How to Install LEMP Stack Nginx, MySQL, PHP on Ubuntu 22.04

LEMP Stack (Linux, Nginx, MySQL and PHP ) is a popular web hosting environment for websites developed in PHP programming language. Linux is the operating system, Nginx is the popular web server and MySQL is a relational database management system used for storing data.

In this tutorial, we will learn how to install and configure LEMP (Nginx, MySQL, PHP) on Ubuntu 22.04 serve with let’s encrypt ssl certificat.

How to Install Linux Nginx MySQL PHP (LEMP Stack) on ubuntu 22.04

Here are steps to install and configure LEMP Linux, Nginx, PHP, MySQL in ubuntu 22.04 with let’s encrypt ssl certificate:

Step 1 – Update System Dependencies

Open terminal and execute following command on command prompt to update the packages to the latest version available:

sudo apt update
sudo apt upgrade

Once we have updated the setup we can start the setup.

Step 2 – Install Nginx

Install nginx on ubuntu 22.04 system, so execute the following command on command prompt to install nginx on ubuntu 22.04 system:

sudo apt install nginx

Step 3 – Setup Firewall

Once the nginx installation has been finished, we need to set up Uncomplicated Firewall (UFW) with Nginx to allow public access on default web ports for HTTP and HTTPS

sudo ufw app list

We will see all listed applications.

Available applications:
   Nginx Full
   Nignx HTTP
   Nginx HTTPS
   OpenSSH
  • Nginx HTTP: This profile opens port 80 (normal, unencrypted web traffic)
  • Nginx Full: This profile opens both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic)
  • Nginx HTTPS: This profile opens only port 443 (TLS/SSL encrypted traffic)
  • OpenSSH: This profile opens port 22 for SSH access.

If we are not going to use SSL we need to enable only the Nginx profile.

Then enable Nginx full by using the following command; is as follows:

sudo ufw allow OpenSSH
sudo ufw allow 'Nginx Full'
sudo ufw enable

With this command we can view the status of UFW.

sudo ufw status

We will see the output as follows.

Output
Status: active
 To                         Action      From
 --                         ------      ----
 Nginx Full                 ALLOW       Anywhere
 OpenSSH                    ALLOW       Anywhere
 Nginx Full (v6)            ALLOW       Anywhere (v6)
 OpenSSH (v6)               ALLOW       Anywhere (v6)

Step: 4 Check Nginx Installation

Once nginx is installed and firewall configuration has been finished, we can check nginx version using the following command: is as follows:

sudo systemctl status nginx

Output as follows:

 nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2022-05-04 05:36:49 UTC; 44s ago
       Docs: man:nginx(8)
    Process: 10272 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCC>
    Process: 10273 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
   Main PID: 10274 (nginx)
      Tasks: 3 (limit: 1151)
     Memory: 5.3M
        CPU: 35ms
     CGroup: /system.slice/nginx.service

Step 5 – Install MySQL

Install and configure mysql on ubuntu 22.04 by using the following commands: is as follows:

sudo apt install mysql-server

Once the installation is completed. We can verify that the MySQL server status is running, type:

sudo service mysql status

The output should show that the service is enabled and running:

● mysql.service - MySQL Community Server
     Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2022-04-29 00:38:45 UTC; 11s ago
    Process: 13836 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, statu>
   Main PID: 13844 (mysqld)
     Status: "Server is operational"
      Tasks: 38 (limit: 1151)
     Memory: 351.4M
        CPU: 1.043s
     CGroup: /system.slice/mysql.service
             └─13844 /usr/sbin/mysqld

To check mysql version using the following command:

sudo mysql -V
Output
mysql  Ver 8.0.28-0ubuntu4 for Linux on x86_64 ((Ubuntu))

Step 6 – Secure MySQL

MySQL installation comes with a script named mysql_secure_installation that allows we to easily improve the MySQL server security.

sudo mysql_secure_installation

Will be asked to configure the VALIDATE PASSWORD PLUGIN which is used to test the strength of the MySQL users passwords and improve the security.

Press y if we want to set up the validate password plugin or any other key to move to the next step.

There are three levels of password validation policy, low, medium, and strong. Enter 2 for strong password validation.

On the next prompt, will be asked to set a password for the MySQL root user.

If we set up the validate password plugin, the script will show we the strength of we new password. Type y to confirm the password.

