How to install the Nginx Mainline version
CentOS
Install the prerequisites:
yum install yum-utils
To set up the yum repository, create the file named /etc/yum.repos.d/nginx.repo with the following contents:
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
By default, the repository for stable Nginx packages is used. To use mainline Nginx packages, run the following command:
yum-config-manager --enable nginx-mainline
To install Nginx, run the following command:
It will be prompted to accept the GPG key, verify that the fingerprint matches 573B FD6B 3D8F BC64 1079 A6AB ABF5 BD82 7BD9 BF62, and if so, accept it.
yum install nginx
Output:
Downloading packages:
(1/2): pcre2-10.23-2.el7.x86_64.rpm | 201 kB 00:00
warning: /var/cache/yum/x86_64/7/nginx-mainline/packages/nginx-1.21.6-1.el7.ngx. x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 7bd9bf62: NOKEY
Public key for nginx-1.21.6-1.el7.ngx.x86_64.rpm is not installed
(2/2): nginx-1.21.6-1.el7.ngx.x86_64.rpm | 796 kB 00:01
--------------------------------------------------------------------------------
Total 752 kB/s | 998 kB 00:01
Retrieving key from https://nginx.org/keys/nginx_signing.key
Importing GPG key 0x7BD9BF62:
Userid : "nginx signing key <signing-key@nginx.com>"
Fingerprint: 573b fd6b 3d8f bc64 1079 a6ab abf5 bd82 7bd9 bf62
From : https://nginx.org/keys/nginx_signing.key
Is this ok [y/N]: y
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : pcre2-10.23-2.el7.x86_64 1/2
pam_tally2: Couldn't create /var/log/tallylog: Permission denied
pam_tally2: Authentication error
useradd: failed to reset the tallylog entry of user "nginx"
Installing : 1:nginx-1.21.6-1.el7.ngx.x86_64 2/2
----------------------------------------------------------------------
Thanks for using nginx!
Please find the official documentation for nginx here:
* https://nginx.org/en/docs/
Please subscribe to nginx-announce mailing list to get
the most important news about nginx:
* https://nginx.org/en/support.html
Commercial subscriptions for nginx are available on:
* https://nginx.com/products/
----------------------------------------------------------------------
Verifying : pcre2-10.23-2.el7.x86_64 1/2
Verifying : 1:nginx-1.21.6-1.el7.ngx.x86_64 2/2
Installed:
nginx.x86_64 1:1.21.6-1.el7.ngx
Dependency Installed:
pcre2.x86_64 0:10.23-2.el7
Complete!
Once the installation is complete, enable Nginx (to start automatically upon system boot), start the webserver, and verify the status using the commands below.
systemctl start nginx
systemctl enable nginx
systemctl status nginx
Output:
[root@vps ~]# systemctl start nginx
[root@vps ~]# systemctl enable nginx
[root@vps ~]# systemctl status nginx
● nginx.service - nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset : disabled)
Active: active (running) since Thu 2022-04-21 01:11:25 UTC; 14s ago
Docs: http://nginx.org/en/docs/
Main PID: 11609 (nginx)
CGroup: /system.slice/nginx.service
├─11609 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx....
├─11610 nginx: worker process
└─11611 nginx: worker process
Apr 21 01:11:25 vps.server.com systemd[1]: Starting nginx - high performance....
Apr 21 01:11:25 vps.server.com systemd[1]: Started nginx - high performance ....
Hint: Some lines were ellipsized, use -l to show in full.
[root@vps ~]#
To make your pages available to the public, you will have to edit your firewall rules to allow HTTP requests on your web server by using the following commands.
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload
Output:
[root@server ~]# firewall-cmd --permanent --zone=public --add-service=http
success
[root@server ~]# firewall-cmd --permanent --zone=public --add-service=https
success
[root@server ~]# firewall-cmd --reload
success
Verify that the webserver is running and accessible by accessing your server’s IP address.
From your browser,
Replace the IP_address with the actual IP of the server.
http://IP_address
Ubuntu
Install the prerequisites:
apt install curl gnupg2 ca-certificates lsb-release ubuntu-keyring
Import an official Nginx signing key so apt could verify the authenticity of the package. Fetch the key:
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
| sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
Output:
root@vps:~# curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
| sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1561 100 1561 0 0 2477 0 --:--:-- --:--:-- --:--:-- 2473
Verify that the downloaded file contains the proper key:
gpg --dry-run --quiet --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
The output should contain the full fingerprint 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 as follows:
Output:
root@vps:~# gpg --dry-run --quiet --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
gpg: keyblock resource '/root/.gnupg/pubring.kbx': No such file or directory
pub rsa2048 2011-08-19 [SC] [expires: 2024-06-14]
573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
uid nginx signing key <signing-key@nginx.com>
root@vps:~#
If the fingerprint is different, remove the file.
To use mainline Nginx packages, run the following command:
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/mainline/ubuntu `lsb_release -cs` nginx" \
| sudo tee /etc/apt/sources.list.d/nginx.list
Set up repository pinning to prefer our packages over distribution-provided ones:
echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
| sudo tee /etc/apt/preferences.d/99nginx
Output:
Package: *
Pin: origin nginx.org
Pin: release o=nginx
Pin-Priority: 900
To install Nginx, run the following commands:
apt update
apt install nginx
Once Nginx is successfully installed, you can start and verify it by running
systemctl start nginx
systemctl status nginx
Output:
root@vps:~# systemctl start nginx
root@vps:~# systemctl status nginx
● nginx.service - nginx - high performance web server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2022-04-21 01:53:56 UTC; 4s ago
Docs: https://nginx.org/en/docs/
Process: 43048 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS)
Main PID: 43049 (nginx)
Tasks: 3 (limit: 1081)
Memory: 2.4M
CPU: 16ms
CGroup: /system.slice/nginx.service
├─43049 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
├─43050 nginx: worker process
└─43051 nginx: worker process
Apr 21 01:53:56 vps.server.com systemd[1]: Starting nginx - high performance web server...
Apr 21 01:53:56 vps.server.com systemd[1]: Started nginx - high performance web server.
root@vps:~#
To check the version of Nginx,
nginx -v
or
dpkg -l nginx
Output:
root@vps:~# nginx -v
nginx version: nginx/1.21.6
root@vps:~# dpkg -l nginx
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-=================================
ii nginx 1.21.6-1~impish amd64 high performance web server
root@vps:~#
Open Nginx Ports on UFW Firewall
- Port 80 opens the http ( For unencrypted web traffic).
- Port 443 opens the https (For SSL / TLS encryption).
Command using Nginx HTTP profile that will allow traffic on port 80.
ufw allow 'Nginx HTTP'
Output:
root@vps:~# ufw allow 80
Rule added
Rule added (v6)
root@vps:~#
To reload the firewall for the changes to persist.
ufw reload
To check the status of the firewall,
root@vps:~# ufw status
Status: active
To Action From
-- ------ ----
80 ALLOW Anywhere
80 (v6) ALLOW Anywhere (v6)
Verify that the webserver is running and accessible by accessing your server’s IP address.
From your browser,
Replace the IP_address with the actual IP of the server.
http://IP_address