How to Install Nginx Mainline on Rocky Linux 9/8

Nginx Mainline offers an enhanced web server experience, ideal for those running Rocky Linux, a distribution based on RHEL. Utilizing the latest features and improvements ensures web application performance, security, and flexibility.

Key Benefits of Upgrading to Nginx Mainline:

• Cutting-edge Features: Access to the latest enhancements and bug fixes.
• Enhanced Performance: Improved speed and efficiency for handling web traffic.
• Security Updates: Regular patches for the newest security vulnerabilities.
• Advanced Modules: Support for additional modules and third-party extensions.
• Better Resource Management: Optimized for handling higher loads with fewer resources.
• Improved HTTP/2 Support: Faster and more reliable connections.
• Dynamic Modules: Easier to extend and customize with dynamically loadable modules.

With the introduction out of the way, let’s explore how to install Nginx Mainline on Rocky Linux, utilizing the command-line terminal with the Nginx.org repository for the latest version.

Nginx Mainline Pre-Installation Steps

Step 1: Update Rocky Linux Before Nginx Mainline Installation

To ensure a smooth installation of Nginx Mainline, start by updating your Rocky Linux system. This step is critical to avoid potential conflicts by ensuring all existing packages are up-to-date. Execute the command below to refresh your repository and upgrade your system packages:

sudo dnf upgrade --refresh

Step 2: Remove Previous Nginx Installation

Note: If Nginx is already installed on your system, preparing for a clean Nginx Mainline installation is essential. Begin by backing up and then removing the current Nginx installation.

Backup Existing Nginx Configuration

Backing up your current Nginx configuration is a crucial step. It allows you to retain your existing settings, which can be helpful for future reference or restoration purposes. To create a backup of your Nginx configuration file, execute:

sudo mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.old

This command renames the existing configuration file, effectively preserving it while preventing conflicts with the new installation.

Stop Current Nginx Service

Before uninstalling Nginx, it’s necessary to stop the running service. This avoids operational conflicts during the removal process. Use the following command to stop the Nginx service:

sudo systemctl stop nginx

Halting the Nginx service ensures that the system is ready to uninstall the existing Nginx version.

Uninstall Existing Nginx

To proceed with a clean installation environment for Nginx Mainline, remove the existing Nginx version. The following command not only removes Nginx but also cleans up any orphaned packages associated with it:

sudo dnf autoremove nginx*

This command ensures your system is free from previous Nginx installations and related packages, setting the stage for a fresh Nginx Mainline setup.

Import Nginx.org RPM For Nginx Mainline

Understanding the Nginx Repository

For those seeking the latest features and updates, importing the Nginx repository is recommended. This method ensures access to the most recent versions of Nginx. Unlike other installation methods, using the Nginx repository provides the latest mainline or stable versions directly from Nginx.org.

Command to Import Nginx Mainline and Stable Repositories

Use the following command to import both the mainline and stable versions of Nginx. Note that the stable version is enabled by default. Instructions on switching to the mainline version will be provided later in this tutorial.

Ensure you use the correct repository for your specific version of Rocky Linux. Using an incorrect repository can lead to installation issues or system instabilities.

Importing Nginx Mainline Repository for 9

Use the command below for Rocky Linux 9 systems:

sudo tee /etc/yum.repos.d/nginx-mainline.repo<<EOF

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/9/x86_64/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

EOF

Users with aarch architecture, please modify the command above by replacing the base URL. Change:

baseurl=http://nginx.org/packages/mainline/centos/9/x86_64/

to

baseurl=http://nginx.org/packages/mainline/centos/9/aarch64/

This modification ensures the repository is compatible with your system architecture.

Importing the Nginx Stable Repository

To opt for the latest stable release of Nginx, use the following command:

sudo tee /etc/yum.repos.d/nginx-stable.repo<<EOF

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/9/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

EOF

For systems using aarch64 architecture, alter the base URL by removing the /mainline/ section:

baseurl=http://nginx.org/packages/centos/9/x86_64/

to

baseurl=http://nginx.org/packages/centos/9/aarch64/

Basically, remove the /mainline/ section of the baseurl. Again, this ensures compatibility with your architecture if you are certain your system requires aarch64.

Importing Nginx Mainline Repository for 8

For Rocky Linux 8, the following command will import the Nginx mainline version. As with the EL9 setup, adjust the base URL if your system architecture differs from x86_64.

sudo tee /etc/yum.repos.d/nginx-mainline.repo<<EOF

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/centos/8/x86_64/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

EOF

Importing Nginx Stable for Rocky Linux 8

To import the stable version for Rocky Linux 8, use this command:

sudo tee /etc/yum.repos.d/nginx-stable.repo<<EOF

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/8/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

EOF

Enabling the Imported Repository

Initially, the stable version of Nginx is set as the default. To use the mainline version, you must first enable the repository you imported. Begin by installing the DNF-utils package, which provides essential tools for managing repositories and packages:

sudo dnf install dnf-utils -y

The -y flag automatically confirms the installation, streamlining the process.

Enabling Nginx Mainline Repository

The next step for users who prefer the mainline version of Nginx is to enable the mainline repository. This step is not necessary if you wish to install the stable version.

Enable the mainline repository using the following command:

sudo yum-config-manager --enable nginx-mainline

This command adjusts your system configuration to prioritize the mainline version of Nginx for installation.

Install Nginx Mainline on Rocky Linux via DNF command

With the mainline repository enabled, proceed to install Nginx Mainline:

sudo dnf install nginx

This command installs the Nginx mainline version, ensuring you have the latest features and updates available.

Reverting to Stable Version

If at any point you decide to switch back to the stable version of Nginx, you’ll need to disable the mainline repository and reinstall Nginx. First, remove the existing Nginx installation:

sudo dnf remove nginx

Then, disable the mainline repository:

sudo dnf-config-manager --disable nginx-mainline

Finally, reinstall Nginx, which will now fetch the stable version:

sudo dnf install nginx

This process ensures you can easily switch between Nginx’s mainline and stable versions, depending on your requirements and preferences.

Configure Firewalld for Nginx

Allowing HTTP and HTTPS Traffic

When setting up Nginx for the first time on Rocky Linux, configuring the firewall is a crucial step. This configuration ensures that your server can handle web traffic securely and efficiently.

Allowing HTTP Traffic

To allow HTTP traffic, which is essential for standard web requests, use the following command:

sudo firewall-cmd --permanent --zone=public --add-service=http

This command modifies the firewall settings to permanently allow incoming HTTP traffic in the public zone. The --permanent flag ensures that the rule persists across system reboots.

Allowing HTTPS Traffic

For secure web traffic, HTTPS must also be allowed through the firewall. Execute the following command to allow HTTPS:

sudo firewall-cmd --permanent --zone=public --add-service=https

This command similarly updates the firewall rules to permit HTTPS traffic, enhancing the security of data transmitted to and from your server.

Applying Firewall Changes

After adjusting the firewall settings, it’s necessary to apply these changes. To do this, reload the firewall using the command:

sudo firewall-cmd --reload

Reloading the firewall implements the new rules without interrupting current connections.

Conclusion

In this guide, we walked through the streamlined process of installing Nginx Mainline on Rocky Linux 9 or 8, ensuring you’re equipped with the latest web server capabilities. From updating your system and removing previous Nginx installations to configuring the Firewalld for secure web traffic, each step was designed to provide a quick easy setup. As you use Nginx Mainline, regularly check for updates and maintain your firewall settings for optimal performance and security. With these final tips in mind, you’re all set to harness the full potential of Nginx Mainline on your Rocky Linux server.