Kuv txiav txim siab ua kuv cov ntaub ntawv siv Laravel 7. Yog li ntawd nplooj ntawv tseem ceeb yuav yog nplooj ntawv tsaws, thiab tag nrho cov ntaub ntawv ntawm nws tuaj yeem hloov pauv siv lub vaj huam sib luag admin. Tsis yog lub ntsiab lus. Nws tuaj rau kev xa tawm. Kuv pom ob peb qhov kev qhia zoo yuav ua li cas ua qhov no ntawm lub server uas muaj tag nrho cov teeb meem. Kuv tsis muaj zog heev hauv kev xa tawm; Kuv feem ntau yog pem hauv ntej dua li cov pawg tag nrho. Thiab, yog tias kuv tseem tuaj yeem sau thiab sim hauv PHP, tom qab ntawd ua ntej tswj hwm server, thiab lwm yam. Kuv tseem tsis tau loj hlob. Tab sis kuv yuav tsum xav txog nws.
Tam sim no peb yuav mus dhau tag nrho cov kauj ruam, pib nrog kev tso tawm ntawm SSH thiab xaus nrog qhov chaw ua haujlwm. Peb yuav sim zam tag nrho cov pitfalls.
Koj tuaj yeem nrhiav cov lus qhia zoo sib xws hauv online. Tom qab tag nrho, thaum kawg kuv pom nws. Muaj tseeb, tsis yog nyob rau hauv ib qho chaw, tsis yog tsis muaj kev pab ntawm StackOverflow, thiab tsis yog nyob rau hauv Lavxias teb sab. Kuv raug kev txom nyem. Yog vim li ntawd kuv thiaj txiav txim siab ua kom koj lub neej yooj yim dua.
Peb yuav ua txhua yam nrog lub tee dej ntawm DigitalOcean. Qhov no, ntawm chav kawm, tsis tsim nyog; xaiv ib qho hosting. Thaum koj mus txog lub server ua haujlwm ntawm Ubuntu, rov qab los. Rau cov neeg uas tseem txiav txim siab ua nws ntawm DigitalOcean, yuav muaj cov lus qhia ntxiv txog kev teeb tsa lub npe. Thiab .
Txhua cov kauj ruam tshwj xeeb ntawm DigitalOcean yuav muab rau hauv cov lus hauv qab no.
Cia peb pib.
TL; DR (cov lus txib yooj yim nkaus xwb)
Tsim tus neeg siv
ssh root@[IP-Π°Π΄ΡΠ΅Ρ Π²Π°ΡΠ΅Π³ΠΎ Π΄ΡΠΎΠΏΠ»Π΅ΡΠ°]adduser laravelusermod -aG sudo laravelsu laravel
Ntxiv SSH rau nws
mkdir ~/.sshchmod 700 ~/.sshvim ~/.ssh/authorized_keys- Ntxig tus yuam sij pej xeem
chmod 600 ~/.ssh/authorized_keys
Firewall
sudo ufw allow OpenSSHsudo ufw enablesudo ufw status
Nginx
sudo apt updatesudo apt install -y nginxsudo ufw allow 'Nginx HTTP'sudo ufw status
MySQL
sudo apt install -y mysql-serversudo mysql_secure_installation,NYNNYsudo mysqlALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ Π΄Π»Ρ MySQL>';SELECT user,authentication_string,plugin,host FROM mysql.user;FLUSH PRIVILEGES;exit
PHP
-
sudo apt update -
sudo apt install -y curl wget gnupg2 ca-certificates lsb-release apt-transport-https -
sudo apt-add-repository ppa:ondrej/php -
sudo apt update -
7.3:
sudo apt install -y php7.3-fpm php7.3-mysql -
7.4:
sudo apt install -y php7.4-fpm php7.4-mysql -
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Kev teeb tsa yooj yim:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}Tsuas yog HTTP teeb rau Laravel:
server {
listen 80;
listen [::]:80;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}HTTPS teeb tsa rau Laravel:
server {
listen 80;
listen [::]:80;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
ssl_certificate /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}sudo ln -s /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> /etc/nginx/sites-enabled/sudo unlink /etc/nginx/sites-enabled/defaultsudo nginx -tsudo systemctl reload nginx
laravel
-
7.3:
sudo apt install -y php7.3-mbstring php7.3-xml composer unzip -
7.4:
sudo apt install -y php7.4-mbstring php7.4-xml composer unzip -
mysql -u root -p -
CREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci; -
GRANT ALL ON laravel.* TO 'root'@'localhost' IDENTIFIED BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>'; -
FLUSH PRIVILEGES; -
exit -
