Waxaan go'aansaday in aan sameeyo faylalkayga aniga oo isticmaalaya Laravel 7. Si bogga ugu weyn uu u noqdo bogga degitaanka, iyo dhammaan macluumaadka ku yaal waxaa la bedeli karaa iyada oo la adeegsanayo guddiga maamulka. Ma aha barta. Waxay timid in la geeyo. Waxaan helay dhowr waxbarasho oo wanaagsan oo ku saabsan sida tan loo sameeyo server-ka buuxa ee dhibaatooyinka oo dhan. Anigu aad uguma xoog badna keenista; Guud ahaan waxaan ka hor badanahay xidhmada buuxa. Iyo, haddii aan wali ku qori karo oo aan tijaabin karo PHP, ka hor intaanan maamulin server-ka, iwm. Wali ma korin. Laakiin waxay ahayd inaan ogaado.
Hadda waxaan mari doonaa dhammaan tillaabooyinka, laga bilaabo bilawga SSH oo ku dhammaanaya goobta shaqada. Waxaan isku dayi doonaa inaan iska ilaalino dhammaan khadadka.
Waxaa laga yaabaa inaad ka heli karto tilmaamo la mid ah online. Ka dib oo dhan, waxaan ugu dambeyntii helay. Run, ma aha hal meel, ma aha iyada oo aan la helin caawinta StackOverflow, oo ku adag Ruushka. waan dhibay. Taasi waa sababta aan go'aansaday inaan noloshaada u fududeeyo.
Wax kasta waxaan ku samayn doonaa dhibicda DigitalOcean. Tani, dabcan, looma baahna; dooro martigelin kasta. Markaad gaarto server ka shaqeeya Ubuntu, soo noqo. Kuwa wali go'aansada inay ku sameeyaan DigitalOcean, waxaa jiri doona talooyin badan oo ku saabsan dejinta domain. Iyo
Dhammaan tillaabooyinka u gaarka ah DigitalOcean waxa lagu siin doonaa qoraallada hoose ee kuwan oo kale ah.
Aan bilowno.
TL; DR (amarada aasaasiga ah oo keliya)
Abuur isticmaale
ssh root@[IP-Π°Π΄ΡΠ΅Ρ Π²Π°ΡΠ΅Π³ΠΎ Π΄ΡΠΎΠΏΠ»Π΅ΡΠ°]
adduser laravel
usermod -aG sudo laravel
su laravel
Ku dar SSH
mkdir ~/.ssh
chmod 700 ~/.ssh
vim ~/.ssh/authorized_keys
- Geli furaha dadweynaha
chmod 600 ~/.ssh/authorized_keys
Firewall
sudo ufw allow OpenSSH
sudo ufw enable
sudo ufw status
Nginx
sudo apt update
sudo apt install -y nginx
sudo ufw allow 'Nginx HTTP'
sudo ufw status
MySQL
sudo apt install -y mysql-server
sudo mysql_secure_installation
,NYNNY
sudo mysql
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ Π΄Π»Ρ MySQL>';
SELECT user,authentication_string,plugin,host FROM mysql.user;
FLUSH PRIVILEGES;
exit
PHP
-
sudo apt update
-
sudo apt install -y curl wget gnupg2 ca-certificates lsb-release apt-transport-https
-
sudo apt-add-repository ppa:ondrej/php
-
sudo apt update
-
7.3:
sudo apt install -y php7.3-fpm php7.3-mysql
-
7.4:
sudo apt install -y php7.4-fpm php7.4-mysql
-
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Habaynta aasaasiga ah:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Kaliya dejinta HTTP ee Laravel:
server {
listen 80;
listen [::]:80;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Dejinta HTTPS ee Laravel:
server {
listen 80;
listen [::]:80;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
ssl_certificate /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
sudo ln -s /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> /etc/nginx/sites-enabled/
sudo unlink /etc/nginx/sites-enabled/default
sudo nginx -t
sudo systemctl reload nginx
Laravel
-
7.3:
sudo apt install -y php7.3-mbstring php7.3-xml composer unzip
-
7.4:
sudo apt install -y php7.4-mbstring php7.4-xml composer unzip
-
mysql -u root -p
-
CREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
-
GRANT ALL ON laravel.* TO 'root'@'localhost' IDENTIFIED BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>';
-
FLUSH PRIVILEGES;
-
exit
-
cd /var/www/html
-
sudo mkdir -p <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
sudo chown laravel:laravel <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
cd ./<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
git clone <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
/git clone -b <ΠΈΠΌΡ Π²Π΅ΡΠΊΠΈ> --single-branch <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
-
composer install
-
vim .env
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>
-
php artisan migrate
-
php artisan key:generate
-
sudo chown -R $USER:www-data storage
-
sudo chown -R $USER:www-data bootstrap/cache
-
chmod -R 775 storage
-
chmod -R 775 bootstrap/cache
HTTPS
-
sudo add-apt-repository ppa:certbot/certbot
-
sudo apt install -y python-certbot-nginx
-
sudo certbot certonly --webroot --webroot-path=/var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public -d <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> -d www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
-
sudo nginx -t
-
sudo ufw allow 'Nginx HTTPS'
-
sudo ufw status
-
sudo systemctl reload nginx
Ku samee dhibicda DigitalOcean oo iska diwaangeli furaha SSH cusub
Runtii waxaan aaminsanahay inaad ogaan doonto sida aad isaga diiwaan geliso DigitalOcean laftaadu. Ma fududa, iyada oo la hubinayo badan iyo waxyaabo kale. Haddii aad si joogto ah u hesho cilad shabakad markaad xaqiijinayso isticmaalka dukumentiyada, isku day inaad wax walba ku sameyso VPN, waa inay ku caawisaa.
Liiska menu ee sare, dhagsii Abuur->Dhibco. Dooro Ubuntu.
Isla markaad isdiiwaangeliso, waxaad akoonkaaga ku soo dhacaysaa $100. Laakin yaan lagu sirin. Waxaad haysataa 60 maalmood oo kaliya inaad ku qaadato. Tanina aad ayay u yar tahay. Waxaa laga yaabaa inaad, aniga oo kale, rabto inaad isticmaasho qorshe qaali ah, si hadhow, marka lacagta dhabta ah ay bilaabato qulqulka, waxaad u beddeli kartaa mid ka jaban. Waxaan isla markiiba kuu sheegi doonaa in aanay shaqaynayn. Waad kordhin kartaa, laakiin ma dhimi kartid. Markaa way socotaa. anigaa doortay Standard->$5.
Waxaan dooranayaa gobolka noogu dhow Frankfurt. Shabakadda VPC->default-fra1
Waxaan isla markiiba ku samayn doonaa xaqiijinta SSH. Guji Furaha SSH cusub. Haddii aadan haysan SSH, waxaa jira tilmaamo aad u fudud dhanka midig. Fur terminalka bash oo ku dheji
ssh-keygen
. Kadibna waxaan aadeynaa faylka oo wata furaha dadweynaha/Users/<ΠΠ°ΡΠ΅ ΠΈΠΌΡ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Ρ>/.ssh/id_rsa.pub
(ama si fududcat ~/.ssh/id_rsa.pub
), koobiyo waxa ku jira oo ku dheji daaqadda bidixda. Magac kasta.Waxaan la nimid magaca martida loo yahay dhibicda.
Riix Abuur Dhibic
Abuur isticmaale cusub
ssh root@[IP-Π°Π΄ΡΠ΅Ρ Π²Π°ΡΠ΅Π³ΠΎ Π΄ΡΠΎΠΏΠ»Π΅ΡΠ°]
- Ma hubtaa inaad doonayso inaad sii wadato isku xidhka (haa/maya/[faraha])?
yes
- Geli furahaaga SSH
- Abuur isticmaale laravel:
adduser laravel
- Geli eraygaaga sirta ah iyo macluumaadka kale (waxa kaliya oo aan galiyaa magaca buuxa)
- Kudar isticmaalaha kooxda sudo:
usermod -aG sudo laravel
SSH ee isticmaale cusub
- U beddel isticmaale cusub:
su laravel
Waxaan sii wadnaa dhammaan talaabooyinka sii socda, ilaa dhamaadka maqaalka, anagoo ka wakiil ah isticmaale laravel. Sidaa darteed, haddii si lama filaan ah laguu gooyo, dib u soo gal oo gal su laravel
mkdir ~/.ssh
chmod 700 ~/.ssh
vim ~/.ssh/authorized_keys
Waxaan ku furnay faylka Vim. Haddii aadan aqoon u lahayn gabi ahaanba, waxaad ka shaqayn kartaa Nano, midigtaada.
Amarrada Vim ee aasaasiga ah
Si aad u isticmaasho tifaftiraha Vim maqaalka oo dhan, kaliya waxaad u baahan tahay inaad ogaato kuwa soo socda.
- Vim wuxuu leeyahay habab kala duwan: Habka caadiga ah, kaas oo aad geliso amarrada oo aad doorato hababka iyo kuwa kale.
- Si aad uga baxdo qaab kasta oo aad ugu soo noqoto qaabka caadiga ah, kaliya taabo
Esc
- Dhaqso: kaliya waxaad isticmaali kartaa fallaadho
- Bax adiga oo aan waxba kaydsan
<Normal mode>
::q!
- Ka bax oo badbaadi
<Normal mode>
::wq
- U beddel habka gelinta qoraalka
<Normal mode>
:i
(ka yimid Ingiriiska. geli)
- Waxaan galinaa furahayaga dadweynaha (oo aan kor ku samaynay)
- Waxaan ka ilaalinaa isbedelada:
chmod 600 ~/.ssh/authorized_keys
Ku rakibida firewall
- Aynu eegno dhammaan goobaha la heli karo:
sudo ufw app list
- Oggolow OpenSSH (hadii kale way na xidhi doontaa):
sudo ufw allow OpenSSH
- Aan bilowno firewall-ka:
sudo ufw enable
,y
- Hubinta:
sudo ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Wax walba waa fiican yihiin.
Ku rakibida Nginx
Inta lagu jiro rakibidda waxaa mararka qaarkood lagu weydiin doonaa "Ma hubtaa?" Jawaab y
(hagaag, kaliya haddii aad hubto).
sudo apt update
sudo apt install nginx
Ku-daridda Nginx ee goobaha dab-damiska
sudo ufw app list
sudo ufw allow 'Nginx HTTP'
sudo ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Nginx HTTP (v6) ALLOW Anywhere (v6)
Tag IP gaaga Haddii wax waliba si fiican u socdaan, waa inaad aragto kuwan soo socda.
Ku rakibida MySQL
sudo apt install mysql-server
- Bilaabida qoraalka ilaalinta tooska ah
sudo mysql_secure_installation
Ka jawaab su'aalaha la weydiiyay. Haddii aadan garanayn waxaad ka jawaabto, halkan waxaa ah qaar ka mid ah xulashooyinka la soo jeediyay:
-
Xaqiiji furaha sirta ah -
N
-
Ka saar isticmaalayaasha aan la garanayn? -
Y
-
Ma diiddaa in xididka la soo galo meel fog? -
N
-
Ka saar xogta xogta oo geli? -
N
-
Dib u soo deji miisaska mudnaanta hadda? -
Y
-
Aan tagno MySQL:
sudo mysql
-
Aynu eegno hababka gelitaanka:
SELECT user,authentication_string,plugin,host FROM mysql.user;
-
U deji furaha sirta ah xididka:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ Π΄Π»Ρ MySQL>';
-
Aynu eegno hababka gelitaanka mar labaad:
SELECT user,authentication_string,plugin,host FROM mysql.user;
-
Codso isbeddelada oo ka bax MySQL:
FLUSH PRIVILEGES;
ΠΈexit
-
Hadda, si aad u gasho MySQL waxaad u baahan tahay inaad isticmaasho
mysql -u root -p
oo geli furaha sirta ah
Ku rakibida PHP
Aynu isticmaalno kaydka qolo saddexaad
sudo apt update
sudo apt install -y curl wget gnupg2 ca-certificates lsb-release apt-transport-https
sudo apt-add-repository ppa:ondrej/php
sudo apt update
Hadda aynu doorano. Laravel 7, waxaad dooran kartaa PHP 7.3 ama 7.4. Farqiga kaliya ayaa noqon doona tirooyinka 3 iyo 4.
