Last active
March 21, 2020 16:16
-
-
Save pirey/e73936d5d462167ee6480d367723ea13 to your computer and use it in GitHub Desktop.
personal note for setting up centos 7 for laravel deployment
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| sudo yum update | |
| sudo yum install vim | |
| sudo yum install epel-release | |
| sudo yum update | |
| sudo yum install nginx | |
| sudo systemctl enable --now nginx | |
| # php repo | |
| sudo yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm | |
| sudo yum-config-manager --enable remi-php73 | |
| sudo yum install -y git | |
| sudo yum install -y php php-fpm php-pgsql php-bcmath php-ctype php-json php-mbstring php-openssl php-pdo php-tokenizer php-xml | |
| sudo yum install -y composer | |
| sudo yum install -y nginx | |
| sudo yum install -y postgresql12 | |
| sudo yum install -y postgresql12-server | |
| sudo yum install -y postgresql12-libs | |
| sudo yum install -y postgresql12-contrib | |
| # setup postgresql | |
| /usr/pgsql-12/bin/postgresql-12-setup initdb | |
| # setup pg_hba.conf | |
| systemctl start postgresql-12 | |
| # create new db user | |
| # su postgres | |
| # psql | |
| # > create user root | |
| # > \password root | |
| # > create user <newuser> | |
| # > \password <newuser> | |
| # setup nginx config, then: | |
| systemctl start nginx | |
| # if failed to start nginx, check if httpd is running, and disable it, since it uses port 80 | |
| systemctl stop httpd | |
| # setup php-fpm | |
| # change user | |
| # enable port for firewall | |
| systemctl start php-fpm |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo yum -y install yum-utils | |
| sudo yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional | |
| sudo yum install certbot python2-certbot-nginx | |
| certbot certonly --manual --preferred-challenges=dns -d '*.domain.com' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| REPO_DIR=/var/www/sitename.com | |
| if [ ! -d $REPO_DIR ]; then | |
| echo "Repo directory doesn't exists" | |
| exit 1 | |
| fi | |
| # to be able to pull git update | |
| sudo chown -R $(logname):$(logname) $REPO_DIR | |
| cd $REPO_DIR | |
| git checkout master | |
| git pull --rebase origin master | |
| # permissions | |
| # find $REPO_DIR -type f -exec chmod 640 {} \; | |
| # find $REPO_DIR -type d -exec chmod 750 {} \; | |
| # allow nginx to write theese folder | |
| sudo chown -R nginx:nginx $REPO_DIR/storage $REPO_DIR/bootstrap/cache | |
| sudo chmod -R 775 $REPO_DIR/storage | |
| # selinux allow read write permission | |
| sudo chcon -R -t httpd_sys_rw_content_t $REPO_DIR/storage | |
| sudo chcon -R -t httpd_sys_rw_content_t $REPO_DIR/bootstrap/cache | |
| composer install --no-dev --optimize-autoloader | |
| php artisan migrate --force | |
| php artisan config:clear | |
| php artisan config:cache | |
| php artisan cache:clear | |
| cd - | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name sitename.com; | |
| return 301 https://sitename.com$request_uri; | |
| } | |
| server { | |
| listen 443 ssl; | |
| server_name sitename.com; | |
| root /var/www/sitename.com/public; | |
| # add_header X-Frame-Options "SAMEORIGIN"; | |
| # add_header X-XSS-Protection "1; mode=block"; | |
| # add_header X-Content-Type-Options "nosniff"; | |
| index index.html index.htm index.php; | |
| charset utf-8; | |
| location / { | |
| try_files $uri $uri/ /index.php?$query_string; | |
| } | |
| location = /favicon.ico { access_log off; log_not_found off; } | |
| location = /robots.txt { access_log off; log_not_found off; } | |
| error_page 404 /index.php; | |
| location ~ \.php$ { | |
| # fastcgi_pass unix:/var/run/php-fpm/www.sock; | |
| fastcgi_pass 127.0.0.1:9000; | |
| fastcgi_index index.php; | |
| fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; | |
| include fastcgi_params; | |
| } | |
| location ~ /\.(?!well-known).* { | |
| deny all; | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # TYPE DATABASE USER ADDRESS METHOD | |
| # local all postgres trust | |
| local all root md5 | |
| local sameuser myuser md5 | |
| # IPv4 local connections: | |
| host sameuser all 127.0.0.1/32 md5 | |
| # IPv6 local connections: | |
| host sameuser all ::1/128 md5 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| if [ $# -lt 2 ]; then | |
| echo "${0}: missing root dir and build archive name" | |
| echo "Example: \"./static-deploy.sh /var/www/myapp.com\" ./build/build-1.0.0.tar.gz" | |
| exit 1 | |
| fi | |
| DIR_ROOT=${1} | |
| BUILD_ARCHIVE=${2} | |
| sudo mkdir -p $DIR_ROOT | |
| sudo rm -rf $DIR_ROOT/* | |
| sudo tar -zxf $BUILD_ARCHIVE -C $DIR_ROOT | |
| sudo chown -R nginx:nginx $DIR_ROOT | |
| find /var/www/sitename.com/ -type f -exec chmod 640 {} \; | |
| find /var/www/sitename.com/ -type d -exec chmod 750 {} \; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name sitename.com; | |
| return 301 https://sitename.com$request_uri; | |
| } | |
| server { | |
| listen 443 ssl; | |
| server_name static-site.com; | |
| root /var/www/static-site.com; | |
| location / { | |
| index index.html; | |
| try_files $uri $uri/ /index.html?$args; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment