direct-online/vito
2
0
Fork 0
mirror of https://github.com/vitodeploy/vito.git synced 2025-04-19 09:51:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
Saeed Vaziry 2023-07-09 22:02:45 +02:00
parent 5c72f12490
commit c1056f11ec
8 changed files with 255 additions and 337 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.env.example
View File

@ -64,12 +64,3 @@ GITHUB_CLIENT_SECRET=
ABLY_KEY=
ABLY_PUBLIC_KEY=
STRIPE_KEY=pk_test_NndNPdqsaU772F7rGf9VwMBZ00QTxVOAZI
STRIPE_SECRET=sk_test_nXrcZWPhxtzVLDWo3qzk5O2e00ygZPvrAJ
STRIPE_STANDARD_MONTHLY=price_1KJelHLZWr04YoNXo85HB9L6
STRIPE_STANDARD_ANNUALLY=price_1KJelHLZWr04YoNX5JzxilBB
STRIPE_BUSINESS_MONTHLY=price_1KJelHLZWr04YoNX6rdAxIEA
STRIPE_BUSINESS_ANNUALLY=price_1KJelHLZWr04YoNXAoBOSLs9
#STRIPE_UNLIMITED_MONTHLY=price_1KJelHLZWr04YoNXDRvMP511
#STRIPE_UNLIMITED_ANNUALLY=price_1KJelHLZWr04YoNXG4Ad4Bjp

60
.env.prod Executable file
View File

@ -0,0 +1,60 @@
APP_NAME=Vito
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_URL={APP_URL}
LOG_CHANNEL=stack
LOG_LEVEL=debug
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE={DB_NAME}
DB_USERNAME={DB_USER}
DB_PASSWORD={DB_PASS}
BROADCAST_DRIVER=pusher
CACHE_DRIVER=array
FILESYSTEM_DRIVER=local
QUEUE_CONNECTION=default
SESSION_DRIVER=database
SESSION_LIFETIME=120
MAIL_MAILER=smtp
MAIL_HOST=mailhog
MAIL_PORT=1025
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS=null
MAIL_FROM_NAME="${APP_NAME}"
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=
AWS_USE_PATH_STYLE_ENDPOINT=false
PUSHER_APP_ID=app-id
PUSHER_APP_KEY=app-key
PUSHER_APP_SECRET=app-secret
PUSHER_HOST=soketi
PUSHER_PORT=6001
PUSHER_SCHEME=http
PUSHER_APP_CLUSTER=mt1
VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
VITE_PUSHER_HOST="${PUSHER_HOST}"
VITE_PUSHER_PORT="${PUSHER_PORT}"
VITE_PUSHER_SCHEME="${PUSHER_SCHEME}"
VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
SSH_PUBLIC_KEY_NAME=ssh-public.key
SSH_PRIVATE_KEY_NAME=ssh-private.pem
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=
ABLY_KEY=
ABLY_PUBLIC_KEY=

65
app/Providers/TelescopeServiceProvider.php
View File

@ -1,65 +0,0 @@
<?php
namespace App\Providers;
use Illuminate\Support\Facades\Gate;
use Laravel\Telescope\IncomingEntry;
use Laravel\Telescope\Telescope;
use Laravel\Telescope\TelescopeApplicationServiceProvider;
class TelescopeServiceProvider extends TelescopeApplicationServiceProvider
{
/**
* Register any application services.
*/
public function register(): void
{
// Telescope::night();
$this->hideSensitiveRequestDetails();
Telescope::filter(function (IncomingEntry $entry) {
if ($this->app->environment('local')) {
return true;
}
return $entry->isReportableException() ||
$entry->isFailedRequest() ||
$entry->isFailedJob() ||
$entry->isScheduledTask() ||
$entry->hasMonitoredTag();
});
}
/**
* Prevent sensitive request details from being logged by Telescope.
*/
protected function hideSensitiveRequestDetails(): void
{
if ($this->app->environment('local')) {
return;
}
Telescope::hideRequestParameters(['_token']);
Telescope::hideRequestHeaders([
'cookie',
'x-csrf-token',
'x-xsrf-token',
]);
}
/**
* Register the Telescope gate.
*
* This gate determines who can access Telescope in non-local environments.
*/
protected function gate(): void
{
Gate::define('viewTelescope', function ($user) {
return in_array($user->email, [
//
]);
});
}
}

