Install LEMP Stack on Debian 10

Introduction

The LEMP stack (Linux, NGINX, MySQL, and PHP) is a popular alternative to the LAMP stack that uses NGINX instead of Apache. This tutorial will guide you through basic installation, setup and configuration of a LEMP stack on Debian 10.

Prerequisites

To install LEMP stack on your server, make sure you are logged into your server with a sudo user.

Step 1 – Install Nginx

In order to serve web pages to your site visitors, we are going to employ Nginx, a popular web server which is well known for its overall performance and stability.

All of the software you will be using for this procedure will come directly from Debian’s default package repositories. This means you can use the apt package management suite to complete the installation.

Since this is the first time you’ll be using apt for this session, you should start off by updating your local package index. You can then install the server:

apt update
apt install nginx

On Debian 10, Nginx is configured to start running upon installation.

You can check this with:

systemctl status nginx

In order to check if Nginx is running, you can visit your IP address via the browser.

Open in a web browser:

http://server_domain_name_or_IP/

How To Find Your Server’s Public IP Address

If you don’t know what your server’s public IP address is, there are many ways to find out your public IP address.

From the command line, you can use the iproute2 tools to get your address by typing this:

ip a s | sed -ne '/127.0.0.1/!{s/^[ \t]*inet[ \t]*\([0-9.]\+\)\/.*$/\1/p}'

Another method is to use an outside party to tell you how it sees your server:

curl https://ipecho.net/plain; echo

or

curl https://icanhazip.com

Step 2 – Install MySQL (MariaDB)

Now that we have the web server (Nginx) up and running, it’s time to install MariaDB. MariaDB is a community-developed, commercially supported fork of the MySQL relational database management system.

Install MariaDB with:

apt install mariadb-server

On Debian 10, MariaDB is configured to start running upon installation.

You can check this with:

systemctl status mariadb

Now that our MySQL (MariaDB) database is running, we want to run a simple security script that will remove some dangerous defaults and lock down access to our database system a little bit. Start the interactive script by running:

mysql_secure_installation

The prompt asks you for your current MYSQL root password. At this stage you won’t have one yet, so just leave it blank by hitting enter. When you are prompted to set a root password, just type Y and follow the instructions to set up your root password and make note of it.

For the rest of the questions, you should simply hit the “ENTER” key through each prompt to accept the default values. This will remove some sample users and databases, disable remote root logins, and load these new rules so that MySQL immediately respects the changes we have made.

Sample Output:

# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

Step 3 – Install PHP

You have Nginx installed to serve your content and MySQL installed to store and manage your data. Now you can install PHP to process code and generate dynamic content for the web server.

To install the php-fpm and php-mysql packages, run:

apt install php-fpm php-mysql

You now have your PHP components installed. Next, you’ll configure Nginx to use them.

Step 4 – Configure Nginx with PHP

When using the Nginx web server, server blocks can be used to encapsulate configuration details and host more than one domain on a single server.

In this guide, we’ll use example.com as example domain name.

On Debian 10, Nginx has one server block enabled by default and is configured to serve documents out of a directory at /var/www/html.

Create the root web directory for example.com as follows:

mkdir /var/www/example.com

Next, assign ownership of the directory with the $USERenvironment variable, which should reference your current system user:

chown -R $USER:$USER /var/www/example.com

Then, open a new configuration file in Nginx’s sites-available directory using your preferred command-line editor.

vi /etc/nginx/sites-available/example.com

This will create a new blank file. Paste in the following bare-bones configuration:

server {
    listen 80;
    listen [::]:80;

    root /var/www/example.com;
    index index.php index.html index.htm;

    server_name example.com www.example.com;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
    }
}

Activate your configuration by linking to the config file from Nginx’s sites-enabled directory:

ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/

This will tell Nginx to use the configuration next time it is reloaded. You can test your configuration for syntax errors by typing:

nginx -t

If any errors are reported, go back to your configuration file to review its contents before continuing.

When you are ready, reload Nginx to make the changes:

systemctl reload nginx

Next, you’ll create a file in your new web root directory to test out PHP processing.

Step 5 – Test

If you have followed the above steps successfully, you should now have the LEMP stack installed on your server.

You are now able to upload your sites files to the /var/www/example.com directory.

You can do this by creating a test PHP file in your document root. Open a new file called info.php within your document root in your text editor:

vi /var/www/example.com/info.php

Type or paste the following lines into the new file. This is valid PHP code that will return information about your server:

<?php
  phpinfo();

You can now access this page in your web browser by visiting the domain name or public IP address you’ve set up in your Nginx configuration file, followed by /info.php:

http://your_server_IP_address/info.php

Conclusion

If the test completed successfully, then you have installed and configured the LEMP stack on your server. Congrats!

Reprint:https://community.hetzner.com/tutorials/install-lemp-stack-on-debian-10