Nội dung
Let’s install LEMP Stack on CentOS 7 with AZDIGI.
I. Introduction
LEMP is an abbreviation commonly used to refer to the use of Linux, Nginx, MySQL/MariaDB and PHP/PHP-FPM software to create a web server environment to help deploy websites on the Internet.
The specific functionality of LEMP is to operate from Linux software, with the web server being Nginx, the database server MariaDB or MySQL, and the dynamic file content handled by PHP.
LEMP is an open-source form with the advantage of being free, so in recent years, LEMP has always been trusted by the community because of its stability, ease of installation and ease of operation. LEMP is generally similar to LAMP, only the webserver uses Nginx instead of Apache.
Specifically, how to install LEMP and what is different from LAMP, please go through part II.
II. Implementation Guide
To install LEMP, you can do the following 5 steps.
Step 1: Install Nginx Web Server
Like Apache, the Nginx web server is one of the most popular web servers in the world. It has been well-documented and widely used for a long time, which makes Nginx a great default choice for hosting a website.
- Because NGINX does not have a CentOS repository available, we must install the EPEL repository with the following command:
yum install epel-release -y
- Install Nginx
yum install nginx -y
- After the installation is complete, you can use the following commands to manage Nginx:
systemctl start nginx (Khởi động dịch vụ Nginx)
systemctl stop nginx (Dừng dịch vụ Nginx)
systemctl reload nginx (Tải lại dịch vụ Nginx)
systemctl restart nginx (Khởi động lại dịch vụ Nginx:)
systemctl enable nginx (Thiết lập Nginx khởi động cùng hệ thống)
systemctl disable nginx (Vô hiệu hoá Nginx khởi động cùng hệ thống )
systemctl status nginx (Xem trạng thái dịch vụ Nginx)
By default, CentOS 7 will use the firewall as Firewalld, so you need to open the service port with Firewalld as follows:
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload (Reload lại Firewalld)
Step 2: Install MariaDB
To install MariaDB, run the following command:
yum install -y mariadb mariadb-server
After the installation is complete, you can use the following commands to manage MariaDB:
systemctl start mariadb (Khởi động dịch vụ mariadb)
systemctl stop mariadb (Dừng dịch vụ mariadb)
systemctl restart mariadb (Khởi động lại dịch vụ mariadb)
systemctl enable mariadb (Thiết lập mariadb khởi động cùng hệ thống)
systemctl disable mariadb (Vô hiệu hoá mariadb khởi động cùng hệ thống )
systemctl status mariadb (Xem trạng thái dịch vụ mariadb)
Note: The main MariaDB configuration file is /etc/my.conf
MariaDB Server Security Setup
[root@template ~]# mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! In order to log into MariaDB to secure it, we'll need the current password for the root user. If you've just installed MariaDB, and you haven't set the root password yet, the password will be blank, so you should just press enter here. Enter current password for root (enter for none): (Press Enter) OK, successfully used password, moving on... Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation. Set root password? [Y/n] Y New password: (Enter the new root mysql password) Re-enter new password: (re-enter password) Password updated successfully! Reloading privilege tables.. ... Success! By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] Y ... Success! Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] Y ... Success! By default, MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] Y - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] Y ... Success! Cleaning up... All done! If you've completed all of the above steps, your MariaDB installation should now be secure. Thanks for using MariaDB!
Step 3: Install PHP-FPM and Modules
The PHP versions available on CentOS 7 are old and outdated, so it is recommended that you install third-party package repositories to use the latest PHP versions. And Remi is a popular package repository that provides the latest PHP releases for CentOS servers.
- To install the Remi repository, run the following command:
yum -y install yum-utils
rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-7.rpm
- After installing the Remi package, you need to select the PHP version you need to install and activate the package containing that PHP version. In this tutorial, I will install PHP 8.0, so I will activate the package with the following command:
yum-config-manager --enable remi-php80
Note: At number 80 (corresponding to PHP 8.0), you can replace it with the version of PHP you want (Example: 72 – 73 –74 corresponds to 7.2 –7.3 – 7.4..)
