How to Install Grav CMS with Nginx on Ubuntu 20.04

Grav is a free, open-source, and flat-file CMS that does not require any database. It is based on PHP and offers several features that may not be available to other CMS like, WordPress, Joomla, etc. It is simple, easy to use, and comes with some of the key technologies including, Twig Templating, Markdown, YAML, Parsedown, Doctrine Cache, Gregwar Image Library, and Symfony Console.

In this tutorial, I will show you how to install Grav CMS with Nginx and Let's Encrypt SSL on Ubuntu 20.04 server.

Prerequisites

  • A server running Ubuntu 20.04.
  • A valid domain name pointed with your server IP.
  • A root password is configured on the server.

Getting Started

First, update the system packages to the updated version by running the following command:

apt-get update -y

Once all the packages are updated, you can proceed to the next step.

Install Nginx and PHP

First, you will need to install the Nginx web server, PHP and other PHP extensions to your system. You can install all of them with the following command:

apt-get install nginx php php-cli php-fpm php-common php-curl php-gd php-json php-mbstring php-xml php-zip php-opcache php-apcu unzip -y

Once all the packages are installed, verify the PHP version using the following command:

php --version

You should get the following output:

PHP 7.4.3 (cli) (built: Jul  5 2021 15:13:35) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
    with Zend OPcache v7.4.3, Copyright (c), by Zend Technologies

Next, edit the php.ini file and make some changes:

nano /etc/php/7.4/fpm/php.ini

Change the following lines:

memory_limit = 256M
upload_max_filesize = 100M
max_execution_time = 360
max_input_vars = 1500
date.timezone = America/Chicago

Save and close the file then restart the PHP-FPM service to apply the changes:

systemctl restart php7.4-fpm

Once you are finished, you can proceed to the next step.

Install Grav CMS

Next, you will need to download the Grav CMS to the Nginx web root directory. You can download it from the Grav download page using the following command:

cd /var/www/html
wget https://getgrav.org/download/core/grav-admin/1.7.17

Once the download is completed, unzip the downloaded file with the following command:

unzip 1.7.17

Next, rename the extracted directory to grav with the following command:

mv grav-admin grav

Next, set proper ownership to the grav directory:

chown -R www-data:www-data /var/www/html/grav

Once you are finished, you can proceed to the next step.

Configure Nginx for Grav CMS

Next, You will need to create an Nginx virtual host configuration file to host Grav CMS. You can create it with the following command:

nano /etc/nginx/conf.d/grav.conf

Add the following lines:

server {

listen 80;

server_name grav.example.com;
root /var/www/html/grav;

index index.html index.php;

location / {
   try_files $uri $uri/ /index.php?$query_string;
 }

   location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
   location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
   location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
   location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }

location ~ \.php$ {
   fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
   fastcgi_split_path_info ^(.+\.php)(/.+)$;
   fastcgi_index index.php;
   include fastcgi_params;
   fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
 }

}

Save and close the file when you are finished then verify the Nginx for any syntax error:

nginx -t

You should get the following output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Finally, restart the Nginx service to apply the changes:

systemctl restart nginx

You can also verify the status of the Nginx with the following command:

systemctl status nginx

You should see the following output:

? nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2021-07-09 06:45:28 UTC; 3s ago
       Docs: man:nginx(8)
    Process: 33099 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
    Process: 33110 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
   Main PID: 33111 (nginx)
      Tasks: 2 (limit: 2353)
     Memory: 2.6M
     CGroup: /system.slice/nginx.service
             ??33111 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
             ??33112 nginx: worker process

Jul 09 06:45:28 node1 systemd[1]: Starting A high performance web server and a reverse proxy server...
Jul 09 06:45:28 node1 systemd[1]: Started A high performance web server and a reverse proxy server.

Once everything is fine, you can proceed to the next step.

Access Grav CMS

You can now access the Grav CMS web UI using the URL http://grav.example.com. You should see the following screen:

GRAV CMS

Set your admin username, password and click on the Create User button. You will be redirected to the Grav CMS dashboard:

Grav CMS dashboard

Configuration Page

System configuration

Accounts Page

User accounts

Plugins Page

Grav Plugins

Tools Page

Backup function

Secure Grav CMS with Let's Encrypt SSL

Next, you will need to install the Certbot client package to install and manage the Let's Encrypt SSL.

First, install the Certbot with the following command:

apt-get install python3-certbot-nginx -y

Once the installation is finished, run the following command to install the Let's Encrypt SSL on your website:

certbot --nginx -d grav.example.com

You will be asked to provide a valid email address and accept the term of service as shown below:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for grav.example.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/conf.d/grav.conf

Next, choose whether or not to redirect HTTP traffic to HTTPS as shown below:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2

Type 2 and hit Enter to finish the installation. You should see the following output:

Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/grav.conf

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled https://grav.example.com

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=grav.example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/grav.example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/grav.example.com/privkey.pem
   Your cert will expire on 2021-12-30. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

 - We were unable to subscribe you the EFF mailing list because your
   e-mail address appears to be invalid. You can try again later by
   visiting https://act.eff.org.

You can now access the Grav CMS securely using the HTTPS protocol.

Conclusion

Congratulations! you have successfully installed Grav CMS with Nginx and Let's Encrypt SSL on Ubuntu 20.04 server. You can now create your website easily using the Grav CMS.

Share this page:

Suggested articles

0 Comment(s)

Add comment