cd /var/www/html -
sudo mkdir -p <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°> -
sudo chown laravel:laravel <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°> -
cd ./<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°> -
git clone <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> ./git clone -b <ΠΈΠΌΡ Π²Π΅ΡΠΊΠΈ> --single-branch <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> . -
composer install -
vim .env
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>-
php artisan migrate -
php artisan key:generate -
sudo chown -R $USER:www-data storage -
sudo chown -R $USER:www-data bootstrap/cache -
chmod -R 775 storage -
chmod -R 775 bootstrap/cache
HTTPS
-
sudo add-apt-repository ppa:certbot/certbot -
sudo apt install -y python-certbot-nginx -
sudo certbot certonly --webroot --webroot-path=/var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public -d <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> -d www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> -
sudo nginx -t -
sudo ufw allow 'Nginx HTTPS' -
sudo ufw status -
sudo systemctl reload nginx
Tsim cov tee dej ntawm DigitalOcean thiab sau npe SSH tus yuam sij tshiab
Kuv ntseeg tiag tiag tias koj yuav paub yuav ua li cas rau npe nrog DigitalOcean koj tus kheej. Nws tsis yog ib qho yooj yim, nrog ntau cov ntaub ntawv pov thawj thiab lwm yam. Yog tias koj niaj hnub tau txais qhov yuam kev hauv lub network thaum tshawb xyuas siv cov ntaub ntawv, sim ua txhua yam los ntawm VPN, nws yuav tsum pab.
Hauv cov ntawv qhia zaub mov saum toj, nyem tsim->Cov kua nrog. Xaiv Ubuntu.
Thaum koj sau npe, koj yuav tau txais $ 100 rau koj tus account. Tab sis tsis txhob dag. Koj tsuas muaj 60 hnub los siv nws. Thiab qhov no tsawg heev. Tej zaum koj, zoo li kuv, xav siv lub phiaj xwm kim dua, yog li tom qab ntawd, thaum cov nyiaj tiag pib ntws, koj tuaj yeem hloov mus rau qhov pheej yig dua. Kuv yuav qhia koj tam sim ntawd nws yuav tsis ua haujlwm. Koj tuaj yeem nce nws, tab sis koj tsis tuaj yeem txo nws. Yog li nws mus. kuv xaiv Standard->$5.
Kuv xaiv thaj tsam ze tshaj plaws rau peb Frankfurt. VPC Network->default-fra1
Peb yuav ua pov thawj tam sim ntawm SSH. Nyem Tshiab SSH Key. Yog tias koj tsis muaj SSH, muaj cov lus qhia yooj yim heev ntawm sab xis. Qhib lub bash davhlau ya nyob twg thiab muab tshuaj txhuam
ssh-keygen. Tom qab ntawd peb mus rau cov ntaub ntawv nrog tus yuam sij pej xeem/Users/<ΠΠ°ΡΠ΅ ΠΈΠΌΡ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Ρ>/.ssh/id_rsa.pub(lossis yooj yimcat ~/.ssh/id_rsa.pub), luam cov ntsiab lus thiab muab tso rau hauv lub qhov rais sab laug. Ib lub npe.Peb tuaj nrog lub hostname rau lub droplet.
Laub Tsim Droplet
Tsim tus neeg siv tshiab
ssh root@[IP-Π°Π΄ΡΠ΅Ρ Π²Π°ΡΠ΅Π³ΠΎ Π΄ΡΠΎΠΏΠ»Π΅ΡΠ°]- Koj puas paub tseeb tias koj xav txuas txuas ntxiv (yog / tsis yog / [tus ntiv tes])?
yes - Sau koj tus password SSH
- Tsim tus neeg siv laravel:
adduser laravel - Sau koj tus password thiab lwm yam ntaub ntawv (Kuv tsuas yog sau Lub Npe Tag Nrho)
- Ntxiv tus neeg siv rau pawg sudo:
usermod -aG sudo laravel
SSH rau cov neeg siv tshiab
- Hloov mus rau tus neeg siv tshiab:
su laravel
Peb ua txhua yam kev nqis tes ua ntxiv, mus txog thaum kawg ntawm tsab xov xwm, sawv cev ntawm tus neeg siv laravel. Yog li ntawd, yog tias koj tam sim ntawd cuam tshuam, rov nkag mus thiab nkag mus su laravel
mkdir ~/.sshchmod 700 ~/.sshvim ~/.ssh/authorized_keys
Peb qhib cov ntaub ntawv hauv Vim. Yog tias koj tsis paub nws txhua, koj tuaj yeem ua haujlwm hauv Nano, koj txoj cai.
Qhov yooj yim tshaj plaws Vim commands
Txhawm rau siv Vim editor thoob plaws hauv kab lus, koj tsuas yog yuav tsum paub cov hauv qab no.
- Vim muaj ntau hom: hom qub, uas koj nkag mus rau cov lus txib thiab xaiv hom thiab lwm yam.
- Txhawm rau tawm txhua hom thiab rov qab mus rau hom qub, tsuas yog nias
Esc - Txav mus ncig: koj tuaj yeem siv cov xub
- Tawm yam tsis muaj kev txuag
<Normal mode>::q! - Tawm thiab txuag
<Normal mode>::wq - Hloov mus rau hom ntawv nkag
<Normal mode>:i(los ntawm Lus Askiv. ntxig rau)
- Peb ntxig peb tus yuam sij pej xeem (uas peb tau ua saum toj no)
- Peb tiv thaiv kev hloov pauv:
chmod 600 ~/.ssh/authorized_keys
Txhim kho lub firewall
- Cia peb saib tag nrho cov kev teeb tsa muaj:
sudo ufw app list - Tso cai rau OpenSSH ( txwv tsis pub nws yuav kaw peb):
sudo ufw allow OpenSSH - Cia peb pib lub firewall:
sudo ufw enable,y - Peb tshawb xyuas:
sudo ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)Txhua yam zoo.
Txhim kho Nginx
Thaum lub sijhawm teeb tsa koj yuav qee zaum raug nug "Koj puas paub tseeb?" Teb y (zoo, tsuas yog tias koj paub tseeb).
sudo apt updatesudo apt install nginx
Ntxiv Nginx rau qhov teeb tsa firewall
sudo ufw app listsudo ufw allow 'Nginx HTTP'sudo ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Nginx HTTP (v6) ALLOW Anywhere (v6)Mus rau koj tus IP. Yog tias txhua yam mus zoo, koj yuav tsum pom cov hauv qab no.
Txhim kho MySQL
sudo apt install mysql-server- Tua tawm tsab ntawv tiv thaiv tsis siv neeg
sudo mysql_secure_installation
Teb cov lus nug. Yog tias koj tsis paub yuav teb li cas, ntawm no yog qee qhov kev xaiv pom zoo:
-
Validate tus password plugin -
N -
Tshem tawm cov neeg siv tsis qhia npe? β
Y -
Disallow root ID nkag mus remotely? β
N -
Tshem tawm cov ntaub ntawv xeem thiab nkag mus rau nws? β
N -
Rov rub cov rooj tsim cai tam sim no? β
Y -
Cia peb mus rau MySQL:
sudo mysql -
Cia peb saib cov txheej txheem nkag:
SELECT user,authentication_string,plugin,host FROM mysql.user; -
Teem ib lo lus zais rau hauv paus:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ Π΄Π»Ρ MySQL>'; -
Cia peb saib cov txheej txheem nkag dua:
SELECT user,authentication_string,plugin,host FROM mysql.user; -
Siv cov kev hloov pauv thiab tawm ntawm MySQL:
FLUSH PRIVILEGES;ΠΈexit -
Tam sim no, nkag mus rau hauv MySQL koj yuav tsum siv
mysql -u root -pthiab sau koj tus password
Txhim kho PHP
Cia peb siv tus neeg thib peb repository los ntawm
sudo apt updatesudo apt install -y curl wget gnupg2 ca-certificates lsb-release apt-transport-httpssudo apt-add-repository ppa:ondrej/phpsudo apt update
Tam sim no cia peb xaiv. Rau Laravel 7, koj tuaj yeem xaiv PHP 7.3 lossis 7.4. Qhov txawv tsuas yog nyob rau hauv tus lej 3 thiab 4.
