Last active
January 5, 2021 14:49
-
-
Save moradi-morteza/972f0804e6e6df4a5d1961b9f87b943f to your computer and use it in GitHub Desktop.
server config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -in nginx.conf(inside /opt/nginx/conf) | |
| client_max_body_size 24000M | |
| systemctl restart nginx | |
| --------------------------------------------------------------- | |
| sudo usermod -aG www-data deploybot | |
| sudo chown -R www-data:www-data /var/www/laravel | |
| sudo chown -R www-data:www-data /var/www/laravel/public/uploads | |
| sudo chmod -R 775 /var/www | |
| --------------------------------------------------------------- | |
| lsb_release -a | |
| /etc/apt/sources.list | |
| https://repogen.simplylinux.ch/ | |
| --------------------------------------------------------------- | |
| // Error libpng12-0 Missing | |
| sudo add-apt-repository ppa:linuxuprising/libpng12 | |
| sudo apt update | |
| sudo apt install libpng12-0 | |
| --------------------------------------------------------------- | |
| sudo apt install nginx | |
| sudo service nginx status | |
| sudo systemctl enable nginx | |
| sudo systemctl start nginx | |
| nginx -v | |
| sudo chown www-data:www-data /usr/share/nginx/html -R | |
| sudo ufw allow 'Nginx HTTP' | |
| -------------------------------------------------------------- | |
| sudo ufw enable | |
| sudo ufw allow 'Nginx HTTP' | |
| sudo ufw allow OpenSSH | |
| sudo ufw allow ssh | |
| sudo ufw allow http | |
| sudo ufw allow https | |
| -------------------------------------------------------------- | |
| sudo apt-get install vsftpd | |
| vsftpd -verions | |
| systemctl start vsftpd | |
| systemctl enable vsftpd | |
| sudo ufw allow 20/tcp | |
| sudo ufw allow 21/tcp | |
| sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.orig | |
| listen=NO | |
| listen_ipv6=YES | |
| anonymous_enable=NO | |
| local_enable=YES | |
| write_enable=YES | |
| local_umask=022 | |
| dirmessage_enable=YES | |
| use_localtime=YES | |
| xferlog_enable=YES | |
| connect_from_port_20=YES | |
| chroot_local_user=YES | |
| secure_chroot_dir=/var/run/vsftpd/empty | |
| pam_service_name=vsftpd | |
| rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem | |
| rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key | |
| ssl_enable=Yes | |
| pasv_enable=Yes | |
| pasv_min_port=10000 | |
| pasv_max_port=10100 | |
| allow_writeable_chroot=YES | |
| ssl_tlsv1=YES | |
| ssl_sslv2=NO | |
| ssl_sslv3=NO | |
| sudo systemctl restart vsftpd | |
| sudo useradd -m ftpuser | |
| sudo passwd ftpuser | |
| ----------------------------------------------------------- | |
| sudo apt install mariadb-server | |
| sudo mysql_secure_installation | |
| sudo systemctl enable mariadb | |
| sudo mariadb -u root | |
| mariadb --version | |
| ---------------------------------------------------------- | |
| sudo apt install php-fpm php-mysql | |
| sudo systemctl start php7.2-fpm | |
| sudo systemctl enable php7.2-fpm | |
| systemctl status php7.2-fpm | |
| ---------------------------------------------------------- | |
| sudo apt-get install -y phpmyadmin | |
| sudo mysql -p -u root | |
| CREATE USER 'puser'@'localhost' IDENTIFIED BY 'sale2012'; | |
| GRANT ALL PRIVILEGES ON *.* TO 'puser'@'localhost' WITH GRANT OPTION; | |
| ---------------------------------------------------------- | |
| // go to folder www | |
| sudo ln -s /usr/share/phpmyadmin /var/www/html // create a link to phpmyadmin | |
| sudo ln -s /usr/share/securephpmyadmin /var/www/html // change name of link address | |
| ---------------------------------------------------------- | |
| server { | |
| listen 80 default_server; | |
| listen [::]:80 default_server; | |
| root /var/www/html; | |
| index index.php index.html index.htm index.nginx-debian.html; | |
| server_name server_domain_or_IP; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~ \.php$ { | |
| include snippets/fastcgi-php.conf; | |
| fastcgi_pass unix:/run/php/php7.2-fpm.sock; | |
| } | |
| location ~ /\.ht { | |
| deny all; | |
| } | |
| } | |
| nginx -t | |
| sudo systemctl reload nginx | |
| ----------------------------------------------------- | |
| sudo chmod -R 755 /var/www | |
| sudo chown -R $USER:$USER /var/www/html/nfc | |
| sudo chown -R $USER:$USER /var/www/html/mabnashop | |
| // just convert : | |
| listen 80 ; | |
| listen [::]:80 ; | |
| root /var/www/html/nfc/; | |
| // or if you use root | |
| listen 8050; | |
| listen [::]:8050; | |
| root /var/www/html/nfc; | |
| sudo ln -s /etc/nginx/sites-available/nfc /etc/nginx/sites-enabled/ | |
| sudo ln -s /etc/nginx/sites-available/mabnashop /etc/nginx/sites-enabled/ | |
| sudo nano /etc/nginx/nginx.conf | |
| Within the file, find the server_names_hash_bucket_size directive. Remove the # symbol to uncomment the line: | |
| http { | |
| . . . | |
| server_names_hash_bucket_size 64; | |
| . . . | |
| } | |
| sudo nginx -t | |
| sudo systemctl restart nginx | |
| sudo ufw allow 8050/tcp | |
| sudo ufw allow 8060/tcp | |
| ------------------------ | |
| laravel deploy | |
| sudo chown -R www-data.www-data /var/www/html/nfc/storage | |
| sudo chown -R www-data.www-data /var/www/html/nfc/bootstrap/cache | |
| server{ | |
| location / { | |
| try_files $uri $uri/ /index.php?$query_string; | |
| } | |
| location ~ \.php$ { | |
| fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; | |
| fastcgi_index index.php; | |
| fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; | |
| include fastcgi_params; | |
| } | |
| location ~ /\.(?!well-known).* { | |
| deny all; | |
| } | |
| } | |
| https://linuxize.com/post/how-to-setup-a-firewall-with-ufw-on-ubuntu-18-04/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment