I re-built my LEMP web-server fresh on Ubuntu 26.04 and learned some
things along the way. This is my base build outline mostly created
for my own notes.
REMOVE UFW
Ubuntu came with ufw pre-installed and blocking all inbound web
traffic. As this doesn't work for a web-server, I simply removed it
entirely:
apt purge ufw
Why not just set it up properly? Because I use my cloud host's
network-based firewall instead.
REMOVE APACHE2
Apache was installed by default, and it conflicts with NGINX,
causing it not to start properly. Let's get rid of it.
apt purge apache2
INSTALL PACKAGES
nginx nginx-extras
mysql-server
php php-curl php-fpm php-gd php-mysql php-xmlrpc php-memcache
php-uploadprogress php-cli php-intl
CHECK HOSTS / HOSTNAME
Check /etc/hosts and /etc/hostname to make sure you have a proper
FQDN. If not, set it with
hostnamectl set-hostname myhostname.example.com
SETUP MYSQL
I. MySQL Secure Installation
* Do not use the validation plugin because it doesn't work with
PHPMyAdmin.
mysql_secure_installation
II. Set MySQL root password
mysql -u root
ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password
BY 'PASSWORD-GOES-HERE';
FLUSH PRIVILEGES;
EXIT;
systemctl restart mysql.service
SETUP PHP.INI
After looking at various sample PHP configs, I found just a few key
variables in php.ini that are most often tweaked.
As of Ubuntu 26.04, php.ini is located here: /etc/php/8.5/fpm/
I. Data Handling / File Uploads
post_max_size = 512 (as you like)
upload_max_filesize= 512 (as you like)
register_argc_argv = Off (default)
II. Resource Limits
max_execution_time = 30 (default)
max_input_time = 60 (default)
max_input_vars = 1000 (default)
memory_limit = 128 (default)
III. Language Options
output_buffering = Off (Joomla wants this)
PHP PM.MAX_CHILDREN
Open this config file:
/etc/php/8.5/fpm/pool.d/www.conf
Find pm.max_children and raise it to something like 10 or more.
Monitor the PHP logs for pm.max_children errors.
INSTALL / SETUP PHPMYADMIN
apt install phpmyadmin
SETUP POSTFIX
I use postfix if the server needs local mail services.
apt install postfix
* I set it up as "Internet Site," and I use a spare domain separate
from any main inbound mail domain. I use the same domain as
the server's hostname.
* Config is here: /etc/postfix/main.cfg
NGINX
I. Setup Self-Signed SSL Certs
mkdir /etc/nginx/ssl
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout
/etc/nginx/ssl/selfssl.key -out /etc/nginx/ssl/selfssl.crt
II. Move over the NGINX global and site config files.
CRONTABS
Reconfigure any cron jobs from the old server:
crontab -e -u www-data
RCLONE
RClone is useful for moving backups to cloud storage.
apt install rclone
I. Copy rclone config from /root/.config/rclone on old server.
II. Confirm file permissions on the config file just in case:
chmod 600 ~/.config/rclone/rclone.conf
II. Copy rclone crontab from old server.
MIGRATE JOOMLA W/ AKEEBA BACKUP
I used Akeeba Backup's SSH post-processing option (non-CURL) to
migrate Joomla to the new server. The package PHP SSH2 was required
on the source server.
apt install php-ssh2
POST-MIGRATION CHECKS & CLEANUP
- Cloudflare
- DNS
- Anything that uses callbacks or api
- Joomla search index rebuild / maintenance
- Joomla tag tree rebuild
Ubuntu 26.04 Nginx Build Outline
- Details