ืืืืืชื ืืขืฉืืช ืืช ืชืืง ืืขืืืืืช ืฉืื ืืืืฆืขืืช Laravel 7. ืื ืฉืืขืืื ืืจืืฉื ืืืื ืืฃ ื ืืืชื, ืืื ืืืืืข ืขืืื ื ืืชื ืืืื ืืฉื ืืช ืืืืฆืขืืช ืคืื ื ืื ืืืื. ืื ืื ืงืืื. ืื ืืืืข ืืคืจืืกื. ืืฆืืชื ืืื ืืืจืืืื ืืืืื ืืืฆื ืืขืฉืืช ืืืช ืืฉืจืช ืื ืืื ืืื ืขื ืื ืืฆืจืืช. ืื ื ืื ืืืง ืืืืืื ืืคืจืืกื; ืื ื ืืืจื ืืื ืืืชืจ ืงืืื ืืืฉืจ ืืื. ืืื ืื ื ืขืืืื ืืืื ืืืชืื ืืืืืืง ื-PHP, ืื ืืคื ื ื ืืืื ืืฉืจืช ืืื'. ืขืื ืื ืืชืืืจืชื. ืืื ืืืืชื ืืืื ืืืืื ืืช ืื.
ืืขืช ื ืขืืืจ ืขื ืื ืืฉืืืื, ืืื ืืืฉืงื ืืจื SSH ืืืื ืืืชืจ ืืขืืืื. ื ื ืกื ืืืืื ืข ืืื ืืืืืืืืช.
ืืืชืื ืฉืชืืื ืืืฆืื ืืืจืืืช ืืืืืช ืืืื ืืจื ื. ืืืจื ืืื, ืกืืฃ ืกืืฃ ืืฆืืชื ืืช ืื. ื ืืื, ืื ืืืงืื ืืื, ืื ืืื ืขืืจื ืฉื StackOverflow, ืืืงืืฉื ืืจืืกืืช. ืกืืืชื. ืื ืืกืืื ืฉืืืืืชื ืืคืฉื ืืช ืืืื.
ืื ืื ื ื ืขืฉื ืืื ืขื ืืืคื ื-DigitalOcean. ืื, ืืืืื, ืื ืืืจืื; ืืืจ ืื ืืืจืื. ืืืฉืจ ืืชื ืืืืข ืืฉืจืช ืขืืื ืืืืืื ืื, ืืืืจ. ืืื ืฉืืื ืืืช ืืืืื ืืขืฉืืช ืืืช ื-DigitalOcean, ืืืื ืืืคืื ื ืืกืคืื ืืืืืจืช ืืืืืื. ื
ืื ืืฉืืืื ืืกืคืฆืืคืืื ื-DigitalOcean ืืื ืชื ื ืืืขืจืืช ืฉืืืืื ืืื ืืื.
ืืืื ื ืชืืื.
TL;DR (ืคืงืืืืช ืืกืืกืืืช ืืืื)
ืฆืืจ ืืฉืชืืฉ
ssh root@[IP-ะฐะดัะตั ะฒะฐัะตะณะพ ะดัะพะฟะปะตัะฐ]
adduser laravel
usermod -aG sudo laravel
su laravel
ืืืกืฃ ืืื SSH
mkdir ~/.ssh
chmod 700 ~/.ssh
vim ~/.ssh/authorized_keys
- ืืื ืก ืืช ืืืคืชื ืืฆืืืืจื
chmod 600 ~/.ssh/authorized_keys
ืืืืช ืืฉ
sudo ufw allow OpenSSH
sudo ufw enable
sudo ufw status
nginx
sudo apt update
sudo apt install -y nginx
sudo ufw allow 'Nginx HTTP'
sudo ufw status
MySQL
sudo apt install -y mysql-server
sudo mysql_secure_installation
,NYNNY
sudo mysql
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<ะะฐั ะฟะฐัะพะปั ะดะปั MySQL>';
SELECT user,authentication_string,plugin,host FROM mysql.user;
FLUSH PRIVILEGES;
exit
PHP
-
sudo apt update
-
sudo apt install -y curl wget gnupg2 ca-certificates lsb-release apt-transport-https
-
sudo apt-add-repository ppa:ondrej/php
-
sudo apt update
-
7.3:
sudo apt install -y php7.3-fpm php7.3-mysql
-
7.4:
sudo apt install -y php7.4-fpm php7.4-mysql
-
sudo vim /etc/nginx/sites-available/<ะะฐั ะดะพะผะตะฝ>
ืืืืจื ืืกืืกืืช:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ะะฐั ะดะพะผะตะฝ ะธะปะธ IP>;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
ืืืืจืช HTTP ืืืื ืขืืืจ Laravel:
server {
listen 80;
listen [::]:80;
