Skip to content

Instantly share code, notes, and snippets.

@valorin

valorin/.bash_aliases

Created February 9, 2023 00:25
Show Gist options
  • Save valorin/437eb3970c4c4c288dec3d7831553959 to your computer and use it in GitHub Desktop.
Save valorin/437eb3970c4c4c288dec3d7831553959 to your computer and use it in GitHub Desktop.
Download ZIP
WSL2 Scripts and helpers
Raw
.bash_aliases
# Dev Services
alias start-all='sudo wslact time-sync && sudo service redis-server start && sudo service mysql start && sudo service php8.2-fpm start && sudo service nginx start && mailcatcher'
alias stop-all='sudo service redis-server stop && sudo service mysql stop && sudo service php8.2-fpm stop && sudo service nginx stop && killall mailcatcher ; sleep 1 && ps ax'
alias restart-all='sudo service redis-server restart && sudo service mysql restart && sudo service php8.2-fpm restart && sudo service nginx restart'
alias use-php7.4='sudo update-alternatives --set php /usr/bin/php7.4'
alias use-php8.0='sudo update-alternatives --set php /usr/bin/php8.0'
alias use-php8.1='sudo update-alternatives --set php /usr/bin/php8.1'
alias use-php8.2='sudo update-alternatives --set php /usr/bin/php8.2'
Raw
README.md

  • setup.sh

    • Setup script that installs all the things I find useful for local PHP dev
    • Includes multiple PHP versions, other services, GitHub CLI, and Mailcatcher for preventing local emails being sent out.

  • .bash_aliases

    • Helpful bash aliases for starting and stopping services, plus switching PHP CLI version.
    • Note, you'll need to change the PHP version in the start/stop/restart commands if you want to use something other than 8.2
    • Likewise, the nginx FPM config will need to be modified too.

  • nginx.conf

    • I keep this in ~/dev/nginx.conf, next to the dirs for my projects
    • I have certbot configured to use Cloudflare to provision Wildcard TLS certs for my two local dev domains (valorin.dev and evilhacker.dev), it just requires pointing the domains to Cloudflare a saving the API key locally.
    • Having this simple TLS makes setting up new projects trivial. (You do need to edit the Windows Hosts file, but that's easy.)

  • nginx-include.conf

    • Separating this out makes duplicating server blocks trivial in nginx.conf
    • I keep this in ~/dev/nginx-include.conf
    • Update the PHP version as eeded

  • Update Nginx to load the local nginx.conf file

    • sudo ln -sf ~/dev/nginx.conf /etc/nginx/sites-enabled/default
Raw
nginx-include.conf
index index.php index.html index.htm index.nginx-debian.html;
charset utf-8;
sendfile off;
client_max_body_size 100m;
rewrite_log on;
error_page 404 /index.php;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
}
location /.well-known/ {
try_files $uri $uri/ =404;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ /\.(?!well-known).* {
deny all;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
# add_header "X-Frame-Options" "SAMEORIGIN" always;
add_header "X-Content-Type-Options" "nosniff" always;
add_header "Referrer-Policy" "same-origin" always;
add_header "Feature-Policy" "accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'" always;
add_header "X-Xss-Pwnage" "<script>alert('XSS');</script>" always;
listen [::]:443 ssl http2; # managed by Certbot
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/valorin.dev/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/valorin.dev/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
Raw
nginx.conf
#
# sudo certbot run --installer nginx --agree-tos --eff-email -m [email protected] --dns-cloudflare --dns-cloudflare-credentials /root/.cloudflare --cert-name valorin.dev --domain *.valorin.dev --domain *.evilhacker.dev
#
# sudo cat /root/.cloudflare
# dns_cloudflare_email = [email protected]
# dns_cloudflare_api_key =
#
server {
server_name pls.valorin.dev target.valorin.dev;
root /home/valorin/dev/pls/app/public;
access_log /var/log/nginx/pls-app-access.log;
error_log /var/log/nginx/pls-app-error.log error;
include /home/valorin/dev/nginx-include.conf;
}
Raw
setup.sh
#!/bin/bash -xe
USERNAME=$(whoami)
# Disable sudo password - it's local dev VM, root permissions don't mean much
sudo sed -i "s/%sudo\tALL=(ALL:ALL) ALL/%sudo\tALL=(ALL:ALL) NOPASSWD:ALL/" /etc/sudoers
# PPAs for PHP and WSL Utilities
sudo add-apt-repository -y ppa:ondrej/php
sudo add-apt-repository -y ppa:wslutilities/wslu
# GitHub CLI
curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
sudo apt -y update
sudo apt -y upgrade
sudo apt -y dist-upgrade
sudo apt -y autoremove
sudo apt install -y rsync zip vim htop grc bash-completion git-extras gh \
certbot python3-certbot-nginx python3-certbot-dns-cloudflare \
php-redis mysql-server mysql-client sqlmap nginx libsqlite3-dev redis-server \
php7.4-fpm php7.4-mysql php7.4-bcmath php7.4-cli php7.4-curl php7.4-gd php7.4-imagick php7.4-intl php7.4-json php7.4-mbstring php7.4-readline php7.4-sqlite3 php7.4-xsl php7.4-zip \
php8.0-fpm php8.0-mysql php8.0-bcmath php8.0-cli php8.0-curl php8.0-gd php8.0-imagick php8.0-intl php8.0-mbstring php8.0-readline php8.0-sqlite3 php8.0-xsl php8.0-zip \
php8.1-fpm php8.1-mysql php8.1-bcmath php8.1-cli php8.1-curl php8.1-gd php8.1-imagick php8.1-intl php8.1-mbstring php8.1-readline php8.1-sqlite3 php8.1-xsl php8.1-zip \
php8.2-fpm php8.2-mysql php8.2-bcmath php8.2-cli php8.2-curl php8.2-gd php8.2-imagick php8.2-intl php8.2-mbstring php8.2-readline php8.2-sqlite3 php8.2-xsl php8.2-zip
# Install and configure Composer
mkdir -p ~/.local/bin
if [ ! -f ~/.local/bin/composer ]; then
wget https://raw.githubusercontent.com/composer/getcomposer.org/76a7060ccb93902cd7576b67264ad91c8a2700e2/web/installer -O - -q | php -- --quiet --install-dir=~/.local/bin --filename=composer
fi
if [ -f ~/.config/composer/composer.json ]; then
~/.local/bin/composer global update
fi
~/.local/bin/composer global require psy/psysh friendsofphp/php-cs-fixer laravel/installer laravel/envoy laravel/forge-cli
# Mailcatcher for preventing local emails being sent out
sudo apt install build-essential patch ruby-dev zlib1g-dev liblzma-dev
sudo gem install mailcatcher
# Configure services
sudo usermod -G valorin www-data
sudo sed -i "s/^bind-address/#bind-address/" /etc/mysql/mysql.conf.d/mysqld.cnf
declare -a VERSIONS=("7.4" "8.0" "8.1" "8.2")
for VERSION in "${VERSIONS[@]}"; do
sudo sed -i "s/www-data/$USERNAME/" /etc/php/$VERSION/fpm/pool.d/www.conf
sudo sed -i "s/^upload_max_filesize = .*M/upload_max_filesize = 32M/" /etc/php/$VERSION/fpm/php.ini
sudo sed -i "s/^post_max_size = .*M/post_max_size = 32M/" /etc/php/$VERSION/fpm/php.ini
sudo sed -i "s/^;sendmail_path =.*$/sendmail_path = \/usr\/bin\/env catchmail -f php@localhost/" /etc/php/$VERSION/cli/php.ini
sudo sed -i "s/^;sendmail_path =.*$/sendmail_path = \/usr\/bin\/env catchmail -f php@localhost/" /etc/php/$VERSION/fpm/php.ini
done
echo "sudo apt -y update && sudo apt -y upgrade && sudo apt -y dist-upgrade && sudo apt -y autoremove && composer self-update && composer global upgrade" >> ~/.bash_history
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment