How to Install Drupal on Ubuntu Linux with Nginx

social media 3553807 640

This brief post shows students and new users how to install and use Drupal content management system (CMS) on Ubuntu Linux with Nginx HTTP web server. This post will also have a link to setup free Let’s Encrypt SSL certificates to secure your Drupal websites and applications.

Drupal is a free and open source CMS based on PHP and MySQL that also has many features and thousands of plugins and template or themes. If you want to create an online website or store, Drupal might be the simplest way to do it, especially if you will need support from users to manage and maintain the site.

This tutorial is based on Ubuntu Linux. We’ll be installing Nginx web server, MariaDB database server and PHP modules. We’ll also link to another post that will show you how to secure your Drupal website using Let’s Encrypt free SSL certificates.

For more about Drupal, please check its homepage

To get started with installing Drupal on Ubuntu Linux, follow the steps below:

How to install Nginx on Ubuntu Linux

As mentioned above, we’re going to be using Nginx web server to run Drupal. Drupal requires a web server to function, and Nginx is one of the most popular open source web servers available today.

To install Nginx on Ubuntu, run the commands below:

sudo apt update
sudo apt install nginx

After installing Nginx, the commands below can be used to stop, start and enable Nginx services to always start up everytime your server starts up.

sudo systemctl stop nginx.service
sudo systemctl start nginx.service
sudo systemctl enable nginx.service

To test whether Nginx is installed and functioning, open your web browser and browse to the server’s IP address or hostname.

http://localhost

nginx default home page test

If you see the above page in your browser, then Nginx is working as expected.

How to install MariaDB on Ubuntu Linux

A database server is required for Drupal to function. Drupal stores its content in a database, and MariaDB is probably the best database server available to run Drupal.

MariaDB is fast, secure and the default server for almost all Linux servers. To install MariaDB, run the commands below:

sudo apt install mariadb-server
sudo apt install mariadb-client

After installing MariaDB, the commands below can be used to stop, start and enable MariaDB services to always start up when the server boots.

sudo systemctl stop mariadb.service
sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service

Next, run the commands below to secure the database server with a root password if you were not prompted to do so during the installation.

sudo mysql_secure_installation

When prompted, use the guide below to answer:

If you've just installed MariaDB, and haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none): PRESS ENTER

Switch to unix_socket authentication [Y/n] n

Change the root password? [Y/n] n

Remove anonymous users? [Y/n] y

Disallow root login remotely? [Y/n] y

Remove test database and access to it? [Y/n] y

Reload privilege tables now? [Y/n] y

All done!

To verify and validate that MariaDB is installed and working, login to the database console using the commands below:

sudo mysql -u root -p

You should automatically be logged in to the database server since we initiated the login request as root. Only the root can login without password, and only from the server console.

mariadb welcome

If you see a similar screen as shown above, then the server was successfully installed.

How to install PHP-FPM on Ubuntu Linux

As we also mentioned above, we’re installing PHP on Ubuntu since Drupal requires it. PHP packages are added to Ubuntu repositories. The versions the repositories might not be the latest. If you need to install the latest versions, you’ll need to add a third party PPA repository.

To a third party repository with the latest versions of PHP, run the commands below.

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:ondrej/php

At the time of this writing, the latest PHP version 8.0.

sudo apt update

Next, run the commands below to install PHP 8.0 and related modules.

sudo apt install php8.0-fpm php8.0-common php8.0-mysql php8.0-gmp php8.0-curl php8.0-intl php8.0-mbstring php8.0-xmlrpc php8.0-gd php8.0-xml php8.0-cli php8.0-zip

Once PHP is installed, the commands below can be used to start, stop and enable PHP-FPM services to automatically startup when the server boots.

sudo systemctl stop php8.0-fpm
sudo systemctl start php8.0-fpm
sudo systemctl enable php8.0-fpm

Next, you’ll want to change some PHP configuration settings that work great with Drupal. Run the commands below to open PHP default configuration file.

sudo nano /etc/php/8.0/fpm/php.ini

Then change the line settings to be something line the lines below. Save your changes and exit.

file_uploads = On
allow_url_fopen = On
short_open_tag = On
memory_limit = 256M
cgi.fix_pathinfo = 0
upload_max_filesize = 100M
max_execution_time = 360
date.timezone = America/Chicago

How to create Drupal database on Ubuntu

At this point, we’re ready to create Drupal database. As mentioned above, Drupal uses databases to store its content.

To create a database for Drupal, run the commands below:

sudo mysql -u root -p

Then create a database called drupaldb

CREATE DATABASE drupaldb;

Next, create a database user called drupaldbuser and set password

CREATE USER 'drupaldbuser'@'localhost' IDENTIFIED BY 'new_password_here';

Then grant the user full access to the database.

GRANT ALL ON drupaldb.* TO 'drupaldbuser'@'localhost' WITH GRANT OPTION;

Finally, save your changes and exit.

FLUSH PRIVILEGES;
EXIT;

How to download Drupal

We’re ready to download Drupal and begin configuring it. First, run the commands below to download the latest version of Drupal from its repository.

To get Drupal latest release you may want to use GitHub repository. Install Composer, Curl and other dependencies to get started…

sudo apt install curl git
curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer

After installing curl and Composer above, change into the Nginx root directory and download Drupal packages from GitHub. Always replace the branch number with the latest branch.

To view Drupal releases, see this page.

cd /var/www/
sudo git clone --branch 9.2.5 https://git.drupal.org/project/drupal.git
cd /var/www/drupal
sudo composer install

Then run command below to allow www-data user to own the Drupal directory.

sudo chown -R www-data:www-data /var/www/drupal/
sudo chmod -R 755 /var/www/drupal/

How to configure Nginx for Drupal

We have downloaded Drupal content into a new folder we called Drupal. Now, let’s configure Nginx to create a new server block to use with our Drupal website. You can create as many server blocks with Nginx.

To do that, run the commands below to create a new configuration file called drupal.conf in the /etc/nginx/sites-available/ directory to host our Drupal server block.

sudo nano /etc/nginx/sites-available/drupal.conf

In the file, copy and paste the content below into the file and save.

server {
    listen 80;
    listen [::]:80;
    root /var/www/drupal;
    index  index.php index.html index.htm;
    server_name  example.com www.example.com;

    client_max_body_size 100M;
    autoindex off;

    location ~ \.*/.*\.php$ {
        return 403;
    }

    location ~ ^/sites/.*/private/ {
        return 403;
    }

    # Block access to scripts in site files directory
    location ~ ^/sites/[^/]+/files/.*\.php$ {
        deny all;
    }

    # Block access to "hidden" files and directories whose names begin with a
    # period. This includes directories used by version control systems such
    # as Subversion or Git to store control files.
    location ~ (^|/)\. {
        return 403;
    }

    location / {
        try_files $uri /index.php?$query_string;
    }

    location @rewrite {
        rewrite ^/(.*)$ /index.php?q=$1;
    }

    # Don't allow direct access to PHP files in the vendor directory.
    location ~ /vendor/.*\.php$ {
        deny all;
        return 404;
    }


    location ~ '\.php$|^/update.php' {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php8.0-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    # Fighting with Styles? This little gem is amazing.
    # location ~ ^/sites/.*/files/imagecache/ { # For Drupal <= 6
    location ~ ^/sites/.*/files/styles/ { # For Drupal >= 7
        try_files $uri @rewrite;
    }

    # Handle private files through Drupal. Private file's path can come
    # with a language prefix.
    location ~ ^(/[a-z\-]+)?/system/files/ { # For Drupal >= 7
        try_files $uri /index.php?$query_string;
    }
}

Save the file and exit.

After saving the file above, run the commands below to enable the new file that contains our Drupal server block. Restart Nginx after that.

sudo ln -s /etc/nginx/sites-available/drupal.conf /etc/nginx/sites-enabled/
sudo systemctl restart nginx.service

At this stage, Drupal is ready and can be launched by going to the server’s IP or hostname.

http://localhost

However, we want to make sure our server is protected with Let’s Encrypt free SSL certificates. So, continue below to learn how to generate Let’s Encrypt SSL certificate for websites.

How to setup Let’s Encrypt for Drupal

We have written a great post on how to generate and manage Let’s Encrypt SSL certificates for Nginx web server. You can use that post, to apply it here for your Drupal website.

