Niliamua kufanya kwingineko yangu kwa kutumia Laravel 7. Ili ukurasa kuu uwe ukurasa wa kutua, na taarifa zote juu yake zinaweza kubadilishwa kwa kutumia jopo la admin. Sio maana. Ilikuja kupelekwa. Nilipata mafunzo kadhaa mazuri juu ya jinsi ya kufanya hivyo kwenye seva iliyojaa kamili na shida zote. Sina nguvu sana katika kusambaza; kwa ujumla niko mbele zaidi kuliko mrundikano kamili. Na, ikiwa bado ninaweza kuandika na kujaribu katika PHP, basi kabla ya kudhibiti seva, nk. Bado sijakua mtu mzima. Lakini ilinibidi nifikirie.
Sasa tutapitia hatua zote, kuanzia na uzinduzi kupitia SSH na kuishia na tovuti ya kufanya kazi. Tutajaribu kuepuka mitego yote.
Unaweza kupata maagizo sawa mtandaoni. Baada ya yote, hatimaye niliipata. Kweli, si katika sehemu moja, si bila msaada wa StackOverflow, na vigumu katika Kirusi. Niliteseka. Ndio maana nimeamua kurahisisha maisha yako.
Tutafanya kila kitu na droplet kwenye DigitalOcean. Hii, kwa kweli, sio lazima; chagua mwenyeji wowote. Unapofikia seva inayofanya kazi kwenye Ubuntu, rudi. Kwa wale ambao bado wanaamua kuifanya kwenye DigitalOcean, kutakuwa na vidokezo zaidi vya kusanidi kikoa. Na
Hatua zote mahususi za DigitalOcean zitatolewa katika maelezo ya chini kama haya.
Tuanze.
TL;DR (amri za msingi pekee)
Unda mtumiaji
ssh root@[IP-Π°Π΄ΡΠ΅Ρ Π²Π°ΡΠ΅Π³ΠΎ Π΄ΡΠΎΠΏΠ»Π΅ΡΠ°]
adduser laravel
usermod -aG sudo laravel
su laravel
Ongeza SSH kwake
mkdir ~/.ssh
chmod 700 ~/.ssh
vim ~/.ssh/authorized_keys
- Ingiza ufunguo wa umma
chmod 600 ~/.ssh/authorized_keys
Firewall
sudo ufw allow OpenSSH
sudo ufw enable
sudo ufw status
Nginx
sudo apt update
sudo apt install -y nginx
sudo ufw allow 'Nginx HTTP'
sudo ufw status
MySQL
sudo apt install -y mysql-server
sudo mysql_secure_installation
,NYNNY
sudo mysql
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ Π΄Π»Ρ MySQL>';
SELECT user,authentication_string,plugin,host FROM mysql.user;
FLUSH PRIVILEGES;
exit
PHP
-
sudo apt update
-
sudo apt install -y curl wget gnupg2 ca-certificates lsb-release apt-transport-https
-
sudo apt-add-repository ppa:ondrej/php
-
sudo apt update
-
7.3:
sudo apt install -y php7.3-fpm php7.3-mysql
-
7.4:
sudo apt install -y php7.4-fpm php7.4-mysql
-
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Mpangilio wa kimsingi:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Usanidi wa HTTP pekee wa Laravel:
server {
listen 80;
listen [::]:80;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Mpangilio wa HTTPS wa Laravel:
server {
listen 80;
listen [::]:80;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
ssl_certificate /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
sudo ln -s /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> /etc/nginx/sites-enabled/
sudo unlink /etc/nginx/sites-enabled/default
sudo nginx -t
sudo systemctl reload nginx
Laravel
-
7.3:
sudo apt install -y php7.3-mbstring php7.3-xml composer unzip
-
7.4:
sudo apt install -y php7.4-mbstring php7.4-xml composer unzip
-
mysql -u root -p
-
CREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
-
GRANT ALL ON laravel.* TO 'root'@'localhost' IDENTIFIED BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>';
-
FLUSH PRIVILEGES;
-
exit
-
cd /var/www/html
-
sudo mkdir -p <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
sudo chown laravel:laravel <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
cd ./<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
git clone <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
/git clone -b <ΠΈΠΌΡ Π²Π΅ΡΠΊΠΈ> --single-branch <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
-
composer install
-
vim .env
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>
-
php artisan migrate
-
php artisan key:generate
-
sudo chown -R $USER:www-data storage
-
sudo chown -R $USER:www-data bootstrap/cache
-
chmod -R 775 storage
-
chmod -R 775 bootstrap/cache
HTTPS
-
sudo add-apt-repository ppa:certbot/certbot
-
sudo apt install -y python-certbot-nginx
-
sudo certbot certonly --webroot --webroot-path=/var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public -d <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> -d www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
-
sudo nginx -t
-
sudo ufw allow 'Nginx HTTPS'
-
sudo ufw status
-
sudo systemctl reload nginx
Unda droplet kwenye DigitalOcean na usajili ufunguo mpya wa SSH
Ninaamini kabisa kuwa utajua jinsi ya kujiandikisha na DigitalOcean mwenyewe. Sio rahisi, na uthibitishaji mwingi na mambo mengine. Ikiwa mara kwa mara unapata hitilafu ya mtandao wakati wa kuthibitisha kutumia hati, jaribu kufanya kila kitu kupitia VPN, inapaswa kusaidia.
Kwenye menyu iliyo juu, bonyeza Kujenga->Matone. Chagua Ubuntu.
Mara tu unapojiandikisha, utapokea $100 kwenye akaunti yako. Lakini usidanganywe. Una siku 60 pekee za kuitumia. Na hii ni kidogo sana. Unaweza, kama mimi, kutaka kutumia mpango wa gharama kubwa zaidi, ili baadaye, wakati pesa halisi inapoanza, unaweza kubadili kwa bei nafuu. Nitakuambia mara moja kwamba haitafanya kazi. Unaweza kuiongeza, lakini huwezi kuipunguza. Hivyo huenda. na chagua Standard->$5.
Ninachagua mkoa ulio karibu nasi Frankfurt. Mtandao wa VPC->chaguo-msingi-fra1
Tutafanya uthibitishaji mara moja kupitia SSH. Bofya Ufunguo Mpya wa SSH. Ikiwa huna SSH, kuna maagizo rahisi sana upande wa kulia. Fungua terminal ya bash na ubandike
ssh-keygen
. Kisha tunakwenda kwenye faili na ufunguo wa umma/Users/<ΠΠ°ΡΠ΅ ΠΈΠΌΡ ΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΠ΅Π»Ρ>/.ssh/id_rsa.pub
(au kwa urahisicat ~/.ssh/id_rsa.pub
), nakili yaliyomo na ubandike kwenye dirisha upande wa kushoto. Jina lolote.Tunakuja na jina la mwenyeji kwa droplet.
Shinikiza Unda Droplet
Unda mtumiaji mpya
ssh root@[IP-Π°Π΄ΡΠ΅Ρ Π²Π°ΡΠ΅Π³ΠΎ Π΄ΡΠΎΠΏΠ»Π΅ΡΠ°]
- Je, una uhakika unataka kuendelea kuunganisha (ndiyo/hapana/[alama ya vidole])?
yes
- Weka nenosiri lako la SSH
- Unda mtumiaji laravel:
adduser laravel
- Ingiza nenosiri lako na taarifa nyingine (naweka tu Jina Kamili)
- Ongeza mtumiaji kwenye kikundi cha sudo:
usermod -aG sudo laravel
SSH kwa mtumiaji mpya
- Badili hadi kwa mtumiaji mpya:
su laravel
Tunafanya vitendo vyote zaidi, hadi mwisho wa kifungu, kwa niaba ya mtumiaji wa laravel. Kwa hiyo, ikiwa umeingiliwa ghafla, ingia tena na uingie su laravel
mkdir ~/.ssh
chmod 700 ~/.ssh
vim ~/.ssh/authorized_keys
Tulifungua faili katika Vim. Ikiwa huijui kabisa, unaweza kufanya kazi katika Nano, haki yako.
