yum upgrades for production use, this is the repository for you.
Active subscription is required.
đź“… Updated: February 19, 2026 (Originally published: September 2, 2018)
Install NGINX on Ubuntu the Right Way
Looking for Ubuntu NGINX instructions that actually give you a production-ready setup? The default apt install nginx command works, but it leaves you with an outdated version and zero third-party modules. This guide shows you how to install NGINX on Ubuntu with the latest stable or mainline builds, plus 50+ dynamic modules—all from a single APT repository.
Whether you’re setting up a simple static website, a high-traffic WordPress installation, or a complex reverse proxy setup, following these instructions will give you a modern, secure, and maintainable NGINX installation that stays current with security patches automatically.
Why Not Use Ubuntu’s Default NGINX?
Ubuntu’s official repositories ship NGINX, but there’s a catch. The version is often months (or years) behind upstream releases. This matters for several important reasons: security vulnerabilities get patched faster in upstream releases, performance improvements are available sooner, and you gain access to new features that can significantly improve your server’s capabilities.
Here’s what you’re missing with Ubuntu’s default packages:
| Feature | Ubuntu Default | GetPageSpeed Repo |
|---|---|---|
| NGINX Version | 1.18 – 1.24 (varies) | Latest Stable or Mainline |
| Security Patches | Delayed | Same-day |
| Dynamic Modules | ~5 basic | 50+ including Brotli, Lua, GeoIP2 |
| HTTP/3 (QUIC) | No | Yes (mainline) |
| Automatic Updates | Basic | Full module compatibility |
If you need modules like Brotli compression, JavaScript scripting, or TOTP authentication—or simply want timely security updates—the default repositories won’t cut it.
The GetPageSpeed repository solves all these problems. We rebuild NGINX packages within hours of upstream releases, ensuring you always have access to the latest security fixes and features. Our packages are tested across all supported Ubuntu and Debian versions before release.
How to Install NGINX on Ubuntu (Step-by-Step)
These Ubuntu NGINX instructions work on all currently supported LTS releases: Ubuntu 20.04 (Focal), 22.04 (Jammy), and 24.04 (Noble). The process takes about two minutes and requires only basic command-line knowledge.
Step 1: Add the GetPageSpeed Repository
First, install the prerequisites and add our GPG signing key. This ensures all packages are verified and haven’t been tampered with:
# Update package list and install prerequisites
sudo apt update
sudo apt install -y curl gnupg lsb-release
# Create keyrings directory
sudo install -d -m 0755 /etc/apt/keyrings
# Download and install the GPG key
curl -fsSL https://extras.getpagespeed.com/deb-archive-keyring.gpg \
| sudo tee /etc/apt/keyrings/getpagespeed.gpg > /dev/null
# Add the repository (auto-detects Ubuntu version)
distro=$(lsb_release -is | tr '[:upper:]' '[:lower:]')
codename=$(lsb_release -cs)
echo "deb [signed-by=/etc/apt/keyrings/getpagespeed.gpg] https://extras.getpagespeed.com/${distro} ${codename} main" \
| sudo tee /etc/apt/sources.list.d/getpagespeed-extras.list
# Update package list again
sudo apt update
The repository configuration automatically detects your Ubuntu version using lsb_release, so these commands work identically across all supported releases.
Step 2: Install NGINX
Now install NGINX on Ubuntu with a single command:
sudo apt install nginx
That’s it. You now have the latest stable NGINX with automatic security updates. The installation process handles all dependencies and service configuration automatically.
Step 3: Verify the Installation
Check your NGINX version and confirm it’s running:
nginx -v
sudo systemctl status nginx
You should see a version number significantly newer than Ubuntu’s default, and the service should show active (running). If everything is working correctly, you can access the default NGINX welcome page by opening your server’s IP address in a web browser.
