How to Install NGINX on Ubuntu 22.04

5.5K

Introduction

What is NGINX?

NGINX is a high-performance, open-source web server, known for its stability, rich feature set, simple configuration, and low resource consumption. Beyond just a web server, it can also function as a reverse proxy, load balancer, mail proxy, and HTTP cache, making it a versatile tool in any developer’s toolkit.

What is Ubuntu 22.04?

Ubuntu 22.04 is a version of Ubuntu, one of the most popular distributions of the Linux operating system. It is known for its user-friendliness, security, and extensive community support. Whether you’re a beginner venturing into the world of Linux or an experienced professional managing servers, Ubuntu 22.04 can meet your needs.

Prerequisites

System Requirements

Before starting the installation, ensure your system meets the following requirements:

1. Ubuntu 22.04 LTS installed
2. Sudo privileges for software installation
3. Access to a terminal/command line
4. Stable internet connection for package download

Necessary Skills and Tools

A basic understanding of Linux commands is necessary for this tutorial. Familiarity with the command line, file permissions, and package management will make the process smoother. An SSH tool, like PuTTY, will also be helpful if you’re accessing a remote server.

Installing NGINX on Ubuntu 22.04

Now we’re getting to the heart of the matter—installing NGINX on your Ubuntu 22.04 system.

Step One: Update Your System

First, update your package lists for upgrades and new package installations.

sudo apt update
sudo apt upgrade

Step Two: Install NGINX

Next, install NGINX using the apt package manager.

sudo apt install nginx

Step Three: Adjusting the Firewall

If you have ufw (Uncomplicated Firewall) enabled, you’ll need to allow connections to NGINX.

sudo ufw allow 'Nginx HTTP'

Step Four: Checking your Web Server

Now, you should verify that NGINX is running successfully.

systemctl status nginx

If NGINX is running properly, you should be able to access your server’s public IP address in your web browser and see the default NGINX landing page.

Configuring NGINX

Basic Configuration

once you install NGINX, The main configuration file for NGINX is located at /etc/nginx/nginx.conf. However, for individual site configurations, you’ll use the server block files located in /etc/nginx/sites-available/. After creating a new configuration file in this directory, you’ll typically create a symbolic link to it in the /etc/nginx/sites-enabled/ directory.

Here’s a basic server block configuration:

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;
    index index.html index.htm index.nginx-debian.html;

    server_name _;

    location / {
        try_files $uri $uri/ =404;
    }
}

Remember to always verify the configuration syntax before reloading NGINX:

sudo nginx -t

If the syntax is correct, reload NGINX to apply the new configuration:

sudo systemctl reload nginx

Absolutely, let’s go into a bit more detail:

4.2. Advanced Configuration

Once you install NGINX, you’re ready to dive deeper into its capabilities, there are a number of advanced configurations you can set up. Below are a few examples:

Setting Up a Reverse Proxy

A reverse proxy accepts a request from a client, forwards it to a server that can fulfill it, and returns the server’s response to the client. This can be useful in a number of scenarios, including load balancing, A/B testing, and serving static content from a separate server. Here’s a basic example of setting up a reverse proxy in your server block:

server {
    listen 80;
    server_name example.com;
    location / {
        proxy_pass http://localhost:3000;
    }
}

In this example, NGINX accepts incoming requests and forwards them to a server running on localhost at port 3000.

Load Balancing

NGINX can distribute incoming requests to multiple backend servers, a method known as load balancing. This can increase your application’s capacity and reliability. Here’s a simple example:

http {
    upstream backend {
        server backend1.example.com;
        server backend2.example.com;
        server backend3.example.com;
    }

    server {
        listen 80;
        location / {
            proxy_pass http://backend;
        }
    }
}

In this case, incoming requests are distributed evenly among the three backend servers.

Setting Up SSL Certificates

Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), are protocols for establishing authenticated and encrypted links between networked computers. By installing an SSL certificate, you can enable HTTPS on your website, providing secure connections for your users. Here’s a basic example:

server {
    listen 80;
    server_name example.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /etc/nginx/ssl/nginx.crt;
    ssl_certificate_key /etc/nginx/ssl/nginx.key;

    location / {
        root /var/www/html;
        index index.html;
    }
}

In this configuration, any incoming HTTP requests are redirected to HTTPS, and NGINX serves your site over a secure connection using the provided certificate and key files.

Keep in mind that these are just the basics. Each of these topics is vast and may require further reading and experimentation to fully grasp. Make sure you understand each concept and its implications before implementing it in a production environment.

Troubleshooting Common Issues

Issue One: 404 Not Found

This error typically indicates that the requested resource is not available. Check that your root directive points to the correct directory and that the requested file exists in that directory.

Issue Two: 403 Forbidden

A 403 Forbidden error is an HTTP status code signaling that the server understood the request, but it can’t fulfill it. In the context of an NGINX server, this often means that the NGINX process doesn’t have sufficient permissions to read the requested file or directory.

