How to Install LEMP on Rocky Linux 8

Updated on June 9, 2022
How to Install LEMP on Rocky Linux 8 header image

Introduction

The Linux, Nginx (pronounced as Engine X), MySQL, and PHP (LEMP) stack is a collection of software installed to serve dynamic web applications on a server. Nginx works as the web server application, MySQL as the database server, and PHP as the dynamic scripting language that supports multiple frameworks for web applications. In this article, you'll install LEMP on Rocky Linux 8.

Prerequisites

1. Install Nginx

  1. Install Nginx.

      $ sudo dnf install nginx
  2. Enable Nginx to start at boot time.

      $ sudo systemctl enable nginx
  3. Start Nginx.

      $ sudo systemctl start nginx
  4. Allow HTTP access through the firewall.

      $ sudo firewall-cmd --zone=public --permanent --add-service=http
  5. Reload Firewall rules.

      $ sudo firewall-cmd --reload
  6. Test your Nginx installation by visiting your server IP.

      http://1.2.3.4

Default Nginx installation page on RockyLinux

2 Install MySQL/MariaDB

  1. Install MariaDB.

      $ sudo dnf install mariadb-server
  2. Enable MariaDB to start at boot time.

      $ sudo systemctl enable mariadb
  3. Start the MariaDB server.

      $ sudo systemctl start mariadb

3. Install PHP

  1. Install PHP and PHP-FPM.

      $ sudo dnf install php php-fpm
  2. Install common PHP extensions required by most web applications.

      $ sudo dnf install php-mysqlnd php-cgi php-bcmath php-json php-xml php-gd php-zip php-intl php-mbstring
  3. Enable PHP-FPM to start at boot time.

      $ sudo systemctl enable php-fpm
  4. Start PHP-FPM.

      $ sudo systemctl start php-fpm

4. Configure MariaDB

  1. Initialize MariaDB and set the root password.

      $ sudo mysql_secure_installation

    Press enter when prompted for the root user password, reply with yes `y' to set a new root password, remove anonymous users, disallow remote root login, and remove the test database.

  2. Log in to the MySQL console as root.

      $ sudo mysql -u root -p
  3. Create a sample database.

      CREATE DATABASE sampledb;
  4. Create a sample database user assigned with a strong password.

      CREATE USER 'example-user'@'localhost' IDENTIFIED BY 'ultra-strong-password';
  5. Grant the user full privileges to the sample database.

      GRANT ALL PRIVILEGES ON sampledb.* TO 'example-user'@'localhost';
  6. Refresh MySQL privileges.

      FLUSH PRIVILEGES;
  7. Exit the console.

      EXIT
  8. Test your MySQL login as the sample user.

      mysql -u example-user -p
  9. Show available databases.

      SHOW DATABASES;
  10. Exit the console.

     EXIT

5. Configure Nginx

  1. Create a new web files directory for your application.

      $ sudo mkdir /usr/share/nginx/example.com
  2. Using a text editor, create a simple HTML file in the directory.

      $ sudo nano /usr/share/nginx/example.com/index.html
  3. Add the following contents to the file.

      <html>
      <title> It Works!!! </title>
      <body>
    
      <h2> Hello World!! Your WebServer Works!</h2>
    
      </body>
      </html>

    Save and exit the editor.

  4. Grant Nginx read and write permissions to the directory.

      $ sudo chown -R nginx.nginx /usr/share/nginx/example.com
  5. Create a new Nginx configuration file.

      $ sudo nano /etc/nginx/conf.d/example.com.conf
  6. Add the following configurations to the file.

      server {
         listen       80;
         listen       [::]:80;
         server_name  _;
         root         /usr/share/nginx/example.com;
    
         index index.php index.html index.htm;
    
         error_log /var/log/nginx/example.com.error;
         access_log /var/log/nginx/example.com.access;
    
         location ~ \.php$ {
         fastcgi_pass unix:/run/php/php-fpm.sock;
         fastcgi_split_path_info ^(.+\.php)(/.+)$;
         fastcgi_index index.php;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         }
    
         location ~ /\. {
         deny all;
         access_log off;
        }
    
        }

    Save and exit the editor.

  7. Test Nginx for configuration errors.

      $ sudo nginx -t
  8. Restart Nginx to save changes.

      $ sudo systemctl restart nginx

6. Security

Nginx serves web applications through HTTP and HTTPS Ports. Allow them through the firewall.

  1. Allow HTTP connections.

      $ sudo firewall-cmd --zone=public --permanent --add-service=http
  2. Allow HTTPS connections.

      $ sudo firewall-cmd --zone=public --permanent --add-service=http
  3. Reload Firewall rules to save changes.

      $ sudo firewall-cmd --reload

7. Configure SSL

  1. Install the Extra Packages for Enterprise Linux (EPEL) repository.

      $ sudo dnf install epel-release
  2. Enable the PowerTools repository.

      $ sudo dnf config-manager --set-enabled powertools
  3. Install the snap library.

      $ sudo dnf install snapd -y
  4. Enable the snap socket and enable classic snap support.

      $ sudo systemctl enable --now snapd.socket && sudo ln -s /var/lib/snapd/snap /snap

    Close your SSH connection and Login again to complete snap integration.

  5. Install the Certbot agent

      $ sudo snap install --classic certbot
  6. Request a free SSL certificate from Let's Encrypt.

      $ sudo certbot --nginx -d example.com

    Replace example.com with your actual domain.

  7. Restart Nginx to load changes.

      $ sudo systemctl restart nginx

8. Test

  1. Through a web browser, visit your configured domain.

      https://example.com

    Your HTML application should output Hello World headings.

  2. To test database communication, set up a new dbtest.php file in your domain's webroot directory.

      $ sudo nano /usr/share/nginx/example.com/dbtest.php
  3. Add the following contents to the file. Enter your database information created earlier.

      <?php
      $server = "localhost";
      $user = "example-user";
      $password = "ultra-strong-password";
    
      $connect = new mysqli($server, $user, $password);
    
      if ($connect->connect_error) {
      die("'<h2>'Connection failed: '</h2>'" . $connect->connect_error);
      }
      echo "'<h2>' Database Connected successfully '</h2>'";
    
      echo " '<h2>' '<br> Below is your Server PHP Information '</h2>' '<br>'";
    
      phpinfo();
    
      ?>

    Save and exit the editor.

  4. Visit your domain and load dbtest.php.

      https://example.com/dbtest.php

A connection successful message should display together with your server PHP information.

Conclusion

You have successfully installed LEMP on a Rocky Linux 8 server, and tested communication between applications. With a working stack, you can perform extra steps to get your web applications up and running securely without errors.

Next Steps

Depending on your use case, you can install multiple applications on your server and set up extra features, visit the following articles for more information.