Deploy LEMP stack on CentOS 6 x86 with 512MB Memory
LEMP stands for Linux, Nginx, MariaDB/MySQL and PHP/PHP-FPM. LEMP stack provides a whole solution for dynamic website hosting. Here I provide my record of installation on a CentOS 6 X86 machine with 512MB RAM.
Prep
- Some basic skills about Vim (editor), copy/paste techniques during operations via SSH.
- Tools necessary for the installation. If not preinstalled, execute the following command and have them installed.
1 | yum install screen wget unzip -y |
Then SSH to the server and input in the terminal window screen -S LEMP
before beginning the job. If for any reason you are disconnected half way during the installation, re-login to the server and restore your interrupted process by screen -r LEMP
. A concise guide on this Screen command can be found here.
Generally it does not matter in which order LEMP stack is installed. However, it may be safer to get MariaDB and PHP installed first. For my personal preference, I’ll do it starting from Nginx web server, followed by the database server and to the php-fpm part to make a full stack working.
Install Nginx
Step 1, visit Nginx’s download page and locate at the bottom the pre-built packages section for the stable version[1].
Step 2, create a repo file named nginx.repo by running the command in the terminal window:
1 | vi /etc/yum.repos.d/nginx.repo |
Hit i on the keyboard to enter the edit mode and paste the following scripts into the repo file. Double check the repo file before quitting the edit mode by ESC
, and press :x or :wq to save the job.
1 | [nginx] |
Save the file, execute the following line of script and the latest version of Nginx web server should have been installed into CentOS 6.
1 | yum install nginx -y |
Step 3, make Nginx a system service and auto-start everytime the server boots by executing the following combined scripts.
1 | service nginx start && chkconfig --levels 3 nginx on |
Remeber to keep a note of the following locations, the directories and files as they’ll be used when configuring the web server.
Default document root directory: /usr/share/nginx/html
Default configuration file: /etc/nginx/nginx.conf
Default Virtual host config directory: /etc/nginx/conf.d/
Default Virtual host config file: /etc/nginx/conf.d/default.conf
Install MariaDB/MySQL
Option 1, MariaDB
Step 1, visit MariaDB repository generator page to set up the repositories. Since I plan to run my LEMP stack on a lowend box with 512MB RAM, I don’t want to install the latest series, but rather the old v5.5 stable version. With the help of the repo generation wizard, I can obtain the custom MariaDB YUM repository as displayed below.
1 | # MariaDB 5.5 CentOS repository list - created 2018-04-20 03:22 UTC |
Step 2, switch back to the terminal window to create under /etc/yum.repos.d/ a new repo file, MariaDB.repo, by executing:
1 | vi /etc/yum.repos.d/MariaDB.repo |
Paste the custom MariaDB repo information into the newly created MariaDB.repo and save it.
Step 3, Run yum install MariaDB-server MariaDB-client -y
and have both the database server and the client installed.
After the installation, run /etc/init.d/mysql start
to start MariaDB.
To have MariaDB start as a system service every time the machine boots, perform the couple of commands as suggested by MariaDB official web site as follows:
1 | chkconfig --add mysql && chkconfig --level 345 mysql on |
Note: --levels 235
is widely suggested, but I found from some sources explanations[2] that in practical situations --levels 3
is probably OK for my own case.
Step 4, To keep the initial setup of the database server safe, run the following line of command:
1 | mysql_secure_installation |
The shell script will walk you through the process of what MariaDB claims as enabling you to improve the security of your MariaDB installation.
The purpose is to set a password (as strong as you will generate since the default password is set to none) for root account, remove anonymous user account and remove the test database integrated. For each Yes-or-No question prompted during the secure installation, just respond with a y (Yes).
Option two, MySQL
CentOS 6 includes MySQL v5.1 repo, so this option can be done easily by the following commands, plus mysql_secure_installation
.
1 | yum install mysql-server -y |
Refer to MySQL official web site on installation via Yum repository for more specifications. I personally omitted this step as I prefer MariaDB to MySQL.
Install PHP/PHP-FPM 7.2 & extensions
Note: For PHP/PHP-FPM v5.6, check the instructions here, and here.
Step 1, get PHP/PHP-FPM ready.
Option 1, install PHP
Since CentOS 6 is shipped with an outdated version (v5.3) of PHP/PHP-FPM, an upgrade to, say v7.2, is recommended. Turn to Remi’s RPM repo wizard to generate a few lines of necessary scripts that are ready to be executed.
1 | #yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm |
Option 2, install PHP-FPM only
To achieve a more slimmer package for the sake of performance and maybe personal flavor, installing only PHP-FPM rather than the whole package can be an option.
1 | yum install http://rpms.remirepo.net/enterprise/remi-release-6.rpm |
Initiate PHP-FPM then before making some modifications.
1 | /etc/init.d/php-fpm start && /sbin/chkconfig php-fpm on |
Step 2, edit /etc/php-fpm.d/www.conf by vi /etc/php-fpm.d/www.conf
and replace the default value with entries suited to Nginx server. The modified www.conf file should now look like this:
1 | ; Unix user/group of processes |
Actually I may stop here and save the configuration file, but if the Unix socket mode is more preferred (to the TCP mode of communication between Nginx and FastCGI), the following modifications must be made[3].
Change listen = 127.0.0.1:9000
to listen = /var/run/php-fpm/php-fpm.sock
, uncomment a few lines and make them look like this:
1 | listen.owner = nginx |
Step 3, finally run the following two lines to ensure that you’ve done the right thing, or /usr/sbin/php-fpm -version
to check the installed PHP-FPM version.
1 | php --version |
Before going through to the final setup, perform the status check to see if all three applications are running OK.
1 | service nginx status && service mysql status && service php-fpm status |
If they are not running but configured properly, start or restart them by keying in the following commands:
1 | service nginx restart |
install phpBB3
Prerequisites: Nginx configuration file(s) ready.
Step 1, download phpBB zip pack from its official site and unpack it to the default web directory by running the following bunch of commands:
1 | cd /usr/share/nginx/html |
This will download the zip pack, save it to the default website directory and unzip the pack to phpBB3 directory ready for installation.
Step 2, creat a database (say, for instance, bbs) in advance since the installer will not automatically create it correspondingly during manual installation.
The widely used MySQL manager, phpMyAdmin, is among the best tools, but to keep the database creation job simple, and if you prefer the pure command way, here is what leads to the destination with the same effect. Make sure you remember the password for root account when prompted at login stage.
1 | mysql -u root -p |
Refer to MariaDB website KB articles here[4], and here[5] for more detailed instructions, if necessary.
Step 4, direct to your website IP/hostname (if there is one), follow the instructions accordingly, and the installation will soon start[6].
Now almost all applications have been set up but the system has not yet been protected from possible attacks from outside. It is important that the server firewall, which is an integrated part shipped with CentOS 6 be initiated.
Set up & config the iptables service
A simple manual can be located at lnmp.org
To put it simple, just execute these commands line by line to allow some data flow (in) and dis-allow some data flow. For more detailed specifications, please check this blog entry.
1 | iptables -F && iptables -Z && iptables -X |
Now, mission completed!
Note: for a simulated video recording with Chinese comment please check my asciinema cast below. Hope this helps.
at the time of installation, nginx just released v1.14 stable, which is the highest official version users can obtain. ↩︎
Actually I skipped the configuration part of the rewrite file, but those who are interested can refer to the pre-canned Nginx’s host configuration suggested by David Yin. ↩︎