How To Install LEMP Stack on CentOS Stream 10

In this tutorial, we will show you how to install LEMP Stack on CentOS Stream 10. The LEMP stack, consisting of Linux, Nginx (pronounced “Engine-X”), MariaDB, and PHP, has gained popularity as a powerful alternative to the traditional LAMP stack. This guide will walk you through the process of installing and configuring the LEMP stack on CentOS Stream 10, providing you with a solid foundation for your web development projects.

Introduction

The LEMP stack is a versatile and high-performance web application platform that combines four essential components:

Linux: The operating system that serves as the foundation for the stack
Nginx: A lightweight and efficient web server
MariaDB: A robust and scalable database management system
PHP: A popular server-side scripting language

CentOS Stream 10, the latest version of the CentOS distribution, provides an excellent platform for deploying the LEMP stack. Its stability, security features, and long-term support make it an ideal choice for both development and production environments.

By the end of this guide, you’ll have a fully functional LEMP stack running on your CentOS Stream 10 system, ready to host dynamic websites and web applications.

Prerequisites

Before we begin the installation process, ensure that you have the following:

System Requirements

A server or virtual machine running CentOS Stream 10
Minimum of 2GB RAM (4GB or more recommended for production use)
At least 20GB of free disk space
Root or sudo access to the system
An active internet connection for downloading packages

It’s important to note that while these are minimum requirements, your specific needs may vary depending on the scale and complexity of your web applications.

System Preparation

Before installing the LEMP stack components, we need to prepare our CentOS Stream 10 system. This involves updating the system, installing necessary repositories, and configuring basic security settings.

Initial Setup

First, let’s update the system to ensure we have the latest packages and security patches:

sudo dnf update -y

Next, we’ll install the EPEL (Extra Packages for Enterprise Linux) repository, which provides additional packages that we might need:

sudo dnf install epel-release -y

Now, let’s configure the firewall to allow HTTP and HTTPS traffic:

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload

Lastly, we’ll configure SELinux to operate in permissive mode for testing purposes. In a production environment, you should consider keeping SELinux enabled and properly configuring it for your specific needs:

sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config

Installing Nginx

Nginx is a high-performance web server known for its efficiency and low resource usage. Let’s install and configure Nginx on our CentOS Stream 10 system.

Web Server Setup

To install Nginx, run the following command:

sudo dnf install nginx -y

Once the installation is complete, start the Nginx service and enable it to start on boot:

sudo systemctl start nginx
sudo systemctl enable nginx

Verify that Nginx is running by checking its status:

sudo systemctl status nginx

You should see output indicating that the service is active and running.

Nginx Configuration

The main Nginx configuration file is located at /etc/nginx/nginx.conf. For most basic setups, the default configuration should suffice. However, you can customize it to optimize performance or add specific server blocks for your websites.

To create a new server block for a website, create a new configuration file in the /etc/nginx/conf.d/ directory. For example:

sudo nano /etc/nginx/conf.d/example.com.conf

Add the following basic configuration, adjusting it to your needs:

server {
    listen 80;
    server_name example.com www.example.com;
    root /var/www/example.com;
    index index.php index.html index.htm;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php-fpm/www.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }
}

After making changes to the Nginx configuration, always test the configuration and reload the service:

sudo nginx -t
sudo systemctl reload nginx

Installing MariaDB

MariaDB is a powerful, open-source relational database management system that’s fully compatible with MySQL. Let’s install and secure MariaDB on our CentOS Stream 10 system.

Database Server Configuration

To install MariaDB, run the following command:

sudo dnf install mariadb-server mariadb -y

Once the installation is complete, start the MariaDB service and enable it to start on boot:

sudo systemctl start mariadb
sudo systemctl enable mariadb

To secure your MariaDB installation, run the mysql_secure_installation script:

sudo mysql_secure_installation

Follow the prompts to set a root password, remove anonymous users, disallow root login remotely, and remove the test database.

Creating a Test Database

Let’s create a test database and user to ensure MariaDB is working correctly:

sudo mysql -u root -p

Once logged in to the MariaDB shell, run the following commands:

CREATE DATABASE testdb;
CREATE USER 'testuser'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON testdb.* TO 'testuser'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Replace ‘password’ with a strong, unique password for your test user.

Installing PHP

PHP is the scripting language that will process dynamic content for your web applications. We’ll install PHP-FPM (FastCGI Process Manager) for improved performance with Nginx.

PHP Configuration

To install PHP and common extensions, run the following command:

sudo dnf install php php-fpm php-mysqlnd php-json php-gd php-curl php-mbstring php-xml php-zip -y

After the installation, start the PHP-FPM service and enable it to start on boot:

sudo systemctl start php-fpm
sudo systemctl enable php-fpm

To optimize PHP-FPM for better performance, edit the configuration file:

sudo nano /etc/php-fpm.d/www.conf

Find and modify the following lines:

user = nginx
group = nginx
listen = /var/run/php-fpm/php-fpm.sock
listen.owner = nginx
listen.group = nginx
listen.mode = 0660

Save the file and restart PHP-FPM:

sudo systemctl restart php-fpm

LEMP Stack Integration

Now that we have installed all the components of the LEMP stack, let’s integrate them to work together seamlessly.

Connecting Components

To integrate Nginx with PHP-FPM, we need to modify our Nginx server block configuration. Edit the configuration file we created earlier:

sudo nano /etc/nginx/conf.d/example.com.conf

Update the PHP location block to use the PHP-FPM socket:

location ~ \.php$ {
    fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
    fastcgi_index index.php;
    include fastcgi_params;
}

Save the file and reload Nginx:

sudo systemctl reload nginx

Testing and Verification

Let’s verify that our LEMP stack is working correctly by creating a test PHP file.

Validation Steps

Create a new PHP file in your web root directory:

sudo nano /var/www/example.com/info.php

Add the following content to the file:

<?php
phpinfo();
?>

Save the file and visit http://your_server_ip/info.php in your web browser. You should see the PHP information page, which confirms that Nginx is serving PHP files correctly.

To test the database connection, create another PHP file:

sudo nano /var/www/example.com/db_test.php

Add the following content:

<?php
$conn = new mysqli("localhost", "testuser", "password", "testdb");
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
$conn->close();
?>

Visit http://your_server_ip/db_test.php in your web browser. You should see “Connected successfully” if the database connection is working.

Security Hardening

Now that our LEMP stack is up and running, it’s crucial to implement some basic security measures to protect your server and applications.

Security Measures

Regularly update your system and installed packages:
```
sudo dnf update -y
```

Configure proper file permissions:

sudo chown -R nginx:nginx /var/www/example.com
sudo chmod -R 755 /var/www/example.com

Set up SSL/TLS for encrypted connections using Let’s Encrypt:

sudo dnf install certbot python3-certbot-nginx -y
sudo certbot --nginx -d example.com -d www.example.com

Configure firewall rules to allow only necessary traffic:

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --reload

Troubleshooting

If you encounter issues with your LEMP stack, here are some common problems and their solutions:

Common Issues

Nginx not starting: Check the error logs at /var/log/nginx/error.log for specific issues.
PHP files not executing: Ensure that the PHP-FPM service is running and that Nginx is configured to use the correct socket.
Database connection failures: Verify that MariaDB is running and that you’re using the correct credentials.
Permission problems: Make sure that the Nginx user has the necessary permissions to access your web files and directories.

Congratulations! You have successfully installed LEMP. Thanks for using this tutorial for installing the LEMP Stack on CentOS Stream 10 system. For additional help or useful information, we recommend you check the official CentOS website.

VPS Manage Service Offer

If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!