1
composer.json
View File

@ -21,7 +21,6 @@
"fakerphp/faker": "^1.9.1",
"laravel/pint": "^1.10",
"laravel/sail": "^1.18",
"laravel/telescope": "^4.14",
"mockery/mockery": "^1.4.4",
"nunomaduro/collision": "^7.0",
"phpunit/phpunit": "^10.0",

73
composer.lock generated
View File

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "c1707f21542e1ae2b8839cd24e846e51",
"content-hash": "36fda0bafd1bd5b298307b02bb98fc0a",
"packages": [
{
"name": "aws/aws-crt-php",
@ -6790,77 +6790,6 @@
},
"time": "2023-03-30T12:28:55+00:00"
},
{
"name": "laravel/telescope",
"version": "v4.14.1",
"source": {
"type": "git",
"url": "https://github.com/laravel/telescope.git",
"reference": "88ca4cbeefea563b605cf3fd9c10ff5a623864b1"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/laravel/telescope/zipball/88ca4cbeefea563b605cf3fd9c10ff5a623864b1",
"reference": "88ca4cbeefea563b605cf3fd9c10ff5a623864b1",
"shasum": ""
},
"require": {
"ext-json": "*",
"laravel/framework": "^8.37|^9.0|^10.0",
"php": "^8.0",
"symfony/var-dumper": "^5.0|^6.0"
},
"require-dev": {
"ext-gd": "*",
"guzzlehttp/guzzle": "^6.0|^7.0",
"laravel/octane": "^1.4",
"orchestra/testbench": "^6.0|^7.0|^8.0",
"phpstan/phpstan": "^1.10",
"phpunit/phpunit": "^9.0"
},
"type": "library",
"extra": {
"branch-alias": {
"dev-master": "4.x-dev"
},
"laravel": {
"providers": [
"Laravel\\Telescope\\TelescopeServiceProvider"
]
}
},
"autoload": {
"psr-4": {
"Laravel\\Telescope\\": "src/",
"Laravel\\Telescope\\Database\\Factories\\": "database/factories/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Taylor Otwell",
"email": "taylor@laravel.com"
},
{
"name": "Mohamed Said",
"email": "mohamed@laravel.com"
}
],
"description": "An elegant debug assistant for the Laravel framework.",
"keywords": [
"debugging",
"laravel",
"monitoring"
],
"support": {
"issues": "https://github.com/laravel/telescope/issues",
"source": "https://github.com/laravel/telescope/tree/v4.14.1"
},
"time": "2023-03-17T18:13:19+00:00"
},
{
"name": "mockery/mockery",
"version": "1.5.1",

4
config/app.php
View File

@ -193,9 +193,7 @@
App\Providers\AuthServiceProvider::class,
App\Providers\BroadcastServiceProvider::class,
App\Providers\EventServiceProvider::class,
App\Providers\RouteServiceProvider::class,
App\Providers\TelescopeServiceProvider::class,
App\Providers\RouteServiceProvider::class
],
/*