To read the post on how to generate Let’s Encrypt SSL certificates for website, click on the link below:

How to Setup Let’s Encrypt on Ubuntu Linux with Nginx – Website for Students

If you were successful in generating a Let’s Encrypt SSL certificate, you should then reopen the server block for our Drupal website by running the commands below.

sudo nano /etc/nginx/sites-available/drupal.conf

The new Drupal server blocks configurations should look similar to the line below. Take notes of the highlighted lines.

  • The first server block listens on port 80.  It contains a 301 redirect to redirect HTTP to HTTPS.
  • The second server block listens on port 443. It contains a 301 redirect to redirect www to non-www domain.
server {
    listen 80;
    listen [::]:80;
    root /var/www/drupal;
    index  index.php index.html index.htm;
    server_name  example.com www.example.com;

    include snippets/well-known.conf;

    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    root /var/www/drupal;
    index  index.php index.html index.htm;
    server_name www.example.com;
   
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

    add_header Strict-Transport-Security "max-age=31536000;  includeSubDomains";
    
    include snippets/well-known.conf;

    return 301 https://example.com$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    root /var/www/drupal;
    index  index.php index.html index.htm;
    server_name example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 1d;
    ssl_session_tickets off;

    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 30s;

    ssl_dhparam /etc/ssl/certs/dhparam.pem;

    add_header Strict-Transport-Security "max-age=31536000;  includeSubDomains";
    add_header X-Frame-Options SAMEORIGIN;
    add_header X-Content-Type-Options nosniff;
    
    include snippets/well-known.conf;

    client_max_body_size 100M;

    location ~ \.*/.*\.php$ {
        return 403;
    }

    location ~ ^/sites/.*/private/ {
        return 403;
    }

    # Block access to scripts in site files directory
    location ~ ^/sites/[^/]+/files/.*\.php$ {
        deny all;
    }

    # Block access to "hidden" files and directories whose names begin with a
    # period. This includes directories used by version control systems such
    # as Subversion or Git to store control files.
    location ~ (^|/)\. {
        return 403;
    }

    location / {
        try_files $uri /index.php?$query_string;
    }

    location @rewrite {
        rewrite ^/(.*)$ /index.php?q=$1;
    }

    # Don't allow direct access to PHP files in the vendor directory.
    location ~ /vendor/.*\.php$ {
        deny all;
        return 404;
    }


    location ~ '\.php$|^/update.php' {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php8.0-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    # Fighting with Styles? This little gem is amazing.
    # location ~ ^/sites/.*/files/imagecache/ { # For Drupal <= 6
    location ~ ^/sites/.*/files/styles/ { # For Drupal >= 7
        try_files $uri @rewrite;
    }

    # Handle private files through Drupal. Private file's path can come
    # with a language prefix.
    location ~ ^(/[a-z\-]+)?/system/files/ { # For Drupal >= 7
        try_files $uri /index.php?$query_string;
    }
}

Save the file above, then restart Nginx and PHP using the commands below.

sudo systemctl reload nginx
sudo systemctl reload php8.0-fpm

Finally, if everything went as planned, you should be able to start Drupal setup wizard by browsing to the server hostname or IP address over HTTPS.

https://example.com/

A Drupal setup wizard should appear. Follow the wizard to complete the setup.

Select the installation language then click Save and Continue.

Drupal install composer

On the next screen, choose the Standard installation option to include commonly used features that are pre-configured.

This is the most popular options for most website running Drupal CMS.

drupal ubuntu install

Next, type in the database connection info and click Save and continue.

Drupal ubuntu setup

After that, enter the site information, including Site name, Site admin email address, username and password and continue.

Drupal ubuntu install

When you’re done, Drupal should be installed and ready to use. Login as admin and begin configuring your site.

Drupal Install Ubuntu

In the future when you want to upgrade to a new released version, simply run the commands below to upgrade…

sudo composer update /var/www/drupal/core --with-dependencies
cd /var/www/drupal
sudo composer require drush/drush
cd /var/www/drupal/vendor/drush/drush
./drush updatedb
./drush cr
sudo chown www-data:www-data /var/www/drupal
sudo chmod 755 /var/www/drupal

That’s it!

Conclusion:

This post showed you how to install Drupal on Ubuntu Linux with link to setting up Let’s Encrypt. If you find any error above, or have something to add, please use the comment form below.

2 Comments

  1. Hi am facing issues in running these commands as i had installed php 7.4
    Can u pls help

    1. What errors are you getting?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.