Ndakasarudza kugadzira portfolio yangu ndichishandisa Laravel 7. Kuti peji huru ive peji yekumhara, uye ruzivo rwese pairi runogona kuchinjwa uchishandisa admin panel. Kwete iyo pfungwa. Kwakasvika pakutumirwa. Ndakawana akati wandei matutorials akanaka ekuita izvi pane yakazara-yakazara server nematambudziko ese. Ini handina kusimba zvakanyanya mukutumirwa; ini kazhinji ndiri kumberi kupfuura yakazara stack. Uye, kana ndichiri kugona kunyora uye kuyedza muPHP, saka ndisati ndabata sevha, nezvimwe. Handisati ndakura. Asi ndaifanira kuzvinzwisisa.
Iye zvino tichapfuura nematanho ese, kutanga nekutanga kuburikidza neSSH uye kupera nesaiti yekushanda. Tichaedza kunzvenga misungo yese.
Unogona kuwana mirairo yakafanana pamhepo. Pashure pezvose, pakupedzisira ndakaiwana. Ichokwadi, kwete munzvimbo imwe chete, kwete pasina rubatsiro rweStackOverflow, uye zvishoma muRussia. Ndakatambura. Ndosaka ndafunga kurerutsa hupenyu hwako.
Tichaita zvese nedonhwe paDigitalOcean. Izvi, hongu, hazvidiwi; sarudza chero yekutambira. Paunosvika kune server inoshanda paUbuntu, dzoka. Kune avo vachiri kufunga kuzviita paDigitalOcean, pachave nemamwe matipi ekumisikidza domain. Uye
Ese DigitalOcean-chaiwo matanho achapihwa muzasi manyoro akadai.
Ngatitange.
TL; DR (zvakakosha mirairo chete)
Gadzira mushandisi
ssh root@[IP-Π°Π΄ΡΠ΅Ρ Π²Π°ΡΠ΅Π³ΠΎ Π΄ΡΠΎΠΏΠ»Π΅ΡΠ°]
adduser laravel
usermod -aG sudo laravel
su laravel
Wedzera SSH kwairi
mkdir ~/.ssh
chmod 700 ~/.ssh
vim ~/.ssh/authorized_keys
- Isa kiyi yeruzhinji
chmod 600 ~/.ssh/authorized_keys
Firewall
sudo ufw allow OpenSSH
sudo ufw enable
sudo ufw status
Nginx
sudo apt update
sudo apt install -y nginx
sudo ufw allow 'Nginx HTTP'
sudo ufw status
MySQL
sudo apt install -y mysql-server
sudo mysql_secure_installation
,NYNNY
sudo mysql
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ Π΄Π»Ρ MySQL>';
SELECT user,authentication_string,plugin,host FROM mysql.user;
FLUSH PRIVILEGES;
exit
PHP
-
sudo apt update
-
sudo apt install -y curl wget gnupg2 ca-certificates lsb-release apt-transport-https
-
sudo apt-add-repository ppa:ondrej/php
-
sudo apt update
-
7.3:
sudo apt install -y php7.3-fpm php7.3-mysql
-
7.4:
sudo apt install -y php7.4-fpm php7.4-mysql
-
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Basic setup:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Chete HTTP setup yeLaravel:
server {
listen 80;
listen [::]:80;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
HTTPS marongero eLaravel:
server {
listen 80;
listen [::]:80;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
ssl_certificate /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
sudo ln -s /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> /etc/nginx/sites-enabled/
sudo unlink /etc/nginx/sites-enabled/default
sudo nginx -t
sudo systemctl reload nginx
Laravel
-
7.3:
sudo apt install -y php7.3-mbstring php7.3-xml composer unzip
-
7.4:
sudo apt install -y php7.4-mbstring php7.4-xml composer unzip
-
mysql -u root -p
-
CREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
-
GRANT ALL ON laravel.* TO 'root'@'localhost' IDENTIFIED BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>';
-
FLUSH PRIVILEGES;
-
exit
-
cd /var/www/html
-
sudo mkdir -p <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
sudo chown laravel:laravel <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
cd ./<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
git clone <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
/git clone -b <ΠΈΠΌΡ Π²Π΅ΡΠΊΠΈ> --single-branch <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
-
composer install
-
vim .env
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>
-
php artisan migrate
-
php artisan key:generate
-
sudo chown -R $USER:www-data storage
-
sudo chown -R $USER:www-data bootstrap/cache
-
chmod -R 775 storage
-
chmod -R 775 bootstrap/cache
HTTPS
-
sudo add-apt-repository ppa:certbot/certbot
-
sudo apt install -y python-certbot-nginx
-
sudo certbot certonly --webroot --webroot-path=/var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public -d <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> -d www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
-
sudo nginx -t
-
sudo ufw allow 'Nginx HTTPS'
-
sudo ufw status
-
sudo systemctl reload nginx
Gadzira chinodonhedza paDigitalOcean uye nyoresa kiyi itsva yeSSH
Ini ndinotenda zvechokwadi kuti iwe unozoona nzira yekunyoresa nayo DigitalOcean iwe pachako. Hazvisi nyore, zvine akawanda ma verification nezvimwe zvinhu. Kana iwe uchigara uchiwana kukanganisa kwetiweki paunenge uchisimbisa uchishandisa zvinyorwa, edza kuita zvese kuburikidza neVPN, zvinofanirwa kubatsira.