187
config/telescope.php
View File

@ -1,187 +0,0 @@
<?php
use Laravel\Telescope\Http\Middleware\Authorize;
use Laravel\Telescope\Watchers;
return [
/*
|--------------------------------------------------------------------------
| Telescope Domain
|--------------------------------------------------------------------------
|
| This is the subdomain where Telescope will be accessible from. If the
| setting is null, Telescope will reside under the same domain as the
| application. Otherwise, this value will be used as the subdomain.
|
*/
'domain' => env('TELESCOPE_DOMAIN'),
/*
|--------------------------------------------------------------------------
| Telescope Path
|--------------------------------------------------------------------------
|
| This is the URI path where Telescope will be accessible from. Feel free
| to change this path to anything you like. Note that the URI will not
| affect the paths of its internal API that aren't exposed to users.
|
*/
'path' => env('TELESCOPE_PATH', 'telescope'),
/*
|--------------------------------------------------------------------------
| Telescope Storage Driver
|--------------------------------------------------------------------------
|
| This configuration options determines the storage driver that will
| be used to store Telescope's data. In addition, you may set any
| custom options as needed by the particular driver you choose.
|
*/
'driver' => env('TELESCOPE_DRIVER', 'database'),
'storage' => [
'database' => [
'connection' => env('DB_CONNECTION', 'mysql'),
'chunk' => 1000,
],
],
/*
|--------------------------------------------------------------------------
| Telescope Master Switch
|--------------------------------------------------------------------------
|
| This option may be used to disable all Telescope watchers regardless
| of their individual configuration, which simply provides a single
| and convenient way to enable or disable Telescope data storage.
|
*/
'enabled' => env('TELESCOPE_ENABLED', true),
/*
|--------------------------------------------------------------------------
| Telescope Route Middleware
|--------------------------------------------------------------------------
|
| These middleware will be assigned to every Telescope route, giving you
| the chance to add your own middleware to this list or change any of
| the existing middleware. Or, you can simply stick with this list.
|
*/
'middleware' => [
'web',
Authorize::class,
],
/*
|--------------------------------------------------------------------------
| Allowed / Ignored Paths & Commands
|--------------------------------------------------------------------------
|
| The following array lists the URI paths and Artisan commands that will
| not be watched by Telescope. In addition to this list, some Laravel
| commands, like migrations and queue commands, are always ignored.
|
*/
'only_paths' => [
// 'api/*'
],
'ignore_paths' => [
'nova-api*',
],
'ignore_commands' => [
//
],
/*
|--------------------------------------------------------------------------
| Telescope Watchers
|--------------------------------------------------------------------------
|
| The following array lists the "watchers" that will be registered with
| Telescope. The watchers gather the application's profile data when
| a request or task is executed. Feel free to customize this list.
|
*/
'watchers' => [
Watchers\BatchWatcher::class => env('TELESCOPE_BATCH_WATCHER', true),
Watchers\CacheWatcher::class => [
'enabled' => env('TELESCOPE_CACHE_WATCHER', true),
'hidden' => [],
],
Watchers\ClientRequestWatcher::class => env('TELESCOPE_CLIENT_REQUEST_WATCHER', true),
Watchers\CommandWatcher::class => [
'enabled' => env('TELESCOPE_COMMAND_WATCHER', true),
'ignore' => [],
],
Watchers\DumpWatcher::class => [
'enabled' => env('TELESCOPE_DUMP_WATCHER', true),
'always' => env('TELESCOPE_DUMP_WATCHER_ALWAYS', false),
],
Watchers\EventWatcher::class => [
'enabled' => env('TELESCOPE_EVENT_WATCHER', true),
'ignore' => [],
],
Watchers\ExceptionWatcher::class => env('TELESCOPE_EXCEPTION_WATCHER', true),
Watchers\GateWatcher::class => [
'enabled' => env('TELESCOPE_GATE_WATCHER', true),
'ignore_abilities' => [],
'ignore_packages' => true,
'ignore_paths' => [],
],
Watchers\JobWatcher::class => env('TELESCOPE_JOB_WATCHER', true),
Watchers\LogWatcher::class => [
'enabled' => env('TELESCOPE_LOG_WATCHER', true),
'level' => 'error',
],
Watchers\MailWatcher::class => env('TELESCOPE_MAIL_WATCHER', true),
Watchers\ModelWatcher::class => [
'enabled' => env('TELESCOPE_MODEL_WATCHER', true),
'events' => ['eloquent.*'],
'hydrations' => true,
],
Watchers\NotificationWatcher::class => env('TELESCOPE_NOTIFICATION_WATCHER', true),
Watchers\QueryWatcher::class => [
'enabled' => env('TELESCOPE_QUERY_WATCHER', true),
'ignore_packages' => true,
'ignore_paths' => [],
'slow' => 100,
],
Watchers\RedisWatcher::class => env('TELESCOPE_REDIS_WATCHER', true),
Watchers\RequestWatcher::class => [
'enabled' => env('TELESCOPE_REQUEST_WATCHER', true),
'size_limit' => env('TELESCOPE_RESPONSE_SIZE_LIMIT', 64),
'ignore_http_methods' => [],
'ignore_status_codes' => [],
],
Watchers\ScheduleWatcher::class => env('TELESCOPE_SCHEDULE_WATCHER', true),
Watchers\ViewWatcher::class => env('TELESCOPE_VIEW_WATCHER', true),
],
];