Amri za msingi zaidi za Vim
Ili kutumia hariri ya Vim katika kifungu hicho, unahitaji tu kujua yafuatayo.
- Vim ina njia tofauti: Hali ya kawaida, ambayo huingiza amri na kuchagua modes na wengine.
- Ili kuondoka kwa hali yoyote na kurudi kwenye hali ya kawaida, bonyeza tu
Esc
- Sogeza karibu: unaweza tu kutumia mishale
- Ondoka bila kuhifadhi
<Normal mode>
::q!
- Ondoka na uhifadhi
<Normal mode>
::wq
- Badili hadi modi ya kuingiza maandishi
<Normal mode>
:i
(kutoka kwa Kiingereza. Kuingiza)
- Tunaingiza ufunguo wetu wa umma (ambao tulifanya hapo juu)
- Tunalinda dhidi ya mabadiliko:
chmod 600 ~/.ssh/authorized_keys
Kuweka firewall
- Wacha tuangalie mipangilio yote inayopatikana:
sudo ufw app list
- Ruhusu OpenSSH (vinginevyo itatufunga):
sudo ufw allow OpenSSH
- Wacha tuzindue firewall:
sudo ufw enable
,y
- Tunaangalia:
sudo ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Kila kitu kiko sawa.
Inasakinisha Nginx
Wakati wa ufungaji wakati mwingine utaulizwa "Je! una uhakika?" Jibu y
(vizuri, tu ikiwa una uhakika).
sudo apt update
sudo apt install nginx
Kuongeza Nginx kwenye mipangilio ya ngome
sudo ufw app list
sudo ufw allow 'Nginx HTTP'
sudo ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Nginx HTTP (v6) ALLOW Anywhere (v6)
Nenda kwa IP yako. Ikiwa kila kitu kinakwenda vizuri, unapaswa kuona zifuatazo.
Inasakinisha MySQL
sudo apt install mysql-server
- Inazindua hati ya ulinzi otomatiki
sudo mysql_secure_installation
Jibu maswali yaliyoulizwa. Ikiwa hujui la kujibu, hapa kuna chaguzi zilizopendekezwa:
-
Thibitisha programu-jalizi ya nenosiri -
N
-
Ungependa kuondoa watumiaji wasiojulikana? -
Y
-
Je, ungependa kuruhusu kuingia kwa mizizi kwa mbali? -
N
-
Je, ungependa kuondoa hifadhidata ya majaribio na uifikie? -
N
-
Pakia upya majedwali ya haki sasa? -
Y
-
Wacha tuende kwa MySQL:
sudo mysql
-
Wacha tuangalie njia za ufikiaji:
SELECT user,authentication_string,plugin,host FROM mysql.user;
-
Weka nenosiri la mizizi:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ Π΄Π»Ρ MySQL>';
-
Wacha tuangalie tena njia za ufikiaji:
SELECT user,authentication_string,plugin,host FROM mysql.user;
-
Tumia mabadiliko na utoke kwenye MySQL:
FLUSH PRIVILEGES;
ΠΈexit
-
Sasa, ili kuingia kwenye MySQL unahitaji kutumia
mysql -u root -p
na ingiza nenosiri
Inasakinisha PHP
Wacha tutumie hazina ya mtu wa tatu kutoka
sudo apt update
sudo apt install -y curl wget gnupg2 ca-certificates lsb-release apt-transport-https
sudo apt-add-repository ppa:ondrej/php
sudo apt update
Sasa tuchague. Kwa Laravel 7, unaweza kuchagua PHP 7.3 au 7.4. Tofauti pekee itakuwa katika nambari 3 na 4.
- 7.3:
sudo apt install -y php7.3-fpm php7.3-mysql
- 7.4:
sudo apt install -y php7.4-fpm php7.4-mysql
Kidhibiti Mchakato wa PHP FastCGI (fpm) hufanya kazi na maombi ya PHP. mysql, kwa kweli, kwa kufanya kazi na MySQL.
Kuanzia sasa nitafanya kila kitu mnamo 7.4.
Kuanzisha Nginx
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Badala ya "<Kikoa chako>" ingiza kikoa (kwa mfano, mysite.ru
) ambayo ungependa kutumia katika siku zijazo. Ikiwa bado huna, andika yoyote, kisha rudia tu hatua katika sura hii kwa kikoa chako unapokichagua.
Weka yafuatayo:
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Ikiwa ulichagua toleo la 7.3 badala yake php7.4-fpm.sock
andika ndani php7.4-fpm.sock
.
Sikiliza port 80 on server_name
tunapofikia ombi la mizizi /var/www/html
chukua faili ya index. Ikiwa baada ya server_name
Kuna kitu, tunatafuta faili kama hiyo. Ikiwa hatupati, tunatupa nje 404. Ikiwa inaisha na .php
, pitia fpm
... Kama ipo .ht
, marufuku (403).
- Kutengeneza kiungo kutoka
sites-available
Π²sites-enabled
:sudo ln -s /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> /etc/nginx/sites-enabled/
- Kuondoa kiungo kwa
default
:sudo unlink /etc/nginx/sites-enabled/default
- Inatafuta makosa:
sudo nginx -t
- Washa upya:
sudo systemctl reload nginx
Kukagua kazi:
sudo vim /var/www/html/info.php
- Tunaandika:
<?php phpinfo();
- Twende
<ΠΠ°Ρ IP>/info.php
Unapaswa kuona kitu kama hiki:
Sasa faili hii inaweza kufutwa: sudo rm /var/www/html/info.php
Weka Laravel
-
7.3:
sudo apt install php7.3-mbstring php7.3-xml composer unzip
-
7.4:
sudo apt install php7.4-mbstring php7.4-xml composer unzip
-
Wacha tuende kwa MySQL:
mysql -u root -p
-
Unda hifadhidata yenye jina laravel:
CREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
-
Tunatoa ufikiaji wa mizizi laravel:
GRANT ALL ON laravel.* TO 'root'@'localhost' IDENTIFIED BY '<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>';
-
FLUSH PRIVILEGES;
-
exit
-
cd /var/www/html
-
Unda folda ya mradi:
sudo mkdir -p <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
-
Tunatoa mtumiaji laravel haki za mradi:
sudo chown laravel:laravel <ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
Ifuatayo, unahitaji kuhamisha mradi. Kwa mfano, cloning kutoka Github.
cd ./<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>
git clone <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
Inafaa kuzingatia kwamba ikiwa haukuhifadhi faili tuli (kwa mfano, kutoka /public
) kwenye Github, basi kwa asili hautakuwa nazo. Kwa mfano, niliunda thread tofauti ili kutatua hili deploy
, ambayo tayari nimeunda: git clone -b <ΠΈΠΌΡ Π²Π΅ΡΠΊΠΈ> --single-branch <ΡΡΡΠ»ΠΊΠ° Π½Π° ΠΏΡΠΎΠ΅ΠΊΡ> .
.
- Kufunga tegemezi:
composer install
- Unda .env:
vim .env
Toleo la msingi lake linaonekana kama hii:
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel
DB_USERNAME=root
DB_PASSWORD=<ΠΠ°Ρ ΠΏΠ°ΡΠΎΠ»Ρ ΠΎΡ MySQL>
Ukinakili .env yako, badilisha APP_ENV na toleo la umma, APP_DEBUG na sivyo na uweke mipangilio sahihi ya MySQL.