Mune menyu kumusoro, tinya sika->Twumadonhwe. Sarudza Ubuntu.
Paunongonyoresa, iwe unogashira $100 kuaccount yako. Asi usanyengerwa. Unongova nemazuva makumi matanhatu chete kuti uzvipedze. Uye izvi zvishoma. Iwe unogona, kufanana neni, unoda kushandisa chirongwa chinodhura, kuitira kuti gare gare, apo mari chaiyo inotanga kuyerera, unogona kushandura kune inodhura. Ini ndichakuudza pakarepo kuti hazvishande. Iwe unogona kuwedzera, asi haugone kuderedza. Saka zvinoenda. Ndinosarudza Standard->$5.
Ndinosarudza nzvimbo iri pedyo nesu muFrankfurt. VPC Network->default-fra1
Isu tinobva taita huchokwadi kuburikidza neSSH. Dzvanya Nyowani SSH Key. Kana iwe usina SSH, kune mirairo yakapusa kurudyi. Vhura bash terminal uye unamate
ssh-keygen
. Zvadaro tinoenda kune faira nekiyi yeruzhinji/Users/<ΠΠ°ΡΠ΅ ΠΈΠΌΡ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Ρ>/.ssh/id_rsa.pub
(kana zvakapusacat ~/.ssh/id_rsa.pub
), kopira zvirimo wozvinamira mufafitera riri kuruboshwe. Chero zita.Isu tinouya nezita remugadziri weiyo droplet.
Dinani pano Gadzira Droplet
Gadzira mushandisi mutsva
ssh root@[IP-Π°Π΄ΡΠ΅Ρ Π²Π°ΡΠ΅Π³ΠΎ Π΄ΡΠΎΠΏΠ»Π΅ΡΠ°]
- Une chokwadi here kuti unoda kuenderera mberi nekubatanidza (hongu/kwete/[mudhindo wemunwe])?
yes
- Isa password yako yeSSH
- Gadzira mushandisi laravel:
adduser laravel
- Isa password yako uye rumwe ruzivo (ini ndinongoisa Zita Rakazara)
- Wedzera mushandisi kuboka re sudo:
usermod -aG sudo laravel
SSH yemushandisi mutsva
- Chinja kumushandisi mutsva:
su laravel
Isu tinoita zviito zvese mberi, kusvika pakupera kwechinyorwa, takamiririra mushandisi welaravel. Naizvozvo, kana ukangoerekana wavhiringwa, pindazve uye upinde su laravel
mkdir ~/.ssh
chmod 700 ~/.ssh
vim ~/.ssh/authorized_keys
Takavhura faira muVim. Kana usiri kujairana nazvo zvachose, unogona kushanda muNano, kurudyi rwako.
Iwo akanyanya kukosha Vim mirairo
Kuti ushandise Vim mupepeti muchinyorwa chose, iwe unongoda kuziva zvinotevera.
- Vim ine mamodhi akasiyana: Yakajairika modhi, yaunopinda mairi mirairo uye sarudza modes uye nevamwe.
- Kubuda chero modhi uye kudzokera kune yakajairwa modhi, ingo dzvanya
Esc
- Famba-famba: unogona kungoshandisa miseve
- Buda usina kuchengetedza
<Normal mode>
::q!
- Buda uye chengetedza
<Normal mode>
::wq
- Chinja kumodhi yekuisa mavara
<Normal mode>
:i
(kubva kuChirungu. isa)
- Isu tinoisa kiyi yedu yeruzhinji (yatakaita pamusoro)
- Isu tinodzivirira kubva kune shanduko:
chmod 600 ~/.ssh/authorized_keys
Kuisa firewall
- Ngatitarisei ese anowanikwa marongero:
sudo ufw app list
- Bvumira OpenSSH (zvikasadaro ichatikiya):
sudo ufw allow OpenSSH
- Ngatitangei firewall:
sudo ufw enable
,y
- Tinotarisa:
sudo ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Zvese zvakanaka.
Kuisa Nginx
Panguva yekuisa iwe dzimwe nguva unozobvunzwa "Une chokwadi here?" Pindura y
(zvakanaka, chete kana uine chokwadi).
sudo apt update
sudo apt install nginx
Kuwedzera Nginx kune firewall marongero
sudo ufw app list
sudo ufw allow 'Nginx HTTP'
sudo ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Nginx HTTP (v6) ALLOW Anywhere (v6)
Enda kuIP yako. Kana zvinhu zvose zvikafamba zvakanaka, unofanira kuona zvinotevera.
Kuisa MySQL
sudo apt install mysql-server
- Kuvhura otomatiki kudzivirira script
sudo mysql_secure_installation
Pindura mibvunzo yabvunzwa. Kana usingazive chekupindura, hedzino dzimwe sarudzo dzinokurudzirwa:
-
Bvisa password plugin -
N
-
Bvisa vashandisi vasingazivikanwe? -
Y
-
Usatendera midzi kupinda kure? -
N
-
Bvisa test database uye kuwana kwairi? -
N
-
Rodhazve matafura eropafadzo izvozvi? -
Y
-
Ngatiende kuMySQL:
sudo mysql
-
Ngatitarisei nzira dzekuwana:
SELECT user,authentication_string,plugin,host FROM mysql.user;
-
Seta password yemidzi:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ Π΄Π»Ρ MySQL>';
-
Ngatitarisei nzira dzekuwana zvakare:
SELECT user,authentication_string,plugin,host FROM mysql.user;
-
Isa shanduko uye buda muMySQL:
FLUSH PRIVILEGES;
ΠΈexit
-
Iye zvino, kuti upinde muMySQL yaunoda kushandisa
mysql -u root -p
uye isa password
Kuisa PHP
Ngatishandisei yechitatu-bato repository kubva
sudo apt update
sudo apt install -y curl wget gnupg2 ca-certificates lsb-release apt-transport-https
sudo apt-add-repository ppa:ondrej/php
sudo apt update
Zvino ngatisarudzei. YeLaravel 7, unogona kusarudza PHP 7.3 kana 7.4. Musiyano chete uchange uri munhamba 3 ne4.
- 7.3:
sudo apt install -y php7.3-fpm php7.3-mysql
- 7.4:
sudo apt install -y php7.4-fpm php7.4-mysql
PHP FastCGI Process Manager (fpm) inoshanda nezvikumbiro zvePP. mysql, hongu, yekushanda neMySQL.
Kubva zvino zvichienda mberi ndichaita zvese pa7.4.
Kugadzika Nginx
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Panzvimbo pe "<Yako domain>" isa iyo domain (semuenzaniso, mysite.ru
) yaunoda kushandisa mune ramangwana. Kana iwe usati wava nayo, nyora chero, wobva wadzokorora nhanho dziri muchitsauko chino chedomasi yako paunosarudza.
Isa zvinotevera:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Kana ukasarudza vhezheni 7.3 pane php7.4-fpm.sock
nyora mukati php7.4-fpm.sock
.
Teerera kune port 80 pa server_name
patinosvika pakukumbira mudzi /var/www/html
tora index file. Kana mushure server_name
Pane chimwe chinhu, tiri kutsvaga faira yakadaro. Kana tikasaiwana, tinorasa kunze 404. Kana yapera nayo .php
, mhanya fpm
... Kana aripo .ht
, rambidza (403).
- Kugadzira link kubva
sites-available
Π²sites-enabled
:sudo ln -s /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> /etc/nginx/sites-enabled/
- Kubvisa chinongedzo ku
default
:sudo unlink /etc/nginx/sites-enabled/default
- Kutarisa kukanganisa:
sudo nginx -t
- Reboot:
sudo systemctl reload nginx
Kuongorora basa:
sudo vim /var/www/html/info.php
- Tinonyora:
<?php phpinfo();
- Handei ku
<ΠΠ°Ρ IP>/info.php
Iwe unofanirwa kuona chimwe chinhu chakadai:
Iye zvino faira iri rinogona kudzimwa: sudo rm /var/www/html/info.php
Isa Laravel
-
7.3:
sudo apt install php7.3-mbstring php7.3-xml composer unzip
-
7.4:
sudo apt install php7.4-mbstring php7.4-xml composer unzip
-
Ngatiende kuMySQL:
mysql -u root -p
-
Gadzira database ine zita laravel:
CREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
-
Isu tinopa midzi yekuwana laravel:
GRANT ALL ON laravel.* TO 'root'@'localhost' IDENTIFIED BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>';
-
FLUSH PRIVILEGES;
-
exit
-
cd /var/www/html
-
Gadzira folda yeprojekiti:
sudo mkdir -p <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
Isu tinopa mushandisi laravel kodzero kupurojekiti:
sudo chown laravel:laravel <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
Tevere unofanira kutamisa purojekiti. Semuenzaniso, cloning kubva kuGithub.
cd ./<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
git clone <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
Zvakakodzera kufunga kuti kana usina kuchengetedza static mafaira (semuenzaniso, kubva /public
) paGithub, saka zvakasununguka hauzove nazvo. Semuenzaniso, ndakagadzira tambo yakaparadzana kugadzirisa izvi deploy
, kubva kwandakatogadzira: git clone -b <ΠΈΠΌΡ Π²Π΅ΡΠΊΠΈ> --single-branch <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
.
