Install and bring up Nginx so it can sit in front of an internal app as a reverse proxy. Validate configuration syntax, reload safely, and confirm the service is listening on port 80.
Nginx will sit in front of an internal application as a reverse proxy. You’ve already planned your configuration changes, and now you need to install Nginx, validate its configuration, reload it safely, and confirm that it’s actually serving traffic on the expected port.
This mirrors a safe production workflow: install the service, validate config before applying it, reload (not restart) to avoid unnecessary disruption, then confirm socket-level readiness on the expected port.
nginx service so it persists across reboots.nginx -t.:80 using ss.nginx -t), then reload (systemctl reload), then
verify listening sockets (ss) and HTTP response (curl).
Use the native package manager for your distro. On RHEL-family systems, prefer dnf over legacy
yum.
# RHEL / CentOS / Fedora
sudo dnf install -y nginx
# Debian/Ubuntu
sudo apt update
sudo apt install -y nginx
# Arch
sudo pacman -S nginxInstalling Nginx provides the service unit, default config layout, and binaries needed to validate syntax and run as a front-end proxy.
# Example result (varies by distro):
# nginx installed successfully.sudo systemctl enable --now nginxThis starts Nginx immediately and ensures it comes up on reboot. If the unit fails, inspect status output and recent logs.
# Quick verification:
systemctl status nginx --no-pagersudo nginx -tAlways validate config before applying it. A successful test confirms Nginx can parse the active configuration and is safe to reload.
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successfulsudo systemctl reload nginx
Reload applies configuration changes without tearing down the entire service like a restart would. If reload fails,
re-run nginx -t and check logs for the exact error.
# Example:
# Reloaded nginx configuration.sudo ss -lntp | grep -E ':\b80\b' || true
This is your socket-level readiness check. You should see a listener bound to :80. If you don’t, confirm
the unit is active and review logs.
# Example:
LISTEN 0 511 0.0.0.0:80 ... nginxcurl -I http://localhost
curl -s http://localhost | headThis is the HTTP-level validation. Headers confirm status and server response; the body check ensures you actually get a page back.
# Example:
HTTP/1.1 200 OK
Do not reload. Fix the reported file/line, then re-run nginx -t until it passes.
Identify the owning process with ss -lntp. If Apache is running from Lab 81, stop/disable it before you
run Nginx on the same host.
Confirm which default site config is active for your distro and verify the server block/root path you intended is actually being used.
If you want to revert to a clean state, disable/stop the service. Remove the package only if you’re done practicing.
# Stop/disable
sudo systemctl disable --now nginx
# Optional: remove the default web content (paths vary by distro)
# Keep it simple for the lab:
sudo rm -f /usr/share/nginx/html/index.html 2>/dev/null || true
sudo rm -f /var/www/html/index.html 2>/dev/null || truednf install nginx: Install Nginx on RHEL-family systems.
apt install nginx: Install Nginx on Debian/Ubuntu systems.
pacman -S nginx: Install Nginx on Arch.
systemctl enable --now nginx: Enable at boot and start immediately.
enable: start at boot--now: start immediatelynginx -t: Validate configuration syntax and active config tree.
-t: test configuration and exitsystemctl reload nginx: Reload config without a full restart.
ss -lntp: Show listening TCP sockets and owning processes.
-l: listening sockets-n: numeric output-t: TCP sockets-p: process infocurl http://localhost: Test HTTP response locally.
-I: fetch headers only-s: silent modejournalctl -u nginx: View Nginx service logs.
-n 50: last 50 lines--no-pager: print directly