Configure Web Sites for NGINX

Details
Read Time: 5 mins

This article describes how to configure web sites on an NGINX based web server.

Prerequisites

At this point, you need to have an NGINX web server installed and running. If you are new to NGINX and need to install from scratch, refer to this article: Install & Run an NGINX Web Server on Ubuntu Linux.

Configure NGINX

You should find the sites' configuration files here: /etc/nginx/sites-available

The web pages' content here: /var/www

As an example, we configure now the domain my www.domain.tld

Firewall Settings

To get access to the server from the internet you need to open port 80 and 443 (for  HTTPS://) in the firewall.

Web Site Content / Data

Following our guidelines, the web sites data (i.e. the .html files with the html-code) will go into: /var/www/domain.tld/www

Each domain name, here domain.tld, will get its own directory under /var/www

The directory below the domain name's directory www will be set for each separate content area. For our default www this is then ../domain.tld/www for www.domain.tld. In case we would also have a separate area such as test.domain.tld, this would go into ../domain.tld/test.

Let's start with very simple content, this would go into an index.html file: /var/www/domain.tld/www/index.html:

Welcome to the domain www.domain.tld run on NGINX! Seems that you successfully configured your domain!

Configure a Virtual Host in NGINX

Simple Configuration

To test the domain after configuration, be reminded to set up your domain name with you current server's IP address (for more information have a look at the article Attach a Domain Name to the Static IP Address).

The configuration files of the site will be stored here: /etc/nginx/sites-available

In this directory you will find by default the file default with configuration examples.

Simple configuration file for HTTP for domain www.domain.tld:


# Virtual Host configuration for domain.tld
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
server {
        listen 80;
        listen [::]:80;

        server_name domain.tld;

        root /var/www/domain.tld/www;
        index index.html;

        location / {
                try_files $uri $uri/ =404;
        }
}

The active version for enabled sites needs to go into directory /etc/nginx/sites-enabled.

Therefore we symlink from sites-available to sites-enabled:

sudo ln -s /etc/nginx/sites-available/domain.tld /etc/nginx/sites-enabled/domain.tld

Check the consistency of the configuration files with

nginx -t

Then reload NGINX and make the changes active:

sudo systemctl reload nginx

For a newly installed NGINX the symbolic link default in folder sites-enabled may work like a "catch all" and may prevent that your own site is shown as expected. Just delete the symbolic link (the file default should remain in sites-available as an example that you can use for reference):

sudo rm /etc/nginx/sites-enabled/default

Now test it in your browser: http://www.domain.tld :

Your own site's configuration text

With this, your NGINX web server would be up and running.

The configuration from above, it does only listen to HTTP:// (and not HTTPS://) without certificate and encryption.

Configuration for secured web sites

To use secured web sites, you need to obtain a valid certificate from a Certificate Authority (CA), such as Let's Encrypt.

Find the details how to do that in article Get TLS Certificates (via Let’s Encrypt) in NGINX.

Once you are having the certificate installed, configure the NGINX configuration /etc/ngnix/sites-enabled/domain.tld with the editor nano:

sudo nano /etc/ngnix/sites-enabled/domain.tld
# Virtual Host configuration for domain.tld
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
server {
        listen 80;
        listen [::]:80;
        listen 443 ssl http2;
        listen [::]:443 ssl http2;

        server_name domain.tld;

        ssl_certificate /etc/letsencrypt/domain.tld-fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/domain.tld-key.pem;

        if ($ssl_protocol = "") {
           return 301 https://$server_name$request_uri;
       }
}

Now test the configuration:

nginx -t

Reload NGINX again so that the new configuration becomes effective:

sudo systemctl reload nginx

With this, you are having now your web server up and running.