In this article we will install NGINX on Ubuntu 18.04 and configure a basic site with optional HTTPS. NGINX is a simple lightweight web server and load balancer.
We are going to start out with a basic install of Ubuntu Server 18.04. As with most installations you will want to make sure the first thing you do is update everything.
# apt update && apt upgrade -y
The next thing you will need to do is configure a static IP address. This is a little different in Ubuntu 18.04. You will need to edit a suitable netplan for your system. This will match the ethernet device on you system. For example:
# vim /etc/netplan/01-netcfg.yaml
It will most likely be configured with DHCP (unless you configured a static IP during install), so edit the file like below to configure a static IP:
network: version: 2 renderer: networkd ethernets: enp0s3: dhcp4: no addresses: [192.168.1.20/24] gateway4: 192.168.1.1 nameservers: addresses: [18.104.22.168,22.214.171.124]
Save the file and exit. Next apply the change:
# netplan apply
Now we have everything ready and can start installing NGINX
Lets go ahead and install NGINX.
# apt install nginx
At this point you will have a basic web page available. Open a browser and go to the IP address of you NGINX server.
You will see the web page:
Now that we have a basic web page we can configure HTTPS. This step is completely optional but it is here in case you need it. HTTPS requires SSL certificates to work correctly. You can buy certificates if your web server will be public. If you are looking to buy SSL certs, I recommend SSLstore.com. They have great prices and awesome support. Wherever you buy your SSL certs, they will have detailed instructions on how to install them so I won’t be covering that here. The other option you have is self-signed certs which you generate on your server. I will now go into detail on how to create and install these on your NGINX web server.
The first thing we need to do is generate self-signed certificates:
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/selfsigned.key -out /etc/ssl/certs/selfsigned.crt
You will be answered several questions. You can accept the defaults (which are empty) or enter in the information.
Next open the default site configuration.
# vim /etc/nginx/sites-available/default
Uncomment the following line in the server section:
# listen 443 ssl default_server
And add the following lines in the same section:
ssl_certificate /etc/ssl/certs/selfsigned.crt; ssl_certificate_key /etc/ssl/private/selfsigned.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5;
Save and exit the file. Restart the nginx service and you should now be able to connect via HTTPS:
# systemctl restart nginx
This is a very basic HTTPS configuration. For more on configuring HTTPS your can read the nginx documentation.
I hope you have enjoyed this article, if so please leave a comment below. For more articles, please signup for the AdminTome Blog below. Also please feel free to share the article to your friends using the buttons to the left. Thanks again for reading this post.
Get weekly updates from AdminTome Blog including the latest articles and special content only for subscribers.
We value your privacy and would never spam you