How to Install OpenEMR on Ubuntu 24.04 Server

This tutorial exists for these OS versions

Ubuntu 24.04 (Noble Numbat)
Ubuntu 22.04 (Jammy Jellyfish)

OpenEMR is an open-source health records and medical practice management solution. It is a fully integrated electronic health record and practice management, scheduling, electronic billing, and internationalization support. OpenEMR is ONC certified, which means that OpenEMR meets the standards of the Office of the National Coordinator for Health Information Technology (ONC).

This guide will show you how to install OpenEMR on the Ubuntu 24.04 server with the LEMP Stack (Linux, Nginx, MariaDB, and PHP-FPM). We'll also show you how to secure OpenEMR with HTTPS from Let's Encrypt and open HTTP and HTTPS ports via UFW (Uncomplicated Firewall).

Prerequisites

To get started with this guide, make sure you have:

An Ubuntu 24.04 server
A non-root user with administrator privileges
A domain name points to the server's IP address

Installing LEMP Dependencies

OpenEMR is a web-based application written in PHP and MySQL. To install it, you must ensure that both PHP and MySQL are installed. In this guide, you'll be running OpenEMR with the LEMP Stack (Linux, Nginx, MariaDB, and PHP). So for now, you'll be installing those packages through the APT repository.

To start, run the 'apt' command below to update your Ubuntu package index and install the LEMP Stack packages (Linux, Nginx, MariaDB, and PHP-FPM). Enter 'Y' to confirm the installation.

sudo apt update
sudo apt install nginx mariadb-server php-fpm php-mysql php-bcmath php-xml php-zip php-curl php-mbstring php-gd php-tidy php-intl php-cli php-soap imagemagick libtiff-tools php-ldap

After the installation is complete, check the 'nginx' service status with the 'systemctl' command below. Make sure that Nginx is running and enabled.

sudo systemctl is-enabled nginx
sudo systemctl status nginx

Now check the 'mariadb' service using the following command. You'll see that the MariaDB server is running and enabled on your Ubuntu server.

sudo systemctl is-enabled mariadb
sudo systemctl status mariadb

Lastly, check the 'php8.3-fpm' service with the command below. You'll see that the PHP-FPM service is up and running.

sudo systemctl is-enabled php8.3-fpm
sudo systemctl status php8.3-fpm

Configuring PHP-FPM

Once the LEMP Stack is installed, let's configure the PHP-FPM installation by editing the 'php.ini', then restarting the PHP-FPM service and applying your changes.

Edit the 'php.ini' file with the 'nano' editor.

sudo nano /etc/php/8.3/fpm/php.ini

Change the default configuration with the following. Make sure to adjust the 'memory_limit' with your current RAM.

max_execution_time = 60
max_input_time = -1
memory_limit = 512M
post_max_size = 30M
upload_max_filesize = 30M
max_input_vars = 3000
mysqli.allow_local_infile = On

Save the file and exit the editor when done.

Next, run the 'chgrp' command below to change the ownership of the '/var/lib/php/sessions' directory to the user 'www-data'.

sudo chgrp -R www-data /var/lib/php/sessions

Lastly, restart the 'php8.3-fpm' service with the command below. This will apply your changes to your PHP-FPM installation.

sudo systemctl restart php8.3-fpm

Configuring MariaDB Server

Now that PHP is configured, let's configure the MariaDB server and create a new database for OpenEMR. In this section, you'll secure the MariaDB server with the 'mariadb-secure-installation' utility and create a new database and user via the 'mariadb' client.

First, run the 'mariadb-secure-installation' command below to secure your MariaDB server.

sudo mariadb-secure-installation

Now you'll be asked about the following configurations:

Press ENTER to continue and configure MariaDB server
Enter 'Y' to set up the MariaDB root password, then type and repeat your password
Enter 'Y' to disable remote login for the 'root' user
Enter 'Y' to delete the database 'test' and its privileges
Enter 'Y' to complete the configuration

After the MariaDB server is secured, you need to create a new database and user that will be used by the OpenEMR installation.

sudo mariadb -u root -p

Run the following queries to create a new database and user for OpenEMR. In this example, you'll create a new database 'openemr' with the user 'openemruser' and the password is 'password'. You can adjust the database details with your information.

CREATE DATABASE openemr;
CREATE USER 'openemruser'@'localhost' IDENTIFIED BY 'Your_password2';
GRANT ALL PRIVILEGES ON openemr.* TO 'openemruser'@'localhost';
FLUSH PRIVILEGES;

Now run the query below to check privileges for the 'openemruser'. Make sure that the user can access the 'openemr' database.

SHOW GRANTS FOR openemruser@localhost;

Lastly, type 'quit' to exit from the MariaDB server.

