Linux VM: Nginx setup
What is NGINX?
Nginx is open source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. This is important in order to better serve up web pages and handle traffic for users to access your site.
How can I setup a Linux VM?
Go ahead and open a new command prompt (cmd) on windows or terminal/shell on Mac/Linux.
This guide strictly flows from this setup Linode. You may have to use a different ssh command if your access commands are slightly different.
To access your linux vm using linode commands, run:
ssh root@YOUR_IP
Once inside, we are first going to run apt update. We are essentially updating all the latest packages in ubuntu 18.04.
APT stands for advanced package tool. It is a collection of tools that already exist in Ubuntu.
Run:
sudo apt-get update
Now wait for it to finish and you see it blinking again and ready to type. This will fetch all the latest and greatest packages, next install them!
Run:
sudo apt-get upgrade
Now wait for it to finish. Now that we have verified that we have latest packages, we are going to install nginx.
Run:
sudo apt install nginx
sudo is essentially needed to do elevated privileges in linux
It will ask you to continue, type Y for yes if you accept the installation.
Once this finishes, you are done with the installation part. Now onto to configuration, Yes!
We need to setup proper firewall rules so that the world and you can ensure full access of the ip address.
First it is important to know that you can check the different options of this that are available by typing:
sudo ufw app list
Ufw means uncomplicated firewall.
Ufw is essentially a user friendly and simple firewall usage.
It acts as a service that runs as well.
If you get the below error:
run the below command and then you should be good with ufw now
sudo apt-get install ufw
continued after ufw error, run again:
sudo ufw app list
After that script, you should get a list, we are going to use the Full option so we can use https later.
HTTP vs HTTPS?
- http is on port 80 which is unencrypted web traffic.
- https is on port 443 which is TLS/SLL encrypted web traffic.
What is TLS/SSL?
- TSL: transport socket layer
- SSL: secure socket layer
These are essential for protecting sites with entities like credit cards, passwords or anything sensitive to the web. It is good practice to always use https and always for a route from http in nginx to https.
Now run:
sudo ufw allow 'Nginx Full'
Once done you can verify by running:
sudo ufw status
You will probably see Status: inactive, if you do, run:
sudo ufw enable
This will ensure that ufw service is running now.
If you get a prompt about disrupting current ssh connections, type y to accept if you accept. If you get disconnected, just reconnect via ssh again.
Once done you can verify again by running:
sudo ufw status
You should be good to go now!
WARNING: If you are using ssh (port 22) like I am in this example, it is highly recommend to tell ufw to open port 22 before you close your session or you might not be able to get back in!
To do so, you can do it three ways:
For simplicity and less secure, run:
ufw allow 22
For more secure and to strictly set it to your ip if you have a static, run:
ufw allow from 1.2.3.4 to any port 22
If you really want to get specific, you can also set certain ip blocks as well, run:
ufw allow from 1.2.3.0/24 to any port 22
Now we need to see if nginx is truly running properly by runnning:
systemctl status nginx
If you have issues with nginx working, ensure all the steps done are proper. If you are sure, you can do a force reboot by running:
sudo systemctl restart nginx
What is systemctl?
Systemctl is a utility which is responsible for managing the systemd system and service manager.
What is systemd?
Systemd provides an array of system components for Linux operating systems.
Finally open a browser and type in your ipaddress and press enter to go to it!
Congrats! You are an Linode VM NGINX wizard! ๐ค