- Installing dependencies:
composer install
- Create .env:
vim .env
Iyo yekutanga vhezheni yayo inoita seizvi:
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>
Kana ukakopa .env yako, chinja APP_ENV nekugadzira, APP_DEBUG nenhema uye isa zvigadziriso zveMySQL.
- Kutamisa dhatabhesi:
php artisan migrate
- Kugadzira kodhi:
php artisan key:generate
Kuchinja mvumo:
sudo chown -R $USER:www-data storage
sudo chown -R $USER:www-data bootstrap/cache
chmod -R 775 storage
chmod -R 775 bootstrap/cache
Chinhu chekupedzisira chasara kugadzirisazve Nginx yeLaravel:
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
server {
listen 80;
listen [::]:80;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Senguva yekupedzisira, kana ukasarudza vhezheni 7.3 pachinzvimbo php7.4-fpm.sock
nyora mukati php7.4-fpm.sock
.
Kumisikidza domain paDigitalOcean
Zvese zviri nyore chaizvo. Iwe unotenga domain (chero kupi), chinja kuDigitalOcean pa sika->Domains/DNS... Mumunda Wedzera domain iwe pinda iyi domain uye tinya wedzera. Wobva waenda kune zvigadziriso zvedomasi uye kumunda ZITA REHOST kupinda @. Sarudza chirongwa uye tinya Gadzira rekodhi.
Zvino enda kunzvimbo yawakatenga iyo dura, tsvaga "DNS Servers" ipapo (kana chimwe chinhu chakafanana) uye pinda iyo DigitalOcean maseva (kureva.ns1.digitalocean.com
,ns2.digitalocean.com
,ns3.digitalocean.com
) Iye zvino unofanirwa kumirira zvishoma (kana zvakawanda) kusvikira zvigadziriso izvi zvagamuchirwa. Ready!
Dambudziko chete nderekuti saiti yako inovhura chete seHTTP. Kuti uve neHTTPS, enda kune chikamu chinotevera.
Kugadzika HTTPS
Isa certbot uye uipfuudze iyo zita rezita (format mysite.ru
) uye zita rezita rine www (www.mysite.ru
).
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx
sudo certbot certonly --webroot --webroot-path=/var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public -d <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> -d www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Iye zvino iwe unofanirwa kugadzirisazve Nginx (usakanganwa kutsiva yako tsika):
server {
listen 80;
listen [::]:80;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
ssl_certificate /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
Ini ndinofunga iwe unotonzwisisa izvo zvinoda kuchinjirwa PHP 7.3.
Pano, chaizvoizvo, zvinhu zvose zviri nyore. Isu tinongotungamira zvese zvikumbiro kubva kuHTTP (port 80) kuenda kuHTTPS (port 443). Uye ipapo tinoita zvese zvakafanana nekare, asi ne encryption.
Chinosara ndechekuisa mvumo mune firewall:
sudo nginx -t
sudo ufw app list
sudo ufw allow 'Nginx HTTPS'
sudo ufw status
sudo systemctl reload nginx
Iye zvino zvinhu zvose zvinofanira kushanda sezvazvinofanira.
[Yepamusoro] Kuisa Node.js
Kana iwe ukangoerekana wada kumhanya npm mirairo zvakananga pane sevha, unofanirwa kuisa Node.js.
sudo apt update
sudo apt install -y nodejs npm
nodejs -v
Ndizvozvo, ndakamira panguva ino. Muchidimbu, ndinogutsikana nemugumisiro. Pamwe ini ndichachinja kubva kuDigitalOcean kumwe kudhuze neRussia uye yakachipa. Asi sezvo ndakanga ndatopfuura nepakati pese kutenderera kutenderera pane saiti uye ndakaita zvese ipapo, ndakavaratidza nemuenzaniso. Pamusoro pezvo, kutanga kwavo $100 ibhodhi rakanakisa rekudzidziswa.
PS Kutenda kwakakosha kumunyori
PPS Kana iwe ukaitika uri injinjiniya wepamusoro anofunga mumirairo yebash, ndapota usatonge nehasha. Unogona kuona kuti chinyorwa ichi chakaderera, asi ndingadai ndakafara kuchiwana pandakachida. Kana pane mazano ekuvandudza, ini ndinozviita.
Source: www.habr.com