Nginx, a high-performance web server, is a vital tool for many web developers and system administrators. When opting to install Nginx Mainline on Rocky Linux 9 or the older stable Enterprise Linux release of Rocky Linux 8, it’s essential to note that the default repositories might not provide the latest stable or mainline versions. This is due to the distribution’s emphasis on package stability, prioritizing only urgent bugs or security updates until the next major release.
Key Steps for Installation:
- Official Repository: This guide will demonstrate how to utilize the official Nginx.org repository to ensure you get the latest versions.
- Version Selection: We’ll detail the process for importing both the stable and mainline versions, allowing you to choose based on your requirements.
- Repository Management: Learn how to enable or disable specific repositories, giving you greater control over your package sources.
By following this guide, you’ll be equipped to harness the full capabilities of the latest Nginx versions on your Rocky Linux system, ensuring optimal performance and the latest features.
Table of Contents
Update Rocky Linux Before Nginx Mainline Installation
Before you begin, update your system to ensure all packages are up-to-date to avoid conflicts.
sudo dnf upgrade --refresh
Remove Previous Nginx Installation on Rocky Linux 9 or 8
If you have Nginx already installed, it is best to back up the original Nginx folder in case you need to re-use any configurations or look for settings and then remove the existing installation to avoid any inconsistencies when installing the Nginx Mainline version on Rocky Linux.
First, back up your Nginx configuration for safekeeping.
sudo mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.old
Stop Nginx using the system stop command as follows.
sudo systemctl stop nginx
Next, remove Nginx using the following command.
sudo dnf autoremove nginx*
Import Nginx.org RPM For Nginx Mainline on Rocky Linux 9 or 8
The task is to import the Nginx repository, which will always give you the latest version. This is the best method of installing Nginx over all other techniques for those wanting the latest versions.
Use the following command to import the Nginx mainline and stable. By default, the stable will be enabled, but later on, the tutorial will show you how to enable the mainline over the stable version.
Do not forget to copy the correct repository for your version of Rocky Linux. If you do not, then you will most likely be able to install Nginx or if you do have system instabilities.
Import Nginx Mainline Repository for EL9
sudo tee /etc/yum.repos.d/nginx-mainline.repo<<EOF [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/9/x86_64/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true EOF
Users with aarch architecture, please modify the command above by replacing the base URL. Change:
This ensures compatibility with your architecture.
For those who do not want to use the latest Nginx mainline edition, you can optionally import the latest stable release, which will upgrade your installation.
sudo tee /etc/yum.repos.d/nginx-stable.repo<<EOF [nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/9/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true EOF
Again as the same with Nginx Mainline for Rocky Linux 9, users with aarch architecture, please modify the command above by replacing the base URL. Change:
Basically, remove the /mainline/ section of the baseurl. Again, this ensures compatibility with your architecture if you are certain your system requires aarch64.
Import Nginx Mainline Repository for EL8
Use the following command to import the Nginx mainline version for Rocky Linux 8:
Don’t forget to modify the baseurl= if your system utilizes another architecture other than x86_64. Refer to the examples in the last section with Rocky Linux 9 and modify to adapt for Rocky Linux 8.
sudo tee /etc/yum.repos.d/nginx-mainline.repo<<EOF [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/8/x86_64/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true EOF
Like with the Rocky Linux 9 section, you can import the latest Nginx stable version if you prefer:
sudo tee /etc/yum.repos.d/nginx-stable.repo<<EOF [nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/8/x86_64/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true EOF
Install Nginx Mainline on Rocky Linux 9 or 8
By default, the stable version is enabled. The first task is to enable the repository you imported. First, you need to install the DNF-utils package.
sudo dnf install dnf-utils -y
Next, the tutorial will enable the mainline version; users who want to install the stable version do not need to use the following command.
sudo yum-config-manager --enable nginx-mainline
Now, install the Nginx mainline.
sudo dnf install nginx
If you want to revert to stable from the mainline, remove Nginx, disable the mainline branch using the following command, and re-install Nginx, which will install the latest stable version from Nginx.org.
sudo yum-config-manager --disable nginx-mainline
Configure Firewalld for Nginx on Rocky Linux 9 or 8
If you are not replacing an existing Nginx service and installing Nginx for the first time, you may need to configure the firewall for HTTP and HTTPS traffic. An example of how to do this is below:
Allow HTTP traffic to use the following command:
sudo firewall-cmd --permanent --zone=public --add-service=http
Allow HTTPS traffic using the following command.
sudo firewall-cmd --permanent --zone=public --add-service=https
Once done, you need to make the changes effective by reloading the firewall:
sudo firewall-cmd --reload
At this point, you have installed the latest version of Nginx from its official repository with the tutorial installing the mainline version. Still, as the tutorial has demonstrated, you can keep the stable version of Nginx, but this time, grab it directly from Nginx.org so you will always have the latest up-to-date version, no matter what branch you decide.