Complete Guide: Deploying Laravel on Ubuntu 24.04
Introduction
This guide provides a comprehensive walkthrough for deploying Laravel applications on Ubuntu 24.04 using an automated script. The script handles everything from system preparation to SSL configuration and performance optimization.
Quick Start
wget -q https://git.hhf.technology/hhf/new-ubuntu-laravel/raw/branch/main/setup_server_laravel.sh -O setup_server_laravel.sh
chmod +x setup_server_laravel.sh
./setup_server_laravel.sh -d yourdomain.com
Features
- Full LEMP stack installation (Linux, Nginx, MySQL, PHP)
- Automatic SSL certificate generation
- PHP-FPM optimization
- Security hardening
- Cron job setup for Laravel
- Multi-PHP version support (8.2 and 8.3)
Prerequisites
- Fresh Ubuntu 24.04 installation
- Domain name pointed to your server’s IP
- Root or sudo access
- Open ports: 80, 443 (for web traffic)
Detailed Installation Steps
1. System Preparation
The script begins by preparing the system:
- Removes any package locks
- Updates package lists
- Removes Apache (if installed)
- Frees up ports 80 and 443
2. Web Server Setup
- Installs and configures Nginx
- Sets up firewall rules
- Configures server blocks for your domain
3. PHP Installation
- Installs PHP 8.2 and 8.3
- Configures PHP-FPM
- Installs essential PHP extensions
- Optimizes PHP settings for Laravel
4. SSL Configuration
- Installs Certbot
- Generates SSL certificates
- Configures Nginx for HTTPS
5. Database Setup
- Installs MySQL with secure defaults
- Generates random root password
- Configures basic security settings
Script Optimizations and Enhancements
Current Optimizations
- Performance Tuning:
# System level optimizations
net.core.netdev_max_backlog = 65535
net.core.somaxconn = 65535
# PHP-FPM settings
post_max_size = 1000M
upload_max_filesize = 1000M
max_execution_time = 300
memory_limit = 12800M
- Security Features:
- Automatic firewall configuration
- SSL certificate automation
- Secure MySQL installation
Recommended Enhancements
- Add Error Handling:
# Add at the beginning of the script
set -e
trap 'echo "Error on line $LINENO"' ERR
# Add error checking functions
check_command_status() {
if [ $? -ne 0 ]; then
echo "Error: $1 failed"
exit 1
fi
}
- Add Configuration Backup:
# Add before making changes
backup_configs() {
BACKUP_DIR="/root/config_backup_$(date +%Y%m%d_%H%M%S)"
mkdir -p $BACKUP_DIR
cp /etc/nginx/nginx.conf $BACKUP_DIR/
cp /etc/php/8.2/fpm/php.ini $BACKUP_DIR/
echo "Configurations backed up to $BACKUP_DIR"
}
- Add System Health Checks:
check_system_resources() {
# Check available disk space
MIN_DISK_SPACE=5120 # 5GB in MB
AVAILABLE_SPACE=$(df -m / | awk 'NR==2 {print $4}')
if [ $AVAILABLE_SPACE -lt $MIN_DISK_SPACE ]; then
echo "Error: Insufficient disk space. Need at least 5GB free."
exit 1
fi
# Check RAM
MIN_RAM=1024 # 1GB in MB
AVAILABLE_RAM=$(free -m | awk 'NR==2 {print $2}')
if [ $AVAILABLE_RAM -lt $MIN_RAM ]; then
echo "Warning: Low RAM detected. Recommended minimum is 1GB."
fi
}
- Add Redis Support:
install_redis() {
echo "Installing Redis..."
sudo apt-get install redis-server -y
sudo systemctl enable redis-server
sudo systemctl start redis-server
# Configure Redis for Laravel
sudo sed -i 's/supervised no/supervised systemd/' /etc/redis/redis.conf
sudo systemctl restart redis-server
}
- Add Monitoring Setup:
setup_monitoring() {
# Install monitoring tools
sudo apt-get install -y prometheus node-exporter
# Configure Prometheus
cat << EOF | sudo tee /etc/prometheus/prometheus.yml
global:
scrape_interval: 15s
scrape_configs:
- job_name: 'node'
static_configs:
- targets: ['localhost:9100']
EOF
# Start monitoring services
sudo systemctl enable prometheus node-exporter
sudo systemctl start prometheus node-exporter
}
Troubleshooting
Live Debugging
Monitor the script execution in real-time:
tail -f script_log.log
Common Issues and Solutions
- SSL Certificate Generation Fails:
- Ensure domain DNS is properly configured
- Check port 80 and 443 are open
- Verify domain ownership
- MySQL Installation Issues:
# Reset MySQL password
sudo mysql_secure_installation
# or
sudo dpkg-reconfigure mysql-server-8.0
- Nginx Configuration Problems:
# Test Nginx configuration
sudo nginx -t
# Check Nginx error logs
sudo tail -f /var/log/nginx/error.log
Maintenance
Regular Updates
# Add to crontab for weekly updates
0 0 * * 0 apt-get update && apt-get upgrade -y
SSL Certificate Renewal
Certbot automatically handles renewal through a cronjob, but you can manually renew:
sudo certbot renew --dry-run
Database Backups
Add to your crontab:
0 1 * * * mysqldump -u root -p'your_password' --all-databases | gzip > /backup/mysql/all-databases-$(date +\%Y-\%m-\%d).sql.gz
Security Recommendations
- Enable UFW Firewall:
sudo ufw enable
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
- Secure Shared Memory:
Add to /etc/fstab:
none /run/shm tmpfs defaults,noexec,nosuid 0 0
- Configure Fail2Ban:
sudo apt-get install fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
Performance Optimization
- Enable OPcache:
# Add to php.ini
opcache.enable=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=4000
opcache.revalidate_freq=60
opcache.fast_shutdown=1
opcache.enable_cli=1
- Nginx Worker Optimization:
worker_processes auto;
worker_rlimit_nofile 65535;
events {
worker_connections 65535;
multi_accept on;
use epoll;
}
Final Notes
- Always test the script in a development environment first
- Keep backups before running the script
- Monitor system resources after deployment
- Regularly update all installed packages
- Keep the MySQL root password secure
Remember to replace ‘yourdomain.com’ with your actual domain name when running the script.