Hosting a Static Website on Nginx in Linux

Prerequisites

• Nginx installed with a sample site up; follow Running NGINX sample website on Oracle Cloud Ubuntu Instance for instructions (Skip Oracle Cloud setup part if you’re not using it)
• Familiarity with connecting to a remote instance (like VM) using SSH, including SSH key setup.
• A static generated site - HTML, CSS files …

Steps

1. Install nginx and copy static site to a remote dir

• Ssh to the remote machine.
• Verify if nginx is installed.
  • sudo nginx -v
• Ensure a sample site is up. Check Running NGINX sample website on Oracle Cloud Ubuntu Instance for reference.
• Copy / sync the static generated site to remote machine to location of your choice. for ex /mnt/data/mnjm_site
  • rsync -r <static-generated-site-dir> <remote-username>@<remote-instance-ip>:/mnt/data/mnjm_site
  • You may have to install rsync on both local and remote machines. And setup ssh keys

2. Nginx Site Configuration

• Create nginx site config file in /etc/nginx/sites-available
  • sites-available generally houses all available site config files, even those that are not active.
  • sudo vim /etc/nginx/sites-available/mnjm_site for example
• Add the following lines to the file and make changes as per your needs:

server {
    listen 80;
    listen [::]:80;

    server_name mnjm.fr.to;

    root /mnt/data/mnjm_site;
    charset utf-8;

    error_page 404 /404.html;
}

• (Soft) link the config file to /etc/nginx/sites-enabled
  • sudo ln -s /etc/nginx/sites-available/mnjm_site /etc/nginx/sites-enabled/
• Reload nginx if the nginx configuration is valid
  • sudo nginx -t && sudo systemctl reload nginx

3. Setting up HTTPs

• Give necessary permissions to allow (both input and output) connections to port 443 (SSL port)
  • If you’re using an Oracle Cloud instance with Ubuntu image to host your site, then
    • Add an Ingress rule to Instance’s VCN - For more info check Running NGINX sample website on Oracle Cloud Ubuntu Instance
    • Allow to-and-fro connections to port 443 in the instance firewall.

sudo iptables -I INPUT -p tcp --dport 443 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
sudo iptables -I OUTPUT -p tcp --sport 443 -m conntrack --ctstate ESTABLISHED -j ACCEPT

• Install Certbot

sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot

• Generate certificate using certbot
  • sudo certbot --nginx and give the necessary details when asked.
    • Certbot will edit your Nginx configuration automatically to serve it with https
  • Verify that certificate can be renewed sudo certbot renew --dry-run
• Restart nginx service - sudo nginx -t && sudo systemctl reload nginx

4. Final Step - Optional

• Enable HTTP/2 - HTTP/2 is a major improvement for the web. It can give you a large improvement in client performance. You will need to have enabled HTTS for HTTP/2.
  • Edit your site’s config file and add http2 to listen 443 line, as shown below

listen [::]:443 ssl http2 ipv6only=on; # managed by Certbot

• Restart nginx - sudo nginx -t && sudo systemctl reload nginx. Thats it

References

• Running NGINX sample website on Oracle Cloud Ubuntu Instance
• https://www.ralfebert.com/tutorials/nginx-static-website-with-https/
• https://medium.com/@jasonrigden/how-to-host-a-static-website-with-nginx-8b2dd0c5b301
• https://gideonwolfe.com/posts/sysadmin/hugonginx/
• Certbot - HTTPS SSL Certification