Deploying with DigitalOcean

Prerequisite

You will need an account at DigitalOcean before you can complete all the steps in this guide. Once you register for an account at DigitalOcean you can continue with the guide below.

Select Droplet

• Initiate the process of creating a new droplet
• Navigate to Marketplace tab and perform a search for LEMP droplet
• Press Create LEMP Droplet button
• Skip Block Storage
• Choose Datacenter region
• Under Select additional options select User data checkbox

Droplet Script

Paste in below script into User data textbox

#!/bin/bash
sudo fallocate -l 1G /swapfile;
chmod 600 /swapfile;
mkswap /swapfile;
swapon /swapfile;
echo "/swapfile   none    swap    sw    0   0" >> /etc/fstab;
sudo git clone https://github.com/laraone/laraone.git /var/www/laraone
sudo apt-get -qqy install software-properties-common
sudo add-apt-repository ppa:ondrej/php -y
sudo apt-get update -y
sudo apt-get -qqy install git php7.3-fpm php7.3-cli php7.3-mysql php7.3-gd php7.3-common php7.3-dom php7.3-tidy php7.3-xmlrpc php7.3-intl php7.3-bcmath php7.3-mbstring php7.3-xml php7.3-zip php7.3-curl
sudo wget https://getcomposer.org/installer && php installer && chmod +x composer.phar
sudo mv composer.phar /usr/bin/composer

Above bash script will be executed as soon as the droplet boots up for the first time. This script will create a smiple 1GB swapfile, set correct file & folder permissions, install few required php packages and pull LaraOne CMS project from Github repository.

Note: Swapfile creation is required for 5$ droplets, but it can be skipped by using more powerful droplets. Remove it only if you are techically skilled and know what you are doing. If you remove it but experience composer errors while installing the CMS, then swapfile is required and it should be created. This is due to PHP dependency manager Composer requiring quite a lot of RAM memory to satisfy package dependencies.

Authentication

It is recommended that you select SSH keys option as authentication. Note that droplets that use SSH keys have password authentication disabled by default. This makes them secure against brute-force attacks. Only select One-Time Password option if you know what you are doing. If One-Time Password is the option you select, we advise you to create a password with at least 18 random characters and store it inside password keeper application.

To create SSH Keys checkout these links for a guide Windows and here for Linux and MacOS

Create Droplet

Scroll to the bottom of the page and press the button that says Create Droplet, DigitalOcean will spin up a droplet with your configuration. Wait a while till the droplet is created before proceeding to next step.

Database Creation

We need to create a database, but before we do that, there is one highly recommended step. When LEMP droplet is installed, default database user root has no password. It's good to set one now:

    mysql -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'my_db_password';"

Note: my_db_password is your custom password. Do not just copy and paste the above code, make sure to pick your own strong password.

Next step is it's optional, you can change MySql default username root with this command:

    : mysql -u root -pmy_db_password -e "use mysql; update user set user = 'custom_db_username' where user = 'root'; flush privileges;"

Where custom_db_username is the new username you pick for root user.

Note: -pmy_db_password is not a misspelling, you need to connect -p option with your password and have no spaces in between.

Lastly, we need to create database that CMS needs, run this command:

    mysql -u custom_db_username -pmy_db_password -e "CREATE DATABASE laraone CHARACTER SET latin1 COLLATE latin1_swedish_ci;"

Note: laraone is database name, you can modify this name, but be sure to remember it for ENV step that comes further down this guide, character set latin1 and collation is latin1_swedish_ci. Last two values are MySql default values. If you need something else, feel free to change these options. Defaults should be fine for most countries based on latin.

Webserver Configuration

We need to configure web server (NGINX) that came installed with the LEMP droplet.

Create new file at /etc/nginx/sites-available/laraone

Note: If you know what you are doing, you can name the above folder whatever you want. If this is your fist time doing this, just name it laraone as suggested above and move to next steps.

Paste below content inside the file. Replace server_domain_or_IP on line 3 with your domain name or server IP in case you do not have a domain yet. For example for this website we used

    server_name laraone.dev;

Now copy below config and paste it into the laraone file you created in previous step.

    server {
            listen 80;
            server_name server_domain_or_IP;
            root /var/www/laraone/public;
            index index.html index.htm index.php;

            add_header X-Frame-Options "SAMEORIGIN";
            add_header X-XSS-Protection "1; mode=block";
            add_header X-Content-Type-Options "nosniff";

            charset utf-8;

            location / {
                    try_files $uri $uri/ /index.php?$query_string;
            }

            location = /favicon.ico { access_log off; log_not_found off; }
            location = /robots.txt  { access_log off; log_not_found off; }

            error_page 404 /index.php;

            location ~ \.php$ {
                    include snippets/fastcgi-php.conf;
                    fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
            }
            location ~ /\.ht {
                    deny all;
            }
    }

Save the file and then link it with nginx server. To do that run this command

    sudo ln -s /etc/nginx/sites-available/laraone /etc/nginx/sites-enabled/

In order to apply new webserver configuration, reload nginx:

    sudo systemctl reload nginx

ENV File

We need to create and customize an .env file. This is a file where application's basic configuration is stored. Create an env file under /var/www/laraone/ make sure it starts with a dot like this .env

Copy and paste below settings into this file

    APP_NAME=LaraOne
    APP_ENV="local"
    APP_KEY=
    APP_DEBUG=true
    APP_URL=http://localhost

    #ADMIN_USERNAME=admin_username
    #ADMIN_EMAIL=name@example.com
    #ADMIN_PASSWORD=Example123456
    #ADMIN_FIRSTNAME=firstname
    #ADMIN_LASTNAME=lastname

    LOG_CHANNEL=stack

    DB_CONNECTION=mysql
    DB_HOST=127.0.0.1
    DB_PORT=3306
    DB_DATABASE=laraone
    DB_USERNAME=laraone_user
    DB_PASSWORD=password

    BROADCAST_DRIVER=log
    CACHE_DRIVER=file
    SESSION_DRIVER=file
    QUEUE_DRIVER=sync

    REDIS_HOST=127.0.0.1
    REDIS_PASSWORD=
    REDIS_PORT=6379

    MAIL_DRIVER=smtp
    MAIL_HOST=mailtrap.io
    MAIL_PORT=2525
    MAIL_USERNAME=
    MAIL_PASSWORD=
    MAIL_ENCRYPTION=

    MAIL_FROM_ADDRESS=noreply@example.com
    MAIL_FROM_NAME="${APP_NAME}"

    MAIL_SENDMAIL="/usr/sbin/sendmail -bs"

    MAILGUN_DOMAIN=
    MAILGUN_SECRET=
    MAILGUN_ENDPOINT="api.mailgun.net"

    MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
    MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"

Uncomment all settings starting with ADMIN by removing # in front of them. Then set each setting, this will be used by installation command to create the first Admin user.

Note: Password must be at minimum 8 characters. If you do not wish to set first and lastname, leave them commented out with #

Next make sure to update all of these settings with data that matches your setup in Database Creation step you did previously

    APP_URL=https://mywebsite.com
    DB_DATABASE=laraone
    DB_USERNAME=custom_db_username
    DB_PASSWORD my_db_password

If you plan to be using email to get password resets and email activation links then also update these according to your needs. Using your gmail account settings is possible. Or perhaps you have access to private email server using smtp. Update below settings accordingly to your needs.

    MAIL_DRIVER=smtp
    MAIL_HOST=mailtrap.io
    MAIL_PORT=2525
    MAIL_USERNAME=
    MAIL_PASSWORD=
    MAIL_ENCRYPTION=

If you plan to use MailGun a service where you get up to 10000 free emails per month, then you need configure these settings:

    MAIL_DRIVER=mailgun
    MAILGUN_DOMAIN=enter your mailgun domain
    MAILGUN_SECRET=enter your mail gun API secret
    MAILGUN_ENDPOINT="api.mailgun.net"

Example Mailgun config can look like this

    MAIL_DRIVER=mailgun
    MAILGUN_DOMAIN=mg.mydomain.com
    MAILGUN_SECRET=key-LE5Y4jy3DM5Qc6Acnh7z9BJzi6oY
    MAILGUN_ENDPOINT=api.mailgun.net

Note: Secret key above is fake, so use the one you get from Mailgun when you sign up for an account there.

It's good to set a global from email address and name. These are used in emails that are sent from the your website.

    MAIL_FROM_ADDRESS=noreply@mydomain.com
    MAIL_FROM_NAME="${APP_NAME}"

Assign Directory Permissions

Execute following commands to securely grant permissions to www-data user to cms directory

    Assumptions:
    – Web server: www-data
    – User: www-data

    sudo chown -R www-data:www-data /var/www/laraone
    sudo find /var/www/laraone -type f -exec chmod 664 {} \;
    sudo find /var/www/laraone -type d -exec chmod 755 {} \;

Install CMS

To finally install LaraOne CMS it self, just run these two commands:

    php artisan key:generate

Note: This command is needed for Laravel to secure an application by generating a 32 characters random string. This string is used for encryption of important things like website cookies.

    php artisan laraone:install

Note: If installation is successful you will get a success message and version numbers of LaraOne backend and admin. If that is so visiting your domain you should see a welcome page. User you have specified as admin in the .env file above has been created and you can login as that user if you go to mywebsite.com/auth/login and start building your website.