LightYear
/Docs
DocsComputeInstall and Configure Nginx on Ubuntu 22.04

Install and Configure Nginx on Ubuntu 22.04

Install Nginx, configure a virtual host, and set up SSL with Let's Encrypt.

intermediate
12 min read
LightYear Docs Team
Updated April 24, 2026
nginxweb-serverssllets-encryptubuntu
Ready to get started?

Nginx is a high-performance web server and reverse proxy. This guide installs Nginx, configures a virtual host for a domain, and secures it with a free Let's Encrypt SSL certificate.

Prerequisites

  • Ubuntu 22.04 server with a public IP
  • A domain name pointing to your server's IP (A record)
  • Ports 80 and 443 open in your firewall

Step 1 — Install Nginx

>_BASH
$apt update
$apt install -y nginx
>_BASH
$systemctl status nginx
OUTPUT
● nginx.service - A high performance web server and a reverse proxy server
     Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2026-04-24 10:00:00 UTC; 5s ago

Step 2 — Configure UFW for Nginx

>_BASH
$ufw allow 'Nginx Full'
$ufw status
OUTPUT
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW IN    Anywhere
Nginx Full                 ALLOW IN    Anywhere

Step 3 — Create a Virtual Host

>_BASH
$nano /etc/nginx/sites-available/example.com
NGINX
server {
    listen 80;
    listen [::]:80;

    server_name example.com www.example.com;
    root /var/www/example.com/html;
    index index.html index.htm;

    location / {
        try_files $uri $uri/ =404;
    }

    access_log /var/log/nginx/example.com.access.log;
    error_log  /var/log/nginx/example.com.error.log;
}

Create the web root and a test page:

>_BASH
$mkdir -p /var/www/example.com/html
$echo "<h1>Welcome to example.com</h1>" > /var/www/example.com/html/index.html
$chown -R www-data:www-data /var/www/example.com

Enable the site and test the configuration:

>_BASH
$ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
$nginx -t
OUTPUT
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
>_BASH
$systemctl reload nginx

Step 4 — Install Certbot and Obtain SSL Certificate

>_BASH
$apt install -y certbot python3-certbot-nginx
$certbot --nginx -d example.com -d www.example.com

Follow the interactive prompts. Certbot will automatically update your Nginx configuration to redirect HTTP to HTTPS.

Step 5 — Verify Auto-Renewal

>_BASH
$certbot renew --dry-run
OUTPUT
Congratulations, all renewals succeeded:
  /etc/letsencrypt/live/example.com/fullchain.pem (success)

Step 6 — Configure Nginx as a Reverse Proxy (Optional)

To proxy requests to a backend application running on port 3000:

NGINX
server {
    listen 443 ssl;
    server_name app.example.com;

    ssl_certificate     /etc/letsencrypt/live/app.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/app.example.com/privkey.pem;

    location / {
        proxy_pass         http://127.0.0.1:3000;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection 'upgrade';
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_cache_bypass $http_upgrade;
    }
}

[!TIP] Always run nginx -t before reloading Nginx to catch configuration syntax errors.

Was this article helpful?

Your cookie choices for this website

This site uses cookies and related technologies, as described in our privacy policy, for purposes that may include site operation, analytics, and enhanced user experience. You may choose to consent to our use of these technologies, or manage your own preferences. Cookie policy