Downloading OpenEMR Source Code

Now that you've configured the PHP-FPM and MariaDB server, the next step is to download the OpenEMR source code and set up the installation with proper permission and ownership.

Go to the '/var/www' directory and download the OpenEMR source code using the 'wget' command below.

cd /var/www/
wget https://sourceforge.net/projects/openemr/files/OpenEMR%20Current/7.0.2/openemr-7.0.2.tar.gz

Once downloaded, run the 'tar' command below to extract the OpenEMR source code and rename the new directory to the 'openemr'. With this, the OpenEMR source code will be stored in the '/var/www/openemr' directory.

tar -pxzf openemr-7.0.2.tar.gz
mv openemr-7.0.2 openemr

Lastly, run the 'chown' command below to change the ownership of the '/var/www/openemr' directory to the user 'www-data'.

sudo chown -R www-data:www-data /var/www/openemr

Setting up Nginx Server Block

After downloading the OpenEMR source code, you'll create a new Nginx server block that will be used for running your OpenEMR installation. So make sure that you've your domain name ready and pointed to the server IP address.

Create a new Nginx server block configuration '/etc/nginx/sites-available/openemr' with the following 'nano' editor command.

sudo nano /etc/nginx/sites-available/openemr

Insert the configuration and make sure to change the 'server_name' option with your domain name.

server {
listen 80;
server_name openemr.example.com;

access_log /var/log/nginx/openemr.access.log;
error_log /var/log/nginx/openemr.error.log;

root /var/www/openemr;

index index.php;

location / {
try_files $uri $uri/ /index.php;
}

# Pass PHP Scripts To FastCGI Server
location ~* \.php$ {
try_files $uri =404;
fastcgi_index index.php;
fastcgi_pass unix:/run/php/php8.2-fpm.sock; # Depends On The PHP Version
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
include fastcgi_params;
}

# deny access to writable files/directories
location ~* ^/sites/*/(documents|edi|era) {
deny all;
return 404;
}

# deny access to certain directories
location ~* ^/(contrib|tests) {
deny all;
return 404;
}

# Alternatively all access to these files can be denied
location ~* ^/(admin|setup|acl_setup|acl_upgrade|sl_convert|sql_upgrade|gacl/setup|ippf_upgrade|sql_patch)\.php {
deny all;
return 404;
}

location = /favicon.ico {
log_not_found off;
access_log off;
}

location = /robots.txt {
log_not_found off;
access_log off;
}

location ~ /\. {
deny all;
}
}

Save the file and exit the editor.

Now run the command below to activate the 'openemr' server block and verify your Nginx syntax. If you're correct and proper Nginx syntax, you'll see an output such as 'test is successful - syntax is ok'.

sudo ln -s /etc/nginx/sites-available/openemr /etc/nginx/sites-enabled/
sudo nginx -t

Lastly, run the 'systemctl' command below to restart the Nginx web server and apply your changes.

sudo systemctl restart nginx

Securing OpenEMR with HTTPS

In this section, you'll install Certbot and secure OpenEMR with HTTPS. This will work if you're using a public domain name and server. On a local server or development, you can use Self-Signed certificates.

Before setting up SSL, run the 'ufw' command below to open both HTTP and HTTPS services on your server. You'll see an output such as 'success'.

Sudo ufw allow 'Nginx Full'

Now install the 'certbot' and 'python3-certbot-nginx' plugin with the following 'apt' command. Input 'Y' to confirm with the installation.

sudo apt install certbot python3-certbot-nginx -y

After the installation is complete, run the 'certbot' command below to generate SSL certificates and secure your OpenEMR installation.

sudo certbot --nginx -d openemr.howtoforge.local

Once the process is finished, your SSL certificates will be available in the '/etc/letsencrypt/live/domain.com' directory. Also, your OpenEMR installation will be secured with HTTPS.

Installing OpenEMR

Open your web browser and visit https://openemr.howtoforge.local/ through a web browser.

First, the installer will check the permissions of the OpenEMR source code, so make sure you have proper permission.

Select the 'I have created the database' option to set up your database integration.

Enter your database details and the new administrator admin for OpenEMR.

The database initialization will be running and your admin user will be created.

Next, make sure your PHP configuration is met with the OpenEMR requirements.

Once the installation is complete, you'll be redirected to the OpenEMR login page. Type your admin user and password, then click Login.

If successful, you'll see the following OpenEMR dashboard.

Conclusion

Congratulations! You've completed the installation of OpenEMR on the Ubuntu 24.04 server. OpenEMR is up and running with the PHP-FPM, Nginx web server, and MariaDB server. You've also secured OpenEMR with HTTPS through Certbot and Let's Encrypt.