- 7.3:
sudo apt install -y php7.3-fpm php7.3-mysql - 7.4:
sudo apt install -y php7.4-fpm php7.4-mysql
PHP FastCGI Process Manager (fpm) ua haujlwm nrog PHP thov. mysql, tau kawg, rau kev ua haujlwm nrog MySQL.
Txij no mus kuv yuav ua txhua yam ntawm 7.4.
Teeb tsa Nginx
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Hloov chaw "<Your domain>" nkag mus rau lub npe (piv txwv li, mysite.ru) uas koj xav siv yav tom ntej. Yog tias koj tseem tsis tau muaj ib qho, sau ib qho, tsuas yog rov ua cov kauj ruam hauv tshooj no rau koj lub npe thaum koj xaiv nws.
Sau cov hauv qab no:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}Yog tias koj xaiv version 7.3 hloov php7.4-fpm.sock sau rau hauv php7.4-fpm.sock.
Mloog rau qhov chaw nres nkoj 80 ntawm server_namethaum peb tuaj txog ntawm lub hauv paus thov /var/www/html nqa cov ntaub ntawv index. Yog tom qab server_name Muaj ib yam dab tsi, peb tab tom nrhiav xws li cov ntaub ntawv. Yog tias peb tsis pom nws, peb muab pov tseg 404. Yog tias nws xaus nrog .php, khiav dhau fpm... Yog muaj .ht, txwv (403).
- Ua ib qhov txuas los ntawm
sites-availableΠ²sites-enabled:sudo ln -s /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> /etc/nginx/sites-enabled/ - Tshem tawm qhov txuas mus
default:sudo unlink /etc/nginx/sites-enabled/default - Tshawb xyuas qhov yuam kev:
sudo nginx -t - Reboot:
sudo systemctl reload nginx
Tshawb xyuas qhov ua haujlwm:
sudo vim /var/www/html/info.php- Peb sau:
<?php phpinfo(); - Wb mus
<ΠΠ°Ρ IP>/info.php
Koj yuav tsum pom tej yam zoo li no:
Tam sim no cov ntaub ntawv no yuav raug deleted: sudo rm /var/www/html/info.php
Nruab Laravel
-
7.3:
sudo apt install php7.3-mbstring php7.3-xml composer unzip -
7.4:
sudo apt install php7.4-mbstring php7.4-xml composer unzip -
Cia peb mus rau MySQL:
mysql -u root -p -
Tsim ib lub database nrog lub npe laravel:
CREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci; -
Peb muab cov hauv paus nkag mus rau laravel:
GRANT ALL ON laravel.* TO 'root'@'localhost' IDENTIFIED BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>'; -
FLUSH PRIVILEGES; -
exit -
cd /var/www/html -
Tsim ib daim nplaub tshev rau qhov project:
sudo mkdir -p <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°> -
Peb muab cov neeg siv laravel txoj cai rau qhov project:
sudo chown laravel:laravel <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
Tom ntej no koj yuav tsum hloov qhov project. Piv txwv li, cloning los ntawm Github.
cd ./<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>git clone <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
Nws yog tsim nyog xav tias yog tias koj tsis txuag cov ntaub ntawv zoo li qub (piv txwv li, los ntawm /public) ntawm Github, ces ib txwm koj yuav tsis muaj lawv. Piv txwv li, kuv tsim ib txoj xov cais los daws qhov no deploy, ntawm qhov kuv twb cloned: git clone -b <ΠΈΠΌΡ Π²Π΅ΡΠΊΠΈ> --single-branch <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> ..
- Installation dependencies:
composer install - Tsim .env:
vim .env
Qhov yooj yim version ntawm nws zoo li no:
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>Yog tias koj luam koj tus .env, hloov APP_ENV nrog ntau lawm, APP_DEBUG nrog qhov tsis tseeb thiab nkag mus rau qhov tseeb nqis rau MySQL.
- Migrating lub database:
php artisan migrate - Generating code:
php artisan key:generate
Hloov kev tso cai:
sudo chown -R $USER:www-data storagesudo chown -R $USER:www-data bootstrap/cachechmod -R 775 storagechmod -R 775 bootstrap/cache
Qhov kawg sab laug yog rov teeb tsa Nginx rau Laravel:
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
server {
listen 80;
listen [::]:80;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}Zoo li lub sijhawm dhau los, yog tias koj xaiv version 7.3 hloov php7.4-fpm.sock sau rau hauv php7.4-fpm.sock.