193
install/install.sh Normal file
View File

@ -0,0 +1,193 @@
#!/bin/bash
export DEBIAN_FRONTEND=noninteractive
export NEEDRESTART_MODE=a
export V_USERNAME=vito
export V_PASSWORD=$(openssl rand -base64 12)
if [[ -z "${V_DOMAIN}" ]]; then
echo "Error: V_DOMAIN environment variable is not set."
exit 1
fi
apt remove needrestart -y
useradd -p $(openssl passwd -1 ${V_PASSWORD}) ${V_USERNAME}
usermod -aG "${V_USERNAME}"
"${V_USERNAME} ALL=(ALL) NOPASSWD:ALL" | tee -a /etc/sudoers
mkdir /home/"${V_USERNAME}"
mkdir /home/"${V_USERNAME}"/.ssh
chown -R "${V_USERNAME}":"${V_USERNAME}" /home/"${V_USERNAME}"
chsh -s /bin/bash "${V_USERNAME}"
su - "${V_USERNAME}" -c "ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa" <<<y
# upgrade
apt clean
apt update
apt upgrade -y
apt autoremove -y
# requirements
apt install -y software-properties-common curl zip unzip git gcc
# nodejs
curl -fsSL https://deb.nodesource.com/setup_lts.x | -E bash -
apt update
apt install nodejs -y
# certbot
apt install certbot python3-certbot-nginx -y
# nginx
export V_NGINX_CONFIG="
user ${V_USERNAME};
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
"
apt install nginx -y
if ! echo "${V_NGINX_CONFIG}" | tee /etc/nginx/nginx.conf; then
echo "Can't configure nginx!" && exit 1
fi
service nginx start
# php
export V_PHP_VERSION="8.1"
add-apt-repository ppa:ondrej/php -y
apt update
apt install -y php${V_PHP_VERSION} php${V_PHP_VERSION}-fpm php${V_PHP_VERSION}-mbstring php${V_PHP_VERSION}-mysql php${V_PHP_VERSION}-mcrypt php${V_PHP_VERSION}-gd php${V_PHP_VERSION}-xml php${V_PHP_VERSION}-curl php${V_PHP_VERSION}-gettext php${V_PHP_VERSION}-zip php${V_PHP_VERSION}-bcmath php${V_PHP_VERSION}-soap php${V_PHP_VERSION}-redis
if ! sed -i "s/www-data/${V_USERNAME}/g" /etc/php/${V_PHP_VERSION}/fpm/pool.d/www.conf; then
echo 'Error installing PHP' && exit 1
fi
service php${V_PHP_VERSION}-fpm enable
service php${V_PHP_VERSION}-fpm start
apt install -y php${V_PHP_VERSION}-ssh2
service php${V_PHP_VERSION}-fpm restart
# composer
curl -sS https://getcomposer.org/installer -o composer-setup.php
php composer-setup.php --install-dir=/usr/local/bin --filename=composer
# database
export V_MARIADB_VERSION="10.3"
export V_DB_USER="vito"
export V_DB_NAME="vito"
export V_DB_PASS=$(openssl rand -base64 12)
wget https://downloads.mariadb.com/MariaDB/mariadb_repo_setup
chmod +x mariadb_repo_setup
./mariadb_repo_setup --mariadb-server-version="mariadb-${V_MARIADB_VERSION}"
apt update
apt install mariadb-server mariadb-backup -y
service mysql start
mysql -e "CREATE DATABASE IF NOT EXISTS ${V_DB_NAME} CHARACTER SET utf8 COLLATE utf8_general_ci"
mysql -e "CREATE USER IF NOT EXISTS '${V_DB_USER}'@'localhost' IDENTIFIED BY '${V_DB_PASS}'"
