valorin/.bash_aliases

## .bash_aliases
# Dev Services
alias start-all='sudo wslact time-sync && sudo service redis-server start && sudo service mysql start && sudo service php8.2-fpm start && sudo service nginx start && mailcatcher'
alias stop-all='sudo service redis-server stop && sudo service mysql stop && sudo service php8.2-fpm stop && sudo service nginx stop && killall mailcatcher ; sleep 1 && ps ax'
alias restart-all='sudo service redis-server restart && sudo service mysql restart && sudo service php8.2-fpm restart && sudo service nginx restart'

alias use-php7.4='sudo update-alternatives --set php /usr/bin/php7.4'
alias use-php8.0='sudo update-alternatives --set php /usr/bin/php8.0'
alias use-php8.1='sudo update-alternatives --set php /usr/bin/php8.1'
alias use-php8.2='sudo update-alternatives --set php /usr/bin/php8.2'

## README.md

      
    Raw
  

              README.md
            
          
setup.sh

Setup script that installs all the things I find useful for local PHP dev
Includes multiple PHP versions, other services, GitHub CLI, and Mailcatcher for preventing local emails being sent out.


.bash_aliases

Helpful bash aliases for starting and stopping services, plus switching PHP CLI version.
Note, you'll need to change the PHP version in the start/stop/restart commands if you want to use something other than 8.2
Likewise, the nginx FPM config will need to be modified too.


nginx.conf

I keep this in ~/dev/nginx.conf, next to the dirs for my projects
I have certbot configured to use Cloudflare to provision Wildcard TLS certs for my two local dev domains (valorin.dev and evilhacker.dev), it just requires pointing the domains to Cloudflare a saving the API key locally.
Having this simple TLS makes setting up new projects trivial. (You do need to edit the Windows Hosts file, but that's easy.)


nginx-include.conf

Separating this out makes duplicating server blocks trivial in nginx.conf
I keep this in ~/dev/nginx-include.conf
Update the PHP version as eeded


Update Nginx to load the local nginx.conf file

sudo ln -sf ~/dev/nginx.conf /etc/nginx/sites-enabled/default


## nginx-include.conf
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
sendfile off;
client_max_body_size 100m;
rewrite_log on;
error_page 404 /index.php;

location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/run/php/php8.2-fpm.sock;
}

location /.well-known/ {
    try_files $uri $uri/ =404;
}

location / {
    try_files $uri $uri/ /index.php?$query_string;
}

location ~ /\.(?!well-known).* {
    deny all;
}

location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt  { access_log off; log_not_found off; }

# add_header "X-Frame-Options"          "SAMEORIGIN" always;
add_header "X-Content-Type-Options"   "nosniff" always;
add_header "Referrer-Policy"          "same-origin" always;
add_header "Feature-Policy"           "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'" always;
add_header "X-Xss-Pwnage"	          "<script>alert('XSS');</script>" always;

listen [::]:443 ssl http2; # managed by Certbot
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/valorin.dev/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/valorin.dev/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

## nginx.conf
#
# sudo certbot run --installer nginx --agree-tos --eff-email -m stephen@rees-carter.net --dns-cloudflare --dns-cloudflare-credentials /root/.cloudflare --cert-name valorin.dev --domain *.valorin.dev --domain *.evilhacker.dev
#
# sudo cat /root/.cloudflare
#   dns_cloudflare_email = stephen@rees-carter.net
#   dns_cloudflare_api_key =
#

server {
    server_name pls.valorin.dev target.valorin.dev;
    root /home/valorin/dev/pls/app/public;
    access_log /var/log/nginx/pls-app-access.log;
    error_log /var/log/nginx/pls-app-error.log error;

    include /home/valorin/dev/nginx-include.conf;
}

## setup.sh
#!/bin/bash -xe

USERNAME=$(whoami)

# Disable sudo password - it's local dev VM, root permissions don't mean much
sudo sed -i "s/%sudo\tALL=(ALL:ALL) ALL/%sudo\tALL=(ALL:ALL) NOPASSWD:ALL/" /etc/sudoers

# PPAs for PHP and WSL Utilities
sudo add-apt-repository -y ppa:ondrej/php
sudo add-apt-repository -y ppa:wslutilities/wslu

# GitHub CLI
curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null

sudo apt -y update
sudo apt -y upgrade
sudo apt -y dist-upgrade
sudo apt -y autoremove

sudo apt install -y rsync zip vim htop grc bash-completion git-extras gh \
    certbot python3-certbot-nginx python3-certbot-dns-cloudflare \
    php-redis mysql-server mysql-client sqlmap nginx libsqlite3-dev redis-server \
    php7.4-fpm php7.4-mysql php7.4-bcmath php7.4-cli php7.4-curl php7.4-gd php7.4-imagick php7.4-intl php7.4-json php7.4-mbstring php7.4-readline php7.4-sqlite3 php7.4-xsl php7.4-zip \
    php8.0-fpm php8.0-mysql php8.0-bcmath php8.0-cli php8.0-curl php8.0-gd php8.0-imagick php8.0-intl php8.0-mbstring php8.0-readline php8.0-sqlite3 php8.0-xsl php8.0-zip \
    php8.1-fpm php8.1-mysql php8.1-bcmath php8.1-cli php8.1-curl php8.1-gd php8.1-imagick php8.1-intl php8.1-mbstring php8.1-readline php8.1-sqlite3 php8.1-xsl php8.1-zip \
    php8.2-fpm php8.2-mysql php8.2-bcmath php8.2-cli php8.2-curl php8.2-gd php8.2-imagick php8.2-intl php8.2-mbstring php8.2-readline php8.2-sqlite3 php8.2-xsl php8.2-zip

# Install and configure Composer
mkdir -p ~/.local/bin
if [ ! -f ~/.local/bin/composer ]; then
    wget https://raw.githubusercontent.com/composer/getcomposer.org/76a7060ccb93902cd7576b67264ad91c8a2700e2/web/installer -O - -q | php -- --quiet --install-dir=~/.local/bin --filename=composer
fi
if [ -f ~/.config/composer/composer.json ]; then
    ~/.local/bin/composer global update
fi

~/.local/bin/composer global require psy/psysh friendsofphp/php-cs-fixer laravel/installer laravel/envoy laravel/forge-cli

# Mailcatcher for preventing local emails being sent out
sudo apt install build-essential patch ruby-dev zlib1g-dev liblzma-dev
sudo gem install mailcatcher

# Configure services
sudo usermod -G valorin www-data
sudo sed -i "s/^bind-address/#bind-address/" /etc/mysql/mysql.conf.d/mysqld.cnf

declare -a VERSIONS=("7.4" "8.0" "8.1" "8.2")
for VERSION in "${VERSIONS[@]}"; do
    sudo sed -i "s/www-data/$USERNAME/" /etc/php/$VERSION/fpm/pool.d/www.conf
    sudo sed -i "s/^upload_max_filesize = .*M/upload_max_filesize = 32M/" /etc/php/$VERSION/fpm/php.ini
    sudo sed -i "s/^post_max_size = .*M/post_max_size = 32M/" /etc/php/$VERSION/fpm/php.ini
    sudo sed -i "s/^;sendmail_path =.*$/sendmail_path = \/usr\/bin\/env catchmail -f php@localhost/" /etc/php/$VERSION/cli/php.ini
    sudo sed -i "s/^;sendmail_path =.*$/sendmail_path = \/usr\/bin\/env catchmail -f php@localhost/" /etc/php/$VERSION/fpm/php.ini
done

echo "sudo apt -y update && sudo apt -y upgrade && sudo apt -y dist-upgrade && sudo apt -y autoremove && composer self-update && composer global upgrade" >> ~/.bash_history
	# Dev Services
	alias start-all='sudo wslact time-sync && sudo service redis-server start && sudo service mysql start && sudo service php8.2-fpm start && sudo service nginx start && mailcatcher'
	alias stop-all='sudo service redis-server stop && sudo service mysql stop && sudo service php8.2-fpm stop && sudo service nginx stop && killall mailcatcher ; sleep 1 && ps ax'
	alias restart-all='sudo service redis-server restart && sudo service mysql restart && sudo service php8.2-fpm restart && sudo service nginx restart'

	alias use-php7.4='sudo update-alternatives --set php /usr/bin/php7.4'
	alias use-php8.0='sudo update-alternatives --set php /usr/bin/php8.0'
	alias use-php8.1='sudo update-alternatives --set php /usr/bin/php8.1'
	alias use-php8.2='sudo update-alternatives --set php /usr/bin/php8.2'
	index index.php index.html index.htm index.nginx-debian.html;
	charset utf-8;
	sendfile off;
	client_max_body_size 100m;
	rewrite_log on;
	error_page 404 /index.php;

	location ~ \.php$ {
	include snippets/fastcgi-php.conf;
	fastcgi_pass unix:/run/php/php8.2-fpm.sock;
	}

	location /.well-known/ {
	try_files $uri $uri/ =404;
	}

	location / {
	try_files $uri $uri/ /index.php?$query_string;
	}

	location ~ /\.(?!well-known).* {
	deny all;
	}

	location = /favicon.ico { access_log off; log_not_found off; }
	location = /robots.txt { access_log off; log_not_found off; }

	# add_header "X-Frame-Options" "SAMEORIGIN" always;
	add_header "X-Content-Type-Options" "nosniff" always;
	add_header "Referrer-Policy" "same-origin" always;
	add_header "Feature-Policy" "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'" always;
	add_header "X-Xss-Pwnage" "<script>alert('XSS');</script>" always;

	listen [::]:443 ssl http2; # managed by Certbot
	listen 443 ssl http2; # managed by Certbot
	ssl_certificate /etc/letsencrypt/live/valorin.dev/fullchain.pem; # managed by Certbot
	ssl_certificate_key /etc/letsencrypt/live/valorin.dev/privkey.pem; # managed by Certbot
	include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
	#
	# sudo certbot run --installer nginx --agree-tos --eff-email -m stephen@rees-carter.net --dns-cloudflare --dns-cloudflare-credentials /root/.cloudflare --cert-name valorin.dev --domain .valorin.dev --domain .evilhacker.dev
	#
	# sudo cat /root/.cloudflare
	# dns_cloudflare_email = stephen@rees-carter.net
	# dns_cloudflare_api_key =
	#

	server {
	server_name pls.valorin.dev target.valorin.dev;
	root /home/valorin/dev/pls/app/public;
	access_log /var/log/nginx/pls-app-access.log;
	error_log /var/log/nginx/pls-app-error.log error;

	include /home/valorin/dev/nginx-include.conf;
	}
	#!/bin/bash -xe

	USERNAME=$(whoami)

	# Disable sudo password - it's local dev VM, root permissions don't mean much
	sudo sed -i "s/%sudo\tALL=(ALL:ALL) ALL/%sudo\tALL=(ALL:ALL) NOPASSWD:ALL/" /etc/sudoers

	# PPAs for PHP and WSL Utilities
	sudo add-apt-repository -y ppa:ondrej/php
	sudo add-apt-repository -y ppa:wslutilities/wslu

	# GitHub CLI
	curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg \| sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
	sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg
	echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" \| sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null

	sudo apt -y update
	sudo apt -y upgrade
	sudo apt -y dist-upgrade
	sudo apt -y autoremove

	sudo apt install -y rsync zip vim htop grc bash-completion git-extras gh \
	certbot python3-certbot-nginx python3-certbot-dns-cloudflare \
	php-redis mysql-server mysql-client sqlmap nginx libsqlite3-dev redis-server \
	php7.4-fpm php7.4-mysql php7.4-bcmath php7.4-cli php7.4-curl php7.4-gd php7.4-imagick php7.4-intl php7.4-json php7.4-mbstring php7.4-readline php7.4-sqlite3 php7.4-xsl php7.4-zip \
	php8.0-fpm php8.0-mysql php8.0-bcmath php8.0-cli php8.0-curl php8.0-gd php8.0-imagick php8.0-intl php8.0-mbstring php8.0-readline php8.0-sqlite3 php8.0-xsl php8.0-zip \
	php8.1-fpm php8.1-mysql php8.1-bcmath php8.1-cli php8.1-curl php8.1-gd php8.1-imagick php8.1-intl php8.1-mbstring php8.1-readline php8.1-sqlite3 php8.1-xsl php8.1-zip \
	php8.2-fpm php8.2-mysql php8.2-bcmath php8.2-cli php8.2-curl php8.2-gd php8.2-imagick php8.2-intl php8.2-mbstring php8.2-readline php8.2-sqlite3 php8.2-xsl php8.2-zip

	# Install and configure Composer
	mkdir -p ~/.local/bin
	if [ ! -f ~/.local/bin/composer ]; then
	wget https://raw.githubusercontent.com/composer/getcomposer.org/76a7060ccb93902cd7576b67264ad91c8a2700e2/web/installer -O - -q \| php -- --quiet --install-dir=~/.local/bin --filename=composer
	fi
	if [ -f ~/.config/composer/composer.json ]; then
	~/.local/bin/composer global update
	fi

	~/.local/bin/composer global require psy/psysh friendsofphp/php-cs-fixer laravel/installer laravel/envoy laravel/forge-cli

	# Mailcatcher for preventing local emails being sent out
	sudo apt install build-essential patch ruby-dev zlib1g-dev liblzma-dev
	sudo gem install mailcatcher

	# Configure services
	sudo usermod -G valorin www-data
	sudo sed -i "s/^bind-address/#bind-address/" /etc/mysql/mysql.conf.d/mysqld.cnf

	declare -a VERSIONS=("7.4" "8.0" "8.1" "8.2")
	for VERSION in "${VERSIONS[@]}"; do
	sudo sed -i "s/www-data/$USERNAME/" /etc/php/$VERSION/fpm/pool.d/www.conf
	sudo sed -i "s/^upload_max_filesize = .*M/upload_max_filesize = 32M/" /etc/php/$VERSION/fpm/php.ini
	sudo sed -i "s/^post_max_size = .*M/post_max_size = 32M/" /etc/php/$VERSION/fpm/php.ini
	sudo sed -i "s/^;sendmail_path =.*$/sendmail_path = \/usr\/bin\/env catchmail -f php@localhost/" /etc/php/$VERSION/cli/php.ini
	sudo sed -i "s/^;sendmail_path =.*$/sendmail_path = \/usr\/bin\/env catchmail -f php@localhost/" /etc/php/$VERSION/fpm/php.ini
	done

	echo "sudo apt -y update && sudo apt -y upgrade && sudo apt -y dist-upgrade && sudo apt -y autoremove && composer self-update && composer global upgrade" >> ~/.bash_history