rahulvramesh/laravel setup.sh

## laravel setup.sh
# Ubuntu 18.04 LTS Server Setup for Laravel

# Login as root user

sudo su -


# Update list of available packages

apt update


# Install node.js

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -
apt install nodejs


# Install laravel echo server

npm install -g laravel-echo-server
npm install --unsafe-perm -g sqlite3


# Install MySQL

apt install mysql-server


# Configure MySQL

mysql -u root <<-EOF
CREATE DATABASE databasename;
CREATE USER 'example_laravel'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
GRANT ALL PRIVILEGES ON databasename.* TO 'example_laravel'@'localhost';
EOF


# Install nginx

apt -y install nginx


# Configure nginx

cp /etc/nginx/sites-available/default /etc/nginx/sites-available/example.com
nano /etc/nginx/sites-available/example.com
ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
nginx -t
service nginx restart


# Configure Gzip

cat > /etc/nginx/conf.d/gzip.conf << EOF
gzip on;
gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/plain
text/x-component;
EOF
service nginx restart


# Configure HTTPS

apt install software-properties-common
add-apt-repository universe
add-apt-repository ppa:certbot/certbot
apt update
apt install certbot python-certbot-nginx
certbot --nginx


# Install php

apt install php-fpm
apt install php-mysql php-common php-mbstring php-xml php-zip php-bcmath zip unzip php-zip


# Configure php

sed -i 's/^upload_max_filesize.*/upload_max_filesize = 10M/' /etc/php/7.2/fpm/php.ini
sed -i 's/^post_max_size.*/post_max_size = 10M/' /etc/php/7.2/fpm/php.ini


# Install supervisor

apt install supervisor


# Configure supervisor

nano /etc/supervisor/conf.d/example-laravel-worker.conf
supervisorctl reread
supervisorctl update
supervisorctl start example-laravel-worker:*


# Configure crons

crontab -e


# Add known hosts

ssh-keyscan -H github.com >> ~/.ssh/known_hosts
ssh-keyscan -H bitbucket.org >> ~/.ssh/known_hosts
ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts


# Setup ssh key
# In order for this maschine to gain read-only access to your repositories you need to copy this key to
# - Bitbucket: under Project -> Settings -> Access keys

if [ ! -f ~/.ssh/id_rsa.pub ]; then
    ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ""
fi

cat ~/.ssh/id_rsa.pub

## laravel-echo-server.md

      
    Raw
  

              laravel-echo-server.md
            
          
    https://github.com/tlaverdure/laravel-echo-server
Create laravel-echo-server.json file in your repo with laravel-echo-server init.
$ laravel-echo-server init
? Do you want to run this server in development mode? No
? Which port would you like to serve from? 6001
? Which database would you like to use to store presence channel members? sqlite
? Enter the host of your Laravel authentication server. http://localhost
? Will you be serving on http or https? http
? Do you want to generate a client ID/Key for HTTP API? Yes
? Do you want to setup cross domain access to the API? No
? What do you want this config to be saved as? laravel-echo-server.json
appId: 7681984290a51901
key: cdaf9c5b64d7d1be72b735c58e951241
Configuration file saved. Run laravel-echo-server start to run server.

Change .env file.
BROADCAST_DRIVER=laravel_echo_server

[...]

LARAVEL_ECHO_SERVER_APP_ID=7681984290a51901
LARAVEL_ECHO_SERVER_APP_KEY=cdaf9c5b64d7d1be72b735c58e951241
LARAVEL_ECHO_SERVER_HOST=localhost
LARAVEL_ECHO_SERVER_PORT=6001
LARAVEL_ECHO_SERVER_DEBUG=true

Add connection to config/broadcasting.php file.
    'default' => env('BROADCAST_DRIVER', 'null'),
    //...
    'connections' => [
        //...
        'laravel_echo_server' => [
            'driver' => 'pusher',
            'key' => env('LARAVEL_ECHO_SERVER_APP_KEY'),
            'secret' => env('LARAVEL_ECHO_SERVER_APP_SECRET'),
            'app_id' => env('LARAVEL_ECHO_SERVER_APP_ID'),
            'options' => [
                'host' => env('LARAVEL_ECHO_SERVER_HOST'),
                'port' => env('LARAVEL_ECHO_SERVER_PORT'),
                'scheme' => 'http'
            ],
        ],
      //...

  
## nginx.conf
# /etc/nginx/sites-available/example.com
server {
        listen 80;
        listen [::]:80;

        root /var/www/example.com/current/public;

        access_log /var/log/nginx/example.com.access.log;
        error_log /var/log/nginx/example.com.error.log;

        server_name www.example.com example.com;

        client_max_body_size 10M;

        # force www in URL
        if ($host = example.com) {
            return 301 https://www.$host$request_uri;
        }

        # remove /index.php/ from URL
        if ($request_uri ~* "^(.*/)index\.php(/?)(.*)") {
            return 301 $1$3;
        }

        index index.html index.php;


        location / {
            location / {
                try_files $uri /index.php?$query_string;
            }

            # don't cache the service worker
            location = /service-worker.js {
                try_files $uri /index.php?$query_string;
            }

            location ~* ^.+\.(ico|css|js|gif|jpe?g|png|woff|woff2|eot|svg|ttf|webp|mp3|midi?)$ {
                try_files $uri /index.php?$query_string;
                add_header Cache-Control "public, max-age=31536000";

                # optinaly you can disable the other cache headers
                # etag off;
                # if_modified_since off;
                # add_header Last-Modified "";
            }

            # pass index.php to FastCGI server.
            # alternativly you can use: "location ~ \.php$ {" to proccess all php files.
            location = /index.php {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
            }
        }


        # proxy laravel echo server
        location /socket.io {
                proxy_pass http://localhost:6001;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "Upgrade";
        }
}

## supervisor.ini
# /etc/supervisor/conf.d/example-laravel-worker.conf
[program:example-laravel-worker]
process_name=%(program_name)s_%(process_num)02d
directory=/var/www/example.com/current
command=php artisan queue:work --sleep=3 --tries=1 --quiet
autostart=true
autorestart=true
user=www-data
numprocs=1


[program:example-echo-server]
directory=/var/www/example.com/current
command=laravel-echo-server start
autostart=true
autorestart=true
user=root

## x_crontab
* * * * * cd /var/www/example.com/current && php artisan schedule:run >> /dev/null 2>&1

#certbot renew ssl certificates each day at 06:47
47 6 * * * certbot renew --post-hook "systemctl reload nginx"

## x_deploy.php
<?php
/**
 * deploy.php
 * https://deployer.org/
 *
 * composer require deployer/deployer --dev
 * composer require deployer/recipes --dev
 *
 * Deploy your project
 * vendor/bin/dep deploy
 *
 * Connect to host through ssh
 * vendor/bin/dep ssh
 */

namespace Deployer;

require 'recipe/laravel.php';
require 'recipe/cachetool.php';
require 'recipe/npm.php';

// Project name
set('application', 'example');

// Project repository
set('repository', 'git@domain.com:username/repository.git');

// Shared files/dirs between deploys
add('shared_files', ['laravel-echo-server.lock']);
add('shared_dirs', []);

// Writable dirs by web server
add('writable_dirs', []);


// Hosts
host('example.com')
    ->user('root')
    ->set('deploy_path', '/var/www/example.com');


task('artisan:optimize', function() {
    writeln('skipping artisan:opzimize');
    // skipping because view:cache and config:cache is already in the default queue from deployer.php
    // and we added route:cache ourself
});

desc('Execute laravel-echo-server stop');
task('laravel-echo-server:restart', function () {
    //run('cd {{release_path}} && laravel-echo-server stop'); //does not work
    run('supervisorctl restart example-echo-server'); //restart with supervisor works
});

desc('Execute npm run production');
task('build', function () {
    run("cd {{release_path}} && {{bin/npm}} run production",  ['timeout' => 600]);
});


after('deploy:writable', 'npm:install');
after('deploy:writable', 'build');


before('deploy:symlink', 'artisan:route:cache');
before('deploy:symlink', 'artisan:migrate');

after('deploy:symlink', 'cachetool:clear:opcache');
after('deploy:symlink', 'artisan:queue:restart');
after('deploy:symlink', 'laravel-echo-server:restart');


// [Optional] if deploy fails automatically unlock.
after('deploy:failed', 'deploy:unlock');

after('rollback', 'cachetool:clear:opcache');
after('rollback', 'artisan:config:cache');
after('rollback', 'artisan:view:cache');
after('rollback', 'artisan:route:cache');
after('rollback', 'artisan:queue:restart');
after('rollback', 'laravel-echo-server:restart');
	# Ubuntu 18.04 LTS Server Setup for Laravel

	# Login as root user

	sudo su -


	# Update list of available packages

	apt update


	# Install node.js

	curl -sL https://deb.nodesource.com/setup_12.x \| sudo -E bash -
	apt install nodejs


	# Install laravel echo server

	npm install -g laravel-echo-server
	npm install --unsafe-perm -g sqlite3


	# Install MySQL

	apt install mysql-server


	# Configure MySQL

	mysql -u root <<-EOF
	CREATE DATABASE databasename;
	CREATE USER 'example_laravel'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
	GRANT ALL PRIVILEGES ON databasename.* TO 'example_laravel'@'localhost';
	EOF


	# Install nginx

	apt -y install nginx


	# Configure nginx

	cp /etc/nginx/sites-available/default /etc/nginx/sites-available/example.com
	nano /etc/nginx/sites-available/example.com
	ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
	nginx -t
	service nginx restart


	# Configure Gzip

	cat > /etc/nginx/conf.d/gzip.conf << EOF
	gzip on;
	gzip_comp_level 5;
	gzip_min_length 256;
	gzip_proxied any;
	gzip_vary on;
	gzip_types
	application/atom+xml
	application/javascript
	application/json
	application/rss+xml
	application/vnd.ms-fontobject
	application/x-font-ttf
	application/x-web-app-manifest+json
	application/xhtml+xml
	application/xml
	font/opentype
	image/svg+xml
	image/x-icon
	text/css
	text/plain
	text/x-component;
	EOF
	service nginx restart


	# Configure HTTPS

	apt install software-properties-common
	add-apt-repository universe
	add-apt-repository ppa:certbot/certbot
	apt update
	apt install certbot python-certbot-nginx
	certbot --nginx


	# Install php

	apt install php-fpm
	apt install php-mysql php-common php-mbstring php-xml php-zip php-bcmath zip unzip php-zip


	# Configure php

	sed -i 's/^upload_max_filesize.*/upload_max_filesize = 10M/' /etc/php/7.2/fpm/php.ini
	sed -i 's/^post_max_size.*/post_max_size = 10M/' /etc/php/7.2/fpm/php.ini


	# Install supervisor

	apt install supervisor


	# Configure supervisor

	nano /etc/supervisor/conf.d/example-laravel-worker.conf
	supervisorctl reread
	supervisorctl update
	supervisorctl start example-laravel-worker:*


	# Configure crons

	crontab -e


	# Add known hosts

	ssh-keyscan -H github.com >> ~/.ssh/known_hosts
	ssh-keyscan -H bitbucket.org >> ~/.ssh/known_hosts
	ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts


	# Setup ssh key
	# In order for this maschine to gain read-only access to your repositories you need to copy this key to
	# - Bitbucket: under Project -> Settings -> Access keys

	if [ ! -f ~/.ssh/id_rsa.pub ]; then
	ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N ""
	fi

	cat ~/.ssh/id_rsa.pub
	# /etc/nginx/sites-available/example.com
	server {
	listen 80;
	listen [::]:80;

	root /var/www/example.com/current/public;

	access_log /var/log/nginx/example.com.access.log;
	error_log /var/log/nginx/example.com.error.log;

	server_name www.example.com example.com;

	client_max_body_size 10M;

