FreeBSD is Fun

Practical recipes for FreeBSD

Your own NGINX web server

Posted

by

shogun

Category

This is an updated version of a tutorial originally posted in Metin2Dev in 2014.

Today I will explain how to set up the nginx webserver in FreeBSD. While Apache has a long tradition, it has been overtaken performance wise by newer, more robust software like nginx, as can be seen in this comparison graph depicting both web server’s ability to handle heavy traffic (okay this graph is old but this point is well known by now so no need to sell it!)

nginx-apache-reqs-sec.png

FreeBSD and nginx make a particularly powerful combination thanks to their raw performance, even being used by streaming giant Netflix for delivering video on demand.

Getting set up is simple; all you need is to install the precompiled package:

pkg install nginx

The nginx configuration file can be found in /usr/local/etc/nginx/nginx.conf and it’s divided into so-called contexts: the http context is defining server wide variables and “server” defining specific variables for a site. This is, more or less, what a barebones configuration may look like; you can copy it straight away or use it as a reference to edit yours. In multi site environments, the best practice is to create server snippets under the sites-enabled subfolder which are then included from the main nginx.conf.

Note: for your webserver machine I would advise creating the /home/www folder (don’t forget chown www:www /home/www) and using this “www” user to login to your server as unprivileged user. You’re welcome to read my article on SSH keys for further instructions.

user  www;
worker_processes  auto;

events {
    worker_connections  1024;
}

http {
        include       mime.types;
        default_type  application/octet-stream; 

        client_max_body_size 8m; 
        index index.php;
        sendfile on; 
        keepalive_timeout  30; 
        gzip on; 

        upstream php {
                server unix:/var/run/php-fpm.sock;
        }

        server {
                listen 80 default_server;
                listen [::]:80 default_server;
                server_name mysite.com;
                root /home/www/mysite;
                location ~ \.php$ {
                        try_files $uri =404;
                        fastcgi_pass   php;
                        fastcgi_index  index.php;
                        include        fastcgi_params;
                }
        }

        #include sites-enabled/*;
}

The only things you would need to change here (in principle) are the server_name and root directives. This will suffice for a single site setup, either without https or using Cloudflare’s Flexible SSL mode which does not require you to support SSL or even have port 443 open on your side. After changing your DNS records -again an instant process if going through Cloudflare- you can now test whether your site works.

Now we are ready to serve pages, but since we will probably not just be serving a static website, we probably need php-fpm as well. If we are feeling adventurous, we could install version 8.1 of the PHP language which is the newest available at this moment.

pkg install php81
pkg install php81-extensions

That’s all. Now it’s time to upload our pages to the /home/www/mysite folder and start our webserver:

service nginx onestart
service php-fpm onestart

If there is anything wrong, we can check the access and error logs, or head straight to the troubleshooting PHP sites article before we start pulling out our hairs:

tail -f /var/log/nginx/error.log

All good? Great success! Now let’s set both nginx and php-fpm to start automatically:

sysrc nginx_enable="YES"
sysrc php_fpm_enable="YES"

Not feeling confident? You can always hire me to perform this or any other of the administrative tasks described in this blog.

Leave a Reply

Your email address will not be published. Required fields are marked *