Hi there,
I’m trying to set up a secure, high performance server for sites that I can configure in a step-by-step manner. Here’s the goal:
- LEMP
- MariaDB
- NGINX
- HSTS (EV SSL cert)
- Will want to replicate for many sites
- On a Mac
- Several subdomains
- Drupal 8
- Maximum speed, compression, and efficiency tools you can suggest (redis, varnish, gzip)
I’ve dabbled in server stuff in the past, but it’s not my forte and I’d rather follow the guidance of a pro than risk missing details or deploying something unstable/unsafe.
Thanks in advance!
Best, Phil
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hello,
I’ll try to cover all of the services that you’ve mentioned. Let’s dive in:
1. DigitalOcean Droplet Creation:
- Log into your DigitalOcean account and initialize a new droplet.
- Opt for Ubuntu as your OS, and choose a plan that meets your resource requirements.
2. Initial Server Configuration:
-
Connect to your droplet through SSH using the Terminal on your Mac once it’s active.
-
Update the system with these commands:
sudo apt update sudo apt upgrade -
Create a non-root user with sudo access:
adduser your_username usermod -aG sudo your_username -
Logout as root, and login as the new user:
su - your_username
3. Installing the LEMP Stack:
-
Nginx:
sudo apt install nginx -
MariaDB:
sudo apt install mariadb-serverthensudo mysql_secure_installation -
PHP and needed modules:
sudo apt install php-fpm php-mysql php-curl php-gd php-intl php-mbstring php-xml php-xmlrpc php-zip
4. Nginx Configuration for Drupal:
- Construct an Nginx server block:
sudo nano /etc/nginx/sites-available/your_domain - Insert the provided configuration, altering “your_domain” as needed.
- Activate the block and restart Nginx with these commands:
sudo ln -s /etc/nginx/sites-available/your_domain /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl restart nginx
5. SSL Certificate Management:
- Install Certbot:
sudo apt install certbot - Get an EV SSL certificate:
sudo certbot certonly --nginx -d your_domain -d www.your_domain - To activate HSTS, modify your Nginx file and include the HSTS header, then save and restart Nginx:
sudo nginx -t
sudo systemctl restart nginx
6. Drupal Installation:
- Download Drupal, extract files, and move to your site’s directory.
- Set appropriate permissions:
sudo chown -R www-data: /var/www/your_domain/ - Set up Drupal in MariaDB:
sudo mysql -u root -p
- Then run the following queries:
CREATE DATABASE drupaldb;
CREATE USER 'drupaluser'@'localhost' IDENTIFIED BY 'your_password';
GRANT ALL ON drupaldb.* TO 'drupaluser'@'localhost';
FLUSH PRIVILEGES;
EXIT;
- Complete the Drupal installation by navigating to your domain in a browser.
7. Extra Performance Tools: For further enhancement, consider implementing Redis for caching, Varnish for HTTP acceleration, and enabling gzip compression in Nginx. Each tool may need individual configuration and can be applied depending on your precise needs.
Best,
Bobby
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.