Article

Table of Contents
Theme:
Was this article helpful?
Try Vultr Today with

$50 Free on Us!

Want to contribute?

You could earn up to $600 by adding new articles!

How to Install a LEMP Stack on Arch Linux

Last Updated: Mon, Oct 4, 2021
Arch MySQL and MariaDB PHP Web Servers

Introduction

This guide explains how to install Nginx, MariaDB, and PHP on Arch Linux (LEMP) and secure the web site with a free Let's Encrypt certificate.

Prerequisites

Before beginning this guide, please:

This guide uses app.example.com as the example DNS name of the server.

Install UFW Firewall

UFW (uncomplicated firewall) is a simple and configurable firewall.

  1. Install UFW.

    $ sudo pacman -S --noconfirm ufw
    
  2. Configure UFW

    Configure UFW to allow outgoing traffic, but refuse any incoming or routed traffic by default.

    $ sudo ufw default allow outgoing
    $ sudo ufw default deny incoming
    $ sudo ufw default deny routed
    

    Allow traffic on TCP ports 22 (SSH), 80 (HTTP), and 443 (HTTPS).

    $ sudo ufw allow 22/tcp
    $ sudo ufw allow 80/tcp
    $ sudo ufw allow 443/tcp
    
  3. Enable the firewall to make the new configuration active. If you are connected over SSH, it will display a warning message about possibly interrupting the connection. You can ignore this warning because TCP port 22 (SSH) was allowed through the firewall in the earlier step.

    $ sudo ufw enable
    

Install Nginx

  1. Install the Nginx package.

    $ sudo pacman -S --noconfirm nginx
    
  2. Start the Nginx service and enable it to start automatically on boot.

    $ sudo systemctl start nginx.service
    $ sudo systemctl enable nginx.service
    

Install MariaDB

  1. Install the MariaDB package.

    $ sudo pacman -S --noconfirm mariadb
    
  2. Initialize MariaDB's internal database and system tables.

    $ sudo mariadb-install-db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
    
  3. Start the MariaDB service and enable it to start automatically on boot.

    $ sudo systemctl start mariadb.service
    $ sudo systemctl enable mariadb.service
    
  4. Run the secure installation script to configure MariaDB security.

    $ sudo mysql_secure_installation
    

When prompted for the current password for root, press ENTER for none. When asked to supply a new root password, use a secure password. Answer Y or press ENTER for all remaining prompts.

Install PHP

  1. Install the PHP and PHP-FPM packages.

    $ sudo pacman -S --noconfirm php php-fpm
    
  2. Start the PHP-FPM service and enable it to start automatically on boot.

    $ sudo systemctl start php-fpm.service
    $ sudo systemctl enable php-fpm.service
    

Install Certbot

Certbot is used to request free Let's Encrypt SSL/TLS certificates. The recommended way to install Certbot on Arch is with Snap.

Follow the instructions at eff.org to install Certbot for Nginx on Arch Linux.

Request an SSL/TLS certificate with Certbot. Replace user@example.com with your email and app.example.com with your fully-qualified domain name.

    $ sudo certbot certonly --agree-tos --no-eff-email --nginx -m user@example.com -d app.example.com

Test PHP

  1. Create a PHP test page in the web root directory.

    $ sudo nano /srv/http/index.php
    
  2. Paste the following lines.

    <?php
    phpinfo();
    
  3. Save and exit the file.

To see the test page, navigate to your fully qualified domain name in a web browser. It should display the PHP version as well as other system information.

The LEMP stack installation is now complete. Next, upload your web pages to /srv/http.

More Resources

Want to contribute?

You could earn up to $600 by adding new articles