Skip to content

Instantly share code, notes, and snippets.

@superXdev

superXdev/setup.md

Last active October 31, 2024 12:20
Show Gist options
  • Save superXdev/6ced7f3d50b7469c0124ef691dc66fb0 to your computer and use it in GitHub Desktop.
Save superXdev/6ced7f3d50b7469c0124ef691dc66fb0 to your computer and use it in GitHub Desktop.
Download ZIP
Setup web server using Nginx in Ubuntu/Debian
Raw
setup.md

Install PHP 8.3

sudo apt-get install software-properties-common  
  
sudo add-apt-repository ppa:ondrej/php  
  
sudo apt-get update

sudo apt-get install php8.3

For Debian 12 (add repository)

apt -y install lsb-release apt-transport-https ca-certificates 
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg

echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/php.list

Install PHP dependecies

sudo apt install -y php8.3 php8.3-cli php8.3-mbstring php8.3-xml php8.3-bcmath php8.3-zip php8.3-tokenizer php8.3-curl php8.3-intl php8.3-sqlite3 php8.3-xmlrpc unzip curl

Install Composer

cd ~
curl -sS https://getcomposer.org/installer -o /tmp/composer-setup.php

Verified Installer

HASH=`curl -sS https://composer.github.io/installer.sig`

php -r "if (hash_file('SHA384', '/tmp/composer-setup.php') === '$HASH') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

Run setup

sudo php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer

Setup Nginx

1. Install Nginx

apt install nginx

2. Create web folder

mkdir -p /var/www/domain.com

chown root:root -R /var/www/domain.com

chmod 755 -R /var/www/domain.com

3. Server block file

nano /etc/nginx/sites-available/domain.com

Content

server {
	server_name domain.com www.domain.com;
	root /var/www/domain.com/public;
	
	add_header X-Frame-Options "SAMEORIGIN";
	add_header X-XSS-Protection "1; mode=block";
	add_header X-Content-Type-Options "nosniff";
	
	index index.html index.htm index.php;
	
	charset utf-8;
	
	location / {
	    try_files $uri $uri/ /index.php?$query_string;
	}
	
	location = /favicon.ico { access_log off; log_not_found off; }
	location = /robots.txt  { access_log off; log_not_found off; }
	
	error_page 404 /index.php;
	
	location ~ \\.php$ {
	    fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
	    fastcgi_index index.php;
	    fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
	    include fastcgi_params;
	}
}

4. Create symlink

ln -s /etc/nginx/sites-avaiable/domain.com /etc/nginx/sites-enabled

Note: delete default symlink

5. Validate config & restart

nginx -t

systemctl restart nginx

Setup SSL

1. Install Certbot

sudo apt install certbot python3-certbot-nginx

2. Update UFW rules

sudo ufw allow 'Nginx Full'
sudo ufw delete allow 'Nginx HTTP'

sudo ufw status

3. Obtaining an SSL Certificate

sudo certbot --nginx -d example.com -d www.example.com

4. Verifying Certbot Auto-Renewal

sudo systemctl status certbot.timer

# test renewel process
sudo certbot renew --dry-run
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment