Modified LEMP stack

Modified lemp stack with Mariadb instead and hhvm with php5-fmp as fallback and SSL
We call this project for the hipsterwebbstack
We will assume you have a Linux system up and running and this guide assumes its Ubuntu 14.04 we choose yo use the latest LTS of Ubuntu because of newer packages in the main repository.
Start with installing software-properties-common since we will be adding a few extra repositories

apt-get install software-properties-common

Install Nginx
install just like any other package

apt-get install nginx

Install MariaDB

To install MariaDB the repository for it need to be added to the system and singed with a trusted key this is done by running following commands. Depending on what type of account your using you might need to do this with sudo.

apt-get install software-properties-common
apt-key adv --recv-keys --keyserver hkp:// 0xcbcb082a1bb943db
add-apt-repository ‘deb trusty main'
apt-get update
apt-get install mariadb-server

The installation only asks for you to put in a root password during the install, type in your desired password. Not harder than that.

Install HHVM
Just like with the installation of MariaDB we need to add the repository the processes is pretty much the same

sudo apt-key adv --recv-keys --keyserver hkp:// 0x5a16e7281be7a449
sudo add-apt-repository 'deb trusty main'
sudo apt-get update
sudo apt-get install hhvm 

After the installation is done there will be a script in
Run that one and it will sort out the basic config for Nginx and hhvm for you

a file called hhmv.conf will be created in /etc/nginx/
Its content should look like this

location ~ \.(hh|php)$ {
fastcgi_keep_conn on;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;

Install php5-fpm
We will also need to install php5-fpm so it can be used as a fallback if for whatever reason hhvm stops, it sometimes does that and if it does that it wont restart on its own so will we have to have something ruing to take care of the php, we will also make sure that hhvm will restart again, we will cover that later.

apt-get install php5-fpm

Install ps-watcher
One easy way to not have to worry about if hhmv is up and running or not is to use ps-wacther.
It will detect if hhvm is running or not and start it if it not running

apt-get install ps-watcher

After the installation edit the file
/etc/ps-watcher.conf (don’t worry if its a new file)

add the following to the file

occurs = none
action = service hhvm restart

save the file and then do this so that ps-watcher will be able to start

sed -i -e 's/# startup=1/startup=1/g' /etc/default/ps-watcher

After that is done ps-watcher will check every 150th second if hhvm is running to change the check time change

DAEMON_OPTS=”–sleep 150″ to the value you want instead for example DAEMON_OPTS=”–sleep 45” For ps-watcher to make the check every 45 seconds.

Nginx Config
For this site we use a bit of custom config that I wont get into, I will keep this as basic as posible
One of the most important things in times like these is to make sure the server is not vulnerable to some of the SSL exploits out there.
In your /etc/nginx/nginx.conf you need to specify what versions of SSL will be ok to use, this is done in the http block by adding this:

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

#Now for some config for the virtual-host

#The redirect from http to https
#Replace with your domain

server {
listen *:80;
rewrite ^ http://$$request_uri? permanent;
#That cares of every call on port 80 and sends it to port 443

#Quick notes on how to use a certificate with nginx.
#Add the following directive under your server block for 443

ssl on;
ssl_certificate certfile.crt ;
ssl_certificate_key keyfile.key;
Replace certfile.crt with the path to your crt file and replace keyfile.key with the path to your key file, This will work for both selfsigned and issued certificates

#To use HHVM instead of php5-fpm as fast-cgi
include hhvm.conf;
#or if yon need more custom config for your php use something like this

location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
include fastcgi_params;
php5-fpm as fallback

#Add the following directive so that all 502 errors will result in doing what is defined under location @fallback

error_page 502 = @fallback;

The fallback block
just like a normal fastcgi config

location @fallback {

try_files $uri =404;

fastcgi_split_path_info ^(.+\.php)(/.+)$;

include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SERVER_NAME $host;
fastcgi_pass unix:/var/run/php5-fpm.sock;


After this add the other directives you need for your site and then restart nginx
service nginx restart

Testing the fallback
An easy way to test the server is to check the response headers

curl -i |grep ‘X-Powered-By’

will show you if its hhvm or php-fpm that’s compiling the php on the server

If hhvm is running you will get something like

”X-Powered-By: HHVM/3.5.1”

to see if the fallback works just stop the hhvm service

service hhvm stop

run curl -i |grep ‘X-Powered-By’

you will get something like  ”X-Powered-By: PHP/5.5.9-1ubuntu4.6”

That means that the fallback is working then just wait the chosen time set in ps-watcher and run curl -i |grep ‘X-Powered-By’ again, hhvm should be up and runing again.


This was something that was real fun to able to do, when do one get the chance to use software that is on the edge of being the latest and then mix them together to make them even better and even run it on a live server.

The best part is the joy and satisfaction of seeing how much faster the website became after the migration to this new web stack.
A guide on how to get a issued SSL Certificate will come along in not to distant future.