- Once the PHP remi-80 module has been enabled, you can proceed with the installation of PHP and the necessary PHP Extensions with the command below:
yum install -y php php-fpm php-ldap php-zip php-embedded php-cli php-mysql php-common php-gd php-xml php-mbstring php-mcrypt php-pdo php-soap php-json php-simplexml php-process php-curl php-bcmath php-snmp php-pspell php-gmp php-intl php-imap perl-LWP-Protocol-https php-pear-Net-SMTP php-enchant php-pear php-devel php-zlib php-xmlrpc php-tidy php-opcache php-cli php-pecl-zip unzip gcc
- Check the installed PHP version
php -v
If the result is shown below, then you successfully installed PHP 8.0.
[root@template ~]# php -v
PHP 8.0.1 (cli) (built: Jan 5 2021 13:54:54) ( NTS gcc x86_64 )
Copyright (c) The PHP Group
Zend Engine v4.0.1, Copyright (c) Zend Technologies
with Zend OPcache v8.0.1, Copyright (c), by Zend Technologies
[root@template ~]#
See more:
- How to upgrade PHP-FPM version on CentOS 7 (Upgrade PHP-FPM)
- How to downgrade PHP-FPM (Downgrade php-fpm)
- By default, PHP will execute the nearest PHP file if the requested php file is not found. To prevent unwanted PHP execution, change the configuration as follows:
vi /etc/php.ini
You find and replace the following lines:
cgi.fix_pathinfo=1 => cgi.fix_pathinfo=0
- Next, we make adjustments to the default configuration
Open and edit the configuration file /etc/php-fpm.d/www.conf with the following command:
vi /etc/php-fpm.d/www.conf
You find and replace the following lines:
;listen = 127.0.0.1:9000 => listen = /var/run/php_fpm.sock ;listen.owner = nobody => listen.owner = nginx ;listen.group = nobody => listen.group = nginx user = apache => user = nginx group = apache => group = nginx
After adjusting, please save by typing :x
- Secure php_fpm.sock with the following command:
chmod 666 /var/run/php_fpm.sock
chown nginx:nginx /var/run/php_fpm.sock
- Start PHP-FPM after you have finished editing the configuration with the command:
systemctl start php-fpm
systemctl enable php-fpm
Step 4: Configure NGINX
- To configure Nginx, you need to edit the default.conf configuration file at /etc/nginx/conf.d/default.conf with the command:
vi /etc/nginx/conf.d/default.conf
- Copy and paste the following into the default.conf file (please replace server_domain_or_IP with your IP or domain)
server {
listen 80;
server_name server_domain_or_IP;
root /var/www/html/;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php_fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
- Type
:xto save the configuration and restart Nginx.
systemctl restart nginx
Step 5: Check website activity
After the Virtual Host configuration is complete and the website folder creation is complete, you can quickly check whether your website is working or not by creating a test file index.php with the following command:
touch /var/www/html/index.html | echo 'Cai dat thanh cong LEMP' > /var/www/html/index.html
After creating the file, go to any browser and type the website name to check, as shown below, your website is up and running.
See also: Setting up Nginx FastCGI Cache on NGINX to reduce server response time
III. Summary
So in this article, AZDIGI has shown you how to install LEMP on a server using CentOS 7 in the most detail. Installing LEMP will help you have a server to operate the website most stably and smoothly. Since LEMP only installs the necessary services to use the website, meaning it will remove unnecessary services so that VPS resources can be fully focused on operating the website. Hopefully, this article will help you to install Let’s Encrypt SSL successfully!
If you find the article helpful, please share it widely. In addition, you can refer to some other articles on Linux knowledge at the link below:
If you need assistance, you can contact support in the ways below:
- Hotline 247: 028 888 24768 (Ext 0)
- Ticket/Email: You use the email to register for the service and send it directly to: support@azdigi.com
