Debian LEMP stack

There is a lot of guides how to configure Nginx, MariaDB and PHP on Linux. A lot of them is outdated. Probably someday this one get out of date too… no wait! This one will be different, always fresh!

No matter what version of Debian you use, your Nginx, MariaDB and PHP (7.2) will be always up to date.

Lemp Stack

I will not argue my decision about such and no other configuration, I just like Nginx and MariaDB. Rather, I will focus on showing the configuration that will allow us to use the latest versions of each program. Most applications from the official repositories of a given distribution are not in the latest version. Of course, this is due to the desire to maintain stability. Personally, I use the solution described in this article and never complained about errors or instability. However, before you implement such a solution, or try to update an existing infrastructure, first make sure that everything goes smooth in the test environment. The fact that it works for me does not mean that it will also work for you :)

Install necessary packages:

1
sudo apt-get install apt-transport-https lsb-release ca-certificates

Repositories. It’a all about repositories. Before you set up new repository for your server, you need to know what version of Debian you are using. The codename. To check codename use command below:

1
sudo lsb_release -sc

To see more info about your system you can use:

1
sudo lsb_release -a

Example result of command:

1
2
3
4
Distributor ID:	Debian
Description: Debian GNU/Linux 8.11 (jessie)
Release: 8.11
Codename: jessie

As you now know the codename of your server you can use the codename name in the configuration below.

Nginx

Edit your source.list for apt and add official Nginx repository. Use your favorite editor. Mine is nano.

1
sudo nano /etc/apt/sources.list

add line:

1
deb http://nginx.org/packages/debian/ codename nginx

change codename. Example for jessie:

1
deb http://nginx.org/packages/debian/ jessie nginx

Download repository key:

1
sudo wget http://nginx.org/keys/nginx_signing.key

Add key:

1
sudo apt-key add nginx_signing.key

Now you can update package list and install latest version of Nginx:

1
sudo apt update && sudo apt install nginx

Congrats, you have latest version of Nginx!

PHP

Similar steps like above.

Edit your source.list for apt and add official PHP 7.2 repository.

1
sudo nano /etc/apt/sources.list

add line:

1
deb https://packages.sury.org/php/ codename main

change codename.

Download and add repository key:

1
sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg

Update package list and install PHP 7.2:

1
sudo apt update && sudo apt install php7.2

You may be interested in additional PHP packages:

1
sudo apt install php7.2-common php7.2-intl php7.2-xml php7.2-json php7.2-sqlite3 php7.2-tidy php7.2-xmlrpc php7.2-recode php7.2-pspell php7.2-curl php7.2-gd php7.2-mbstring php7.2-opcache php7.2-readline php7.2-mysql php7.2-cli php7.2-fpm php7.2-xsl

Congrats, you have latest version of PHP 7.2!

MariaDB

Before you install latest MariaDB you need to check for repository on MariaDB repository page.

Go to page, choose your Linux Distribution, Release/Codename and then mirror.

Example results for Debian Jessie:

1
2
3
sudo apt-get install software-properties-common
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.icm.edu.pl/pub/unix/database/mariadb/repo/10.3/debian jessie main'

You just need to run commands above, one by one.

Install required package:

1
sudo apt-get install software-properties-common

Add repository key:

1
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db

Add repository to your source.list

1
sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.icm.edu.pl/pub/unix/database/mariadb/repo/10.3/debian jessie main'

Update package list and install MariaDB:

1
sudo apt update && sudo apt install mariadb-server

Congrats, you have latest version of MariaDB!

Extra steps

Additional steps worth to make. Additional information.

SSL

You may be interested to add free Let’s Encrypt certificate, to make communication with your web server secure. Check my guide how to do that: Let’s Encrypt SSL Cert for Nginx

Nginx configuration

Nginx configuration adjust:

1
sudo nano /etc/nginx/nginx.conf

Edit/add line:

1
keepalive_timeout 2;

Sometimes after installation or restarting Nginx you can get error like this:

1
Starting nginx: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)

Fix it using this command:

1
sudo fuser -k 80/tcp

PHP FPM

If php-fpm (alternative for PHP FastCGI) is your favorite process manager for PHP, edit your website configuration:

1
sudo nano /etc/nginx/sites-available/default

and change line with fastcgi_pass parameter:

1
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;

edit php.ini

1
sudo nano /etc/php/7.2/fpm/php.ini

change option cgi.fix_pathinfo

1
cgi.fix_pathinfo=0

Reload php-fpm service:

1
sudo systemctl reload php7.2-fpm.service

PHP Info

If you would like to check your PHP configuration, create info.php file in your www location:

1
sudo nano /var/www/html/info.php

put this code to this file:

1
2
3
<?php
phpinfo();
?>

and navigate to that file in your browser:

http://example.com/info.php

Don’t forget to delete this file if not needed anymore.