Try   HackMD

Digital Ocean 架 Server 教學

建立虛擬主機

Digital Ocean 建立虛擬主機

  1. Create a new project

  2. Create a Droplets

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

  3. Choose an image

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

  4. Choose a plan

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

我選擇 $6/mo 的方案

  1. Choose a datacenter region
    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

我是選擇 San Francisco 3,感覺也可以考慮選擇新加坡的

  1. 特殊功能
    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

應該是不用勾選

  1. 登入憑證
    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

建議用 SSH Key 比較安全

  1. 命名以及標籤

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

  2. 備份功能

    Image Not Showing Possible Reasons
    • The image file may be corrupted
    • The server hosting the image is unavailable
    • The image path is incorrect
    • The image format is not supported
    Learn More →

考慮以後再來使用

  1. 創建成功

Domain

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

A RecordCName Record

要記得去 Hinet 那邊設定 DNS

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

環境安裝

前置作業

  1. 查看作業系統
$ lsb_release -a $ cat /etc/*release
  1. 更新套件管理器
$ sudo add-apt-repository ppa:ondrej/php $ sudo apt update $ sudo apt upgrade $ sudo apt install software-properties-common $ sudo snap install core $ sudo snap refresh core
  1. 新增使用者
$ sudo adduser jack $ sudo usermod -aG sudo jack $ su jack $ groups

安裝 Nginx

$ sudo apt install nginx

// 查看是否有程式占用連接埠 80
// (utlnp 含意:UDP、TCP、Listen、Numeric、Process)
$ sudo netstat -utlnp | grep 80

// 查看 apache2 狀態
$ sudo systemctl status apache2

// 停止 apache2
$ sudo systemctl stop apache2

// 如果找不到 netstat 需安裝 net-tools
$ sudo apt install net-tools

安裝 php

$ sudo apt install php7.4 
$ sudo apt install php7.4-{bcmath,bz2,curl,gd,intl,json,mbstring,mysql,xml,zip} 

// 支援 Nginx 的溝通組件
$ sudo apt install php7.4-fpm

// php 8.2
$ sudo apt install php8.2 
$ sudo apt install php8.2-{bcmath,bz2,cli,common,curl,gd,imap,intl,mbstring,mysql,xml,zip} 

// 支援 Nginx 的溝通組件
$ sudo apt install php8.2-fpm

$ php -v
$ php -m

安裝 mysql

$ sudo apt install mysql-server-8.0
$ sudo systemctl start mysql
$ sudo systemctl | grep mysql
$ sudo mysql --version
$ sudo mysql -u root

安裝 Mysql 出現 [MY-011065] 問題:解決方法
原因:因為記憶體太小了
在硬碟內建立 swap 空間來彌補實體記憶體的不足

$ sudo dd if=/dev/zero of=/swapfile bs=1M count=1024 $ sudo chmod 0600 /swapfile $ sudo mkswap /swapfile $ sudo swapon /swapfile

進去 Mysql 後要來建立使用者帳號:

CREATE USER 'Jack'@'localhost' IDENTIFIED WITH mysql_native_password BY '0000'; GRANT ALL PRIVILEGES ON *.* TO 'Jack'@'localhost'; SELECT User, Host, plugin FROM mysql.user;

安裝 Composer

$ curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer $ composer -v

安裝 Git

$ sudo apt install git

部屬專案

Git 下載

$ git clone [專案.git]

建立 ssh hey

$ ssh-keygen -t ed25519 -C "y23657689@gmail.com" $ cat ~/.ssh/id_ed25519.pub

修改 Nginx 設定檔

Nginx 本身的 config 檔案儲存於 /etc/nginx/nginx.conf

Nginx 的 Virtual Host 檔案會儲存在 /etc/nginx/sites-available/;然後在 /etc/nginx/sites-enabled/ 會有一個軟連結 default 指向 /etc/nginx/sites-available/default

通常是建議用域名來命名(沒有強制),首先先複製 default 檔案然後再用 vim 來修改,會比較快:

$ cd /etc/nginx/sites-available $ sudo cp default www.shangda.com.tw $ sudo vim www.shangda.com.tw

Laravel 官方網站有範例:

server {
    listen 80;
    listen [::]:80;
    server_name example.com;
    root /srv/example.com/public;
 
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-Content-Type-Options "nosniff";
 
    index index.php;
 
    charset utf-8;
 
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }
 
    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }
 
    error_page 404 /index.php;
 
    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
    }
 
    location ~ /\.(?!well-known).* {
        deny all;
    }
}

路徑大小寫請不要打錯

那個問號很重要!!少了問號你接下來 url 的 query 都吃不到了

改完後,切換到 sites-enabled,我們要先把原本的軟連結 default 刪除,之後建立一個軟連結到我們剛剛新增好的 vhost 檔案。

$ sudo rm /etc/nginx/sites-enabled/default $ sudo ln -s /etc/nginx/sites-available/www.shangda.com.tw /etc/nginx/sites-enabled/www.shangda.com.tw

接著測試並重新啟動 Nginx

$ sudo nginx -t $ sudo nginx -s reload

初始化 Laravel 專案

$ cd [專案根目錄] $ composer install --optimize-autoloader --no-dev $ mv .env.example .env $ sudo php artisan key:generate

設定資料庫

$ mysql -u [資料庫帳號] -p
CREATE DATABASE shangda CHARACTER SET utf8 COLLATE utf8_general_ci; // 8.0 CREATE DATABASE shangda CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci; show databases; use shangda; show tables;

開另一個終端機

$ cd [專案根目錄] $ vim .env // 修改環境檔案,設定資料庫 $ php artisan migrate --seed // 遇到問題 [PDOException] could not find driver. $ sudo apt install php7.4-mysql

更改權限

$ cd [專案根目錄] $ sudo chown -R [使用者帳號]:www-data . $ sudo chmod -R 2770 ./storage/ $ ls -la

申請 https

  1. 安裝 Certbot
$ sudo snap install --classic certbot // 建立軟連結 $ sudo ln -s /snap/bin/certbot /usr/bin/certbot // 取得憑證 $ sudo certbot --nginx // 憑證過期時 $ sudo certbot renew

測試評分:
https://www.ssllabs.com/ssltest/analyze.html

tags: 尚達網站