Froggis Wissenssammlung - Benutzerbeiträge [de]

Hauptseite

2022-01-21T10:54:23Z

Froggi: Link korrigiert

[[Datei:Knowhow.png|200x200px|zentriert]]

==Zutatenliste==
[[Froggi's_Weisheiten |''Froggi's Weisheiten'']]<br>
''[[Python-Weisheiten]]''<br>[[Nextcloud_Knoffhoff|''Nexcloud knoffhoff'']]<br>[[GrubRescue_Bootanleitung|''Grub Rescue Dingsgedongs'']]<br>[[Schleppi_zu_dunkel|''Samsung R730 zu dunkel unter Linux Mint'']]<br>[[BTRFS-Entfernen |''Check auf btrfs-Partitionen entfernen'']]<br>[[Ktimezoned-entries |''Wenn Korganizer die Zeitzonen nicht kennt'']]<br>''[[Testseite |Testseite]]''<br>[[Bootstrap |''Bootstrap how to's'']]<br>[[Python_things |''Python things'']]<br>[[Git_stuff |''Git stuff'']]<br>[[Laravel_etc |''Laravel for me'']]<br>[[Testseite |''Bastel und Reparatureck'']]

Hauptseite

2022-01-21T10:53:22Z

Froggi: /* Zutatenliste */

[[Datei:Knowhow.png|200x200px|zentriert]]

==Zutatenliste==
[[Froggi's_Weisheiten |''Froggi's Weisheiten'']]<br>
[[Python Weisheiten | ''Python-Weisheiten'']]<br>[[Nextcloud_Knoffhoff|''Nexcloud knoffhoff'']]<br>[[GrubRescue_Bootanleitung|''Grub Rescue Dingsgedongs'']]<br>[[Schleppi_zu_dunkel|''Samsung R730 zu dunkel unter Linux Mint'']]<br>[[BTRFS-Entfernen |''Check auf btrfs-Partitionen entfernen'']]<br>[[Ktimezoned-entries |''Wenn Korganizer die Zeitzonen nicht kennt'']]<br>''[[Testseite |Testseite]]''<br>[[Bootstrap |''Bootstrap how to's'']]<br>[[Python_things |''Python things'']]<br>[[Git_stuff |''Git stuff'']]<br>[[Laravel_etc |''Laravel for me'']]<br>[[Testseite |''Bastel und Reparatureck'']]

Hauptseite

2022-01-21T10:52:49Z

Froggi: Python Weisheiten hinzugefügt

[[Datei:Knowhow.png|200x200px|zentriert]]

==Zutatenliste==
[[Froggi's_Weisheiten |''Froggi's Weisheiten'']]<br>
[[Python Weisheiten | ''Python Weisheiten'']]<br>[[Nextcloud_Knoffhoff|''Nexcloud knoffhoff'']]<br>[[GrubRescue_Bootanleitung|''Grub Rescue Dingsgedongs'']]<br>[[Schleppi_zu_dunkel|''Samsung R730 zu dunkel unter Linux Mint'']]<br>[[BTRFS-Entfernen |''Check auf btrfs-Partitionen entfernen'']]<br>[[Ktimezoned-entries |''Wenn Korganizer die Zeitzonen nicht kennt'']]<br>''[[Testseite |Testseite]]''<br>[[Bootstrap |''Bootstrap how to's'']]<br>[[Python_things |''Python things'']]<br>[[Git_stuff |''Git stuff'']]<br>[[Laravel_etc |''Laravel for me'']]<br>[[Testseite |''Bastel und Reparatureck'']]

Python-Weisheiten

2022-01-21T10:50:50Z

Froggi: /* Der bessere Python shebang */

===Der bessere Python shebang===
Bisher kannte ich nur die "standard" Methode ala

<nowiki>#</nowiki>!/usr/bin/python3

Wenn man allerdings, wie man sollte, in einer virtuellen Pythonumgebung entwickelt ist das doof, weil der Pfad zum falschen Python zeigt. Generell sind harte Pfade zu vermeiden. Also? Wie macht man das also richtig?

Man holt sich via env die richtige Pythonversion in seinen shebang und zwar so:

<nowiki>#</nowiki>!/usr/bin/env python3

Python-Weisheiten

2022-01-21T10:49:30Z

Froggi: /* Der bessere Python shebang */

=== Der bessere Python shebang ===
Bisher kannte ich nur die "standard" Methode ala

<nowiki>#</nowiki>!/usr/bin/python3

Wenn man allerdings, wie man sollte, in einer virtuellen Pytghomumgebung entwickelt ist das doof, weil der Pfad zm falschen Python zeigt.

Wie macht man das also richtig?

Man holt sich via env die richtige Pythonversion in seinen shebang und zwar so:

<nowiki>#</nowiki>!/usr/bin/env python3

Python-Weisheiten

2022-01-21T10:48:47Z

Froggi: Neu erstellt

=== Der bessere Python shebang ===
Bisher kannte ich nur die "standard" Methode ala

<nowiki>#</nowiki>!/usr/bin/python3

Wenn man allerdings, wie man sollte, in einer virtuellen Pytghomumgebung entwickelt ist das doof, weil der Pfad zm falschen Python zeigt.

Wie macht man das also richtig?

Man holt sich via env die richtige Pythonversion in seinen shebang und zwar so:

<nowiki>#</nowiki>!/usr/bin/env python3

Clone Laravel project

2020-10-21T10:04:03Z

Froggi: Added some info

'''This is a temporary concept.'''

Steps to clone a Laravelwebsite

*git clone
*composer install
*create .env file
*edit .env to match local settings
*php artisan key:generate
*php artisan migrate --seed (if seeds are available)
*npm install
*npm run watch to develop further

Clone Laravel project

2020-10-19T08:48:46Z

Froggi:

'''This is a temporary concept.'''

Steps to clone a Laravelwebsite

*clone
*composer install
*create .env file
*php artisan key:generate
*php artisan migrate
*npm install
*npm run watch to develop further

Clone Laravel project

2020-10-19T08:28:58Z

Froggi:

'''This is a temporary concept.'''

Steps to clone a Laravelwebsite

*clone
*composer install
*create .env file
*php artisan key:generate
*php artisan migrate

Testseite

2020-10-19T08:27:57Z

Froggi:

<div class="flex-row row">
<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Bastel und Reparatureck</h5></div>
<div class="panel-body">
'''MariaDB'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
MariaDB_How_to's | <span class="glyphicon glyphicon-share-alt">''MariaDB How to's''</span>
</btn>

'''PHPMyAdmin'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
PHPMyAdmin_How_to's | <span class="glyphicon glyphicon-share-alt">''PHPMyAdmin How to's''</span>
</btn>

'''Bootstrap'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Bootstrap | <span class="glyphicon glyphicon-share-alt">''Bootstrap How to's''</span>
</btn>

'''Apache'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Apache_How_to's | <span class="glyphicon glyphicon-share-alt">''Apache How to's''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Windows Knoffhoff</h5></div>
<div class="panel-body">
'''Systemzeit ist UTC'''
<button>
UTCSystemClock | <span class="glyphicon glyphicon-share-alt">''Windows UTC beibringen''</span>
</button>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Development</h5></div>
<div class="panel-body">
[[Development environment for Laravel with Vue-JS|''DevEnv for Laravel / Vue-JS'']]

[[Laravel sanctum and Vue-JS SPA|Laravel Sanctum and Vue-JS SPA]]

[[Clone Laravel project]]
</div>
</div>
</div>

</div>

Clone Laravel project

2020-10-19T08:26:33Z

Froggi:

'''This is a temporary concept.'''

Steps to clone a Laravelwebsite

* clone
* composer install
* create .env file
* php artisan key:generate

Clone Laravel project

2020-10-19T08:26:12Z

Froggi: Die Seite wurde neu angelegt: „This is a temporary concept. Steps to clone a Laravelwebsite clone composer install create .env file php artisan key:generate“

This is a temporary concept.

Steps to clone a Laravelwebsite

clone

composer install

create .env file

php artisan key:generate

Laravel sanctum and Vue-JS SPA

2020-08-13T12:35:29Z

Froggi: /* 2. Use it to authenticate a user */

===1. Install laravel sanctum===
You may install Laravel Sanctum via Composer:
<code>composer require laravel/sanctum</code>
Now follow the instructions from https://laravel.com/docs/7.x/sanctum#installation to complete the installation. Especially look at the configuration.

=== 2. Use it to authenticate a user ===
As described in the official docs do:

<code>axios.get('/sanctum/csrf-cookie').then(response => {
// Login...
});</code>

The login can be the standard login of Laravels scaffolding or a custom one.

Laravel sanctum and Vue-JS SPA

2020-08-13T12:35:03Z

Froggi:

===1. Install laravel sanctum===
You may install Laravel Sanctum via Composer:
<code>composer require laravel/sanctum</code>
Now follow the instructions from https://laravel.com/docs/7.x/sanctum#installation to complete the installation. Especially look at the configuration.

=== 2. Use it to authenticate a user ===
As described in the official docs do:

<code>axios.get('/sanctum/csrf-cookie').then(response => {
// Login...
});</code>

The loginn can be the standard login of Laravels scaffolding or a custom one.

Testseite

2020-08-13T12:30:21Z

Froggi:

<div class="flex-row row">
<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Bastel und Reparatureck</h5></div>
<div class="panel-body">
'''MariaDB'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
MariaDB_How_to's | <span class="glyphicon glyphicon-share-alt">''MariaDB How to's''</span>
</btn>

'''PHPMyAdmin'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
PHPMyAdmin_How_to's | <span class="glyphicon glyphicon-share-alt">''PHPMyAdmin How to's''</span>
</btn>

'''Bootstrap'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Bootstrap | <span class="glyphicon glyphicon-share-alt">''Bootstrap How to's''</span>
</btn>

'''Apache'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Apache_How_to's | <span class="glyphicon glyphicon-share-alt">''Apache How to's''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Windows Knoffhoff</h5></div>
<div class="panel-body">
'''Systemzeit ist UTC'''
<button>
UTCSystemClock | <span class="glyphicon glyphicon-share-alt">''Windows UTC beibringen''</span>
</button>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Development</h5></div>
<div class="panel-body">
[[Development environment for Laravel with Vue-JS|''DevEnv for Laravel / Vue-JS'']]

[[Laravel sanctum and Vue-JS SPA|Laravel Sanctum and Vue-JS SPA]]
</div>
</div>
</div>

</div>

Testseite

2020-08-13T12:30:01Z

Froggi:

<div class="flex-row row">
<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Bastel und Reparatureck</h5></div>
<div class="panel-body">
'''MariaDB'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
MariaDB_How_to's | <span class="glyphicon glyphicon-share-alt">''MariaDB How to's''</span>
</btn>

'''PHPMyAdmin'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
PHPMyAdmin_How_to's | <span class="glyphicon glyphicon-share-alt">''PHPMyAdmin How to's''</span>
</btn>

'''Bootstrap'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Bootstrap | <span class="glyphicon glyphicon-share-alt">''Bootstrap How to's''</span>
</btn>

'''Apache'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Apache_How_to's | <span class="glyphicon glyphicon-share-alt">''Apache How to's''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Windows Knoffhoff</h5></div>
<div class="panel-body">
'''Systemzeit ist UTC'''
<button>
UTCSystemClock | <span class="glyphicon glyphicon-share-alt">''Windows UTC beibringen''</span>
</button>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Development</h5></div>
<div class="panel-body">
[[Development environment for Laravel with Vue-JS|''DevEnv for Laravel / Vue-JS'']]

[[Laravel sanctum and Vue-JS SPA|Laravel Sanctum and Vue-JS]]
</div>
</div>
</div>

</div>

Laravel sanctum and Vue-JS SPA

2020-08-13T12:28:53Z

Froggi: Froggi verschob die Seite Laravel sanctum and Vue-JS nach Laravel sanctum and Vue-JS SPA, ohne dabei eine Weiterleitung anzulegen

=== 1. Install laravel sanctum ===
You may install Laravel Sanctum via Composer:
<code>composer require laravel/sanctum</code>
Next, you should publish the Sanctum configuration and migration files using the <code>vendor:publish</code> Artisan command. The <code>sanctum</code> configuration file will be placed in your <code>config</code> directory:
<code>php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"</code>
Finally, you should run your database migrations. Sanctum will create one database table in which to store API tokens:
<code>php artisan migrate</code>
Next, if you plan to utilize Sanctum to authenticate an SPA, you should add Sanctum's middleware to your <code>api</code> middleware group within your <code>app/Http/Kernel.php</code> file:
<code>use Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful;

'api' => [
EnsureFrontendRequestsAreStateful::class,
'throttle:60,1',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],</code>
This instruction is copied from: https://laravel.com/docs/7.x/sanctum#installation

Testseite

2020-08-13T12:24:08Z

Froggi:

<div class="flex-row row">
<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Bastel und Reparatureck</h5></div>
<div class="panel-body">
'''MariaDB'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
MariaDB_How_to's | <span class="glyphicon glyphicon-share-alt">''MariaDB How to's''</span>
</btn>

'''PHPMyAdmin'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
PHPMyAdmin_How_to's | <span class="glyphicon glyphicon-share-alt">''PHPMyAdmin How to's''</span>
</btn>

'''Bootstrap'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Bootstrap | <span class="glyphicon glyphicon-share-alt">''Bootstrap How to's''</span>
</btn>

'''Apache'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Apache_How_to's | <span class="glyphicon glyphicon-share-alt">''Apache How to's''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Windows Knoffhoff</h5></div>
<div class="panel-body">
'''Systemzeit ist UTC'''
<button>
UTCSystemClock | <span class="glyphicon glyphicon-share-alt">''Windows UTC beibringen''</span>
</button>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Development</h5></div>
<div class="panel-body">
[[Development environment for Laravel with Vue-JS|''DevEnv for Laravel / Vue-JS'']]

[[Laravel sanctum and Vue-JS|Laravel Sanctum and Vue-JS]]
</div>
</div>
</div>

</div>

Testseite

2020-08-13T12:23:43Z

Froggi:

<div class="flex-row row">
<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Bastel und Reparatureck</h5></div>
<div class="panel-body">
'''MariaDB'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
MariaDB_How_to's | <span class="glyphicon glyphicon-share-alt">''MariaDB How to's''</span>
</btn>

