How to Install Nginx on FreeBSD 11.2

Barry

Introduction

One of the most popular web servers in the world, known for its frequent use as a load balancer and reverse proxy is known as Nginx. It’s more user-friendly more than Apache, and many of the largest and most highly trafficked sites on the internet depend on Nginx to serve their content.

In this blog, you will get a demonstration of how to install Nginx on a FreeBSD 11.2 server.

JOIN OUR NEWSLETTER
Not Every One Focuses On Your Requirements! Get What You Want- Revenue & Ranking Both. Make Money While Stepping Up The Ladder Of SERPs.
We hate spam. Your email address will not be sold or shared with anyone else.

Prerequisites

You will be needing an access to a server that runs FreeBSD before starting .This blog is mainly written with the help of a server running FreeBSD 11.2 , however it needs to also to be accessed on an older versions of the system and also if you are planning to set a domain name for the server you need to have the following:

First you will needing a registered domain name which is only controlled and owned by you or if in any case you are not having a registered domain name , you can definitely register one with the many names out there.

The next thing you will be needing is a DNS A Record which will mark your domain to the public IP address of your server.

Installing Nginx

In the beginning, you need to install Nginx using pkg, FreeBSD’s built-in binary package management tool after which you need to run the following command which will upgrade the local copy of the obtainable packages and then you will have to install the nginx package:

$ sudo pkg install nginx

If you are new in running pkg, it will instigate you to assure that you provide access to bootstrap itself. In order to do this, you need to click  on y and then ENTER. After that you need to assure that you confirm the installation of the nginx package by clicking y and then ENTER one more time.

If you are using any of the either the csh or tcsh shell, you will have to make sure that you run the rehash command, which awares the shell of the new applications you have installed:

$ rehash

Note:If you want to check the shell you are currently using you can run the following command:

$ echo $SHELL

The file path of the shell program that is currently in use, is the output:

Output
/bin/tcsh

After this step Nginx will be installed on your server however may not run for which you needs to go through the next step that is enabling the Ngix service. You need to sanction Nginx in order to start accessing each and every time the server boots up and begin it for this session, as well as go through the process of protecting the server by setting up a firewall with IPFW.

Enabling the Nginx Service and Setting Up a Firewall with IPFW

The next very step is to run the Nginx that has been installed in your server. In order for FreeBSD to start Nginx as a conventional service, you need to convey FreeBSD that you will have to access it which will allow you to administer it like any other service, rather than as a standalone application, and will also configure FreeBSD to start it up automatically at boot.

In order to do this you first of all need to know the exact rc parameter to set for the nginx service. rc is a FreeBSD utility that controls the system’s automatic boot processes. All the scripts assigned for every single service are obtainable from in the /usr/local/etc/rc.d directory. This explains the parameters which are used to qualify each service with the help of rcvar variable. You will then witness what each service’s rcvar is set to by typing:

$ grep rcvar /usr/local/etc/rc.d/*

After it has been installed, this command will give an output somewhat like this:

Output
/usr/local/etc/rc.d/cloudconfig:rcvar="cloudinit_enable"
/usr/local/etc/rc.d/cloudfinal:rcvar="cloudinit_enable"
/usr/local/etc/rc.d/cloudinit:rcvar="cloudinit_enable"
/usr/local/etc/rc.d/cloudinitlocal:rcvar="cloudinit_enable"
/usr/local/etc/rc.d/nginx:rcvar=nginx_enable
/usr/local/etc/rc.d/rsyncd:rcvar=rsyncd_enable

The output here also shows the parameter which you will need to set for the nginx service is highlighted here in this output. The script name itself is also helpful to know is also helpful to know, as that’s the name that FreeBSD uses to refer to the service. which is the last component of the path before the colon.

Now to enable the nginx service you must add on its rcvar to the rc.conf file, which has the global system configuration information referenced by the startup scripts. Use your preferred editor to open the /etc/rc.conf file with sudo privileges. Here, you will have to use ee:

$ sudo ee /etc/rc.conf

At the top of the file, you will get few rcvar parameters already in place. Now you need to add the nginx_enable rcvar parameter below these and set it to “YES”:

/etc/rc.conf
. . .
sshd_enable="YES"
nginx_enable="YES"

. . .

You will have to add more directives to sanction and configure, configure an IPFW firewall. IPFW is a firewall with which you still being in the rc.conf file can write for FreeBSD which offers a powerful syntax which will allow you to edit security rules for most use cases.

