How To Install LEMP on Debian 12
In this tutorial, we will show you how to install LEMP on Debian 12. In the ever-evolving landscape of web development, a robust and secure server environment is the cornerstone of a successful web presence. The LEMP stack, comprising Linux, Nginx, MySQL, and PHP, is a revered choice for hosting dynamic websites and web applications.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo
‘ to the commands to get root privileges. I will show you the step-by-step installation of the LEMP Stack on a Debian 12 (Bookworm).
Prerequisites
- A server running one of the following operating systems: Debian 12 (Bookworm).
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- SSH access to the server (or just open Terminal if you’re on a desktop).
- An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies for LEMP.
- A
non-root sudo user
or access to theroot user
. We recommend acting as anon-root sudo user
, however, as you can harm your system if you’re not careful when acting as the root.
Install LEMP on Debian 12 Bookworm
Step 1. Before we install any software, it’s important to make sure your system is up to date by running the following apt
commands in the terminal:
sudo apt update
This will refresh the package list and upgrade the existing packages to their latest versions, ensuring that you have the most recent security updates.
Step 2. Installing Nginx.
Nginx is the gatekeeper of your web applications. It’s a high-performance web server, known for its speed and scalability:
sudo apt install nginx sudo systemctl start nginx sudo systemctl enable nginx
The first command installs Nginx, while the subsequent two start it and ensure it launches automatically on system boot. Nginx will soon become your best friend in serving web content efficiently.
To verify that Nginx is working correctly, open a web browser and enter your server’s IP address or domain name. You should see the default Nginx welcome page. This confirms that Nginx is installed and running.
Step 3. Installing MySQL.
MySQL is the database engine that powers your dynamic web applications. Let’s get it installed and secured:
sudo apt install mysql-server sudo mysql_secure_installation
The second command initiates the MySQL secure installation process. Follow the on-screen prompts to set a root password and remove test databases. This is a critical step in bolstering your server’s security.
Step 4. Installing PHP.
PHP is the scripting language that brings life to your web applications. First, add the PHP repository to your system:
sudo apt install software-properties-common sudo add-apt-repository ppa:ondrej/php
Now install PHP 8.2 along with some common extensions:
sudo apt update sudo apt install php8.2 php8.2-fpm php8.2-mysql php8.2-common php8.2-gd php8.2-json php8.2-cli php8.2-curl php8.2-zip php8.2-xml php8.2-mbstring php8.2-bcmath php8.2-json
To ensure PHP is installed correctly, run the following command:
php -v
Step 5. Configure Nginx.
Nginx is installed, but we need to configure it to serve your web content. This entails editing the default server block configuration:
sudo nano /etc/nginx/sites-available/default
Within the server block, add the following lines, replacing your_domain.com
and your_root_directory
with your actual domain name and web root directory:
server_name your_domain.com www.your_domain.com; root /var/www/html; index index.php index.html index.htm;
Next, configure Nginx to work with PHP. Create a new PHP pool configuration file in the /etc/php/8.2/fpm/pool.d/
directory:
sudo nano /etc/php/8.2/fpm/pool.d/www.conf
Inside the file, find and update the following lines:
listen = /run/php/php8.2-fpm.sock
Inside the server
block, add the following lines to enable PHP processing for .php files:
location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php8.2-fpm.sock; }
Save the file and proceed to test the Nginx configuration:
sudo nginx -t
This command validates your configuration for syntax errors. If all is well, restart Nginx:
sudo systemctl restart nginx
Step 6. Create a MySQL Database.
Your MySQL server is installed, but we need to create a database and a user to interact with it. Let’s dive into the MySQL shell:
sudo mysql -u root -p
Enter your MySQL root password when prompted. Now, let’s create a new database, user, and grant privileges:
CREATE DATABASE your_database; CREATE USER 'your_user'@'localhost' IDENTIFIED BY 'your_strong_password'; GRANT ALL PRIVILEGES ON your_database.* TO 'your_user'@'localhost'; FLUSH PRIVILEGES; EXIT;
Replace your_database
, your_user
, and your_password
with your preferred values. This setup empowers your web application to interact with the database seamlessly.
Step 7. Installing Let’s Encrypt Certbot.
Securing your website with HTTPS is non-negotiable in today’s digital landscape. We’ll use Let’s Encrypt and Certbot to obtain SSL certificates:
sudo apt install certbot python3-certbot-nginx
With Certbot installed, obtaining an SSL certificate is a breeze. Execute the following command, replacing your_domain.com
with your actual domain:
sudo certbot --nginx -d your_domain.com -d www.your_domain.com
Certbot will guide you through the process, asking for your email and requiring your agreement to the terms. Once completed, Certbot will automatically configure SSL for your Nginx server block.
Let’s Encrypt certificates are valid for 90 days, but you can automate the renewal process. Certbot will automatically renew your certificates when they are close to expiration. To test the renewal process, you can run:
sudo certbot renew --dry-run
Step 8. Firewall Configuration.
Firewalls are your server’s guardians, controlling incoming and outgoing traffic. Let’s configure the Uncomplicated Firewall (UFW) to ensure your server’s safety:
sudo ufw allow 'Nginx Full' sudo ufw allow 'OpenSSH' sudo ufw enable
The first command permits full access to Nginx, while the second allows SSH traffic for remote server management. Finally, we enable the UFW to implement these rules.
Step 9. Testing Your LEMP Stack.
Now that your LEMP stack is installed and secured, it’s essential to verify its functionality:
sudo nano /var/www/html/info.php
Add the following content to the file:
<?php phpinfo(); ?>
Save and exit the file, then open a web browser and navigate to http://your_domain.com/info.php
(replace your_domain.com
with your actual domain). You should see a page displaying PHP information. This confirms that PHP is functioning as expected.
Congratulations! You have successfully installed LEMP. Thanks for using this tutorial to install the latest version of the LEMP Stack on Debian 12 Bookworm. For additional help or useful information, we recommend you check the official LEMP website.