Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Follow me on Twitter
Last edited 08/26/2011

This tutorial shows how you can install and run Magento 1.6.0.0 on a Debian Squeeze or Ubuntu 11.04 system that has nginx installed instead of Apache (LEMP = Linux + nginx (pronounced "engine x") + MySQL + PHP). Magento is an open-source, feature-rich ecommerce platform; I will use the Magento Community Edition here which is licensed under an open source certified license (OSL v3.0). nginx is a HTTP server that uses much less resources than Apache and delivers pages a lot of faster, especially static files.

I do not issue any guarantee that this will work for you!

1 Preliminary Note

I want to install Magento in a vhost called www.example.com/example.com here with the document root /var/www/www.example.com/web.

You should have a working LEMP installation, as shown in these tutorials:

• Installing Nginx With PHP5 And MySQL Support On Debian Squeeze
• Installing Nginx With PHP5 (And PHP-FPM) And MySQL Support On Ubuntu 11.04

A note for Ubuntu users:

Because we must run all the steps from this tutorial with root privileges, we can either prepend all commands in this tutorial with the string sudo, or we become root right now by typing

sudo su

2 Installing APC

APC is a free and open PHP opcode cacher for caching and optimizing PHP intermediate code. It's similar to other PHP opcode cachers, such as eAccelerator and XCache. It is strongly recommended to have one of these installed to speed up your PHP page.

APC can be installed as follows:

apt-get install php-apc

If you use PHP-FPM as your FastCGI daemon (like in Installing Nginx With PHP5 (And PHP-FPM) And MySQL Support On Ubuntu 11.04), restart it as follows:

/etc/init.d/php5-fpm restart

If you use lighttpd's spawn-fcgi program as your FastCGI daemon (like in Installing Nginx With PHP5 And MySQL Support On Debian Squeeze), we must kill the current spawn-fcgi process (running on port 9000) and create a new one. Run

netstat -tap

to find out the PID of the current spawn-fcgi process:

root@server1:~# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 *:sunrpc                *:*                     LISTEN      734/portmap
tcp        0      0 *:www                   *:*                     LISTEN      2987/nginx
tcp        0      0 *:ssh                   *:*                     LISTEN      1531/sshd
tcp        0      0 *:57174                 *:*                     LISTEN      748/rpc.statd
tcp        0      0 localhost.localdom:smtp *:*                     LISTEN      1507/exim4
tcp        0      0 localhost.localdom:9000 *:*                     LISTEN      1542/php5-cgi
tcp        0      0 localhost.localdo:mysql *:*                     LISTEN      1168/mysqld
tcp        0     52 server1.example.com:ssh 192.168.0.198:2462      ESTABLISHED 1557/0
tcp6       0      0 [::]:www                [::]:*                  LISTEN      2987/nginx
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN      1531/sshd
tcp6       0      0 ip6-localhost:smtp      [::]:*                  LISTEN      1507/exim4
root@server1:~#

In the above output, the PID is 1542, so we can kill the current process as follows:

kill -9 1542

Afterwards we create a new spawn-fcgi process:

/usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www-data -g www-data -f /usr/bin/php5-cgi -P /var/run/fastcgi-php.pid

3 Installing Magento

The document root of my www.example.com web site is /var/www/www.example.com/web - if it doesn't exist, create it as follows:

mkdir -p /var/www/www.example.com/web

You can now either download Magento 1.6.0.0 from http://www.magentocommerce.com/download/get-started to your client PC, uncompress it and upload the contents of the magento folder to your document root (/var/www/www.example.com/web), or you do it as follows on the command line:

cd /tmp
wget http://www.magentocommerce.com/downloads/assets/1.6.0.0/magento-1.6.0.0.tar.gz
tar xvfz magento-1.6.0.0.tar.gz
mv magento/* magento/.htaccess /var/www/www.example.com/web/

It is recommended to make the document root and the Magento files in it writable by the nginx daemon which is running as user www-data and group www-data:

chown -R www-data:www-data /var/www/www.example.com/web

If you have downloaded and uncompressed Magento in your /tmp directory, you can clean it up as follows:

cd /tmp
rm -rf magento/ magento-1.6.0.0.tar.gz

If you haven't already created a MySQL database for Magento (including a MySQL Magento user), you can do that as follows (I name the database magento in this example, and the user is called magento_admin, and his password is magento_admin_password):

mysql -u root -p

CREATE DATABASE magento;