Here are some possible reasons for a 403 Forbidden error and how to troubleshoot them:

Incorrect File Permissions

In Linux, each file and directory has an owner and a group, along with a set of permissions that specify who can read, write, or execute the file. If the user running the NGINX process (typically www-data or nginx) doesn’t have read permission on the requested file, or execute permission on all directories leading up to the file, it can’t serve the file to clients.

You can use the ls -l command to list files with their permissions. For example:

ls -l /var/www/html/

The output will look something like this:

-rw-r--r-- 1 www-data www-data 418 Sep 25  2013 index.html

This tells you that the file index.html is owned by the user www-data and the group www-data, and it has read and write permissions for the owner, and read permissions for the group and others.

To give the NGINX user read permission on a file, you can use the chmod command. For example, the following command gives read permission to all users on index.html:

sudo chmod a+r /var/www/html/index.html

And the following command gives the NGINX user execute permission on all directories leading up to index.html:

sudo chmod a+x /var /var/www /var/www/html

Incorrect Ownership

If the requested files are owned by a different user and that user hasn’t given sufficient permissions to other users, the NGINX process won’t be able to read them. You can change the ownership of a file or directory using the chown command. For example:

sudo chown www-data:www-data /var/www/html/index.html

This command changes the owner and group of index.html to www-data.

NGINX Configuration Issues

Sometimes, the problem might lie within the NGINX configuration itself. For example, the deny directive in an NGINX configuration can be used to deny access to a specific IP address or range of IP addresses. If you’re receiving a 403 Forbidden error, ensure there are no deny directives in your NGINX configuration that might be blocking your requests.

To check your NGINX configuration, you can use the nginx -T command, which will output the entire configuration:

sudo nginx -T

In all of these cases, remember to restart or reload the NGINX server after making changes to ensure they take effect:

sudo systemctl reload nginx

Sure, let’s delve into that:

Issue Three: Connection Refused

A “Connection Refused” error occurs when your NGINX server is not accepting connections on the port a client is attempting to connect to. This error is usually due to either the NGINX service not running, or firewall rules preventing the connection.

Ensure NGINX is Running

Before examining the firewall, make sure NGINX is actually running. Use the following command to check the status of the NGINX service:

sudo systemctl status nginx

If NGINX is not running, you can start it with:

sudo systemctl start nginx

Check Firewall Rules

If NGINX is running but you’re still experiencing “Connection Refused” errors, the issue might be related to your firewall settings. If your firewall is not configured to allow incoming connections on the port that NGINX is listening on (usually port 80 for HTTP and port 443 for HTTPS), clients won’t be able to connect to your server.

If you’re using ufw (Uncomplicated Firewall), a common firewall utility on Ubuntu, you can view your current firewall rules with:

sudo ufw status

If the status is inactive, that means there are currently no rules set up. If it’s active, you should see a list of rules and which ports are allowed.

If you don’t see a rule allowing traffic on port 80 (HTTP) and 443 (HTTPS), you will need to add one:

sudo ufw allow 80
sudo ufw allow 443

If you’re using a different firewall tool, the specific commands will differ, but the general approach remains the same: you need to ensure your firewall is allowing incoming connections on the ports that NGINX is listening on.

Check NGINX Configuration

If NGINX is running and your firewall settings are correct, another place to look is your NGINX configuration file. Ensure that NGINX is set to listen on the correct port and that it is set to the correct server block.

A basic configuration might look like this:

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    server_name _;
    root /var/www/html;
    index index.html;

    location / {
        try_files $uri $uri/ =404;
    }
}

In this example, NGINX is set to listen on port 80. If you’ve set NGINX to listen on a different port, you’ll need to update your firewall rules to allow that port.

Remember to check your configuration file syntax with nginx -t and reload the service with systemctl reload nginx after making any changes.

Best Practices for Using NGINX on Ubuntu 22.04

Updating Regularly

Keep your system and NGINX updated to ensure you’re getting the latest features, performance improvements, and security patches.

sudo apt update
sudo apt upgrade

Monitoring Performance

Use monitoring tools like htop, top, and nginx -V to monitor your server’s performance. This can help you identify potential issues before they impact your users.

Conclusion

Installing NGINX on Ubuntu 22.04 is a straightforward process that can be done in a few steps. With NGINX, you have a powerful tool that can serve websites, act as a reverse proxy, and much more. While this guide provides a basic introduction, there’s much more to explore with NGINX on Ubuntu 22.04.

FAQs

1. Is NGINX free? Yes, the open-source version of NGINX is free. There is also a paid version called NGINX Plus that offers additional features.
2. Can I install NGINX on other Linux distributions? Yes, NGINX can be installed on any Linux distribution, including CentOS, Debian, and Fedora.
3. What’s the difference between Apache and NGINX? Both are powerful web servers, but they handle traffic differently. NGINX is known for its ability to handle a large number of simultaneous connections with low memory usage.
4. How can I remove or uninstall NGINX from my Ubuntu system? You can uninstall NGINX using the command sudo apt remove nginx.
5. Can NGINX handle dynamic content? While NGINX can serve static content directly, it typically passes dynamic content requests to an application server.