OS Ubuntu 20.04
The LEMP stack consists of open source software to get web servers up and running. Available as a one-click install, get NGINX, MySQL, and PHP-FPM installed on your Droplet in less than a minute.
In addition to the package installation, the 1-Click also:
22
, rate limited), HTTP (port 80
), and HTTPS (port 443
) access.mysql_secure_installation
.debian-sys-maint
user in MySQL so the system’s init scripts for MySQL will work without requiring the MySQL root
user password.After you create a LEMP 1-Click Droplet:
root
using either the password you set when you created the Droplet or with an SSH key, if you added one during creation./root/.digitalocean_password
./var/www/html
.php -i
.In addition, there are a few customized setup steps that we recommend you take.
Creating an Nginx server block file for each site maintains the default configuration as the fallback, as intended, and makes it easier to manage changes when hosting multiple sites.
To do so, you’ll need to create two things for each domain: a new directory in /var/www
for that domain’s content, and a new server block file in /etc/nginx/sites-available
for that domain’s configuration. For a detailed walkthrough, you can follow How to Set Up Nginx Server Blocks.
Setting up an SSL certificate enables HTTPS on the web server, which secures the traffic between the server and the clients connecting to it. Certbot is a free and automated way to set up SSL certificates on a server. It’s included as part of the LEMP One-Click to make securing the Droplet easier.
To use Certbot, you’ll need a registered domain name and two DNS records:
example.com
) to the server’s IP addresswww
(e.g., www.example.com
) to the server’s IP addressAdditionally, if you’re using a virtual hosts file, you’ll need to make sure the server name directive in the VirtualHost block (e.g., ServerName example.com
) is correctly set to the domain.
Once the DNS records and, optionally, the virtual hosts files are set up, you can generate the SSL certificate. Make sure to substitute the domain in the command.
certbot --nginx -d example.com -d www.example.com
HTTPS traffic on port 443
is already allowed through the firewall. After you set up HTTPS, you can optionally deny HTTP traffic on port 80
:
ufw delete allow 80/tcp
For a more detailed walkthrough, you can follow How to Secure Nginx with Let’s Encrypt or view Certbot’s official documentation.
You can serve files from the web server by adding them to the web root (/var/www/html
) using SFTP or other tools.
A newly-created LEMP Droplet includes an index.html
web page. You can change this by uploading a custom index.html
file or remove it.
In addition to creating a Droplet from the LEMP 1-Click App via the control panel, you can also use the DigitalOcean API.
As an example, to create a 4GB LEMP Droplet in the SFO2 region, you can use the following curl command. You’ll need to either save your API access token to an environment variable or substitute it into the command below.
curl -X POST -H 'Content-Type: application/json' \
-H 'Authorization: Bearer '$TOKEN'' -d \
'{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image":"lemp-20-04"}' \
"https://api.digitalocean.com/v2/droplets"
Developers supporting developers
Ask anything related to system administration, programming, devops, open source, or the DigitalOcean platform.
Partner with us to build traction for your open source project or software company