing
:
- systemctl status
nginx Output● nginx.service – A high-performance web server and reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2020-04-20 16:08:19 UTC; 3 days ago Documents: man:nginx(8) Main PID: 2369 (nginx) Tasks: 2 (limit: 1153) Memory: 3.5M CGroup: /system.slice/nginx.service ├─2369 nginx: master process /usr/sbin/nginx -g daemon on; master_process in; └─2380 nginx: worker process
As confirmed by this, the service has started successfully. However, the best way to test this is to request an Nginx page.
You can access the default Nginx homepage to confirm that the software is running properly by navigating to your server’s IP address. If you do not know the IP address of your server, you can find it using the icanhazip.com tool, which will give you your public IP address received from another location on the Internet
:
- curl -4 icanhazip.com
When you have the IP address of your server, enter it in the address bar of your browser
: http://your_server_ip
You should receive the default landing page of Nginx:
<img src="https://assets.digitalocean.com/articles/nginx_1604/default_page.png" alt="Nginx
default page” />
If you are on this page, your server
is running properly and is ready to be managed
.
Step 4 – Managing the Nginx Process
Now that you have your web server up and running, let’s review some basic administration commands.
To stop the web server,
type
: sudo systemctl stop nginx To start the
web server when it is stopped, Type
: sudo systemctl start nginx
To stop and then start the service again, type:
- sudo systemctl restart nginx
If you’re just making configuration changes,
- Nginx
can often reload without dropping connections. To do this, type:
- sudo systemctl reload nginx
By default, Nginx is set to start automatically when the server starts. If this is not what you want, you can disable this behavior by typing
: sudo systemctl disable nginx
To re-enable the service to start at boot, you can type:
- sudo systemctl enable nginx
You have now learned the basic management commands and should be ready to configure your site to host more than one domain.
Step 5 – Server block configuration (recommended)
When using the Nginx web server, server blocks (similar to virtual hosts in Apache) can be used to encapsulate configuration details and host more than one domain from a single server. We’ll set up a domain called your_domain, but you need to replace it with your own domain name.
Nginx in Ubuntu 20.04 has a server block enabled by default that is configured to serve documents from a directory in /var/www/html. While this works well for a single site, it can become unwieldy if you host multiple sites. Instead of modifying /var/www/html, let’s create a directory structure within /var/www for our your_domain site, leaving /var/www/html instead as the default directory to be served if a client request doesn’t match any other site.
Create the directory for your_domain as follows, using the -p
flag to create the required parent directories
: sudo
- mkdir -p
/var/www/your_domain/html
Next, assign the directory property with the environment variable
$USER:
- sudo chown -R $USER:$USER /var/www/your_domain/html
The permissions on your web roots must be correct if you have not modified their mask value, which sets the default file permissions. To make sure your permissions are correct and allow the owner to read, write, and execute the files while granting only read and execute permissions to groups and others, you can enter the following command
: sudo
- chmod -R 755 /var/www/your_domain
Next, create a sample index.html page using nano or your favorite editor:
- sudo nano /var/www/your_domain/html/index.html
Inside, add the following HTML example:
<html> <head> <title>Welcome to your_domain!</title> </head> <body> <h1>Success! The server your_domain block is working!</h1> </body> </html>
Save and close the file by pressing Ctrl+X to exit, then when prompted to save, Y, and then Enter
.
For Nginx to serve this content, it is necessary to create a server block with the correct directives. Instead of modifying the default configuration file directly, let’s make a new one in
/etc/nginx/sites-available/your_domain: sudo nano /etc/nginx/sites-available/your_domain
Paste the following configuration block, which is similar to the default, but updated for our new directory and domain name
: server { listen 80; listen [::]:80; root /var/www/your_domain/html; index index.html index.htm index.nginx-debian.html; server_name your_domain www. your_domain;
Location / { try_files $uri $uri/ =404; } }
Note that we have updated the root settings to our new directory and the server_name to our domain name.
Next, let’s enable the file by creating a link from it to the site-enabled directory, which Nginx reads during startup:
sudo ln -s /etc/nginx/
- sites-available/your_domain /etc/nginx/sites-enabled/
Two server blocks are now enabled and configured to respond to requests based on their listener and server_name policies (you can read more about how Nginx processes these directives here):
your_domain: It will respond to
- your_domain and www.your_domain requests. default: It will respond to
- any requests on port 80 that do not match the other two blocks
.
To avoid a potential hash bucket memory issue that can arise when adding additional server names, you need to adjust a single value in the /etc/nginx/nginx.conf file. Open the file:
sudo nano /etc/nginx
- /nginx.conf
Locate the server_names_hash_bucket_size directive and remove the # symbol to uncomment the line. If you are using nano, you can quickly search for words in the file by pressing CTRL and w.
… http { … server_names_hash_bucket_size 64; … } …
Save and close the file when you are finished.
Next, test to make sure there are no syntax errors in any of
your Nginx files: sudo nginx -t
If there is no problem, restart Nginx to enable your changes:
- sudo systemctl restart nginx Nginx
should now be serving your domain name. You can test this by navigating to http://your_domain, where you should see something like this:
Step 6 – Familiarize
yourself with important Nginx files and directories
Now that you know how to manage the Nginx service itself, you should take a few minutes to familiarize yourself with some important directories and files.
Contents
- /var/www/html: The actual web content, which by default only consists of the default Nginx page you viewed earlier, is served from the /var/www/html directory. This can be changed by altering the Nginx configuration files.
/
- etc/nginx server configuration: The Nginx configuration directory. All Nginx configuration files reside here.
- /nginx.conf: The main Nginx configuration file. This can be modified to make changes to the Nginx global settings.
- etc/nginx/sites-available/: The directory where server blocks can be stored per site. Nginx will not use the configuration files found in this directory unless they are linked to the site-enabled directory. Typically, all server block configuration is done in this directory and then enabled by binding to the other directory.
- etc/nginx/sites-enabled/: The directory where the enabled per-site server blocks are stored. Typically, these are created by using links to configuration files that are located in the sites-available directory.
- etc/nginx/snippets: This directory contains configuration fragments that can be included elsewhere in the Nginx configuration. Potentially repeatable configuration segments are good candidates for refactoring into chunks.
/etc/nginx
/
/
/
Server
logs
/var/log/nginx/access.log: Every request to your web server is logged in this log file unless Nginx is configured to do otherwise. /var/log/
- nginx/error.log: Any Nginx errors will be logged in this log.
Conclusion
Now that you have your web server installed, you have many options for the type of content to be served and the technologies you want to use for
Create a richer experience.
If you want to create a more complete application stack, see the article How to install Linux, Nginx, MySQL, PHP (LEMP stack) on Ubuntu 20.04.
To set up HTTPS for your domain name with a free SSL certificate using Let’s Encrypt, you need to move to How to secure Nginx with Let’s Encrypt in Ubuntu 20.04.