How to Install Nginx Web Server on AlmaLinux 9

Updated on 04 April, 2025
How to Install Nginx Web Server on AlmaLinux 9 header image

Nginx is a high-performance, open-source web server that also functions as a reverse proxy, load balancer, and HTTP cache. It efficiently handles both static and dynamic web content, and integrates well with backend technologies like PHP and database servers.

In this article, you'll learn how to install and configure Nginx on AlmaLinux 9. The steps include installing Nginx, managing the system service, setting up a custom server block (virtual host), and enabling HTTPS with Let's Encrypt.

Prerequisites

Before you begin, you need to:

Install Nginx

You can install Nginx on AlmaLinux from the default DNF package sources. It's available using the nginx package name. Use the following steps to update the DNF package manager and install Nginx.

  1. Update system packages.

    console
    $ sudo dnf update
    
  2. Install the Nginx web server.

    console
    $ sudo dnf install nginx -y
    
  3. Check that Nginx is installed correctly.

    console
    $ sudo nginx -v
    

    Output:

    nginx version: nginx/1.20.1
  4. Start the Nginx service.

    console
    $ sudo systemctl start nginx
    
  5. Enable HTTP traffic in the firewall.

    console
    $ sudo firewall-cmd --permanent --add-service=http
    
    • Run the following command to install Firewalld if it's not installed and allow SSH connections.

      console
      $ sudo dnf install firewalld -y && sudo firewall-cmd --permanent --add-service=ssh
      
    • Start Firewalld if it's not running.

      console
      $ sudo systemctl start firewalld
      
  6. Apply firewall changes.

    console
    $ sudo firewall-cmd --reload
    
  7. Verify that Nginx is working in a browser.

    http://server-ip-address

Manage the Nginx System Service

Nginx installs a systemd service by default. Use the following steps to manage the service and ensure it runs consistently on your server.

  1. Enable Nginx to start on boot.

    console
    $ sudo systemctl enable nginx
    
  2. Start Nginx if it isn't already running.

    console
    $ sudo systemctl start nginx
    
  3. Verify the Nginx system service and confirm that it's running.

    console
    $ sudo systemctl status nginx
    

    Output:

    ● nginx.service - The nginx HTTP and reverse proxy server
         Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; preset: disabled)
         Active: active (running) since Sun 2025-03-30 23:12:44 UTC; 1min 33s ago
       Main PID: 52297 (nginx)
          Tasks: 2 (limit: 5716)
         Memory: 2.0M
            CPU: 36ms
         CGroup: /system.slice/nginx.service
                 ├─52297 "nginx: master process /usr/sbin/nginx"
                 └─52298 "nginx: worker process"    
  4. Reload Nginx to apply new configuration changes.

    console
    $ sudo systemctl reload nginx
    
  5. Restart the Nginx service.

    console
    $ sudo systemctl restart nginx
    

Create Nginx Virtual Host Configurations (Server Blocks)

Nginx virtual host configurations include the server name, administrator, and the backend web application information. The default.d and conf.d directories contain virtual host configurations for Nginx on AlmaLinux by default unless changed. Follow these steps to create a custom server block with your own HTML content.

  1. Verify the Nginx system service and confirm that it's running.

    console
    $ sudo systemctl status nginx
    
  2. Set up the document root and create sample content.

    console
    $ sudo mkdir /usr/share/nginx/example && sudo nano /usr/share/nginx/example/index.html
    
  3. Enter the following HTML application code in the index.html file.

    html
    <html>
    <body>
    <h1>Sample HTML Application</h1>
    <p>Powered by the Nginx Web Server </p>
    </body>
    </html>
    

    Save the file and exit the text editor.

    The HTML application displays when the Nginx web server loads all supported files for display in a web browser.

  4. Create a new server block file.

    console
    $ cd /etc/nginx/conf.d/ &&  sudo nano example-host.conf
    
  5. Enter the following Nginx configurations into the example-host.conf file. Replace example.com with your domain.

    ini
    server {
        listen       80;
        listen       [::]:80;
        server_name  example.com;
    
        root         /usr/share/nginx/example;
        index        index.html index.htm;
    
        access_log   /var/log/nginx/example.com_access.log;
        error_log    /var/log/nginx/example.com_error.log;
    
        location / {
            try_files $uri $uri/ =404;
        }
    }
    

    Save the file and exit the text editor.

    The Nginx virtual host configuration serves web application files from the /usr/share/nginx/example directory using the example.com domain.

  6. Test the Nginx configuration syntax for errors.

    console
    $ sudo nginx -t
    

    Output:

    nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    nginx: configuration file /etc/nginx/nginx.conf test is successful
  7. Reload Nginx to apply the configuration changes.

    console
    $ sudo systemctl reload nginx
    
  8. Test access to your domain and confirm that the web application loads.

    http://your-domain.com/

    Test Application

Note
The default server block is stored in the /etc/nginx.conf file. Remove the server block to disable it.

Secure the Nginx Web Server

Nginx delivers web applications using HTTP by default unless specified in your virtual host configurations. HTTPS provides encryption between the Nginx and a client's web browser, ensuring secure connections to the web server. This section walks you through installing Certbot, configuring HTTPS, and adjusting SELinux and firewall settings.

  1. Install the EPEL repository, which includes the Certbot tool.

    console
    $ sudo dnf install epel-release -y
    
  2. Update your system packages.

    console
    $ sudo dnf update
    
  3. Install Certbot with Nginx plugin support.

    console
    $ sudo dnf install python3-certbot-nginx -y
    
  4. Request an SSL certificate using Certbot. Replace example.com and admin@example.com with your actual domain and email address.

    console
    $ sudo certbot --nginx --domain example.com --email admin@example.com --agree-tos
    
    Note
    Replace example.com with your real domain name. If you don't have one, consider using a test domain or skip the SSL setup.
  5. Reload Nginx to apply the HTTPS configuration.

    console
    $ sudo systemctl reload nginx
    
  6. Test the Nginx configuration for syntax errors.

    console
    $ sudo nginx -t
    

    Output:

    nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    nginx: configuration file /etc/nginx/nginx.conf test is successful
  7. Allow HTTPS traffic through the firewall.

    console
    $ sudo firewall-cmd --permanent --add-service=https
    
  8. Optionally, remove HTTP access if you want to enforce HTTPS-only.

    console
    $ sudo firewall-cmd --permanent --remove-service=http
    
  9. Reload Firewalld to apply the new rules.

    console
    $ sudo firewall-cmd --reload
    
  10. Check the status of SELinux to ensure it's enabled.

    console
    $ sestatus
    

    Output:

    SELinux status:                 enabled
    SELinuxfs mount:                /sys/fs/selinux
  11. Install the required SELinux management utilities for the semanage command:

    console
    $ sudo dnf install policycoreutils-python-utils -y
    

    This ensures the semanage tool is available to manage SELinux contexts.

  12. Update SELinux file context rules, enabling Nginx to read files in your custom directory.

    console
    $ sudo semanage fcontext -a -t httpd_sys_content_t "/usr/share/nginx/example(/.*)?"
    

    The SELinux httpd_sys_content_t context allows Nginx to access files in multiple directories after installation. Allowing access to web application directories enables Nginx to read configurations and application files.

  13. Apply the new SELinux context.

    console
    $ sudo restorecon -Rv /usr/share/nginx/example/
    

    Output:

    Relabeled /usr/share/nginx/example from unconfined_u:object_r:usr_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0
    Relabeled /usr/share/nginx/example/index.html from unconfined_u:object_r:usr_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0
  14. Access your domain in a web browser using HTTPS to verify that the certificate is working.

    https://example.com

    Test Nginx HTTPS connections

Conclusion

You’ve now set up Nginx on AlmaLinux 9, configured it to serve static web content, and secured it with HTTPS and SELinux rules. Nginx is a flexible and high-performance web server that can easily scale to support dynamic web apps, backend integrations like PHP or databases, and production-grade deployments. From here, you can extend your setup by adding reverse proxy rules, enabling load balancing, or integrating with application stacks like Laravel, Flask, or Node.js.

Comments

No comments yet.