There is a lot of guides how to configure Nginx, MariaDB and PHP on Linux. A lot of them is outdated. Probably someday this one get out of date too… no wait! This one will be different, always fresh!
No matter what version of Debian you use, your Nginx, MariaDB and PHP (8.1) will be always up to date.
I will not argue my decision about such and no other configuration, I just like Nginx and MariaDB. Rather, I will focus on showing the configuration that will allow us to use the latest versions of each program. Most applications from the official repositories of a given distribution are not in the latest version. Of course, this is due to the desire to maintain stability. Personally, I use the solution described in this article and never complained about errors or instability. However, before you implement such a solution, or try to update an existing infrastructure, first make sure that everything goes smooth in the test environment. The fact that it works for me does not mean that it will also work for you :)
Install necessary packages:
1 | sudo apt install curl gnupg2 ca-certificates lsb-release debian-archive-keyring |
Repositories. It’a all about repositories. Before you set up new repository for your server, you need to know what version of Debian you are using. The codename
. To check codename
use command below:
1 | sudo lsb_release -sc |
To see more info about your system you can use:
1 | sudo lsb_release -a |
Example result of command:
1 | Distributor ID: Debian |
As you now know the codename
of your server you can use the codename
name in the configuration below.
Nginx
Download signing key. For any config files changes use your favorite editor. Mine is nano. You can find latest official Nginx repos here.
1 | curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \ |
add it:
1 | gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg |
add official stable Nginx repository:
1 | echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \ |
If you would like to use mainline Nginx packages, run the following command instead:
1 | echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \ |
Now you can update package list and install latest version of Nginx:
1 | sudo apt update && sudo apt install nginx |
Congrats, you have latest version of Nginx!
Clean Nginx from official repo is not tweaked as Debian prepared version called nginx-full
. You will need to spend some time to configure it.
PHP
Similar steps like above.
Add repository:
1 | sudo sh -c 'echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list' |
Download and add repository key:
1 | sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg |
Update package list and install PHP 8.2-fpm:
1 | sudo apt update && sudo apt install php8.2-fpm |
and then PHP itself:
1 | sudo apt install php8.2 |
It is also worth to setup repository pining to make sure you are installing from official source and not default Debian repo:
1 | echo -e "Package: php*\nPin: origin packages.sury.org\nPin-Priority: 900\n" \ |
This will make packages.sury.org
priority.
To chek you php version run:
1 | sudo php -v |
You may also be interested in additional PHP modules, like for WordPress:
1 | sudo apt install php-bcmath php-curl php-gd php-imagick php-intl php-json php-mcrypt php-mysql php-ssh2 php-xml php-zip php-apcu php-mbstring php-soap php-igbinary php-memcached |
Congrats, you have latest version of PHP 8.2!
MariaDB
Before you install latest MariaDB you need to check for repository on MariaDB repository page.
Go to page, choose your Linux Distribution, Release/Codename and then mirror.
Install required package:
1 | sudo apt install apt-transport-https curl |
Add repository key:
1 | sudo mkdir -p /etc/apt/keyrings |
Add repository to your source.list
1 | sudo nano /etc/apt/sources.list.d/mariadb.sources |
File should contain:
1 | # MariaDB 10.11 repository list - created 2023-07-30 13:57 UTC |
Update package list and install MariaDB:
1 | sudo apt update && sudo apt install mariadb-server mariadb-client mariadb-backup |
After all configure it using wizard:
1 | sudo mariadb-secure-installation |
Congrats, you have latest version of MariaDB!
Extra steps
Additional steps worth to make. Additional information.
SSL
You may be interested to add free Let’s Encrypt certificate, to make communication with your web server secure. Check my guide how to do that: Let’s Encrypt SSL Cert for Nginx
Nginx configuration
Nginx configuration adjust:
1 | sudo nano /etc/nginx/nginx.conf |
Edit/add line:
1 | keepalive_timeout 2; |
Sometimes after installation or restarting Nginx you can get error like this:
1 | Starting nginx: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) |
Fix it using this command:
1 | sudo fuser -k 80/tcp |
PHP FPM
If php-fpm (alternative for PHP FastCGI) is your favorite process manager for PHP, edit your website configuration:
1 | sudo nano /etc/nginx/conf.d/default.conf |
and change line with php section
:
1 | location ~ \.php$ { |
edit php.ini
1 | sudo nano /etc/php/8.2/fpm/php.ini |
change option cgi.fix_pathinfo
1 | cgi.fix_pathinfo=0 |
Choose proper web server user for PHP. This is additional settings because we are using official Nginx repo and not the one prepared by Debian. So user is not www-data anymore, but nginx.
1 | sudo nano /etc/php/8.2/fpm/pool.d/www.conf |
and find parameters listed below and set them as listed:
1 | user = nginx |
Reload php-fpm service:
1 | sudo systemctl reload php8.2-fpm |
PHP Info
If you would like to check your PHP configuration, create info.php
file in your www location:
1 | sudo nano /var/www/html/info.php |
put this code to this file:
1 |
|
and navigate to that file in your browser:
http://example.com/info.php
Don’t forget to delete this file if not needed anymore.
Database creation
Login to your database server:
1 | sudo mysql |
Create database:
1 | CREATE DATABASE database_name; |
Create user and password:
1 | CREATE USER 'user_name'@'%' IDENTIFIED BY 'password'; |
Authorize the user to have complete control over the database:
1 | GRANT ALL PRIVILEGES ON database_name.* TO 'user_name'@'%'; |
Forces immediate application of changes in privileges.
1 | FLUSH PRIVILEGES; |