Deployment Guide for Ubuntu Server from Scratch with Laravel
title: Setting Up Laravel in Ubuntu / DigitalOcean keywords: servers, laravel, coderstape, coder's tape description: Let's take a look at settting up a server from scratch for Laravel. date: April 1, 2019 tags: servers, laravel permalink: setting-up-laravel-in-ubuntu-digitalocean img: https://coderstape.com/storage/uploads/GZTXUbyGum2xeUZM9qBD5aPv8EKLwG3C8RGcRon4.jpeg author: Victor Gonzalez authorlink: https://github.com/vicgonvt
In this post, we are looking at the steps necessary to create an Ubuntu droplet in DigitalOcean from scratch. This is the companion guide to the video series in Laravel 5.8 from scrath. Follow along with those to get the video guide.
Part 1 https://coderstape.com/lesson/112-deployment-basic-server-setup-part-1
Part 2 https://coderstape.com/lesson/113-deployment-basic-server-setup-part-2
Part 3 https://coderstape.com/lesson/114-deployment-basic-server-setup-part-3
ssh root@[DROPLET IP ADDRESS]
adduser laravel
usermod -aG sudo laravel
ssh-keygen
ls ~/.ssh
to show files in local machinecat ~/.ssh/id_rsa.pub
cd ~/.ssh
and vim authorized_keys
su laravel
then mkdir ~/.ssh
fix permissions chmod 700 ~/.ssh
vim ~/.ssh/authorized_keys
and paste keychmod 600 ~/.ssh/authorized_keys
to restrict this from being modifiedexit
to return to root usersudo vim /etc/ssh/sshd_config
no
PubkeyAuthentication yes
ChallengeResponseAuthentication no
sudo systemctl reload sshd
sudo ufw app list
sudo ufw allow OpenSSH
sudo ufw enable
sudo ufw status
sudo apt update
enter root passwordsudo apt install nginx
enter Y to installsudo ufw app list
For firewallsudo ufw allow 'Nginx HTTP'
to add NGINXsudo ufw status
to verify changesudo apt install mysql-server
enter Y to installsudo mysql_secure_installation
to run automated securing scriptY
N
Y
Y
sudo mysql
to enter MySQL CLISELECT user,authentication_string,plugin,host FROM mysql.user;
to verify root user's auth methodALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'STRONG_PASSWORD_HERE';
to set a root passwordSELECT user,authentication_string,plugin,host FROM mysql.user;
to verify root user's auth methodFLUSH PRIVILEGES;
to apply all changesmysql -u root -p
to access db from now on, enter password STRONG_PASSWORD_HERE
sudo add-apt-repository universe
to add software reposudo apt install php-fpm php-mysql
to install the basic PHP softwaresudo vim /etc/nginx/sites-available/YOUR.DOMAIN.COM
server {
listen 80;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name YOUR.DOMAIN.COM;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
sudo ln -s /etc/nginx/sites-available/YOUR.DOMAIN.COM /etc/nginx/sites-enabled/
to create symlink to enabled sitessudo unlink /etc/nginx/sites-enabled/default
to remove default linksudo nginx -t
test the whole configsudo systemctl reload nginx
to apply all changessudo vim /var/www/html/info.php
to start a new PHP file, fill it with <?php phpinfo();sudo rm /var/www/html/info.php
optional command to get rid of test filesudo apt-get install php7.2-mbstring php7.2-xml composer unzip
mysql -u root -p
Login to create the Laravel DBCREATE DATABASE laravel DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
GRANT ALL ON laravel.* TO 'laraveluser'@'localhost' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
exit
cd /var/www/html
, sudo mkdir -p first-project
sudo chown laravel:laravel first-project
git clone https://github.com/coderstape/laravel-58-from-scratch.git .
composer install
cp .env.example .env
, and then vim .env
APP_NAME=Laravel
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL=http://YOUR.DOMAIN.COM
LOG_CHANNEL=stack
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=root
DB_USERNAME=laravel
DB_PASSWORD=STRONG_PASSWORD_HERE
php artisan migrate
php artisan key:generate
to generate the keysudo chgrp -R www-data storage bootstrap/cache
fix permissionssudo chmod -R ug+rwx storage bootstrap/cache
fix permissionssudo chmod -R 755 /var/www/html/first-project
fix permissionschmod -R o+w /var/www/html/first-project/storage/
fix permissionsudo vim /etc/nginx/sites-available/YOUR.DOMAIN.COM
server {
listen 80;
listen [::]:80;
root /var/www/html/first-project/public;
index index.php index.html index.htm index.nginx-debian.html;
server_name YOUR.DOMAIN.COM;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
sudo nginx -t
sudo systemctl reload nginx
reload Nginxsudo add-apt-repository ppa:certbot/certbot
to get reposudo apt install python-certbot-nginx
to installsudo certbot certonly --webroot --webroot-path=/var/www/html/quickstart/public -d example.com -d www.example.com
sudo certbot certonly --webroot --webroot-path=/var/www/html/first-project/public -d YOUR.DOMAIN.COM
sudo vim /etc/nginx/sites-available/YOUR.DOMAIN.COM
server {
listen 80;
listen [::]:80;
server_name YOUR.DOMAIN.COM;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name YOUR.DOMAIN.COM;
root /var/www/html/first-project/public;
ssl_certificate /etc/letsencrypt/live/YOUR.DOMAIN.COM/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/YOUR.DOMAIN.COM/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
sudo nginx -t
sudo ufw app list
For firewallsudo ufw allow 'Nginx HTTPS'
to add NGINXsudo ufw status
to verify changesudo systemctl reload nginx
reload NginxLet's make the prompt pretty
sudo apt-get install zsh
to install ZSHzsh --version
to confirm installwhereis zsh
to find out where it issudo usermod -s /usr/bin/zsh $(whoami)
to make Zsh defaultsudo reboot
to reapply all changes2
to populate a default filesudo apt-get install powerline fonts-powerline
to install powerlinesudo apt-get install zsh-theme-powerlevel9k
to install Themeecho "source /usr/share/powerlevel9k/powerlevel9k.zsh-theme" >> ~/.zshrc
to enable the theme in your Zshrcexit
and login again to see the new themesh -c "$(wget https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O -)"
for Oh My Zshecho "source /usr/share/powerlevel9k/powerlevel9k.zsh-theme" >> ~/.zshrc
to re-enable 9K