'''PHPMyAdmin'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
PHPMyAdmin_How_to's | <span class="glyphicon glyphicon-share-alt">''PHPMyAdmin How to's''</span>
</btn>

'''Bootstrap'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Bootstrap | <span class="glyphicon glyphicon-share-alt">''Bootstrap How to's''</span>
</btn>

'''Apache'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Apache_How_to's | <span class="glyphicon glyphicon-share-alt">''Apache How to's''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Windows Knoffhoff</h5></div>
<div class="panel-body">
'''Systemzeit ist UTC'''
<button>
UTCSystemClock | <span class="glyphicon glyphicon-share-alt">''Windows UTC beibringen''</span>
</button>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Development</h5></div>
<div class="panel-body">
[[Development environment for Laravel with Vue-JS|Development_environment_for_Laravel_with_Vue-JS | ''DevEnv for Laravel / Vue-JS'']]

[[Laravel sanctum and Vue-JS|Laravel_sanctum_and_Vue-JS | Laravel Sanctum and Vue-JS]]
</div>
</div>
</div>

</div>

Testseite

2020-08-13T12:23:09Z

Froggi:

<div class="flex-row row">
<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Bastel und Reparatureck</h5></div>
<div class="panel-body">
'''MariaDB'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
MariaDB_How_to's | <span class="glyphicon glyphicon-share-alt">''MariaDB How to's''</span>
</btn>

'''PHPMyAdmin'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
PHPMyAdmin_How_to's | <span class="glyphicon glyphicon-share-alt">''PHPMyAdmin How to's''</span>
</btn>

'''Bootstrap'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Bootstrap | <span class="glyphicon glyphicon-share-alt">''Bootstrap How to's''</span>
</btn>

'''Apache'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Apache_How_to's | <span class="glyphicon glyphicon-share-alt">''Apache How to's''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Windows Knoffhoff</h5></div>
<div class="panel-body">
'''Systemzeit ist UTC'''
<button>
UTCSystemClock | <span class="glyphicon glyphicon-share-alt">''Windows UTC beibringen''</span>
</button>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Development</h5></div>
<div class="panel-body">
[[Development environment for Laravel with Vue-JS|Development_environment_for_Laravel_with_Vue-JS | ''DevEnv for Laravel / Vue-JS'']]

Laravel_sanctum_and_Vue-JS | Laravel Sanctum and Vue-JS
</div>
</div>
</div>

</div>

Laravel sanctum and Vue-JS SPA

2020-08-13T12:22:27Z

Froggi: Die Seite wurde neu angelegt: „=== 1. Install laravel sanctum === You may install Laravel Sanctum via Composer: <code>composer require laravel/sanctum</code> Next, you should publish the Sa…“

Testseite

2020-08-13T12:19:22Z

Froggi:

<div class="flex-row row">
<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Bastel und Reparatureck</h5></div>
<div class="panel-body">
'''MariaDB'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
MariaDB_How_to's | <span class="glyphicon glyphicon-share-alt">''MariaDB How to's''</span>
</btn>

'''PHPMyAdmin'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
PHPMyAdmin_How_to's | <span class="glyphicon glyphicon-share-alt">''PHPMyAdmin How to's''</span>
</btn>

'''Bootstrap'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Bootstrap | <span class="glyphicon glyphicon-share-alt">''Bootstrap How to's''</span>
</btn>

'''Apache'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Apache_How_to's | <span class="glyphicon glyphicon-share-alt">''Apache How to's''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Windows Knoffhoff</h5></div>
<div class="panel-body">
'''Systemzeit ist UTC'''
<button>
UTCSystemClock | <span class="glyphicon glyphicon-share-alt">''Windows UTC beibringen''</span>
</button>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Development</h5></div>
<div class="panel-body">
[[Development environment for Laravel with Vue-JS|Development_environment_for_Laravel_with_Vue-JS | ''DevEnv for Laravel / Vue-JS'']]
</div>
</div>
</div>

</div>

Testseite

2020-08-13T12:17:09Z

Froggi:

<div class="flex-row row">
<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Bastel und Reparatureck</h5></div>
<div class="panel-body">
'''MariaDB'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
MariaDB_How_to's | <span class="glyphicon glyphicon-share-alt">''MariaDB How to's''</span>
</btn>

'''PHPMyAdmin'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
PHPMyAdmin_How_to's | <span class="glyphicon glyphicon-share-alt">''PHPMyAdmin How to's''</span>
</btn>

'''Bootstrap'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Bootstrap | <span class="glyphicon glyphicon-share-alt">''Bootstrap How to's''</span>
</btn>