Next, will be asked to remove the anonymous user, restrict root user access to the local machine, remove the test database, and reload privilege tables. we should answer y to all questions.

Step 7 – Install PHP

Install PHP using the following command; is as follow:

sudo apt install php8.1-fpm php8.1 php8.1-common php8.1-mysql php8.1-xml php8.1-xmlrpc php8.1-curl php8.1-gd php8.1-imagick php8.1-cli php8.1-imap php8.1-mbstring php8.1-opcache php8.1-soap php8.1-zip php8.1-intl php8.1-bcmath unzip -y

Once the PHP installed has been complete, we can use the following command to check the version of installed php:

php -v
Output
PHP 8.1.5 (cli) (built: Apr  7 2022 17:46:26) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.5, Copyright (c) Zend Technologies
    with Zend OPcache v8.1.5, Copyright (c), by Zend Technologies

Step 8 – Configure PHP

To configure PHP by changing some values in php.ini file.

So, open php.ini file by using execute the following command on command prompt:

sudo nano /etc/php/8.1/fpm/php.ini

Hit F6 for search inside the editor and update the following values for better performance.

upload_max_filesize = 32M
post_max_size = 48M
memory_limit = 256M
max_execution_time = 600
max_input_vars = 3000
max_input_time = 1000

Once we have modified PHP settings, we need to restart PHP-FPM for the changes to take effect.

sudo service php8.1-fpm restart

Step 9 – Configure Nginx

Disable default Nginx configuration.

sudo rm -rf /etc/nginx/sites-enabled/default
sudo rm -rf /etc/nginx/sites-available/default

Create website directories.

sudo mkdir -p /var/www/html/domainname/public

Setup correct permissions.

sudo chmod -R 755 /var/www/html/domainname
sudo chown -R www-data:www-data /var/www/html/domainname

Create a new virtual host configuration.

sudo nano /etc/nginx/sites-available/domainname.conf

Paste the following configurations in the new file:

server {
    listen 80;
    listen [::]:80;

    server_name yourdomainname.com www.yourdomainname.com;

    root /var/www/html/domainname/public;
    index index.html index.php;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ .php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+.php)(/.+)$;
        fastcgi_pass unix:/run/php/php8.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }
}

Enable the new configuration.

sudo ln -s /etc/nginx/sites-available/domainname.conf /etc/nginx/sites-enabled/domainname.conf

Step 10 – Install Let’s Encrypt SSL

HTTPS is a protocol for secure communication between a server (instance) and a client (web browser). Due to the introduction of Let’s Encrypt, which provides free SSL certificates, HTTPS are adopted by everyone and also provides trust to our audiences.

sudo apt install python3-certbot-nginx

Now we have installed Certbot by Let’s Encrypt for Ubuntu 22.04, run this command to receive our certificates.

sudo certbot --nginx --agree-tos --redirect -m [email protected] -d domainname.com -d www.domainname.com

Certificates provided by Let’s Encrypt are valid for 90 days only, so we need to renew them often. So, let’s test the renewal feature using the following command.

sudo certbot renew --dry-run

This command will test the certificate expiry and configures the auto-renewable feature.

Conclusion

Through this tutorial, we have learned how to install LEMP stack Ubuntu 22.04 with Let’sEncrypt SSL.

AuthorDevendra Dode

Greetings, I'm Devendra Dode, a full-stack developer, entrepreneur, and the proud owner of Tutsmake.com. My passion lies in crafting informative tutorials and offering valuable tips to assist fellow developers on their coding journey. Within my content, I cover a spectrum of technologies, including PHP, Python, JavaScript, jQuery, Laravel, Livewire, CodeIgniter, Node.js, Express.js, Vue.js, Angular.js, React.js, MySQL, MongoDB, REST APIs, Windows, XAMPP, Linux, Ubuntu, Amazon AWS, Composer, SEO, WordPress, SSL, and Bootstrap. Whether you're starting out or looking for advanced examples, I provide step-by-step guides and practical demonstrations to make your learning experience seamless. Let's explore the diverse realms of coding together.

One reply to How to Install LEMP Stack Nginx, MySQL, PHP on Ubuntu 22.04

  1. Thanks for the guide.

Leave a Reply

Your email address will not be published. Required fields are marked *