Directly below the nginx_enable parameter you just added, add the following highlighted lines:

/etc/rc.conf
. . .
nginx_enable="YES"
firewall_enable="YES"
firewall_type="workstation"
firewall_myservices="22/tcp 80/tcp"
firewall_allowservices="any"

Here’s what each of these directives and their settings do:

  • firewall_enable=”YES” — If you set this directive to “YES”  then it will enable the firewall to start up whenever the server boots.
  • firewall_type=”workstation” — There are various default types of firewalls, provided by FreeBSD each of which differs from each other for the configurations. By declaring the workstation type, the firewall will only protect this server using stateful rules.
  • firewall_myservices=”22/tcp 80/tcp” — The firewall_myservices The TCP ports you want to allow through the firewall are listed in this directive. For instance here in this example, you will have to specify ports 22 and 80 to allow SSH and HTTP access to the server, respectively.
  • firewall_allowservices=”any” — This helps a machine from any IP address to communicate over the ports specified in  the firewall_myservices  directive.

As soon as you add these lines, you need to save the file and close the editor by clicking CTRL + C, typing exit, and then pressing ENTER.

After that you will have to start the ipfw firewall service as this is your first attempt of starting the firewall on this server, there’s a chance that doing so will cause your server to stall, making it inaccessible over SSH. The nohup command also known as “no hangups” — will start the firewall while preventing stalling and also redirect the standard output and error to a temporary log file:

$ sudo nohup service ipfw start >/tmp/ipfw.log 2>&1

Now if you’re using either of the csh or tcsh shells, though, this redirect will cause Ambiguous output redirect. to appear in your output. If you’re using either of these shells, run the following instead to start ipfw:

$ sudo nohup service ipfw start >&/tmp/ipfw.log.

Note: Further you can also manage the ipfw firewall . For instance , to stop ,start , and then restart the service , you need to run the following commands:

$ sudo service ipfw stop
$ sudo service ipfw start
$ sudo service ipfw restart

Now you need to start the nginx service:

$ sudo service nginx start

Then, to test that Nginx is able to serve content correctly, enter your server’s public IP address into the URL bar of your preferred web browser:

http://your_server_ip

Note: If you are not sure about your server’s public IP address , as seen from another location on the internet:

curl -4 icanhazip.com

If everything is on point, you will get to see the default Nginx landing page:

Image Source: https://do.co/2SiW9xM

This shows that Nginx is installed and running correctly and that it’s being allowed through the firewall as expected. However, there are still a few configuration changes that need to be made, though, in order for it to work with non-default settings or serve content using a domain name.

Setting Up a Server Block

When using the Nginx web server, server blocks (similar to virtual hosts in Apache) can be used to encapsulate configuration details and host more than one domain from a single server. We will set up a domain called example.com, but you should replace this with your own domain name.

Nginx on FreeBSD 11.2 has one server block enabled by default that is configured to serve documents out of a directory at /usr/local/www/nginx. While this works well for a single site, it can become unwieldy if you are hosting multiple sites. Instead of modifying /usr/local/www/nginx, let’s create a directory structure within /usr/local/www for our example.com site.

Create the directory for example.com as follows, using the –p flag to create any necessary parent directories:

$ sudo mkdir -p /usr/local/www/example.com/html

The next step is you need to take is,you need to assign ownership of the directory to the www user, the default Nginx runtime user profile:

$ sudo chown -R www:www /usr/local/www/example.com

The permissions of your web root should be correct if you haven’t modified your umask value, but you can make sure by typing:

$ sudo chmod -R 755 /usr/local/www/example.com

Now you need to create a sample index.html page using ee:

$ sudo ee /usr/local/www/example.com/html/index.html

Inside, add the following sample HTML:

/usr/local/www/example.com/html/index.html
<html>
<head>
<title>Welcome to Example.com!</title>
</head>
<body>
<h1>Success! The example.com server block is working!</h1>
</body>
</html>

Save and close the file when you are finished.

In order for Nginx to serve this content, it’s necessary to create a server block with the correct directives. Open the main Nginx configuration file. By default, this is held in the /usr/local/etc/nginx/ directory:

$ sudo ee /usr/local/etc/nginx/nginx.conf

Note: Generally, you want to avoid editing the default nginx.conf file. However, within this same directory, there’s a file called nginx.conf-dist, which is identical to the default nginx.conf file. If you ever find that you need to revert with these configuration changes, you can just copy over this file with the following command:

$ sudo cp /usr/local/etc/nginx/nginx.conf-dist /usr/local/etc/nginx/nginx.conf

As soon as you first open the file, you’ll see the following at the very top:

/usr/local/etc/nginx/nginx.conf
#user  nobody;
worker_processes  1;

. . .

