How to Install and Configure Nginx on CentOS 7?

Nginx is a popular web server that is known for its high performance, scalability, and low resource usage. It is commonly used as a reverse proxy, load balancer, and HTTP cache. In this article, we will discuss how to install and configure Nginx on CentOS 7.

Step 1: Update System

Before installing any packages, it's essential to update your system to the latest version. Run the following command

sudo yum update

Step 2: Install Nginx

Once the system is updated, we can proceed with the installation of Nginx. Install Nginx using the following command

sudo yum install nginx

The installation process will start, and you will be prompted to confirm the installation by typing 'y' and pressing Enter.

Step 3: Start Nginx and Enable it to Start on Boot

After the installation is complete, start the Nginx service by running the following command

sudo systemctl start nginx

To enable Nginx to start automatically at boot time, run the following command

sudo systemctl enable nginx

Step 4: Configure Firewall to Allow Nginx Traffic

By default, CentOS 7 comes with a firewall enabled. We need to allow HTTP traffic through the firewall to access the web server. Allow HTTP traffic using the following commands

sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --reload

Step 5: Test Nginx Installation

Now that we have installed and configured Nginx, we can test it by visiting the web server's IP address in a web browser. In a web browser, navigate to

http://your_server_ip_address/

If everything is configured correctly, you should see the default Nginx welcome page.

Step 6: Configure Nginx

The default Nginx configuration file is located at /etc/nginx/nginx.conf. Before making any changes to the configuration file, create a backup by running the following command

sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak

Now edit the original file using a text editor. In this example, we'll use nano

sudo nano /etc/nginx/nginx.conf

The main Nginx configuration file is divided into several blocks, including http, server, and location blocks. The http block is the main configuration block and contains global settings for the web server.

After making any changes to the configuration file, test the configuration file for syntax errors using the following command

sudo nginx -t

If there are no syntax errors, reload the Nginx configuration using the following command

sudo systemctl reload nginx

Step 7: Configure Virtual Hosts

Nginx allows us to configure virtual hosts, which are used to serve different websites or applications on the same server. To create a virtual host, we need to create a new server block in the Nginx configuration file.

First, create a new configuration file for your virtual host

sudo nano /etc/nginx/conf.d/example.com.conf

In this file, add a server block for your virtual host, which will contain configuration settings for your website

server {
    listen 80;
    server_name example.com;
    root /var/www/example.com;
    index index.html;

    location / {
        try_files $uri $uri/ /index.html;
    }
}

In this example, we are configuring a virtual host for a website with the domain name example.com. The root directive specifies the document root directory for the website, and the index directive specifies the default index file to serve.

The location block specifies configuration settings for requests that match a specific URL or URL pattern. Here, we use the try_files directive to attempt to serve the requested file or directory, and if it doesn't exist, serve the index.html file.

After adding the configuration for your virtual host, test the configuration file for syntax errors

sudo nginx -t

If there are no syntax errors, reload the Nginx configuration to apply the changes

sudo systemctl reload nginx

Step 8: Enable HTTPS with SSL/TLS Certificates

To secure your website with HTTPS, you need to obtain an SSL/TLS certificate from a trusted certificate authority (CA). You can obtain a free SSL/TLS certificate from Let's Encrypt using the Certbot tool.

First, install the Certbot tool

sudo yum install certbot python2-certbot-nginx

Next, run the following command to obtain and install an SSL/TLS certificate for your virtual host

sudo certbot --nginx -d example.com

This command will automatically obtain a certificate from Let's Encrypt and configure Nginx to use it for your virtual host.

After obtaining the certificate, configure Nginx to redirect all HTTP traffic to HTTPS by adding the following server block to your virtual host configuration

server {
    listen 80;
    server_name example.com;
    return 301 https://$server_name$request_uri;
}

This server block will redirect all HTTP traffic to HTTPS using a 301 redirect.

Step 9: Enable Nginx as a Reverse Proxy

Nginx is often used as a reverse proxy server to distribute traffic across multiple application servers. This can improve performance and scalability of web applications.

To enable Nginx to proxy requests to application servers, create a new server block in the Nginx configuration file that defines upstream servers

upstream app_servers {
    server 10.0.0.1:8000;
    server 10.0.0.2:8000;
}

In this example, we define an upstream group named app_servers that contains two application servers with IP addresses 10.0.0.1 and 10.0.0.2, listening on port 8000.

Next, add a new server block to your Nginx configuration file that proxies requests to the upstream servers

server {
    listen 80;
    server_name example.com;

    location / {
        proxy_pass http://app_servers;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_connect_timeout 60s;
        proxy_send_timeout 60s;
        proxy_read_timeout 60s;
    }
}

Step 10: Configure Load Balancing

Nginx can distribute incoming requests across multiple backend servers using different load balancing algorithms. The default method is round-robin, but you can also use least_conn or ip_hash.

upstream backend_servers {
    least_conn;
    server 10.0.0.1:8000;
    server 10.0.0.2:8000;
    server 10.0.0.3:8000;
}

server {
    listen 80;
    server_name example.com;

    location / {
        proxy_pass http://backend_servers;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

Step 11: Monitor Nginx with Systemd

Systemd provides tools for managing and monitoring the Nginx service. Use the following commands to monitor Nginx

View the status of the Nginx service

sudo systemctl status nginx

View logs for the Nginx service

sudo journalctl -u nginx

Follow Nginx logs in real-time

sudo journalctl -u nginx -f

Common Nginx Commands

Command	Purpose
sudo nginx -t	Test configuration syntax
sudo systemctl reload nginx	Reload configuration without stopping
sudo systemctl restart nginx	Restart Nginx service
sudo systemctl stop nginx	Stop Nginx service

Conclusion

Nginx is a powerful and efficient web server that offers high performance, scalability, and low resource usage. This guide covered the complete installation and configuration process on CentOS 7, including virtual hosts, SSL/TLS certificates, reverse proxy setup, and load balancing. With these configurations, you can deploy a robust web server infrastructure capable of handling high-traffic applications.