Basic NGINX Configuration
After you install NGINX on Ubuntu, you’ll want to set up your first server block. A server block (also called a virtual host) defines how NGINX handles requests for a specific domain. Here’s a production-ready template that includes essential security headers:
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
root /var/www/example.com/html;
index index.html index.htm;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
# Logging
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
location / {
try_files $uri $uri/ =404;
}
# Deny access to hidden files
location ~ /\. {
deny all;
}
}
Save this to /etc/nginx/sites-available/example.com, then enable it:
sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx
For PHP applications like WordPress, you’ll need additional configuration. See our WordPress NGINX optimization guide for complete setup instructions.
Installing NGINX Modules on Ubuntu
Here’s where the GetPageSpeed repository really shines. Instead of compiling modules from source (a nightmare of dependencies and version mismatches), you simply apt install them. Dynamic modules load at runtime, meaning you can add or remove functionality without recompiling the NGINX binary.
Popular Module Examples
# Brotli compression (better than gzip)
sudo apt install nginx-module-brotli
# Lua scripting for advanced logic
sudo apt install nginx-module-lua
# Headers More (manipulate HTTP headers)
sudo apt install nginx-module-headers-more
# RTMP for live streaming
sudo apt install nginx-module-rtmp
# GeoIP2 for geographic routing
sudo apt install nginx-module-geoip2
# TOTP two-factor authentication
sudo apt install nginx-module-auth-totp
After installing any module, it’s automatically configured. Just reload NGINX:
sudo systemctl reload nginx
Complete Module List
We maintain 50+ NGINX dynamic modules, covering virtually every use case from performance optimization to security hardening to media streaming. Here are the categories:
- Performance: Brotli, PageSpeed, Cache Purge
- Security: TOTP Authentication, Honeypot/nftables, JWT Auth, Security Headers
- Streaming: RTMP, MPEG-TS, VOD
- Scripting: Lua, njs (JavaScript), Perl
- Content: Markdown rendering, Substitutions, Image Filter
- Monitoring: VTS, STS, Tuning Advisor
Browse the full module catalog for the complete list with documentation links.
NGINX Stable vs. Mainline: Which to Choose?
By default, you get NGINX Stable—thoroughly tested and recommended for production environments. NGINX Inc. releases stable versions approximately twice per year, and these undergo extensive testing before release.
But if you need cutting-edge features like HTTP/3 (QUIC) support, switch to Mainline:
# Edit the repository file
sudo nano /etc/apt/sources.list.d/getpagespeed-extras.list
# Change "jammy" to "jammy-mainline" (or your codename)
# Example: noble → noble-mainline
# Then update and upgrade
sudo apt update
sudo apt upgrade
When to use Mainline:
– You need HTTP/3 (QUIC) support for faster mobile connections
– You want the latest performance improvements immediately
– You’re comfortable with newer (but still stable) code
– You’re running a development or staging environment
When to use Stable:
– Maximum stability is your priority
– You’re running mission-critical production systems
– You prefer the conservative, well-tested approach
– Your compliance requirements mandate LTS software
Enabling Automatic Security Updates
Security vulnerabilities in web servers can be catastrophic. A single unpatched vulnerability can lead to data breaches, malware distribution, or complete server compromise. Configure unattended upgrades to automatically install NGINX security patches:
# Install unattended-upgrades if not present
sudo apt install unattended-upgrades
# Enable automatic updates
sudo dpkg-reconfigure -plow unattended-upgrades
To specifically include GetPageSpeed packages in automatic updates, edit /etc/apt/apt.conf.d/50unattended-upgrades and add:
Unattended-Upgrade::Allowed-Origins {
"GetPageSpeed:${distro_codename}";
};
This ensures your NGINX installation stays patched without manual intervention, reducing your attack surface significantly.