Uncomment the user directive by removing the pound sign (#) and then change the user from nobody to www. Then update the worker_processes directive which allows you to select how many worker processes Nginx will use. The optimal value to enter here isn’t always obvious or easy to find. Setting it to auto tells Nginx sets it to one worker per CPU core, which will be sufficient in most cases:

/usr/local/etc/nginx/nginx.conf
user  www;
worker_processes  auto;
. . .

Then you need to scroll down to the server block. With all comments removed, it will look like this:

/usr/local/etc/nginx/nginx.conf
. . .
    server {
        listen       80;
        server_name  localhost;

        location / {
            root   /usr/local/www/nginx;
            index  index.html index.htm;
        }

        error_page   500 502 503 504  /50x.html;

        location = /50x.html {
            root   /usr/local/www/nginx-dist;
        }
    }

You need to Delete this entire server block, which includes all the commented-out lines, and then you will have to replace it with the content mentioned below:

/usr/local/etc/nginx/nginx.conf
. . .
    server {
        access_log /var/log/nginx/example.com.access.log;
        error_log /var/log/nginx/example.com.error.log;
        listen       80;
        server_name  example.com www.example.com;

        location / {
            root   /usr/local/www/example.com/html;
            index  index.html index.htm;
        }
    }
. . .

This is what the directives will do, in this server block:

  • access_log: This directive defines the location of the server’s access logs is defined in this directive.
  • error_log: This particular directive defines the file in respect of where Nginx will write its error logs.
  • listen: Which port will Nginx should listen in onn is declared by the listen directive . In this case, we set it to port 80 so it can listen for HTTP traffic.
  • server_name: If you don’t have a domain name, point Nginx to your server’s public IP address.
  • root: This particular directive defines the website document root , which has been created earlier in this step.
  • index: The files that will be used as an index, and in which order they should be checked is declared by this directive.

After all the comments are removed the output will be like this :

/usr/local/letc/nginx/nginx.conf
user  www;
worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

    server {
        access_log /var/log/nginx/example.com.access.log;
        error_log /var/log/nginx/example.com.error.log;
        listen       80;
        server_name  example.com www.example.com;

        location / {
            root   /usr/local/www/example.com;
            index  index.html index.htm;
        }

    }

}

Now you need to save and close the file when you are finished and then test your configuration file for syntax errors by typing:

$ sudo nginx –t

If your configuration file do not have any detectable syntax errors, you will get the following output:

Output
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful

Now if you see following command returning with errors, you need to re-open the Nginx configuration file to the location where the errors will be found and you will have to solve the problem.

After your configuration checks out correctly you need to furtherand reload the Nginx service to sanction your changes:

$ sudo service nginx reload

If the above command returns with errors, re-open the Nginx configuration file to the location where the error was found and try to fix the problem.When your configuration checks out correctly, go ahead and reload the nginx service to enable your changes: sudo service nginx reload .Nginx should now be serving the content you set up in the index.html file. Test this by navigating to http://example.com, where you should see something like this:

Image Source: https://do.co/2Qn45AA

As a final step, we will go over some commands that will allow you to manage the Nginx service.

Managing the Nginx Process

Now that you have your web server up and running, let’s review some basic management commands.

In order to stop your web server, type:

$ sudo service nginx stop

If you want to start the Web Server whenit is stopped you can type:

$ sudo service nginx start

If you want to stop and then start the service again, type:

$ sudo service nginx restart.

If you simply want to make customization in the configuration ,youwill have to reload Nginx without dropping any connections. For which you need to type:

$ sudo service nginx reload

And now finally you know how to enable the nginx service by adding the nginx_enable=”YES” directive to the rc.conf file. If you’d like to disable the nginx service to keep it from starting up when the server boots, you would need to reopen that file and remove that line.

Conclusion

Thus from this blog you have now learned how to fully function the Nginx web server on your machine. From here, you can now encrypt your server’s web traffic by enabling HTTPS.

mm

Barry Davis is a Technology Evangelist who is joined to Webskitters for more than 5 years. A specialist in Website design, development & planning online business strategy. He is passionate about implementing new web technologies that makes websites perform better.

Facebooktwittergoogle_pluspinterestlinkedin

Interested in working with us?

We'd love to hear from you
Webskitters LLC
7950 NW 53rd St #337 Miami, Florida 33166
Phone: 732.218.7686