mysql -e "FLUSH PRIVILEGES"
mysql -e "GRANT ALL PRIVILEGES ON ${V_DB_NAME}.* TO '${V_DB_USER}'@'localhost'"
mysql -e "FLUSH PRIVILEGES"
# create vhost
export V_REPO="https://github.com/vitodeployer/vito.git"
export V_VHOST_CONFIG="
server {
listen 80;
listen [::]:80;
server_name ${V_DOMAIN};
root /home/${V_USERNAME}/${V_DOMAIN}/public;
add_header X-Frame-Options \"SAMEORIGIN\";
add_header X-Content-Type-Options \"nosniff\";
index index.php;
charset utf-8;
location / {
try_files \$uri \$uri/ /index.php?\$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php${V_PHP_VERSION}-fpm.sock;
fastcgi_param SCRIPT_FILENAME \$realpath_root\$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
"
rm -rf /home/${V_USERNAME}/${V_DOMAIN}
mkdir /home/${V_USERNAME}/${V_DOMAIN}
chown -R 755 /home/${V_USERNAME}/${V_DOMAIN}
echo "${V_VHOST_CONFIG}" | tee /etc/nginx/sites-available/${V_DOMAIN}
ln -s /etc/nginx/sites-available/${V_DOMAIN} /etc/nginx/sites-enabled/
service nginx restart
rm -rf /home/${V_USERNAME}/${V_DOMAIN}
git config --global core.fileMode false
git clone ${V_REPO} /home/${V_USERNAME}/${V_DOMAIN}
find /home/${V_USERNAME}/${V_DOMAIN} -type d -exec chmod 755 {} \;
find /home/${V_USERNAME}/${V_DOMAIN} -type f -exec chmod 644 {} \;
cd /home/${V_USERNAME}/${V_DOMAIN} && git config core.fileMode false
cd /home/${V_USERNAME}/${V_DOMAIN} && composer install --no-dev
cp .env.prod .env
sed -i '' "s/{AP_URL}/http://${V_DOMAIN}/g" /home/${V_USERNAME}/${V_DOMAIN}/.env
sed -i '' "s/{DB_NAME}/${V_DB_NAME}/g" /home/${V_USERNAME}/${V_DOMAIN}/.env
sed -i '' "s/{DB_USER}/${V_DB_USER}/g" /home/${V_USERNAME}/${V_DOMAIN}/.env
sed -i '' "s/{DB_PASS}/${V_DB_PASS}/g" /home/${V_USERNAME}/${V_DOMAIN}/.env
php artisan key:generate
php artisan storage:link
# setup supervisor
export V_WORKER_CONFIG="
[program:worker]
process_name=%(program_name)s_%(process_num)02d
command=php /home/${V_USERNAME}/${V_DOMAIN}/artisan queue:work --sleep=3 --backoff=0 --queue=default,ssh,ssh-long --timeout=3600 --tries=1
autostart=1
autorestart=1
user=vito
numprocs=1
redirect_stderr=true
stdout_logfile=/home/${V_USERNAME}/.logs/workers/worker.log
stopwaitsecs=3600
"
apt-get install supervisor -y
service supervisor enable
service supervisor start
mkdir -p /home/${V_USERNAME}/.logs
mkdir -p /home/${V_USERNAME}/.logs/workers
touch /home/${V_USERNAME}/.logs/workers/worker.log
echo "${V_WORKER_CONFIG}" | tee /etc/supervisor/conf.d/worker.conf
supervisorctl reread
supervisorctl update
supervisorctl start worker:*
echo "🎉 Congratulations!"
echo "✅ SSH User: ${V_USERNAME}"
echo "✅ SSH Password: ${V_PASSWORD}"
echo "✅ DB Name: ${V_DB_NAME}"
echo "✅ DB Username: ${V_DB_USER}"
echo "✅ DB Password: ${V_DB_PASS}"