Debian Installation Instructions
The same repository supports Debian. These instructions work on Debian 11 (Bullseye), 12 (Bookworm), and 13 (Trixie). The process is nearly identical to Ubuntu:
# Install prerequisites
sudo apt update
sudo apt install -y curl gnupg lsb-release
# Add GPG key and repository
sudo install -d -m 0755 /etc/apt/keyrings
curl -fsSL https://extras.getpagespeed.com/deb-archive-keyring.gpg \
| sudo tee /etc/apt/keyrings/getpagespeed.gpg > /dev/null
echo "deb [signed-by=/etc/apt/keyrings/getpagespeed.gpg] https://extras.getpagespeed.com/debian $(lsb_release -cs) main" \
| sudo tee /etc/apt/sources.list.d/getpagespeed-extras.list
# Install NGINX
sudo apt update
sudo apt install nginx
All the same modules are available for Debian with identical package names and configurations.
Migrating from Ubuntu’s Default NGINX
Already have NGINX installed from Ubuntu’s repositories? Migrating is straightforward and preserves your existing configuration. Here’s the safe migration path:
# 1. Backup your configuration
sudo cp -r /etc/nginx /etc/nginx.backup
# 2. Remove the old NGINX (keeps config files)
sudo apt remove nginx nginx-common nginx-core
# 3. Add the GetPageSpeed repository (see Step 1 above)
# 4. Install the new NGINX
sudo apt install nginx
# 5. Test your configuration
sudo nginx -t
# 6. Start NGINX
sudo systemctl start nginx
Your existing configuration files in /etc/nginx/ are preserved during this process. The new NGINX binary is compatible with standard configurations, so most sites work without any changes.
Troubleshooting Common Issues
“Package nginx has no installation candidate”
You haven’t added the repository correctly. Re-run the repository setup commands and ensure /etc/apt/sources.list.d/getpagespeed-extras.list exists and contains the correct content.
Module fails to load
Check that the module version matches your NGINX version:
nginx -V 2>&1 | grep version
apt policy nginx-module-brotli
If there’s a mismatch, run sudo apt upgrade to sync everything.
Permission denied errors
Ensure you’re using sudo for all installation commands. The GPG key and repository files require root access.
Configuration test fails after module install
Some modules require additional configuration. Check the module’s documentation or our NGINX guides for specific setup instructions.
“Address already in use” error
Another process is using port 80 or 443. Find and stop it:
sudo lsof -i :80
sudo systemctl stop apache2 # If Apache is running
Performance Tuning Tips
After you install NGINX on Ubuntu, consider these optimizations to maximize your server’s performance:
Worker processes: Set to match your CPU cores:
worker_processes auto;
Connection handling: Increase limits for high-traffic sites:
events {
worker_connections 4096;
use epoll;
multi_accept on;
}
Compression: Enable gzip (or better, Brotli):
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css application/json application/javascript text/xml;
For data-driven optimization, try our NGINX Tuning Advisor module which analyzes your actual traffic patterns and provides specific recommendations.
Frequently Asked Questions
Q: Is this repository free?
A: Yes, basic access is free and includes all standard modules. Some enterprise modules require a subscription.
Q: How do I get security updates?
A: Run sudo apt update && sudo apt upgrade regularly, or enable unattended upgrades as shown above.
Q: Can I use this alongside other PPAs?
A: Yes, but we recommend removing conflicting NGINX PPAs to avoid version conflicts.
Q: What Ubuntu versions are supported?
A: All currently supported LTS releases: 20.04, 22.04, and 24.04. Non-LTS releases are supported while active.
Q: Do you support ARM64/aarch64?
A: Yes, both AMD64 and ARM64 architectures are fully supported.
Q: How do I switch back to Ubuntu’s default NGINX?
A: Remove our packages with sudo apt remove nginx, delete /etc/apt/sources.list.d/getpagespeed-extras.list, then sudo apt install nginx from default repos.
Next Steps
Now that you’ve successfully installed NGINX on Ubuntu, consider these enhancements:
- Enable Brotli compression for 15-20% better compression than gzip
- Add TOTP authentication for two-factor security on protected areas
- Configure HTTP/2 (or HTTP/3 on mainline) for modern performance
- Add monitoring with our NGINX Amplify alternative
- Secure with SSL using Let’s Encrypt and certbot
For RHEL/CentOS/Rocky Linux users, see our main repository documentation.
Last updated: February 2026