	# force www in URL
	if ($host = example.com) {
	return 301 https://www.$host$request_uri;
	}

	# remove /index.php/ from URL
	if ($request_uri ~* "^(./)index\.php(/?)(.)") {
	return 301 $1$3;
	}

	index index.html index.php;


	location / {
	location / {
	try_files $uri /index.php?$query_string;
	}

	# don't cache the service worker
	location = /service-worker.js {
	try_files $uri /index.php?$query_string;
	}

	location ~* ^.+\.(ico\|css\|js\|gif\|jpe?g\|png\|woff\|woff2\|eot\|svg\|ttf\|webp\|mp3\|midi?)$ {
	try_files $uri /index.php?$query_string;
	add_header Cache-Control "public, max-age=31536000";

	# optinaly you can disable the other cache headers
	# etag off;
	# if_modified_since off;
	# add_header Last-Modified "";
	}

	# pass index.php to FastCGI server.
	# alternativly you can use: "location ~ \.php$ {" to proccess all php files.
	location = /index.php {
	include snippets/fastcgi-php.conf;
	fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
	}
	}


	# proxy laravel echo server
	location /socket.io {
	proxy_pass http://localhost:6001;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "Upgrade";
	}
	}
	# /etc/supervisor/conf.d/example-laravel-worker.conf
	[program:example-laravel-worker]
	process_name=%(program_name)s_%(process_num)02d
	directory=/var/www/example.com/current
	command=php artisan queue:work --sleep=3 --tries=1 --quiet
	autostart=true
	autorestart=true
	user=www-data
	numprocs=1


	[program:example-echo-server]
	directory=/var/www/example.com/current
	command=laravel-echo-server start
	autostart=true
	autorestart=true
	user=root
	* * * * * cd /var/www/example.com/current && php artisan schedule:run >> /dev/null 2>&1

	#certbot renew ssl certificates each day at 06:47
	47 6 * * * certbot renew --post-hook "systemctl reload nginx"
	<?php
	/**
	* deploy.php
	* https://deployer.org/
	*
	* composer require deployer/deployer --dev
	* composer require deployer/recipes --dev
	*
	* Deploy your project
	* vendor/bin/dep deploy
	*
	* Connect to host through ssh
	* vendor/bin/dep ssh
	*/

	namespace Deployer;

	require 'recipe/laravel.php';
	require 'recipe/cachetool.php';
	require 'recipe/npm.php';

	// Project name
	set('application', 'example');

	// Project repository
	set('repository', 'git@domain.com:username/repository.git');

	// Shared files/dirs between deploys
	add('shared_files', ['laravel-echo-server.lock']);
	add('shared_dirs', []);

	// Writable dirs by web server
	add('writable_dirs', []);


	// Hosts
	host('example.com')
	->user('root')
	->set('deploy_path', '/var/www/example.com');


	task('artisan:optimize', function() {
	writeln('skipping artisan:opzimize');
	// skipping because view:cache and config:cache is already in the default queue from deployer.php
	// and we added route:cache ourself
	});

	desc('Execute laravel-echo-server stop');
	task('laravel-echo-server:restart', function () {
	//run('cd {{release_path}} && laravel-echo-server stop'); //does not work
	run('supervisorctl restart example-echo-server'); //restart with supervisor works
	});

	desc('Execute npm run production');
	task('build', function () {
	run("cd {{release_path}} && {{bin/npm}} run production", ['timeout' => 600]);
	});


	after('deploy:writable', 'npm:install');
	after('deploy:writable', 'build');


	before('deploy:symlink', 'artisan:route:cache');
	before('deploy:symlink', 'artisan:migrate');

	after('deploy:symlink', 'cachetool:clear:opcache');
	after('deploy:symlink', 'artisan:queue:restart');
	after('deploy:symlink', 'laravel-echo-server:restart');


	// [Optional] if deploy fails automatically unlock.
	after('deploy:failed', 'deploy:unlock');

	after('rollback', 'cachetool:clear:opcache');
	after('rollback', 'artisan:config:cache');
	after('rollback', 'artisan:view:cache');
	after('rollback', 'artisan:route:cache');
	after('rollback', 'artisan:queue:restart');
	after('rollback', 'laravel-echo-server:restart');