Skip to content

Instantly share code, notes, and snippets.

@fridzema

fridzema/laravel-octane-on-forge.md

Last active May 8, 2024 06:32
Show Gist options
  • Save fridzema/5399d3278c7afb3cca5549085c2bb6d3 to your computer and use it in GitHub Desktop.
Save fridzema/5399d3278c7afb3cca5549085c2bb6d3 to your computer and use it in GitHub Desktop.
Download ZIP
Laravel octane(swoole) on forge / ubuntu server
Raw
laravel-octane-on-forge.md

Laravel

Configure octane laravel/octane

Server

PHP

Install swoole extension (place in corresponding .ini file(s)):

pecl install swoole

Site

Add to site environment file: OCTANE_HTTPS=true

Daemon

  • Command: php8.0 artisan octane:start --server=swoole --port=8000
  • User: forge
  • Directory: /home/forge/example.com
  • Processes: 1
  • Start Seconds: 1

Deployment

cd $FORGE_SITE_PATH


# git fetch --depth=1 origin $FORGE_SITE_BRANCH
# git reset --hard origin/$FORGE_SITE_BRANCH
# git clean -df

composer install --no-ansi --no-interaction --no-progress --no-dev --prefer-dist --optimize-autoloader --classmap-authoritative

# php artisan migrate --force

php artisan optimize

#php artisan horizon:terminate

$FORGE_PHP artisan octane:reload

( flock -w 10 9 || exit 1
   echo 'Restarting FPM...'; sudo -S service $FORGE_PHP_FPM reload ) 9>/tmp/fpmlock

Nginx

⚠️ Make sure to backup your original config file!

# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/example.com/before/*;

upstream swoole-http {
    server 127.0.0.1:8000;
}

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name example.com;
    server_tokens off;
    root /home/forge/example.com/public;
    
    # FORGE SSL (DO NOT REMOVE!)
    ssl_certificate /etc/nginx/ssl/example.com/00000000/server.crt;
    ssl_certificate_key /etc/nginx/ssl/example.com/00000000/server.key;

    ssl_protocols TLSv1.2;
    ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS_AES_256_GCM_SHA384:TLS-AES-256-GCM-SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA;
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/nginx/dhparams.pem;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    index index.php;
    charset utf-8;

    # FORGE CONFIG (DO NOT REMOVE!)
    include forge-conf/example.com/server/*;

    location = /index.php {
        try_files /not_exists @swoole;
    }

    location / {
        try_files $uri $uri/ @swoole;
    }

    location @swoole {
        set $suffix "";

        if ($uri = /index.php) {
            set $suffix ?$query_string;
        }

        proxy_http_version 1.1;
        proxy_set_header Host $http_host;
        proxy_set_header Scheme $scheme;
        proxy_set_header SERVER_PORT $server_port;
        proxy_set_header REMOTE_ADDR $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;

        proxy_pass http://swoole-http$suffix;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/example.com-error.log error;

    error_page 404 /index.php;

    location ~ /\.(?!well-known).* {
        deny all;
    }
}


# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/example.com/after/*;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment