Skip to content

Overview of Deploying LEMP on Server

What You Get After Installation

  • A running LEMP Docker container named lemp-stack.
  • Two directories in the root home folder:
  • /root/data – persistent MySQL data storage.
  • /root/webroot – web document root for the Nginx server.
  • A Docker network called lemp-net that connects the LEMP stack with any other containers you might add.
  • A Docker image adhocore/lemp:8.3 pulled from Docker Hub.
  • A docker-compose.yml file (generated from compose.yml.j2) that configures an auxiliary Nginx‑certbot container for automatic Let's Encrypt certificates.

Permissions and Ownership

Path Owner Group Mode
/root/data root root 0755
/root/webroot root root 0755

The LEMP container runs as the root user inside the container, but it mounts the above directories as read‑write volumes, so you only need root privileges on the host to manage them.

Docker Network

The container joins a dedicated network named lemp-net.
This network is created automatically if it does not already exist, and it isolates the MySQL and Nginx services from the rest of the host unless you choose to connect them.

Ports Exposed

Host Port Container Port Purpose
88 80 HTTP traffic for the website
3306 3306 MySQL database access
5432 5432 PostgreSQL database access (optional, depends on the stack configuration)

These ports are mapped automatically when the container starts.
If you need to expose them on different ports, adjust the ports section in the Docker run command.

Environment Variables

The MySQL root password is set through an environment variable:

MYSQL_ROOT_PASSWORD=<ansible_ssh_pass>

During the deployment the value of ansible_ssh_pass is used as the root password for MySQL inside the container.
After installation, the password is stored only in the container’s environment; it is not persisted to a file on the host.

Proxy and HTTPS Configuration

An additional Nginx‑certbot container is created from the jonasal/nginx-certbot:latest image.
It is configured as follows:

  • Runs in host network mode so it can bind directly to ports 80 and 443 on the host.
  • Mounts two volumes:
  • nginx_secrets (external) → /etc/letsencrypt (for certificates).
  • /data/nginx/user_conf.d/etc/nginx/user_conf.d (for custom Nginx configuration).
  • Uses an environment file located at /data/nginx/nginx-certbot.env for additional settings.
  • The email address for certificate renewal notifications is set to [email protected].

This container automatically obtains and renews TLS certificates for any domains configured in /data/nginx/user_conf.d.

How to Launch the Software

  1. Ensure Docker is installed on your server.
  2. Pull the image (if not already pulled):
docker pull adhocore/lemp:8.3
  1. Create the necessary directories if they are missing:
mkdir -p /root/data /root/webroot
chown root:root /root/data /root/webroot
chmod 0755 /root/data /root/webroot
  1. Start the container (this command is equivalent to what the installer runs):
docker run -d \
  --name lemp-stack \
  --restart always \
  --network lemp-net \
  -p 88:80 -p 3306:3306 -p 5432:5432 \
  -v /root/data:/var/lib/mysql \
  -v /root/webroot:/var/www/html \
  -e MYSQL_ROOT_PASSWORD=<your_root_password> \
  adhocore/lemp:8.3
  1. Launch the certbot proxy (if you want HTTPS):
docker run -d \
  --name nginx-certbot \
  --restart unless-stopped \
  --network host \
  -e CERTBOT_EMAIL=[email protected] \
  -v nginx_secrets:/etc/letsencrypt \
  -v /data/nginx/user_conf.d:/etc/nginx/user_conf.d \
  jonasal/nginx-certbot:latest

After these steps your website will be accessible at http://<server_ip>:88 and any configured HTTPS domains will be served through the certbot container.

Updating the Software

  1. Stop and remove the existing container (keeps data intact because it uses volumes):
docker stop lemp-stack
docker rm lemp-stack
  1. Pull the latest image:
docker pull adhocore/lemp:latest
  1. Restart the container using the same run command as above, or simply:
docker run -d <options> adhocore/lemp:latest

The volumes /root/data and /root/webroot preserve your MySQL data and website files during the upgrade.

Reinstalling the Software

If you need a clean installation:

  1. Remove the container and image:
docker stop lemp-stack
docker rm lemp-stack
docker rmi adhocore/lemp:8.3
  1. Delete the data directories (only if you want to wipe all data):
rm -rf /root/data /root/webroot
  1. Recreate directories with proper permissions:
mkdir -p /root/data /root/webroot
chown root:root /root/data /root/webroot
chmod 0755 /root/data /root/webroot
  1. Run the start commands shown earlier to bring the stack back up.

This guide covers every component the user receives after a fresh installation of LEMP on their server, how the software runs, and the steps needed for maintenance, updates, or a full reinstall.

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×