Monday, August 2, 2010

How to setup Nginx WebServer on Linux?

I wasn’t happy with Apache Memory footprint and low stability. I was looking out for some good lightweight webserver and then some colleague suggested me to use Nginx. After struggling for couple of days, finally I was successful in setting up LEMP on Linux.

This Howto is all about setting up Nginx with PHP, MySQL and FastCGI.So Lets Start:

Installing Nginx from Source?

If you use Debian-based distributive as usual you can use command:

$ sudo apt-get install nginx

For Other Linux Flavours,

$ cd ~/user$mkdir server
$cd server
$wget http://sysoev.ru/nginx/nginx-0.7.59.tar.gz

Unpack archives:

$ tar xvf nginx-0.7.59$ cd nginx-0.7.59

You must have C compiler to compile a program. If you don’t have please do the next:

$sudo aptitude install build-essential
$sudo aptitude install linux-headers-`uname -r

Configure

$./configure

In the end, 100% you’ll have the next messages:

./configure: error: the HTTP rewrite module requires the PCRE library.You can either disable the module by using --without-http_rewrite_moduleoption, or install the PCRE library into the system, or build the PCRE librarystatically from the source with nginx by using --with-pcre= option. It’s normal, you can’t have all the libraries on your computer. We can install it.

$sudo aptitude install libpcre3 libpcre3-dev libpcrecpp0 libssl-dev zlib1g-dev

Start to compile it once again

$sudo make clean
$sudo ./configure --with-http_ssl_module
$sudo make
$sudo make install

Now, everything will be ok and server will be installed in your system. If you want you can change some default options doing command “./configure” for example:

--prefix=
- to set the directory where the server files will be located. This directory will be used for all ways you’ll set by command “./configure” and in configuration file nginx.conf too. Default it’s /usr/local/nginx.

--sbin-path=
- to set the name of the Nginx executive file. This name is used just for stage of installing. Default it’s /usr/local/nginx/sbin/nginx.

--conf-path=
- to set the name for the nginx.conf configuration file. In any time you can run Nginx with another configuration file which will be located in another directory with option “-c “. Default it’s /usr/local/nginx/conf/nginx.conf

--pid-path=
- to set the name for PID file. But after installing of the server in any time you can change the name in the nginx.conf configuration file. Default it’s /usr/local/nginx/logs/nginx.pid

--error-log-path=- to set the name for the error log file. After installing you can change the name in the nginx.conf configuration file. Default it’s /usr/local/nginx/logs/error.log

--http-log-path=
- to set the name for the access.log file. Access.log:it’s the file for registration of requests from the server. Default it’s /usr/local/nginx/logs/access.log.

How do I manage the server?

If you did’t change the default directories when you were installing the server, you can run the server by command:

$sudo /usr/local/nginx/sbin/nginx

Check the server.
ps -ef grep nginx

root 14999 1 0 16:44 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
nobody 15000 14999 0 16:44 ? 00:00:00 nginx: worker process
booch 15084 29644 0 16:45 pts/0 00:00:00 grep nginx

Great! Now you can open your browser and put http://localhost/
If server works you’ll see “Welcome”

Shutting down the server is possible by sending QUIT signal to the master process.

$kill -QUIT
Upgrading the server in the work process is possible by sending USR2 signal to the master process.

$kill -USR2
If you have already changed some options in the nginx.conf and you want to apply it you have to send HUP signal to the master process.

$kill -HUP
Log rotation. All log files have to be renamed, after this USR1 signal has to be sent to the master process. The master process will open all opened files once again and set them as unprivileged user. All worker processes work under this user. After successful opening master process will close all opened files and will send messages to worker processes to reopen files too. They also will open new files and in the same time will close all old files. In result all old files will be ready for further processing, for example, to compress them.

$kill -USR1

Important Signals:

QUIT - normal shut down
TERM, INT - fast shut down
HUP - reconfiguration, update the changed time zone, launch of new worker processes with the new configuration, normal shut down of worker processes.
USR1 - to reopen log files
USR2 - to upgrade executive file
How to run web site on the server?
Let’s start to do our server. We have to create new user (www), new group (www) and new structure for the site. Let’s begin from the group.

$sudo groupadd www

New user

$sudo useradd www -g www

Add www user to www group.

$sudo usermod -a -G www

Create password for www user.

$sudo passwd www

Let’s create a structure for the web site. I think it will be like this.

$sudo mkdir /home/www/
$sudo mkdir -p /home/www/linuxspace.org/{log, private, public, backups, archives, stats}

log - directory for log files
private - private data
public - directory for the site
backups - directory for backup data
stats - directory for stats
archives - for archives

Please, be attentive with the rights. For all directories it’s (rw+r+r), and for public it’s (rwx+r+r).And now you have to correct configuration file nginx.conf

$sudo nano /usr/local/nginx/conf/nginx.conf

#useruser www;
#numbers of work process
worker_processes ;
#address of PID file
pid /home/www/linuxspace.org/nginx.pid; events
{
worker_connections ;
}
http
{
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
tcp_nopush on;
#keepalive_timeout ;
keepalive_timeout ;
#compression
gzip on;
gzip_min_length ;
gzip_buffers k;
gzip_types text/plain;
gzip_comp_level ;
gzip_proxied any;
#configure the virtual hostserver
{
#port listen *:;
#name of server server_name localhost;
#coding charset utf-;
#it's general directory, when will be site
root /home/www/linuxspace.org/public;
#LOGS #------------------------------------------------------------------
access_log /home/www/linuxspace.org/log/localhost.access.log;
error_log /home/www/linuxspace.org/log/error.log;
access_log /home/www/linuxspace.org/log/access.log;
#------------------------------------------------------------------
#files which server will read in the general directory location /
{
root /home/www/linuxspace.org/public;
index index.html index.htm index.php;
}
error_page /.html;
# redirect server error pages to the static page /x.html
# error_page /x.html; location = /x.html { root html; }
# proxy the PHP scripts to Apache listening on ...:
#
#location ~ \.php$
{
# proxy_pass http://...;
#
}
# pass the PHP scripts to FastCGI server listening on ...:
#
#location ~ \.php$
{
# root html;
# fastcgi_pass ...:;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#
}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen ;
# listen somename:;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
#
}
#
}
# HTTPS server
#
#server
{
# listen ;
# server_name localhost;
# ssl on;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_timeout m;
# ssl_protocols SSLv SSLv TLSv;
# ssl_ciphers ALL:!ADH:!EXPORT:RC+RSA:+HIGH:+MEDIUM:+LOW:+SSLv:+EXP;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
#
}
#
}
}

It’s enough to run the html site on the server. But, please, don’t delete another options, you’ll need it in the future.
Remember, if you want to use another nginx.conf file, you can run server using option “-c”
sudo /usr/local/nginx/sbin/nginx -c /home/user/nginx.conf
Let’s run the server
sudo /usr/local/nginx/sbin/nginx
If everything is ok, you’ll see the server is in the process.
ps -ef grep nginx
root 7146 1 0 02:19 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx
www 7147 7146 0 02:19 ? 00:00:00 nginx: worker process
www 7148 7146 0 02:19 ? 00:00:00 nginx: worker process
Great. It works. The master process has root rights and worker processes have rights from the www user. So, now you can put html page index.html into the /home/www/linuxspace.org/public directory. Then, please, open browser and print http://localhostYou’ll see your site.