Teeb tsa tus sau npe ntawm DigitalOcean
Txhua yam yog ua tau yooj yim heev. Koj yuav ib lub npe (nyob qhov twg), hloov mus rau DigitalOcean ntawm tsim->Domains/DNS. Tsis yog Ntxiv ib lub domain koj nkag mus rau no domain thiab nias ntxiv. Tom qab ntawd mus rau qhov chaw sau npe thiab mus rau thaj chaw TSWV YIM nkag @. Xaiv ib qhov project thiab nias Tsim cov ntaub ntawv.
Tam sim no mus rau ntawm qhov chaw koj yuav lub npe, nrhiav "DNS Servers" nyob ntawd (lossis qee yam zoo sib xws) thiab nkag mus rau DigitalOcean servers (xws lins1.digitalocean.com,ns2.digitalocean.com,ns3.digitalocean.com). Tam sim no koj yuav tsum tau tos me ntsis (lossis ntau) kom txog thaum cov chaw no tau txais. Npaj txhij!
Qhov teeb meem nkaus xwb yog tias koj qhov chaw yuav qhib tsuas yog HTTP. Kom muaj HTTPS, txav mus rau ntu tom ntej.
Kev teeb tsa HTTPS
Nruab certbot thiab hla nws lub npe sau (hom ntawv mysite.ru) thiab sau npe nrog www (www.mysite.ru).
sudo add-apt-repository ppa:certbot/certbotsudo apt install python-certbot-nginxsudo certbot certonly --webroot --webroot-path=/var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public -d <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> -d www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Tam sim no koj yuav tsum rov teeb tsa Nginx (tsis txhob hnov ββββqab hloov koj cov txiaj ntsig):
server {
listen 80;
listen [::]:80;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
ssl_certificate /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}Kuv xav tias koj twb nkag siab tias yuav tsum tau hloov pauv li cas rau PHP 7.3.
Ntawm no, qhov tseeb, txhua yam yog yooj yim. Peb tsuas yog hloov pauv txhua qhov kev thov los ntawm HTTP (chaw nres nkoj 80) mus rau HTTPS (chaw nres nkoj 443). Thiab muaj peb ua txhua yam zoo ib yam li yav dhau los, tab sis nrog encryption.
Txhua yam uas tseem tshuav yog teeb tsa kev tso cai hauv firewall:
sudo nginx -tsudo ufw app listsudo ufw allow 'Nginx HTTPS'sudo ufw statussudo systemctl reload nginx
Tam sim no txhua yam yuav tsum ua haujlwm raws li nws yuav tsum tau ua.
[Advanced] Txhim kho Node.js
Yog tias koj dheev xav khiav npm cov lus txib ncaj qha rau ntawm lub server, koj yuav tsum nruab Node.js.
sudo apt updatesudo apt install -y nodejs npmnodejs -v
Qhov ntawd yog nws, kuv nres ntawm theem no. Hauv txoj ntsiab cai, kuv txaus siab rau qhov tshwm sim. Tej zaum kuv yuav hloov ntawm DigitalOcean qhov chaw ze rau Russia thiab pheej yig dua. Tab sis txij li thaum kuv twb dhau mus dhau tag nrho cov ntawv pov thawj ntawm lub xaib thiab ua txhua yam nyob ntawd, kuv tau ua piv txwv rau lawv. Tsis tas li ntawd, lawv pib $ 100 yog qhov zoo tshaj plaws springboard rau kev cob qhia.
PS Tshwj xeeb ua tsaug rau tus sau , uas tau ua lub hauv paus rau tag nrho cov haujlwm saum toj no. Qee zaum nws tsis ua haujlwm rau Laravel 7, Kuv kho nws.
PPS Yog tias koj tshwm sim los ua tus kws tshaj lij sab saum toj uas xav hauv bash cov lus txib, thov tsis txhob txiav txim siab hnyav. Tej zaum koj yuav pom cov kab lus no yog tus qauv qis, tab sis kuv yuav zoo siab nrhiav ib qho thaum kuv xav tau ib qho. Yog tias muaj lus pom zoo rau kev txhim kho, kuv yog txhua yam rau nws.
Tau qhov twg los: www.hab.com