use-nginx-on-ubuntu-18-04

---

title: use nginx on ubuntu 18.04
tags: [linux,ubuntu,ngiinx]
categories:

• linux
• nginx
  date: 2021-04-25 17:24:12

---

nginx on ubuntu 18.04

reference

1. How To Install Nginx on Ubuntu 18.04
2. nginx beginner’s guide

introduction

• nginx is one of the most popular web servers in the world and is responsible for hosting some of the largest and high-traffic sites on the internet. it is more resource-friendly than apache in most cases and can be used as a web server or reverse proxy.
• in this guild, we will discuss how to install nginx on my ubuntu 18.04 server.

step1 (install nginx)

• because nginx is available in ubuntu’s default repositories, it is possible to install it from these repositories using the apt packaging system.
• it may be the first interaction with the apt packaging system, so i’d like to update my local package index so that i have access to the most recent package listings. afterwards, i can install nginx

apt update
apt install nginx

• after accepting the procedure, apt will install nginx and any required dependencies to my server.

step2 (adjusting the firewall)

• before testing nginx, the firewall software needs to be adjusted to allow access to the service. nginx registers itself as a service with ufw upon installation, making it straightforward to allow nginx access.
• list the application configurations that ufw know how to work with by typing:

ufw app list

• you should get a listing of the application profiles.

Available applications:
  Nginx Full
  Nginx HTTP
  Nginx HTTPS
  OpenSSH

• Nginx Full: this profile opens both port 80(normal, unencrypted web traffic) and port 443(TLS/SSL encrypted traffic)
• Nginx HTTP: this profile opens only the port 80.
• Nginx HTTPS: this profile opens only port 443.
• it is recommended that you enable the most restrictive profile that will still allow the traffic you have configured. however, i have not configured SSL for my server, i will only need to allow traffic on port 80.

ufw enable "Nginx HTTP"

checking your web server

• at the end of the installation process, ubuntu starts nginx, the web server should already be up and running. we can check with the systemd init system to make sure the service is running by typing:

systemctl status nginx

• output:

● nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2021-04-25 17:46:15 CST; 7min ago
     Docs: man:nginx(8)
  Process: 1156 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, s
  Process: 1039 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=
 Main PID: 1170 (nginx)
    Tasks: 2 (limit: 2121)
   CGroup: /system.slice/nginx.service
           ├─1170 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
           └─1176 nginx: worker process

Apr 25 17:46:15 VM-4-14-ubuntu systemd[1]: Starting A high performance web server and a re
Apr 25 17:46:15 VM-4-14-ubuntu systemd[1]: nginx.service: Failed to parse PID from file /r
Apr 25 17:46:15 VM-4-14-ubuntu systemd[1]: Started A high performance web server and a rev
lines 1-15/15 (END)

• as you can see above, the service appears to have started successfully, however, the best way to test this is to actually request a page from nginx.
• you can access the default nginx landing page to confirm that the software is running properly by navigating to your server’s ip address. you can get your ipv4 address on the internet by typing:

curl -4 icanhazip.com

• enter it to your browser’s address bar, you will see the default nginx landing page.

step4 (manager the nginx process)

systemctl start nginx
systemctl stop nginx
systemctl restart nginx
systemctl reload nginx
systemctl enable nginx
systemctl disable nginx

step5 (setting up server blocks)

• when using the nginx web server, server blocks(similar to virtual hosts in apache)can be used to encapsulate configuration details and host more than one domain form a single server. i will set a domain called nginx.cuimouren.cn to test this.
• nginx on ubuntu has one server block enabled by default that is configured to serve documents out of a directory at /var/www/html. while this works well for one single site, it can become unwieldly if you are hosting multiple sites. instead of modifying /var/www/html, let’s create a directory structure within /var/www for my nginx.cuimouren.cn site, leaving /var/www/html in place as the default directory to be served if a client request does not match any other sites.
• create a directory for nginx.cuimouren.cn, using -p flag to create any necessary parent directories. i will using my github page as a test.

mkdir -p /var/www/nginx.cuimouren.cn
cd /var/www/nginx.cuimouren.cn
git clone https://github.com/yishuilingbo/yishuilingbo.github.io.git
cd yishuilingbo.github.io
mv * ../
rm -rf yishuilingbo.github.io

• in order for nginx to server this content, it’s necessary to create a server block with the correct directives, instead of modifying the default configuration file directly, let’s make a new one.

vi /etc/nginx/sites-available/nginx.cuimouren.cn

• write like these

server {
        listen 80;
        listen [::]:80;

        root /var/www/nginx.cuimouren.cn;
        index index.html index.htm index.nginx-debian.html;

        server_name nginx.cuimouren.cn www.nginx.cuimouren.cn;

        location / {
                try_files $uri $uri/ =404;
        }
}

• enable the file by creating a link form it to the “sites-enabled” directory, which nginx reads from during startup

ln -s /etc/nginx/sites-available/nginx.cuimouren.cn /etc/nginx/sites-enabled/

• test to make sure that there are no syntax error in any nginx files.

nginx -t

• restart nginx

systemctl restart nginx

• look my site on the browser.

nginx.cuimouren.cn

step6 securing my domain

• in this section, i will secure my domain using a let’s encrypt tls sertificate, which i will provision using certbot.
  to install the lastest version of sertbot, i will need to add its package repository to my server by running the following command:

add-apt-repository ppa:certbot/certbot
#install its nginx plugin
apt install python-sertbot-nginx
ufw allow https
ufw reload
certbot --nginx -d mydomain

• i recommand to use the second option in order to maximize security.

step7 (getting familiar with important nginx files and directories)

• now that you know how to manage the nginx service itself, you should take a few minutes to familiarize yourself with a few important directories and files.

content

• /var/www/html

the actual web content, which by default only consists of the nginx page you saw earlier, is served out of the /var/www/html directory, this can be changed by altering nginx configuration files.

server configuration

• /etc/nginx

the nginx configuration direction. all of the nginx configuration files reside here.

• ** /etc/nginx/nginx.conf**

the main nginx configuration file. this can be modified to make changes to the nginx global configuration.

• /etc/nginx/sites-available

the directory where per-site server blocks can be stored. nginx will not use the configuration files found in this directory unless they are linked to the sites-enabled directory. typically, all server block configuration is done in the directory, and then enabled by linking to the other directory.

• /etc/nginx/sites-enabled

the directory where enabled per-site server blocks are stored. typically, these are created by linking to configuration files found in the sites-available directory.

• /etc/nginx/snippets

this directory contains configuration fragments that can be included elsewhere in the nginx configuration. potentially repeatable configuration segments are good candidates for refactoring into snippets.

server logs

• /var/log/nginx/access.log

every request to your web server is recorded in the log file unless nginx is configured to do otherwise.

• /var/log/nginx/error/log

any nginx error will be recorded in this log.