Install NginX via official repository on Debian 11
Posted by Mohsen on 03 Feb, 2023
Introduction
Nginx is a high-performance web server and reverse-proxy server that has gained significant popularity in web hosting and server deployment. Nginx is known for its efficient handling of concurrent connections and low resource consumption. It is widely used to serve static content, accelerate dynamic content delivery, and balance the load across multiple servers.
In this article, I will show you how to install this web server from its official repository on Debian 11 (Bullseye).
Prerequisites
Before you begin this guide, you should have a regular, non-root user with sudo privileges configured on your server and install the following packages:
sudo apt install curl gnupg2 ca-certificates lsb-release debian-archive-keyringStep 1 - Add keys and repository
Import the official Nginx signing key so apt can verify the authenticity of the packages. Fetch the key:
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
| sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/nullTo set up the apt repository for stable nginx packages, run the following command:
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/debian `lsb_release -cs` nginx" \
| sudo tee /etc/apt/sources.list.d/nginx.listIf you would like to use mainline nginx packages, run the following command instead:
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/mainline/debian `lsb_release -cs` nginx" \
| sudo tee /etc/apt/sources.list.d/nginx.listSet up repository pinning to prefer our packages over distribution-provided ones:
echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" \
| sudo tee /etc/apt/preferences.d/99nginxStep 2 - Install Nginx
To install nginx, run the following commands:
sudo apt update & apt install nginx Enable bootup
sudo systemctl enable --now nginxStep 4 - Configure Nginx
Modify the default nginx config file:
sudo vim /etc/nginx/nginx.confReplace the content with the following:
user www-data;
worker_processes 2;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
client_max_body_size 1000m;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
}
Step 5 - Create a site
Now, you can create your virtual hosts.
Let's create a sample one for a domain name called sample.com
sudo vim /etc/nginx/conf.d/sample.com.conf
#########
# HTTP #
#########
server {
listen 80;
server_name sample.com www.sample.com;
root /home/www/www.sample.com/www;
access_log /var/log/nginx/www.sample.com.access.log combined;
error_log /var/log/nginx/www.sample.com.error.log error;
index index.html index.php;
if ($host !~ ^(sample.com|www.sample.com)$ ) {
return 444;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
if ($request_method !~ ^(GET|HEAD|POST)$) {
return 444;
}
# Disable direct access to .ht files and folders
location ~* \.(htaccess|htpasswd|tpl|7z|zip|tar.gz|gz|gzip|rar)$ {
deny all;
return 404;
}
# X-XSS protection
add_header X-XSS-Protection "1; mode=block";
# X-FRAME attach protection
#add_header X-Frame-Options "SAMEORIGIN";
disable_symlinks on from=$document_root;
autoindex off;
location / {
index index.php index.html;
}
}Step 6 - Reload and test
Reload the web server to apply the changes:
sudo systemctl reload nginx You can check the web server service status:
sudo systemctl status nginx
Step 7 - Important Nginx files and directories
Now that you know how to install and configure nginx, it's time to get familiar with some important files and directories to help you manage your websites.
Content
/home/www/: This is a sample directory where you can keep your websites.
Server Configuration
/etc/nginx: The Nginx configuration directory. All of the Nginx configuration files reside here./etc/nginx/nginx.conf: The main configuration file. This file contains the global configurations of Nginx./etc/nginx/conf.d/: The directory where per-site server blocks can be stored. Only files with '.conf' extension will be loaded by Nginx. Typically, all server block configuration is done in this directory.
Server Logs
/var/log/nginx/access.log: Every request to your web server is recorded in this log file unless there is a configuration to do otherwise./var/log/nginx/error.log: Nginx errors will be recorded in this log./var/log/nginx/sample.com.access.log: This log file will record all requests for the website sample.com./var/log/nginx/sample.com.error.log: Any errors for the website sample.com will be recorded in this file.
Conclusion
You have learned how to install and configure Nginx on your Debian 11 machine, and now that you have your web server installed, you have many options for the type of content you can serve and the technologies you can use to create a richer experience for your users.