root /var/www/html/<ะะผั ะฟัะพะตะบัะฐ>/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ะะฐั ะดะพะผะตะฝ ะธะปะธ IP>;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
ืืืืจืช HTTPS ืขืืืจ Laravel:
server {
listen 80;
listen [::]:80;
server_name <ะะฐั ะดะพะผะตะฝ> www.<ะะฐั ะดะพะผะตะฝ>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name <ะะฐั ะดะพะผะตะฝ> www.<ะะฐั ะดะพะผะตะฝ>;
root /var/www/html/<ะะผั ะฟัะพะตะบัะฐ>/public;
ssl_certificate /etc/letsencrypt/live/<ะะฐั ะดะพะผะตะฝ>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<ะะฐั ะดะพะผะตะฝ>/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
sudo ln -s /etc/nginx/sites-available/<ะะฐั ะดะพะผะตะฝ> /etc/nginx/sites-enabled/
sudo unlink /etc/nginx/sites-enabled/default
sudo nginx -t
sudo systemctl reload nginx
Laravel
-
7.3:
sudo apt install -y php7.3-mbstring php7.3-xml composer unzip
-
7.4:
sudo apt install -y php7.4-mbstring php7.4-xml composer unzip
-
mysql -u root -p
-
CREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
-
GRANT ALL ON laravel.* TO 'root'@'localhost' IDENTIFIED BY '<ะะฐั ะฟะฐัะพะปั ะพั MySQL>';
-
FLUSH PRIVILEGES;
-
exit
-
cd /var/www/html
-
sudo mkdir -p <ะะผั ะฟัะพะตะบัะฐ>
-
sudo chown laravel:laravel <ะะผั ะฟัะพะตะบัะฐ>
-
cd ./<ะะผั ะฟัะพะตะบัะฐ>
-
git clone <ัััะปะบะฐ ะฝะฐ ะฟัะพะตะบั> .
/git clone -b <ะธะผั ะฒะตัะบะธ> --single-branch <ัััะปะบะฐ ะฝะฐ ะฟัะพะตะบั> .
-
composer install
-
vim .env
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://<ะะฐั ะดะพะผะตะฝ>
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=<ะะฐั ะฟะฐัะพะปั ะพั MySQL>
-
php artisan migrate
-
php artisan key:generate
-
sudo chown -R $USER:www-data storage
-
sudo chown -R $USER:www-data bootstrap/cache
-
chmod -R 775 storage
-
chmod -R 775 bootstrap/cache
HTTPS
-
sudo add-apt-repository ppa:certbot/certbot
-
sudo apt install -y python-certbot-nginx
-
sudo certbot certonly --webroot --webroot-path=/var/www/html/<ะะผั ะฟัะพะตะบัะฐ>/public -d <ะะฐั ะดะพะผะตะฝ> -d www.<ะะฐั ะดะพะผะตะฝ>
-
sudo nginx -t
-
sudo ufw allow 'Nginx HTTPS'
-
sudo ufw status
-
sudo systemctl reload nginx
ืฆืืจ ืืืคื ื-DigitalOcean ืืจืฉืื ืืคืชื SSH ืืืฉ
ืื ื ืืืืช ืืืืื ืฉืชืืื ืืื ืืืืจืฉื ื-DigitalOcean ืืขืฆืื. ืื ืื ืงื, ืขื ืืจืื ืืืืืชืื ืืืืจืื ืืืจืื. ืื ืืชื ืืงืื ืื ืืืื ืฉืืืืช ืจืฉืช ืืขืช ืืืืืช ืืืืฆืขืืช ืืกืืืื, ื ืกื ืืขืฉืืช ืืื ืืจื VPN, ืื ืืืืจ ืืขืืืจ.
ืืชืคืจืื ืืืขืื, ืืืฅ ืฆืืจ->ืืืคืืช. ืืืจ ืืืืื ืื.