GRANT ALL PRIVILEGES ON magento.* TO 'magento_admin'@'localhost' IDENTIFIED BY 'magento_admin_password';
GRANT ALL PRIVILEGES ON magento.* TO 'magento_admin'@'localhost.localdomain' IDENTIFIED BY 'magento_admin_password';

FLUSH PRIVILEGES;

quit;

Because you can run your Magento shop website under http and under https (that's totally up to you if you want to offer https, but recommended if your customers submit sensitive data such as credit card numbers, etc.), we need to add the following section to the http {} section in /etc/nginx/nginx.conf (before the two include lines) which determines if the visitor uses http or https and sets the $fastcgi_https variable (which we will use in our www.example.com vhost) accordingly:

vi /etc/nginx/nginx.conf

[...]
http {
[...]
        ## Detect when HTTPS is used
        map $scheme $fastcgi_https {
          default off;
          https on;
        }

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}
[...]

Next we create an nginx vhost configuration for our www.example.com vhost in the /etc/nginx/sites-available/ directory as follows:

vi /etc/nginx/sites-available/www.example.com.vhost

server {
    listen 80;

    ## SSL directives might go here
    ## see http://www.howtoforge.com/how_to_set_up_ssl_vhosts_under_nginx_plus_sni_support_ubuntu_11.04_debian_squeeze
    ## if you want to enable SSL for this vhost

    server_name www.example.com example.com;
    root /var/www/www.example.com/web;

    ## rewrites example.com to www.example.com
    if ($http_host != "www.example.com") {
        rewrite ^ $scheme://www.example.com$request_uri permanent;
    }

    location / {
        index index.html index.php; ## Allow a static html file to be shown first
        try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
        expires 30d; ## Assume all files are cachable
    }

    ## These locations would be hidden by .htaccess normally
    location /app/                { deny all; }
    location /includes/           { deny all; }
    location /lib/                { deny all; }
    location /media/downloadable/ { deny all; }
    location /pkginfo/            { deny all; }
    location /report/config.xml   { deny all; }
    location /var/                { deny all; }

    location /var/export/ { ## Allow admins only to view export folder
        auth_basic           "Restricted"; ## Message shown in login window
        auth_basic_user_file /var/www/www.example.com/.htpasswd; ## See /etc/nginx/htpassword
        autoindex            on;
    }

    ## Disable .htaccess and other hidden files
    location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
    }

    location @handler { ## Magento uses a common front handler
        rewrite / /index.php;
    }

    location ~ \.php/ { ## Forward paths like /js/index.php/x.js to relevant handler
        rewrite ^(.*\.php)/ $1 last;
    }

    location ~ \.php$ { ## Execute PHP scripts
        if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss

        expires        off; ## Do not cache dynamic content
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_param  HTTPS $fastcgi_https;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        fastcgi_param  MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
        fastcgi_param  MAGE_RUN_TYPE store;
        include        fastcgi_params; ## See /etc/nginx/fastcgi_params
    }
}

See the comments in the above configuration if you want to enable https for the vhost. The procedure is described in this tutorial: How To Set Up SSL Vhosts Under Nginx + SNI Support (Ubuntu 11.04/Debian Squeeze)

As you see, we want to password-protect the /var/www/www.example.com/web/var/export directory. Password protection can be set up as follows (please read Basic HTTP Authentication With Nginx for more details):

apt-get install apache2-utils

htpasswd -c /var/www/www.example.com/.htpasswd admin1

htpasswd /var/www/www.example.com/.htpasswd admin2

(Create a password for as many admin users as you like.)

To enable that vhost, we create a symlink to it from the /etc/nginx/sites-enabled/ directory:

cd /etc/nginx/sites-enabled/
ln -s /etc/nginx/sites-available/www.example.com.vhost www.example.com.vhost

Reload nginx for the changes to take effect:

/etc/init.d/nginx reload