Skip to main content
Ungathered Thoughts

LEMP stack

We've got a fresh Ubuntu install by way of create a Catalyst Cloud compute instance. Now we'll install a simple LEMP stack (Linux, NginX, MariaDB, PHP).

First, decide your project name - eg I'm using this to test for CLIENT, so I'll use client where PROJECT appears below. You also need the IP address of your webserver. The instance IP from is shown below as x.x.x.x below, but you should use your provisioned IP from create a Catalyst Cloud compute instance.

SSH into your instance.

ssh ubuntu@x.x.x.x

Install MariaDB.

$ sudo apt update && sudo apt install -y nginx mariadb-server
$ sudo mysql_secure_installation

Create a DB and grant access.

$ sudo mariadb
MariaDB [(none)]> create database client;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> grant all on client.* to client@localhost identified by 'client';
Query OK, 0 rows affected (0.009 sec)
$ mariadb -u client -p

Install PHP and required libraries for Drupal 9.

$ sudo apt install -y php-fpm php-mysql php-curl php-gd php-json php-mbstring php-xml php-curl php-gd php-mbstring php-xml

Create nginx config in /etc/nginx/sites-available/PROJECT using config/nginx/drupal.conf as a reference implementation. Symlink to the NginX config to enable it.

sudo ln -s /etc/nginx/sites-available/client /etc/nginx/sites-enabled/

Reload NginX.

sudo nginx -t && sudo nginx -s reload

Create a test .php file.

mkdir /var/www/PROJECT/current/web
echo '<?php phpinfo();' > /var/www/PROJECT/current/web/index.php

Verify that the phpinfo works when accessed over http (use the IP address) by visiting http://x.x.x.x in your browser.

If it works, we'll remove it to prepare for the next step.

$ rm /var/www/client/current/web/index.php

Now we need to ensure the deployment can SSH in and exec commands as a user. In this example we'll use ubuntu as the deploy and login user. In a real setup we'd use separate users.

Generate an SSH key on your local system.

$ ssh-keygen -t ecdsa -f ~/.ssh/deploy-key
Generating public/private ecdsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ubuntu/.ssh/deploy-key
Your public key has been saved in /home/ubuntu/.ssh/
The key fingerprint is:
SHA256:abcdefabcdefabcdef/abcdefabcdef ubuntu@deploy-instance
The key's randomart image is:
+---[ECDSA 256]---+
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |
|                 |

Add the SSH key to deploy user .ssh/authorized_keys on the compute instance.

Test SSH access from your computer.

ssh -i ~/.ssh/deploy-key ubuntu@x.x.x.x

Next up: Set up a Gitlab CI runner.