Nginx Installation

General system Community contributions
1
just my notes

Nginx Installation and Firewall Setup: A Quick Guide

This guide will walk you through installing Nginx, configuring the firewall, and setting up a server block to host your first website.

Step 1: Install Nginx

Choose the instructions for your Linux distribution.

Debian / Ubuntu

sudo apt update
sudo apt install nginx

Arch Linux

You can install the stable or mainline release.


Stable Release (Recommended)

sudo pacman -Syu
sudo pacman -S nginx

Mainline Release (Latest Features)

sudo pacman -S nginx-mainline

Step 2: Adjust the Firewall

Allow web traffic through your firewall.

Option A: Using ufw (Common on Debian/Ubuntu)

# Allow standard HTTP traffic
sudo ufw allow 'Nginx HTTP'
sudo ufw status

Option B: Using firewalld (Common on RHEL/CentOS/Fedora)

# Allow HTTP traffic permanently and reload
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --reload

Step 3: Verify Your Web Server is Live

Confirm that Nginx is running and accessible.

  1. Find your server’s public IP address:
    curl -4 icanhazip.com
  2. Open a web browser and navigate to http://YOUR_SERVER_IP. You should see the “Welcome to nginx!” page.

Step 4: Manage the Nginx Process

These are the essential commands for managing the Nginx service:

sudo systemctl stop nginx       # Stop the web server
sudo systemctl start nginx      # Start the web server
sudo systemctl restart nginx    # Restart the service
sudo systemctl reload nginx     # Reload config without dropping connections
sudo systemctl enable nginx     # Enable Nginx to start on boot

Step 5: Set Up a Server Block (Recommended)

A “server block” is an Nginx term for a virtual host. It allows you to run more than one website on a single server. We will set up a domain called example.com.

Step 5.1: Create a Website Directory

Create a directory to hold your new site’s content. The -p flag creates any necessary parent directories.

sudo mkdir -p /var/www/example.com/html

Step 5.2: Set Correct Permissions

Assign ownership of the directory to the standard web server user.

  • On Debian/Ubuntu, the user is www-data.
  • On RHEL/CentOS/Arch, the user is nginx.
# For Debian/Ubuntu
sudo chown -R www-data:www-data /var/www/example.com

# For RHEL/CentOS/Arch
sudo chown -R nginx:nginx /var/www/example.com

Then, ensure all users can read the web content:

sudo chmod -R 755 /var/www/example.com

Step 5.3: Create a Sample Page for Your Site

Create a simple index.html file for testing.

sudo nano /var/www/example.com/html/index.html

Paste the following HTML into the file:

<html>
    <head>
        <title>Welcome to example.com!</title>
    </head>
    <body>
        <h1>Success! The example.com server block is working!</h1>
    </body>
</html>

Save and close the file (Ctrl+X, then Y, then Enter).

Step 5.4: Create the Server Block File

Now, create the Nginx configuration file. The location differs by distribution.

On Debian/Ubuntu:
Create the new configuration file in the sites-available directory.

sudo nano /etc/nginx/sites-available/example.com

On RHEL/CentOS/Arch:
Create the configuration file directly in the conf.d directory.

sudo nano /etc/nginx/conf.d/example.com.conf

Paste the following configuration into the file you just created:

server {
    listen 80;
    listen [::]:80;

    root /var/www/example.com/html;
    index index.html index.htm;

    server_name example.com www.example.com;

    location / {
        try_files $uri $uri/ =404;
    }
}

Step 5.5: Enable the Server Block

On Debian/Ubuntu:
Enable the file by creating a symbolic link from sites-available to sites-enabled, which Nginx reads during startup. It’s also good practice to unlink the default configuration.

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/

# Optional but recommended: Unlink the default welcome page config
sudo unlink /etc/nginx/sites-enabled/default

On RHEL/CentOS/Arch:
This step is not necessary, as Nginx automatically loads all .conf files from /etc/nginx/conf.d/.

Step 5.6: Test and Reload Nginx

  1. First, test your Nginx configuration for syntax errors. This is a critical step!

    sudo nginx -t

    If it reports syntax is ok and test is successful, you can proceed.

  2. Reload Nginx to apply the changes:

    sudo systemctl reload nginx

Your new server block is now active! If you have pointed example.com’s DNS to your server, you can visit it in your browser and see your new page.

1 Like
2

Next, go to here:

and install certbot from Let’s Encrypt.

Let’s Encrypt is what EndeavourOS Forum uses for https certification and I use it for my personal web browser.

letsencrypt
letsencrypt415Ă—201 13.3 KB

It is free and worth the effort.

Pudge

2 Likes