ืืจืืข ืฉืชืืจืฉื, ืชืงืื 100$ ืืืฉืืื ืฉืื. ืืื ืื ืชืื ืฉืืื. ืืฉ ืื ืจืง 60 ืืื ืืืืื ืืืชื. ืืื ืืขื ืืืื. ืืืื ืชืจืฆื, ืืืื ื, ืืืฉืชืืฉ ืืชืื ืืช ืืงืจื ืืืชืจ, ืื ืฉืืืืฉื, ืืฉืืืกืฃ ืืืืืชื ืืชืืื ืืืจืื, ืชืืืื ืืขืืืจ ืืืืื ืืืชืจ. ืื ื ืืืื ืื ืืื ืฉืื ืื ืืขืืื. ืืชื ืืืื ืืืืืื ืืืชื, ืืื ืืชื ืื ืืืื ืืืงืืื ืืืชื. ืื ืื ืืืฉืื. ืื ื ืืืืจ ืชึถืงึถื->$5.
ืื ื ืืืืจ ืืช ืืืืืจ ืืงืจืื ืืืื ื ืคืจื ืงืคืืจื. ืจืฉืช VPC->default-fra1
ืืื ื ืืฆืข ืืืืืช ืืืืฆืขืืช SSH. ื ึฐืงึดืืฉืึธื ืืคืชื SSH ืืืฉ. ืื ืืื ืื SSH, ืืฉ ืืืจืืืช ืคืฉืืืืช ืืืื ืืฆื ืืืื. ืคืชื ืืกืืฃ bash ืืืืืง
ssh-keygen
. ืืืืจ ืืื ื ืขืืืจ ืืงืืืฅ ืขื ืืืคืชื ืืฆืืืืจื/Users/<ะะฐัะต ะธะผั ะฟะพะปัะทะพะฒะฐัะตะปั>/.ssh/id_rsa.pub
(ืื ืืคืฉืืืชcat ~/.ssh/id_rsa.pub
), ืืขืชืง ืืช ืืชืืื ืืืืืง ืืืชื ืืืืื ืืฉืืื. ืื ืฉื.ืื ืื ื ืืฆืื ื ืฉื ืืืจื ืขืืืจ ืืืืคื.
ืืืฅ ืืื ืฆืืจ ืืืคื
ืฆืืจ ืืฉืชืืฉ ืืืฉ
ssh root@[IP-ะฐะดัะตั ะฒะฐัะตะณะพ ะดัะพะฟะปะตัะฐ]
- ืืื ืืชื ืืืื ืฉืืจืฆืื ื ืืืืฉืื ืืืชืืืจ (ืื/ืื/[ืืืืขืช ืืฆืืข])?
yes
- ืืื ืืช ืกืืกืืช ื-SSH ืฉืื
- ืฆืืจ ืืฉืชืืฉ laravel:
adduser laravel
- ืืื ืืช ืืกืืกืื ืฉืื ืืืืืข ื ืืกืฃ (ืื ื ืืืื ืจืง ืืช ืืฉื ืืืื)
- ืืืกืฃ ืืช ืืืฉืชืืฉ ืืงืืืฆืช sudo:
usermod -aG sudo laravel
SSH ืืืฉืชืืฉ ืืืฉ
- ืขืืืจ ืืืฉืชืืฉ ืืืืฉ:
su laravel
ืื ื ืืืฆืขืื ืืช ืื ืืคืขืืืืช ืืืื, ืขื ืกืืฃ ืืืชืื, ืืฉื ืืืฉืชืืฉ Laravel. ืืื, ืื ืืชื ื ืงืืข ืคืชืืื, ืืชืืืจ ืืืืฉ ืืืืื ืก su laravel
mkdir ~/.ssh
chmod 700 ~/.ssh
vim ~/.ssh/authorized_keys
ืคืชืื ื ืืช ืืงืืืฅ ื-Vim. ืื ืืชื ืื ืืืืจ ืืช ืื ืืืื, ืืชื ืืืื ืืขืืื ืื ื ื, ืืืืชื.
ืคืงืืืืช Vim ืืืกืืกืืืช ืืืืชืจ
ืืื ืืืฉืชืืฉ ืืขืืจื Vim ืืืืจื ืืืืืจ, ืืชื ืจืง ืฆืจืื ืืืขืช ืืช ืืืืจืื ืืืืื.
- ื-Vim ืืฉ ืืฆืืื ืฉืื ืื: ืืฆื ืจืืื, ืื ืืื ืืกืื ืคืงืืืืช ืืืืืจืื ืืฆืืื ืืืืจืื.
- ืืื ืืฆืืช ืืื ืืฆื ืืืืืืจ ืืืฆื ืจืืื, ืคืฉืื ืืืฅ
Esc
- ืืืกืชืืื: ืืชื ืืืื ืคืฉืื ืืืฉืชืืฉ ืืืฆืื
- ืืฆืืื ืืื ืฉืืืจื
<Normal mode>
::q!
- ืฆื ืืฉืืืจ
<Normal mode>
::wq
- ืขืืืจ ืืืฆื ืงืื ืืงืกื
<Normal mode>
:i
(ืืืื ืืืืช. ืืืื ืืก)
- ืื ื ืืื ืืกืื ืืช ืืืคืชื ืืฆืืืืจื ืฉืื ื (ืื ืฉืขืฉืื ื ืืืขืื)
- ืื ื ืืื ืื ืืคื ื ืฉืื ืืืื:
chmod 600 ~/.ssh/authorized_keys
ืืชืงื ืช ืืืืช ืืฉ
- ืืืื ื ืกืชืื ืขื ืื ืืืืืจืืช ืืืืื ืืช:
sudo ufw app list
- ืืคืฉืจ OpenSSH (ืืืจืช ืื ืื ืขื ืืืชื ื):
sudo ufw allow OpenSSH
- ืืืื ื ืคืขืื ืืช ืืืืช ืืืฉ:
sudo ufw enable
,y
- ืื ื ืืืืงืื:
sudo ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
ืืื ืืกืืจ.
ืืชืงื ืช Nginx
ืืืืื ืืืชืงื ื ืืฉืืื ืืืชื ืืคืขืืื "ืืื ืืชื ืืืื?" ืชืฉืืื y
(ืืื, ืจืง ืื ืืชื ืืืื).
sudo apt update
sudo apt install nginx
ืืืกืคืช Nginx ืืืืืจืืช ืืืืช ืืืฉ
sudo ufw app list
sudo ufw allow 'Nginx HTTP'
sudo ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Nginx HTTP (v6) ALLOW Anywhere (v6)
ืขืืืจ ืื ื-IP ืฉืื. ืื ืืื ืืืื ืืฉืืจื, ืืชื ืืืืจ ืืจืืืช ืืช ืืืืจืื ืืืืื.
ืืชืงื ืช MySQL
sudo apt install mysql-server
- ืืคืขืืช ืกืงืจืืคื ืืื ื ืืืืืืื
sudo mysql_secure_installation
ืขื ื ืขื ืืฉืืืืช ืฉื ืฉืืื. ืื ืืื ื ืืืืข ืื ืืขื ืืช, ืื ื ืืื ืืคืฉืจืืืืช ืืืฆืขืืช:
-
ืชืืกืฃ ืืืืืช ืกืืกืื -
N
-
ืืืกืืจ ืืฉืชืืฉืื ืื ืื ืืืืื? โ
Y
-
ืื ืืืคืฉืจ ืื ืืกื ืืฉืืจืฉ ืืจืืืง? โ
N
-
ืืืกืืจ ืืช ืืกื ืื ืชืื ืื ืฉื ืืืืืงื ืืืืฉืช ืืืื? โ
N
-
ืืืขืื ืืืืฉ ืืืืืืช ืืจืฉืืืช ืขืืฉืื? โ
Y
-
ืืื ื ืื ื-MySQL:
sudo mysql
-
ืืืื ื ืกืชืื ืขื ืฉืืืืช ืืืืฉื:
SELECT user,authentication_string,plugin,host FROM mysql.user;
-
ืืืืจ ืกืืกืื ืืฉืืจืฉ:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<ะะฐั ะฟะฐัะพะปั ะดะปั MySQL>';
-
ืืืื ื ืกืชืื ืฉืื ืขื ืฉืืืืช ืืืืฉื:
SELECT user,authentication_string,plugin,host FROM mysql.user;
-
ืืื ืืช ืืฉืื ืืืื ืืฆื ื-MySQL:
FLUSH PRIVILEGES;
ะธexit
-
ืืขืช, ืืื ืืืืื ืก ื-MySQL ืืชื ืฆืจืื ืืืฉืชืืฉ
mysql -u root -p
ืืืื ืืช ืืกืืกืื
ืืชืงื ืช PHP
ืืืื ื ืฉืชืืฉ ืืืืืจ ืฉื ืฆื ืฉืืืฉื ื
sudo apt update
sudo apt install -y curl wget gnupg2 ca-certificates lsb-release apt-transport-https
sudo apt-add-repository ppa:ondrej/php
sudo apt update
ืขืืฉืื ืืืื ื ืืืจ. ืขืืืจ Laravel 7, ืืชื ืืืื ืืืืืจ PHP 7.3 ืื 7.4. ืืืืื ืืืืื ืืืื ืืืกืคืจืื 3 ื-4.
- 7.3:
sudo apt install -y php7.3-fpm php7.3-mysql
- 7.4:
sudo apt install -y php7.4-fpm php7.4-mysql
PHP FastCGI Process Manager (fpm) ืขืืื ืขื ืืงืฉืืช PHP. mysql, ืืืืื, ืืขืืืื ืขื MySQL.
ืืขืืฉืื ืื ื ืืขืฉื ืืื ื-7.4.
ืืืืจืช Nginx
sudo vim /etc/nginx/sites-available/<ะะฐั ะดะพะผะตะฝ>
ืืืงืื "<ืืืืืืื ืฉืื>" ืืื ืืช ืืืืืืื (ืืืืืื, mysite.ru
) ืฉืื ืชืจืฆื ืืืฉืชืืฉ ืืขืชืื. ืื ืืื ืื ืขืืืื ืืื ืืื, ืืชืื ืืื, ืืื ืคืฉืื ืืืืจ ืขื ืืฉืืืื ืืคืจืง ืื ืขืืืจ ืืืืืืื ืฉืื ืืฉืืชื ืืืืจ ืื.
ืืื ืืช ืืคืจืืื ืืืืื:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ะะฐั ะดะพะผะตะฝ ะธะปะธ IP>;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
ืื ืืืจืช ืืืงืื ืืืช ืืืจืกื 7.3 php7.4-fpm.sock
ืืืชืื ืคื ืืื php7.4-fpm.sock
.
ืืืื ืืืฆืืื 80 server_name
ืืืฉืจ ืื ื ืืืืขืื ืืืงืฉืช ืืฉืืจืฉ /var/www/html
ืงื ืืช ืงืืืฅ ืืืื ืืงืก. ืื ืืืจื server_name
ืืฉ ืืฉืื, ืื ืื ื ืืืคืฉืื ืงืืืฅ ืืื. ืื ืื ืื ื ืื ืืืฆืืื ืืช ืื, ืื ืื ื ืืืจืงืื ืืช 404. ืื ืื ื ืืืจ ืขื .php
, ืืจืืฅ ืืจื fpm
... ืื ืืฉ .ht
, ืืืกืืจ (403).
- ืืฆืืจืช ืงืืฉืืจ ื
sites-available
ะฒsites-enabled
:sudo ln -s /etc/nginx/sites-available/<ะะฐั ะดะพะผะตะฝ> /etc/nginx/sites-enabled/
- ืืกืจืช ืืงืืฉืืจ ื
default
:sudo unlink /etc/nginx/sites-enabled/default
- ืืืืง ืฉืืืืืช:
sudo nginx -t
- ืึฐืึทืชืึตื:
sudo systemctl reload nginx
ืืืืงืช ืืขืืืื:
sudo vim /var/www/html/info.php
- ืื ืื ื ืืืชืืื:
<?php phpinfo();
- ืืื ื ืื ื
<ะะฐั IP>/info.php
ืืชื ืืืืจ ืืจืืืช ืืฉืื ืืื:
ืืขืช ื ืืชื ืืืืืง ืืช ืืงืืืฅ ืืื: sudo rm /var/www/html/info.php
ืืชืงื ืืช Laravel
-
7.3:
sudo apt install php7.3-mbstring php7.3-xml composer unzip
-
7.4:
sudo apt install php7.4-mbstring php7.4-xml composer unzip
-
ืืื ื ืื ื-MySQL:
mysql -u root -p
-
ืฆืืจ ืืกื ื ืชืื ืื ืขื ืืฉื laravel:
CREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
-
ืื ื ืืกืคืงืื ืืืฉืช ืฉืืจืฉ ื laravel:
GRANT ALL ON laravel.* TO 'root'@'localhost' IDENTIFIED BY '<ะะฐั ะฟะฐัะพะปั ะพั MySQL>';
-
FLUSH PRIVILEGES;
-
exit
-
cd /var/www/html
-
ืฆืืจ ืชืืงืื ืขืืืจ ืืคืจืืืงื:
sudo mkdir -p <ะะผั ะฟัะพะตะบัะฐ>
-
ืื ื ืืกืคืงืื ืืืฉืชืืฉ laravel ืืืืืืช ืขื ืืคืจืืืงื:
sudo chown laravel:laravel <ะะผั ะฟัะพะตะบัะฐ>
ืืฉืื ืืื ืืชื ืฆืจืื ืืืขืืืจ ืืช ืืคืจืืืงื. ืืืืืื, ืฉืืืื ื-Github.
cd ./<ะะผั ะฟัะพะตะบัะฐ>
git clone <ัััะปะบะฐ ะฝะฐ ะฟัะพะตะบั> .
ืืืื ืืงืืช ืืืฉืืื ืฉืื ืื ืฉืืจืช ืงืืฆืื ืกืืืืื (ืืืืืื, ื /public
) ื- Github, ืื ืืืืื ืฉืื ืืืื ืื ืืืชื. ืืืืืื, ืืฆืจืชื ืฉืจืฉืืจ ื ืคืจื ืืื ืืคืชืืจ ืืช ืื deploy
, ืฉืืื ื ืืืจ ืฉืืืืชื: git clone -b <ะธะผั ะฒะตัะบะธ> --single-branch <ัััะปะบะฐ ะฝะฐ ะฟัะพะตะบั> .
.
- ืืชืงื ืช ืชืืืช:
composer install
- ืฆืืจ โ.env:
vim .env
ืืืจืกื ืืืกืืกืืช ืฉืื ื ืจืืืช ืื:
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://<ะะฐั ะดะพะผะตะฝ>
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=<ะะฐั ะฟะฐัะพะปั ะพั MySQL>
ืื ืชืขืชืืง ืืช ื-.env ืฉืื, ืืืืฃ ืืช APP_ENV ื-Production, APP_DEBUG ื-false ืืืื ืืช ืืืืืจืืช ืื ืืื ืืช ืขืืืจ MySQL.
- ืืขืืจืช ืืกื ืื ืชืื ืื:
php artisan migrate
- ืืฆืืจืช ืืงืื:
php artisan key:generate
ืฉืื ืื ืืจืฉืืืช:
sudo chown -R $USER:www-data storage
sudo chown -R $USER:www-data bootstrap/cache
chmod -R 775 storage
chmod -R 775 bootstrap/cache
ืืืืจ ืืืืจืื ืฉื ืืชืจ ืืื ืืืืืืจ ืืืืฉ ืืช Nginx ืขืืืจ Laravel:
sudo vim /etc/nginx/sites-available/<ะะฐั ะดะพะผะตะฝ>
server {
listen 80;
listen [::]:80;
root /var/www/html/<ะะผั ะฟัะพะตะบัะฐ>/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ะะฐั ะดะพะผะตะฝ ะธะปะธ IP>;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
ืืื ืืคืขื ืืงืืืืช, ืื ืืืจืช ืืืงืื ืืืช ืืืจืกื 7.3 php7.4-fpm.sock
ืืืชืื ืคื ืืื php7.4-fpm.sock
.
ืืืืจืช ืืืืืื ื-DigitalOcean
ืืื ืืขืฆื ืืืื ืคืฉืื. ืืชื ืงืื ื ืืืืืื (ืืื ืืงืื), ืขืืืจ ื-DigitalOcean ื- ืฆืืจ->ืืืืืื ืื/DNS... ืืฉืื ืืืกืฃ ืืืืืื ืืชื ืืืื ืืช ืืืืืืื ืืื ืืืืฅ ืขื ืืืกืฃ. ืืืืจ ืืื ืขืืืจ ืื ืืืืจืืช ืืืืืืื ืืื ืืฉืื ืฉื ืืืจื ืืืืื ืก @. ืืืจ ืคืจืืืงื ืืืืฅ ืฆืืจ ืจืฉืืื.
ืืขืช ืขืืืจ ืืืชืจ ืื ืงื ืืช ืืช ืืืืืืื, ืืฆื ืฉื "ืฉืจืชื DNS" (ืื ืืฉืื ืืืื) ืืืืื ืก ืืฉืจืชื DigitalOcean (ืืืืืจns1.digitalocean.com
,ns2.digitalocean.com
,ns3.digitalocean.com
). ืืขืช ืขืืื ืืืืชืื ืืขื (ืื ืืจืื) ืขื ืฉืืืืืจืืช ืืืื ืืชืงืืื. ืืึผืึธื!
ืืืขืื ืืืืืื ืืื ืฉืืืชืจ ืฉืื ืืืคืชื ืจืง ื-HTTP. ืืื ืืงืื HTTPS, ืขืืจื ืืืืง ืืื.
ืืืืจืช HTTPS
ืืชืงื ืืช certbot ืืืขืืืจ ืื ืืช ืฉื ืืืืืืื (ืคืืจืื mysite.ru
) ืืฉื ืืืืืื ืขื www (www.mysite.ru
).
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx
sudo certbot certonly --webroot --webroot-path=/var/www/html/<ะะผั ะฟัะพะตะบัะฐ>/public -d <ะะฐั ะดะพะผะตะฝ> -d www.<ะะฐั ะดะพะผะตะฝ>
ืืขืช ืขืืื ืืืืืืจ ืืืืฉ ืืช Nginx (ืื ืชืฉืื ืืืืืืฃ ืืช ืืขืจืืื ืฉืื):
server {
listen 80;
listen [::]:80;
server_name <ะะฐั ะดะพะผะตะฝ> www.<ะะฐั ะดะพะผะตะฝ>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name <ะะฐั ะดะพะผะตะฝ> www.<ะะฐั ะดะพะผะตะฝ>;
root /var/www/html/<ะะผั ะฟัะพะตะบัะฐ>/public;
ssl_certificate /etc/letsencrypt/live/<ะะฐั ะดะพะผะตะฝ>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<ะะฐั ะดะพะผะตะฝ>/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
ืื ื ืืืฉื ืฉืืชื ืืืจ ืืืื ืื ืฆืจืื ืืฉื ืืช ืขืืืจ PHP 7.3.
ืืื, ืืืขืฉื, ืืื ืคืฉืื. ืื ื ืคืฉืื ืืคื ืื ืืช ืื ืืืงืฉืืช ื-HTTP (ืืฆืืื 80) ื-HTTPS (ืืฆืืื 443). ืืฉื ืื ืื ื ืขืืฉืื ืืื ืืื ืงืืื, ืืื ืขื ืืฆืคื ื.
ืื ืื ืฉื ืืชืจ ืืื ืืืืืืจ ืืช ืืืจืฉืืืช ืืืืืช ืืืฉ:
sudo nginx -t
sudo ufw app list
sudo ufw allow 'Nginx HTTPS'
sudo ufw status
sudo systemctl reload nginx
ืขืืฉืื ืืื ืืืืจ ืืขืืื ืืื ืฉืฆืจืื.
[ืืชืงืื] ืืชืงื ืช Node.js
ืื ืืชื ืคืชืืื ืฆืจืื ืืืคืขืื ืคืงืืืืช npm ืืฉืืจืืช ืขื ืืฉืจืช, ืืชื ืฆืจืื ืืืชืงืื ืืช Node.js.
sudo apt update
sudo apt install -y nodejs npm
nodejs -v
ืืื, ืืคืกืงืชื ืืฉืื ืืื. ืขืงืจืื ืืช, ืื ื ืืจืืฆื ืืืชืืฆืื. ืืืื ืืขืืืจ ื-DigitalOcean ืืืงืื ืงืจืื ืืืชืจ ืืจืืกืื ืืืื ืืืชืจ. ืืื ืืืืืื ืฉืืืจ ืขืืจืชื ืืช ืื ืกืืื ืืืืืืช ืืืชืจ ืืขืฉืืชื ืฉื ืืื, ืืจืืืชื ืืืชื ืืืืืื. ืื ืืกืฃ, 100$ ืืชืืืืื ืฉืืื ืื ืงืจืฉ ืงืคืืฆื ืืฆืืื ืืืืืื.
ื .ื ืชืืื ืืืืืืช ืืืืืจ
PPS ืื ืืชื ืืืงืจื ืืื ืืก ืืืืื ืฉืืืฉื ืืคืงืืืืช bash, ืืืงืฉื ืื ืชืฉืคืื ืืืืืจื. ืืืชืื ืฉืชืืฆื ืืช ืืืืืจ ืืื ืืจืื ื ืืืื, ืืื ืืืืชื ืฉืื ืืืฆืื ืืื ืืฉืืืืชื ืฆืจืื ืืืชื. ืื ืืฉ ืืฆืขืืช ืืฉืืคืืจ, ืื ื ืืขื.
ืืงืืจ: www.habr.com