Ad user
adduser <newuser>
usermod -aG sudo <newuser>
OR Edit sudoers
visudo
Add the newly created user by inserting ALL=(ALL:ALL) ALL
at the end of the user privilege section, as shown in the following example:
User privilege specification
root ALL=(ALL:ALL) ALL
newuser ALL=(ALL:ALL) ALL
sudo apt update
sudo apt install nginx
systemctl status nginxsudo apt-get update
sudo apt-get upgrade
sudo apt-get install apache2
sudo a2enmod rewrite
sudo systemctl restart apache2
sudo adduser <user> www-data
sudo apt install mariadb-server
sudo mariadb-secure-installation
sudo systemctl start mariadb.service
sudo systemctl status mariadb
sudo apt-get install -y php php-cli php-mysql php-mbstring php-bcmath php-zip php-gd php-curl php-xml php-intl php-fpm
ls /etc/php/8.3/
cd /etc/php/8.3/fpm/pool.d/
sudo nano www.conf
Review this lines:
user = www-data
group = www-data
listen = /run/php/php8.3-fpm.sock
Save and run
sudo systemctl restart php8.3-fpm
Nginx server block
server {
listen 80;
listen [::]:80;
server_name DOMAIN;
root /var/www/PROJECT/public;
index index.php;
access_log /var/log/nginx/DOMAIN-access.log;
error_log /var/log/nginx/DOMAIN-error.log error;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}systemctl reload nginxsudo apt-get install ufw
sudo ufw app list
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow OpenSSH
sudo ufw allow http
sudo ufw allow https
sudo ufw allow 'Apache Full'
sudo ufw allow 'Nginx Full'
sudo ufw enable
sudo ufw status
See the correct version of NVM here https://github.com/nvm-sh/nvm
wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.<version>/install.sh | bash
# copy as 2 lines
export NVM_DIR="$([ -z "${XDG_CONFIG_HOME-}" ] && printf %s "${HOME}/.nvm" || printf %s "${XDG_CONFIG_HOME}/nvm")"
[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm
nvm install node
Any trouble to find nvm command:
source ~/.bashrc
or
source ~/.nvm/nvm.sh
ssh-keygen
Copy .pub to Github section of the project
wget https://getcomposer.org/installer
sudo php installer --install-dir=/usr/local/bin --filename=composer
rm installer
sudo apt install certbot
# for apache
sudo apt install python3-certbot-apache
# for nginx
sudo apt install python3-certbot-nginx
# check is running and auto rebew
sudo systemctl status certbot.timer
# create ssl for all nginx domains
sudo certbot --nginx
# check autorenew wil run ok
sudo certbot renew --dry-run# mysql
sudo mysql -u root
# mariadb
sudo mariadb -u root
# or to enter password
# mysql
sudo mysql -u root -p
# mariadb
sudo mariadb -u root -p
CREATE DATABASE 'yourDB';
SHOW DATABASES;
CREATE USER 'user1'@localhost IDENTIFIED BY 'password1';
SELECT User FROM mysql.user;
GRANT ALL PRIVILEGES ON yourdb.* TO 'user1'@localhost;
FLUSH PRIVILEGES;
SHOW GRANTS FOR 'user1'@localhost;
git clone
cd <project/root>
composer install
cp .env.example .envsudo chown -R www-data:www-data ./
sudo usermod -a -G www-data <deployuser>
sudo chown -R $USER:www-data .
sudo find . -type f -exec chmod 664 {} \;
sudo find . -type d -exec chmod 775 {} \;
sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache