How to Install and Configure Nginx on AlmaLinux 9

Nginx is a high-performance, open-source web server that functions as a reverse proxy, load balancer, and HTTP cache. To deploy it on a stable enterprise-grade platform, you can install Nginx Web Server on AlmaLinux 9. It easily handles static and dynamic content and works well with technologies such as PHP and database servers.

In this article, you’ll learn how to install and configure Nginx on AlmaLinux 9. The steps include installing Nginx, managing the system service, setting up a custom server block (virtual host), and enabling HTTPS with Let’s Encrypt.

Prerequisites

Before you begin, you need to:

• Have access to an AlmaLinux 9 instance as a non-root user with sudo privileges.

Install Nginx on AlmaLinux 9

You can install Nginx on AlmaLinux from the default DNF package sources. It’s available using the nginx package name. Use the following steps to update the DNF package manager and install Nginx.

Update system packages

$ sudo dnf update

Install the Nginx web server

$ sudo dnf install nginx -y

Check that Nginx is installed correctly

$ sudo nginx -v

Output:

nginx version: nginx/1.20.1

Start the Nginx service

$ sudo systemctl start nginx

Enable HTTP traffic in the firewall

$ sudo firewall-cmd --permanent --add-service=http

Run the following command to install Firewalld if it’s not installed and allow SSH connections

$ sudo dnf install firewalld -y && sudo firewall-cmd --permanent --add-service=ssh

Start Firewalld if it’s not running

$ sudo systemctl start firewalld

Apply firewall changes

$ sudo firewall-cmd --reload

Verify that Nginx is working in a browser

http://server-ip-address

Manage the Nginx System Service

Nginx installs a systemd service by default. Use the following steps to manage the service and ensure it runs consistently on your server.

Enable Nginx to start on boot

$ sudo systemctl enable nginx

Start Nginx if it isn’t already running

$ sudo systemctl start nginx

Verify the Nginx system service and confirm that it’s running

$ sudo systemctl status nginx

Output:

● nginx.service - The nginx HTTP and reverse proxy server
     Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; preset: disabled)
     Active: active (running) since Sun 2025-03-30 23:12:44 UTC; 1min 33s ago
   Main PID: 52297 (nginx)
      Tasks: 2 (limit: 5716)
     Memory: 2.0M
        CPU: 36ms
     CGroup: /system.slice/nginx.service
             ├─52297 "nginx: master process /usr/sbin/nginx"
             └─52298 "nginx: worker process"

Reload Nginx to apply new configuration changes

$ sudo systemctl reload nginx

Restart the Nginx service

$ sudo systemctl restart nginx

Create Nginx Virtual Host Configurations (Server Blocks)

Nginx virtual host configurations include the server name, administrator, and the backend web application information. The default.d and conf.d directories contain virtual host configurations for Nginx on AlmaLinux by default unless changed. Follow these steps to create a custom server block with your own HTML content.

Verify the Nginx system service and confirm that it’s running

$ sudo systemctl status nginx

Set up the document root and create sample content

$ sudo mkdir /usr/share/nginx/example && sudo nano /usr/share/nginx/example/index.html

Enter the following HTML application code in the index.html file

Sample HTML Application
 
Powered by the Nginx Web Server
 

Create a new server block file

$ cd /etc/nginx/conf.d/ &&  sudo nano example-host.conf

Enter the following Nginx configurations into the example-host.conf file. Replace example.com with your domain

server {
    listen       80;
    listen       [::]:80;
    server_name  example.com;

    root         /usr/share/nginx/example;
    index        index.html index.htm;

    access_log   /var/log/nginx/example.com_access.log;
    error_log    /var/log/nginx/example.com_error.log;

    location / {
        try_files $uri $uri/ =404;
    }
}

Test the Nginx configuration syntax for errors

$ sudo nginx -t

Output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Reload Nginx to apply the configuration changes

$ sudo systemctl reload nginx

Test access to your domain and confirm that the web application loads

http://your-domain.com/

Secure the Nginx Web Server

Nginx delivers web applications using HTTP by default unless specified in your virtual host configurations. HTTPS provides encryption between the Nginx and a client’s web browser, ensuring secure connections to the web server. This section walks you through installing Certbot, configuring HTTPS, and adjusting SELinux and firewall settings.

Install the EPEL repository, which includes the Certbot tool

$ sudo dnf install epel-release -y

Update your system packages

$ sudo dnf update

Install Certbot with Nginx plugin support

$ sudo dnf install python3-certbot-nginx -y

Request an SSL certificate using Certbot. Replace example.com and admin@example.com with your actual domain and email address

$ sudo certbot --nginx --domain example.com --email admin@example.com --agree-tos

Note: Replace example.com with your real domain name. If you don’t have one, consider using a test domain or skip the SSL setup.

Reload Nginx to apply the HTTPS configuration

$ sudo systemctl reload nginx

Test the Nginx configuration for syntax errors

$ sudo nginx -t

Output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Allow HTTPS traffic through the firewall

$ sudo firewall-cmd --permanent --add-service=https

Optionally, remove HTTP access if you want to enforce HTTPS-only

$ sudo firewall-cmd --permanent --remove-service=http

Reload Firewalld to apply the new rules

$ sudo firewall-cmd --reload

Check the status of SELinux to ensure it’s enabled

$ sestatus

Output:

SELinux status:                 enabled

Install the required SELinux management utilities for the semanage command

$ sudo dnf install policycoreutils-python-utils -y

This ensures the semanage tool is available to manage SELinux contexts

Update SELinux file context rules, enabling Nginx to read files in your custom directory

$ sudo semanage fcontext -a -t httpd_sys_content_t "/usr/share/nginx/example(/.*)?"

Apply the new SELinux context

$ sudo restorecon -Rv /usr/share/nginx/example/

Output:

Relabeled /usr/share/nginx/example from unconfined_u:object_r:usr_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0
Relabeled /usr/share/nginx/example/index.html from unconfined_u:object_r:usr_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0

Access your domain in a web browser using HTTPS to verify that the certificate is working

https://example.com

Conclusion

You’ve now set up Nginx on AlmaLinux 9, configured it to serve static web content, and secured it with HTTPS and SELinux rules. Nginx is a flexible and high-performance web server that can easily scale to support dynamic web apps, backend integrations like PHP or databases, and production-grade deployments. From here, you can extend your setup by adding reverse proxy rules, enabling load balancing, or integrating with application stacks like Laravel, Flask, or Node.js.