Installation Nginx PHP MySQL

Installation Nginx PHP MySQL.md

Goal

Ubuntu 14.04

NGINX > 1.9 (mainline)

PHP 7

MySQL

Installation

Nginx

Download nginx_signing.key

sudo apt-key add nginx_signing.key

Add to /etc/apt/sources.list

deb http://nginx.org/packages/mainline/ubuntu/ trusty nginx
deb-src http://nginx.org/packages/mainline/ubuntu/ trusty nginx

sudo apt-get update
sudo apt-get install nginx

PHP 7

sudo apt-get install -y language-pack-en-base
sudo LC_ALL=en_US.UTF-8 add-apt-repository ppa:ondrej/php
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update
sudo apt-get install php7.0-fpm php7.0-mysql php7.0-curl php7.0-cli

Mysql

sudo apt-get install mysql-server
sudo mysql_install_db
sudo mysql_secure_installation

Let's Encrypt

sudo mkdir /opt/letsencrypt
cd /opt/letsencrypt
sudo wget https://dl.eff.org/certbot-auto
sudo chmod a+x /opt/letsencrypt/certbot-auto

Config

Nginx config

sudo mkdir /etc/nginx/sites-available
sudo mkdir /etc/nginx/sites-enabled

Edit /etc/nginx/nginx.conf

Modify user by:

user 					www-data;

Add:

worker_processes		4;

Add to http block:

include 				/etc/nginx/sites-enabled/*;
server_tokens			off;

It shoud look like this:

user  www-data;
worker_processes  4;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;
    
    server_tokens	off;

	 #gzip  on;

    include /etc/nginx/conf.d/*.conf;

    include /etc/nginx/sites-enabled/*;
}

Virtual host config

Clone in an user folder : https://gist.github.com/NicolasMahe/3c1044ff07c6b41c2529

Execute dhparam.sh

Create you own nginx_ssl_SPECIFIC.conf

Create you own virtual host config in /etc/nginx/sites-available/ from the nginx config example

Create a symlink in /etc/nginx/sites-enabled to your /etc/nginx/sites-available/virtual host config

cd /etc/nginx/sites-enabled
sudo ln -s ../sites-available/website 

Restart nginx

sudo service nginx restart

PHP 7

sudo nano sudo nano /etc/php/7.0/fpm/php.ini

Search cgi.fix_pathinfo and set the line like:

cgi.fix_pathinfo=0

Let's Encrypt

See https://gist.github.com/NicolasMahe/60f00b81205ecba435f4

Links

Ubuntu

https://www.digitalocean.com/community/tutorials/initial-server-setup-with-ubuntu-14-04#step-one-%14-root-login

https://www.digitalocean.com/community/tutorials/additional-recommended-steps-for-new-ubuntu-14-04-servers

https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-on-ubuntu-14-04

https://www.digitalocean.com/community/tutorials/how-to-install-laravel-with-an-nginx-web-server-on-ubuntu-14-04

Let's encrypt

https://certbot.eff.org/#ubuntutrusty-nginx

NGINX

http://nginx.org/en/linux_packages.html#mainline

PHP 7

https://www.digitalocean.com/community/tutorials/how-to-upgrade-to-php-7-on-ubuntu-14-04

SSL

Secure Nginx config

https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-14-04

https://raymii.org/s/tutorials/OCSP_Stapling_on_nginx.html

https://blog.rudeotter.com/lets-encrypt-ssl-certificate-nginx-ubuntu/

HTTP2

http://nginx.org/en/linux_packages.html#mainline

https://www.digitalocean.com/community/questions/update-nginx-to-version-1-9-5