- 7.3:
sudo apt install -y php7.3-fpm php7.3-mysql
- 7.4:
sudo apt install -y php7.4-fpm php7.4-mysql
Maamulaha Habka FastCGI ee PHP (fpm) wuxuu la shaqeeyaa codsiyada PHP. mysql, dabcan, la shaqaynta MySQL.
Hadda wixii ka dambeeya waxaan wax walba ku samayn doonaa 7.4.
Dejinta Nginx
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Halkii "<Your domain>" geli goobta (tusaale ahaan, mysite.ru
) in aad rabto in aad isticmaasho mustaqbalka. Haddii aanad mid weli haysan, qor mid, ka dib kaliya ku celi tillaabooyinka cutubkan boggaaga marka aad doorato.
Geli kuwa soo socda:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Haddii aad dooratay nooca 7.3 php7.4-fpm.sock
ku qor php7.4-fpm.sock
.
Dhegayso dekedda 80 on server_name
markaan gaadhno codsiga xididka /var/www/html
qaado faylka index. Haddii ka dib server_name
Waxaa jira wax, waxaan raadineynaa faylka noocaas ah. Haddaynu heli wayno 404. Hadday ku dhammaato .php
, dhex orod fpm
... Haddii ay jirto .ht
, mamnuuc (403).
- Samaynta isku xidhka
sites-available
Π²sites-enabled
:sudo ln -s /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> /etc/nginx/sites-enabled/
- Ka saarida isku xirka
default
:sudo unlink /etc/nginx/sites-enabled/default
- Hubinta khaladaadka:
sudo nginx -t
- Dib u kici
sudo systemctl reload nginx
Hubinta shaqada:
sudo vim /var/www/html/info.php
- Waxaan qoreynaa:
<?php phpinfo();
- Aan aadno
<ΠΠ°Ρ IP>/info.php
Waa inaad aragto wax sidan oo kale ah:
Hadda faylkan waa la tirtiri karaa: sudo rm /var/www/html/info.php
Ku rakib Laravel
-
7.3:
sudo apt install php7.3-mbstring php7.3-xml composer unzip
-
7.4:
sudo apt install php7.4-mbstring php7.4-xml composer unzip
-
Aan tagno MySQL:
mysql -u root -p
-
Samee xog-ururin leh magaca laravel:
CREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
-
Waxaan bixinaa helitaanka xididka laravel:
GRANT ALL ON laravel.* TO 'root'@'localhost' IDENTIFIED BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>';
-
FLUSH PRIVILEGES;
-
exit
-
cd /var/www/html
-
U samee gal mashruuca:
sudo mkdir -p <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
Waxaan bixinaa isticmaalaha laravel xuquuqda mashruuca:
sudo chown laravel:laravel <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
Marka xigta waxaad u baahan tahay inaad wareejiso mashruuca. Tusaale ahaan, cloning ka Github.
cd ./<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
git clone <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
Waxaa habboon in la tixgeliyo haddii aadan kaydin faylasha taagan (tusaale ahaan, ka /public
) on Github, markaa dabiici ahaan ma heli doontid. Tusaale ahaan, waxaan sameeyay dun gooni ah si aan u xalliyo tan deploy
, kaas oo aan horeyba u soo koobay: git clone -b <ΠΈΠΌΡ Π²Π΅ΡΠΊΠΈ> --single-branch <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
.
- Ku-tiirsanaanta rakibidda:
composer install
- Samee .env:
vim .env
Nooca aasaasiga ah ee ay u egtahay sidan:
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>
Haddii aad nuqul ka sameyso .env kaaga, ku beddel APP_ENV wax soo saar, APP_DEBUG been abuur ah oo geli habka saxda ah ee MySQL.
- Guuritaanka xogta:
php artisan migrate
- Samaynta koodka:
php artisan key:generate
Beddelka oggolaanshaha:
sudo chown -R $USER:www-data storage
sudo chown -R $USER:www-data bootstrap/cache
chmod -R 775 storage
chmod -R 775 bootstrap/cache
Waxa ugu dambeeya ee hadhay waa in dib loo habeeyo Nginx ee Laravel:
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
server {
listen 80;
listen [::]:80;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Sidii markii hore, haddii aad dooratay nooca 7.3 php7.4-fpm.sock
ku qor php7.4-fpm.sock
.
Dejinta domain ka DigitalOcean
Wax walba runtii waa mid aad u fudud. Waxaad iibsanaysaa domain (meel kasta), u beddel DigitalOcean at Abuur->Domains/DNS... Garoonka dhexdiisa Kudar domain waxaad gelisaa domainkan oo guji add. Ka dib u tag goobaha domainka iyo goobta MAGACA MARXUUMKA geli @. Dooro mashruuc oo guji Samee rikoor.
Hadda tag goobta aad ka soo iibsatay domain, ka hel "DNS Servers" halkaas (ama wax la mid ah) oo geli server-yada DigitalOcean (oo ahns1.digitalocean.com
,ns2.digitalocean.com
,ns3.digitalocean.com
). Hadda waxaad u baahan tahay inaad sugto wax yar (ama wax badan) ilaa goobahan la aqbalo. Diyaar!
Dhibaatada kaliya ayaa ah in goobtaadu u furmi doonto kaliya HTTP ahaan. Si aad HTTPS u yeelato, u gudub qaybta xigta.
Dejinta HTTPS
Ku rakib certbot oo gudbi magaca domainka (qaab mysite.ru
iyo magac domain oo leh www (www.mysite.ru
).
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx
sudo certbot certonly --webroot --webroot-path=/var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public -d <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> -d www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Hadda waxaad u baahan tahay inaad dib u habeyn ku sameyso Nginx (ha iloobin inaad bedesho qiyamkaaga):
server {
listen 80;
listen [::]:80;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
ssl_certificate /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
Waxaan u maleynayaa inaad horey u fahantay waxa loo baahan yahay in loo beddelo PHP 7.3.
Halkan, dhab ahaantii, wax walba waa sahlan yihiin. Waxaan si fudud uga wareejinaa dhammaan codsiyada HTTP (dekedda 80) una wareejinaa HTTPS (dekedda 443). Oo halkaas waxaan ku samaynaa wax kasta oo la mid ah sidii hore, laakiin sirta.
Waxa hadhay oo dhan waa in la dejiyo ogolaanshaha dab-darka:
sudo nginx -t
sudo ufw app list
sudo ufw allow 'Nginx HTTPS'
sudo ufw status
sudo systemctl reload nginx
Hadda wax walba waa inay u shaqeeyaan sidii la rabay.
[Advanced] Rakibaadda Node.js
Haddii aad si lama filaan ah ugu baahan tahay inaad amarrada npm si toos ah ugu socodsiiso server-ka, waxaad u baahan tahay inaad rakibto Node.js.
sudo apt update
sudo apt install -y nodejs npm
nodejs -v
Taasi waa, waxaan joojiyay marxaladan. Mabda 'ahaan, waan ku qanacsanahay natiijada. Waxaa laga yaabaa inaan ka beddelo DigitalOcean meel u dhow Ruushka oo ka jaban. Laakiin maadaama aan mar hore soo maray dhammaan wareegyada xaqiijinta ee goobta oo aan wax walba ku sameeyay, waxaan tusay tusaale ahaan. Intaa waxaa dheer, bilawgooda $100 ayaa ah meel aad u fiican oo tababarka ah.
PS Waxaan mahad gaar ah u jeedinayaa qoraaga
PPS Haddii ay dhacdo in aad noqoto injineer sare oo ku fikira amarrada bash, fadlan si adag ha u xukumin. Waxaa laga yaabaa inaad u aragto in maqaalkani yahay mid heerkiisu hooseeyo, laakiin waan ku farxi lahaa inaan helo mid markaan u baahdo. Haddii ay jiraan talooyin ku saabsan hagaajinta, dhammaan waan u jeedaa.
Source: www.habr.com