- Kuhamisha hifadhidata:
php artisan migrate
- Inazalisha kanuni:
php artisan key:generate
Kubadilisha ruhusa:
sudo chown -R $USER:www-data storage
sudo chown -R $USER:www-data bootstrap/cache
chmod -R 775 storage
chmod -R 775 bootstrap/cache
Jambo la mwisho lililobaki ni kusanidi tena Nginx kwa Laravel:
sudo vim /etc/nginx/sites-available/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
server {
listen 80;
listen [::]:80;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½ ΠΈΠ»ΠΈ IP>;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
}
Kama mara ya mwisho, ikiwa ulichagua toleo la 7.3 badala yake php7.4-fpm.sock
andika ndani php7.4-fpm.sock
.
Kuweka kikoa kwenye DigitalOcean
Kila kitu ni kweli rahisi sana. Unanunua kikoa (popote), badilisha hadi DigitalOcean saa Kujenga->Vikoa/DNS... Uwanjani Ongeza kikoa unaingiza kikoa hiki na ubofye ongeza. Kisha nenda kwa mipangilio ya kikoa na kwenye shamba JINA LA MWENYEJI ingia @. Chagua mradi na ubofye Unda rekodi.
Sasa nenda kwenye tovuti ambayo ulinunua kikoa, pata "Seva za DNS" hapo (au kitu sawa) na uingize seva za DigitalOcean (yaani.ns1.digitalocean.com
,ns2.digitalocean.com
,ns3.digitalocean.com
) Sasa unahitaji kusubiri kidogo (au mengi) hadi mipangilio hii itakubaliwa. Tayari!
Shida pekee ni kwamba tovuti yako itafungua tu kama HTTP. Ili kuwa na HTTPS, nenda kwenye sehemu inayofuata.
Inaweka HTTPS
Sakinisha certbot na uipitishe jina la kikoa (format mysite.ru
) na jina la kikoa na www (www.mysite.ru
).
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx
sudo certbot certonly --webroot --webroot-path=/var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public -d <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> -d www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>
Sasa unahitaji kusanidi tena Nginx (usisahau kubadilisha maadili yako):
server {
listen 80;
listen [::]:80;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name <ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½> www.<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>;
root /var/www/html/<ΠΠΌΡ ΠΏΡΠΎΠ΅ΠΊΡΠ°>/public;
ssl_certificate /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<ΠΠ°Ρ Π΄ΠΎΠΌΠ΅Π½>/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
Nadhani tayari unaelewa kile kinachohitaji kubadilishwa kwa PHP 7.3.
Hapa, kwa kweli, kila kitu ni rahisi. Tunaelekeza upya maombi yote kutoka kwa HTTP (bandari 80) hadi HTTPS (bandari 443). Na huko tunafanya kila kitu sawa na hapo awali, lakini kwa usimbaji fiche.
Kilichobaki ni kuweka ruhusa kwenye firewall:
sudo nginx -t
sudo ufw app list
sudo ufw allow 'Nginx HTTPS'
sudo ufw status
sudo systemctl reload nginx
Sasa kila kitu kinapaswa kufanya kazi kama inavyopaswa.
[Advanced] Inasakinisha Node.js
Ikiwa unahitaji ghafla kuendesha amri za npm moja kwa moja kwenye seva, unahitaji kusakinisha Node.js.
sudo apt update
sudo apt install -y nodejs npm
nodejs -v
Hiyo ni, nilisimama katika hatua hii. Kimsingi, nimeridhika na matokeo. Labda nitabadilisha kutoka DigitalOcean mahali pengine karibu na Urusi na kwa bei nafuu. Lakini kwa kuwa nilikuwa tayari nimepitia raundi zote za uthibitishaji kwenye tovuti na kufanya kila kitu huko, niliwaonyesha kwa mfano. Kwa kuongezea, kuanzia kwao $100 ni njia bora ya mafunzo.
PS Shukrani za pekee kwa mwandishi
PPS Ikiwa wewe ni mhandisi wa juu ambaye anafikiria katika amri za bash, tafadhali usihukumu kwa ukali. Unaweza kupata makala hii kuwa ya kiwango cha chini, lakini ningefurahi kupata moja nilipohitaji. Ikiwa kuna mapendekezo ya kuboresha, niko tayari.
Chanzo: mapenzi.com