CentOS 7: Install LEMP Stack

This blog receives a commission from affiliate partners through the affiliate links that we share with you in our posts. Although we receive a commission for using and linking their products, all our opinions and suggestions are unbiased.

What is the LEMP Stack?

LEMP stack is a group of open-source software that is usually installed together to enable a server to host websites and web applications. The acronym represents L for the Linux Operating System, E for Nginx(Pronounced Engine X and replaces Apache webserver), M for MySQL, and P for PHP. In this tutorial, we will cover how to install the LEMP stack on your CentOS Linux Server.

Also Read: CentOS 7: Install LAMP Stack

 

Install Nginx

Our first step to installing Nginx would be adding the CentOS EPEL repository which contains additional software for CentOS operating system:

sudo yum install epel-release

After the EPEL repository is installed on your server we will continue to install Nginx with the following command:

sudo yum install nginx

After the installation completed successfully we will start the Nginx service:

sudo systemctl start nginx

After the service started we can go ahead and test that Nginx is working by typing the server IP address in the browser on the local network:

http://server_ip_address/

Below is an example of what it should look like:

If that page displays then Nginx web server is correctly installed. Once all those steps are complete you should enable Nginx to start on boot:

sudo systemctl enable nginx
Install MySQL (MariaDB)

Once our web server is up and running we will go to step number two and install MySQL (MariaDB). MariaDB is a community-developed fork of the MySQL relational database management system.

We will use the yum package manager like in our first step to install MySQL(MariaDB).

sudo yum install mariadb-server mariadb

Once the MariaDB installation has completed then we will start it.

sudo systemctl start mariadb

Once the MySQL database is running, we will then run a simple security script that will remove defaults and lock down access to our database system. Start the script by running the following:

sudo mysql_secure_installation

A prompt will ask for your current root password. If you just installed MySQL then you can leave it blank and press enter. The prompt will then ask if you want to set a root password. You can go ahead and enter Y and follow the instructions:

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorization.


New password: password
Re-enter new password: password
Password updated successfully!
Reloading privilege tables..
 ... Success!

You can simply hit Enter on each prompt from here to accept the default values. Once all these steps completed to setup MariaDB then you can go ahead and configure MariaDB to start on boot:

sudo systemctl enable mariadb.service

Once that final configuration completed then your MySQL(MariaDB) database system is configured and setup.

Install PHP

PHP is the component of our setup that will process code to dynamic content. It can run scripts, obtain information from MySQL databases, and hand the processed content to the Nginx web server to display.

You should look to obtain PHP 7+ and install it (Latest PHP version). Remi is a popular package repository that provides the most up to date PHP releases for CentOS systems. Run the following to install the Remi repository:

sudo yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm

After the installation completes you need to enable the repository that contains your preferred version of PHP:

yum --disablerepo="*" --enablerepo="remi-safe" list php[7-9][0-9].x86_64

You should see an output like this:

Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* remi-safe: mirrors.ukfast.co.uk
Available Packages
php70.x86_64                2.0-1.el7.remi                remi-safe
php71.x86_64                2.0-1.el7.remi                remi-safe
php72.x86_64                2.0-1.el7.remi                remi-safe
php73.x86_64                2.0-1.el7.remi                remi-safe
php74.x86_64                1.0-3.el7.remi                remi-safe
php80.x86_64                1.0-3.el7.remi                remi-safe

We will go ahead and install PHP 7.4 which is a very stable version of PHP and currently the most updated. First, we enable the correct  Remi package:

sudo yum-config-manager --enable remi-php74

Second, we will go ahead in install PHP:

sudo yum install php php-mysqlnd php-fpm

Once the installation completes we should go ahead and confirm the PHP version:

php - -version

You should see an out like the one below:

PHP 7.4.5 (cli) (built: Apr 14 2020 12:54:33) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies

Next we will go ahead and open the /etc/php-fpm.d/www.conf configuration file:

sudo vi /etc/php-fpm.d/www.conf

We will then go ahead and look for the lines that display the user and group directives:

…
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
; RPM: apache user chosen to provide access to the same directories as httpd
user = apache
; RPM: Keep a group allowed to write in log dir.
group = apache
…

You will notice that both user and group variables are set to apache. We are going to change it to Nginx:

…
; RPM: apache user chosen to provide access to the same directories as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
…

By default, php-fpm will listen on a specific host and port over TCP. We are going to change the listen variable so it can listen on the local socket file:

listen = /var/run/php-fpm/php-fpm.sock;

Lastly, we will change the owner and group settings for the socket file we just defined:

listen.owner = nginx
listen.group = nginx
listen.mode = 0660

Once all those lines have been configured you can press the escape key and save your changes.

Next, we will enable the php-fpm service:

sudo systemctl start php-fpm

After all, those steps are completed and all the required components are installed we are going to configure Nginx to process PHP pages. Nginx has a dedicated directory where we are able to define each hosted website as a separate configuration file using a server block similar to Apache’s virtual hosts.

With the default installation, this directory is empty. We will create a new file that will serve as the default PHP website on the server and override the default server block defined in the /etc/nginx/nginx.conf file. First, we will open the new file with the following code:

sudo vi /etc/nginx/conf.d/default.conf

Copy the following PHP code below and replace the server_name section to point to your server’s IP address or domain name:

server {
  listen       80;
  server_name  server_domain_or_IP;

  root   /usr/share/nginx/html;
  index index.php index.html index.htm;

  location / {
    try_files $uri $uri/ =404;
  }
  error_page 404 /404.html;
  error_page 500 502 503 504 /50x.html;

  location = /50x.html {
    root /usr/share/nginx/html;
  }

  location ~ \.php$ {
    try_files $uri =404;
    fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;

  }
}

Save and close the when you are done. The next step is to restart Nginx in order to apply the changes:

sudo systemctl restart nginx

Your web server is now fully set up after completing all these steps. We are going to go ahead and test PHP processing on the webserver.

We will make changes to the default ownership settings on Nginx’s document root to enable a regular sudo user to create files in that location.

We will change it to a user and group call webuser. Make sure that you replace ‘webuser’ username and group to reflect your system’s username and group:

sudo chown -R webuser.webuser /usr/share/nginx/html/

We will then go ahead and create an info.php file to make sure the webserver works as expected:

vi /usr/share/nginx/html/info.php

Insert the following code:

<?php
phpinfo();
?>

Exit edit and save the file. Type your webserver IP followed by inho.php in your browser:

http://server_ip/info.php

The following web page should display:

If this was successful then your PHP setup and configuration are working. We will then remove the info.php file as it could give unauthorized users information about your server:

rm /usr/share/nginx/html/info.php

You can recreate the file later if you should require the information again. After all the tests and configurations you have completed the LEMP stack installation on your CentOS server. It is now ready to host websites and web applications.

Chad Crouch

Chad is an experienced Systems Administrator with exposure to various technologies and enterprise ICT environments. He has a huge passion for Technologies, specifically Linux, Open Source Software, Cloud Computing, DevOps, Software & Web Development, electronics, and IoT technologies. If you enjoy our articles please support us and make a small contribution: Buy Us A Coffee