'''Apache'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Apache_How_to's | <span class="glyphicon glyphicon-share-alt">''Apache How to's''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Windows Knoffhoff</h5></div>
<div class="panel-body">
'''Systemzeit ist UTC'''
<button>
UTCSystemClock | <span class="glyphicon glyphicon-share-alt">''Windows UTC beibringen''</span>
</button>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading">Development</div>
<div class="panel-body">
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
[[Development environment for Laravel with Vue-JS|Development_environment_for_Laravel_with_Vue-JS | <span class="glyphicon glyphicon-share-alt">''DevEnv for Laravel / Vue-JS''</span>]]
</btn>
</div>
</div>
</div>

</div>

Testseite

2020-08-13T12:15:06Z

Froggi:

<div class="flex-row row">
<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Bastel und Reparatureck</h5></div>
<div class="panel-body">
'''MariaDB'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
MariaDB_How_to's | <span class="glyphicon glyphicon-share-alt">''MariaDB How to's''</span>
</btn>

'''PHPMyAdmin'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
PHPMyAdmin_How_to's | <span class="glyphicon glyphicon-share-alt">''PHPMyAdmin How to's''</span>
</btn>

'''Bootstrap'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Bootstrap | <span class="glyphicon glyphicon-share-alt">''Bootstrap How to's''</span>
</btn>

'''Apache'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Apache_How_to's | <span class="glyphicon glyphicon-share-alt">''Apache How to's''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Windows Knoffhoff</h5></div>
<div class="panel-body">
'''Systemzeit ist UTC'''
<button class="btn btn-sm btn-primary">
UTCSystemClock | <span class="glyphicon glyphicon-share-alt">''Windows UTC beibringen''</span>
</button>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading">Development</div>
<div class="panel-body">
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
[[Development environment for Laravel with Vue-JS|Development_environment_for_Laravel_with_Vue-JS | <span class="glyphicon glyphicon-share-alt">''DevEnv for Laravel / Vue-JS''</span>]]
</btn>
</div>
</div>
</div>

</div>

Development environment for Laravel with Vue-JS

2020-08-13T08:56:17Z

Froggi: /* 7.4.4 Activate the ssl site */

<div style="text-align:center;">
'''<big>Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</big>'''

<sub>August 2020</sub>
<div style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2

==1.3 Allow redirects for Laravel / Vue-JS==

At the terminal execute the following

sudo a2enmod rewrite

sudo systemctl restart apache2

Now redirects shoudl work. This is necessary for the APP to work correctly.

=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is likely that mariadb is only listening on 127.0.0.1. Security setting!
By default the bind-address is set to 127.0.0.1. To get mariadb to listen on the ip-address of your server open the folowing file:

/etc/mysql/mariadb.conf.d/50-server.cnf

and change the line with bind-address to:

bind-address = <your-servers-ip>

Restart the database servers with:

sudo systemctl restart mysql.service
sudo systemctl restart mariadb.service

Check that the database server now is listening at the correct address with:

sudo netstat -anp | grep 3306

It should now show something like this

tcp 0 0 <your-server-ip>:3306 0.0.0.0:* LISTEN 19039/mariadbd

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

==7.4 Create SSL webconfiguration for this project==
When userdata is neccesaary, think about login for example, accessing the webpage vie HTTPS is recommended. So lets create the necesarry config and activate ssl for apache.

===7.4.1 Create the SSL key and certificate===
The command to create these two is openssl.

sudo sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/my-website-selfsigned.key -out /etc/ssl/certs/my-website-selfsigned.crt

With this exampke we create a set for mny-website.

A couple of questions will be asked. A good explanation of what is going on here can be found at: https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-20-04

===7.4.2 The ssl configfile for your website===
After the key and certificate is in place we need a configfile for aoacxhe to know that there is a ssl version of your website.

An example can be found at /etc/apache2/sites-available/default-ssl.conf

For our website i will look like this.

<IfModule mod_ssl.c>
   <VirtualHost _default_:443>
   ServerAdmin webmaster@localhost
   ServerName www.my-website.com
   ServerAlias www.my-website.com

   DocumentRoot /path/to/your/website/root/

   LogLevel debug
   ErrorLog ${APACHE_LOG_DIR}/my-website/error.log
   CustomLog ${APACHE_LOG_DIR}/my-website/access.log combined

   SSLEngine on
   SSLCertificateFile    /etc/ssl/certs/my-website-selfsigned.crt
   SSLCertificateKeyFile /etc/ssl/private/my-website-selfsigned.key

   <FilesMatch "\.(cgi|shtml|phtml|php)$">
   SSLOptions +StdEnvVars
   </FilesMatch>
   <Directory /usr/lib/cgi-bin>
   SSLOptions +StdEnvVars
   </Directory>
   <Directory /path/to/your/website/root/>
   Allowoverride All
   Require all granted
   </Directory>
   </VirtualHost>
</IfModule>

===7.4.3 Activate SSL===

To activate ssl execute the following command:

sudo a2enmod ssl

===7.4.4 Activate the ssl site===

To do so execute

sudo a2ensite www.my-website-ssl.com.conf

=== 7.4.5 Restart / reload apache to make these changes available ===

sudo systemctl restart / reload apache2

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-13T08:54:21Z

Froggi: /* 7.4.2 The ssl configfile for your website */

<div style="text-align:center;">
'''<big>Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</big>'''

<sub>August 2020</sub>
<div style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2

==1.3 Allow redirects for Laravel / Vue-JS==

At the terminal execute the following

sudo a2enmod rewrite

sudo systemctl restart apache2

Now redirects shoudl work. This is necessary for the APP to work correctly.

=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is likely that mariadb is only listening on 127.0.0.1. Security setting!
By default the bind-address is set to 127.0.0.1. To get mariadb to listen on the ip-address of your server open the folowing file:

/etc/mysql/mariadb.conf.d/50-server.cnf

and change the line with bind-address to:

bind-address = <your-servers-ip>

Restart the database servers with:

sudo systemctl restart mysql.service
sudo systemctl restart mariadb.service

Check that the database server now is listening at the correct address with:

sudo netstat -anp | grep 3306

It should now show something like this

tcp 0 0 <your-server-ip>:3306 0.0.0.0:* LISTEN 19039/mariadbd

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

==7.4 Create SSL webconfiguration for this project==
When userdata is neccesaary, think about login for example, accessing the webpage vie HTTPS is recommended. So lets create the necesarry config and activate ssl for apache.

=== 7.4.1 Create the SSL key and certificate ===
The command to create these two is openssl.

sudo sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/my-website-selfsigned.key -out /etc/ssl/certs/my-website-selfsigned.crt

With this exampke we create a set for mny-website.

A couple of questions will be asked. A good explanation of what is going on here can be found at: https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-20-04

=== 7.4.2 The ssl configfile for your website ===
After the key and certificate is in place we need a configfile for aoacxhe to know that there is a ssl version of your website.

An example can be found at /etc/apache2/sites-available/default-ssl.conf

For our website i will look like this.

<IfModule mod_ssl.c>
   <VirtualHost _default_:443>
   ServerAdmin webmaster@localhost
   ServerName www.my-website.com
   ServerAlias www.my-website.com

   DocumentRoot /path/to/your/website/root/

   LogLevel debug
   ErrorLog ${APACHE_LOG_DIR}/my-website/error.log
   CustomLog ${APACHE_LOG_DIR}/my-website/access.log combined

   SSLEngine on
   SSLCertificateFile    /etc/ssl/certs/my-website-selfsigned.crt
   SSLCertificateKeyFile /etc/ssl/private/my-website-selfsigned.key

   <FilesMatch "\.(cgi|shtml|phtml|php)$">
   SSLOptions +StdEnvVars
   </FilesMatch>
   <Directory /usr/lib/cgi-bin>
   SSLOptions +StdEnvVars
   </Directory>
   <Directory /path/to/your/website/root/>
   Allowoverride All
   Require all granted
   </Directory>
   </VirtualHost>
</IfModule>

===7.4.3 Activate SSL===

To activate ssl execute the following command:

sudo a2enmod ssl

===7.4.4 Activate the ssl site===

To do so execute

sudo a2ensite www.my-website-ssl.com.conf

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-13T08:53:03Z

Froggi: /* 7.3 Create webconfiguration for this project */ Added SSL

<div style="text-align:center;">
'''<big>Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</big>'''

<sub>August 2020</sub>
<div style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2

==1.3 Allow redirects for Laravel / Vue-JS==

At the terminal execute the following

sudo a2enmod rewrite

sudo systemctl restart apache2

Now redirects shoudl work. This is necessary for the APP to work correctly.

=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is likely that mariadb is only listening on 127.0.0.1. Security setting!
By default the bind-address is set to 127.0.0.1. To get mariadb to listen on the ip-address of your server open the folowing file:

/etc/mysql/mariadb.conf.d/50-server.cnf

and change the line with bind-address to:

bind-address = <your-servers-ip>

Restart the database servers with:

sudo systemctl restart mysql.service
sudo systemctl restart mariadb.service

Check that the database server now is listening at the correct address with:

sudo netstat -anp | grep 3306

It should now show something like this

tcp 0 0 <your-server-ip>:3306 0.0.0.0:* LISTEN 19039/mariadbd

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

==7.4 Create SSL webconfiguration for this project==
When userdata is neccesaary, think about login for example, accessing the webpage vie HTTPS is recommended. So lets create the necesarry config and activate ssl for apache.

=== 7.4.1 Create the SSL key and certificate ===
The command to create these two is openssl.

sudo sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/my-website-selfsigned.key -out /etc/ssl/certs/my-website-selfsigned.crt

With this exampke we create a set for mny-website.

A couple of questions will be asked. A good explanation of what is going on here can be found at: https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-20-04

=== 7.4.2 The ssl configfile for your website ===
After the key and certificate is in place we need a configfile for aoacxhe to know that there is a ssl version of your website.

An example can be found at /etc/apache2/sites-available/default-ssl.conf

For our website i will look like this.

<IfModule mod_ssl.c>
   <VirtualHost _default_:443>
   ServerAdmin webmaster@localhost
   ServerName www.my-website.com
   ServerAlias www.my-website.com

   DocumentRoot /path/to/your/website/root/

   LogLevel debug
   ErrorLog ${APACHE_LOG_DIR}/my-website/error.log
   CustomLog ${APACHE_LOG_DIR}/my-website/access.log combined

   SSLEngine on
   SSLCertificateFile    /etc/ssl/certs/my-website-selfsigned.crt
   SSLCertificateKeyFile /etc/ssl/private/my-website-selfsigned.key

   <FilesMatch "\.(cgi|shtml|phtml|php)$">
   SSLOptions +StdEnvVars
   </FilesMatch>
   <Directory /usr/lib/cgi-bin>
   SSLOptions +StdEnvVars
   </Directory>
   <Directory /path/to/your/website/root/>
   Allowoverride All
   Require all granted
   </Directory>
   </VirtualHost>
</IfModule>

===7.4.3 Activate SSL===

To activate ssl execute the following command:

sudo a2enmod ssl

===7.4.4 Activate the ssl site===

To do so execute

sudo a2ensite www.my-website-ssl.com.conf

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T12:37:22Z

Froggi:

<div style="text-align:center;">
'''<big>Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</big>'''

<sub>August 2020</sub>
<div style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2

== 1.3 Allow redirects for Laravel / Vue-JS ==

At the terminal execute the following

sudo a2enmod rewrite

sudo systemctl restart apache2

Now redirects shoudl work. This is necessary for the APP to work correctly.

=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is likely that mariadb is only listening on 127.0.0.1. Security setting!
By default the bind-address is set to 127.0.0.1. To get mariadb to listen on the ip-address of your server open the folowing file:

/etc/mysql/mariadb.conf.d/50-server.cnf

and change the line with bind-address to:

bind-address = <your-servers-ip>

Restart the database servers with:

sudo systemctl restart mysql.service
sudo systemctl restart mariadb.service

Check that the database server now is listening at the correct address with:

sudo netstat -anp | grep 3306

It should now show something like this

tcp 0 0 <your-server-ip>:3306 0.0.0.0:* LISTEN 19039/mariadbd

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

MediaWiki:Common.css

2020-08-06T12:36:57Z

Froggi: Die Seite wurde neu angelegt: „/* Das folgende CSS wird für alle Benutzeroberflächen geladen. */ .tocnumber { display: none; }“

/* Das folgende CSS wird für alle Benutzeroberflächen geladen. */

.tocnumber { display: none; }

Development environment for Laravel with Vue-JS

2020-08-06T12:34:40Z

Froggi:

<div style="text-align:center;">
'''<big>Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</big>'''

<sub>August 2020</sub>
<div class="noautonum" style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2

== 1.3 Allow redirects for Laravel / Vue-JS ==

At the terminal execute the following

sudo a2enmod rewrite

sudo systemctl restart apache2

Now redirects shoudl work. This is necessary for the APP to work correctly.

=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is likely that mariadb is only listening on 127.0.0.1. Security setting!
By default the bind-address is set to 127.0.0.1. To get mariadb to listen on the ip-address of your server open the folowing file:

/etc/mysql/mariadb.conf.d/50-server.cnf

and change the line with bind-address to:

bind-address = <your-servers-ip>

Restart the database servers with:

sudo systemctl restart mysql.service
sudo systemctl restart mariadb.service

Check that the database server now is listening at the correct address with:

sudo netstat -anp | grep 3306

It should now show something like this

tcp 0 0 <your-server-ip>:3306 0.0.0.0:* LISTEN 19039/mariadbd

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T12:31:26Z

Froggi: /* 1.2 Check successful installation */

<div style="text-align:center;">
'''<big>Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</big>'''

<sub>August 2020</sub>
<div style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2

== 1.3 Allow redirects for Laravel / Vue-JS ==

At the terminal execute the following

sudo a2enmod rewrite

sudo systemctl restart apache2

Now redirects shoudl work. This is necessary for the APP to work correctly.

=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is likely that mariadb is only listening on 127.0.0.1. Security setting!
By default the bind-address is set to 127.0.0.1. To get mariadb to listen on the ip-address of your server open the folowing file:

/etc/mysql/mariadb.conf.d/50-server.cnf

and change the line with bind-address to:

bind-address = <your-servers-ip>

Restart the database servers with:

sudo systemctl restart mysql.service
sudo systemctl restart mariadb.service

Check that the database server now is listening at the correct address with:

sudo netstat -anp | grep 3306

It should now show something like this

tcp 0 0 <your-server-ip>:3306 0.0.0.0:* LISTEN 19039/mariadbd

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T12:28:35Z

Froggi: /* 3.4 No remote access if installed on server */

<div style="text-align:center;">
'''<big>Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</big>'''

<sub>August 2020</sub>
<div style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is likely that mariadb is only listening on 127.0.0.1. Security setting!
By default the bind-address is set to 127.0.0.1. To get mariadb to listen on the ip-address of your server open the folowing file:

/etc/mysql/mariadb.conf.d/50-server.cnf

and change the line with bind-address to:

bind-address = <your-servers-ip>

Restart the database servers with:

sudo systemctl restart mysql.service
sudo systemctl restart mariadb.service

Check that the database server now is listening at the correct address with:

sudo netstat -anp | grep 3306

It should now show something like this

tcp 0 0 <your-server-ip>:3306 0.0.0.0:* LISTEN 19039/mariadbd

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T10:01:15Z

Froggi:

<div style="text-align:center;">
'''<big>Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</big>'''

<sub>August 2020</sub>
<div style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:45:27Z

Froggi:

<div style="text-align:center;">
= '''Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint''' =
<sub>August 2020</sub>
<div style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:44:57Z

Froggi:

<div style="text-align:center;">
= '''Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint''' =
<sub>August 2020</sub>
{{DISPLAYTITLE:Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint}}
<div style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:39:13Z

Froggi:

<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint
<sub>August 2020</sub>
<div style="float:right; width: 40%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:38:56Z

Froggi:

<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint
<sub>August 2020</sub>
<div style="float:right; width: 30%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:38:46Z

Froggi:

<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint
<sub>August 2020</sub>
<div style="float:right; width: 20%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:38:13Z

Froggi:

<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint
<sub>August 2020</sub>
<div style="float:right; witdh: 20%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:38:00Z

Froggi:

<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint
<sub>August 2020</sub>
<div style="float:right; witdh: 30%">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:35:32Z

Froggi:

<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint
<sub>August 2020</sub>
{{ __TOC__ right}}
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:33:43Z

Froggi:

<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint
<sub>August 2020</sub>
<div style="float:right">__TOC__</div>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:31:27Z

Froggi:

<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint
<sub>August 2020</sub>
</div>
=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:31:06Z

Froggi:

<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</div>
{{TOC right}}
<sub>August 2020</sub>

=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:29:51Z

Froggi:

<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</div>

<sub>August 2020</sub>

=1. Apache2=

==1.1 Installation==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

==1.2 Check successful installation==

sudo systemctl status apache2
=2. PHP 7.4=

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

==2.1 PHP PPA==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

==2.2 Install PHP 7.4==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

=3. MariaDB=

==3.1 Install MariaDB server==

For the installation see also the repository configuration page of MariaDB at:
https://downloads.mariadb.org/mariadb/repositories/

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

==3.2 Securing MariaDB==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

==3.3 Add user with admin privileges==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

===3.3.1 Log in MariaDB a last time as root with:===

mysql -u root -p

Enter the above in part 3.2 created password.

===3.3.2 Add a user with:===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

===3.3.3 Give all necessary rights / permissions to this user:===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

===3.3.4 Make it active with:===

FLUSH PRIVILEGES;

===3.3.5 Verify all is correct with:===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

==3.4 No remote access if installed on server==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

=4. PHPMyAdmin=

==4.1 Install dependencies with:==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

==4.2 Activate the modules==

sudo phpenmod mysqli mbstring zip

==4.3 Download the latest stable version with==

wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

==4.4 Make directory for PHPMyAdmin==

sudo mkdir /var/www/phpmyadmin

==4.5 Copy files in place:==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

==4.6 Allow access to apache==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

==4.7 Tell Apache hat phpmyadmin exists==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

==4.8 Activate the configuration==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

==4.9 Securing PHPMyAdmin==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

===4.9.1 Create an .htaccess file with===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

===4.9.2 Create the .htpasswd file===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

==4.10 Secret passphrase for cookie-authentication==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */''

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

==4.11 Warning about configuration storage==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

=5. Composer=

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

=6. NodeJS and NPM=

==6.1 Official install instructions per version:==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

==6.2 tl;dr==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

==6.3 Verify the version(s)==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

=7. Laravel=

==7.1 Laravel installer==

Install it via composer.

composer global require laravel/installer

===7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

===7.1.2 Activate the laravel installer===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

==7.2 Create a new Laravel project==

===7.2.1 PHP-dependencies===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

===7.2.2 Create new project===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

===7.2.3 Frontend Scaffolding aka get an UserInterface (UI)===

<span style="color: #8B0000">Go to your projects root directory.</span>

====7.2.3.1 Install the laravel ui====

composer require laravel/ui

====7.2.3.2 Get the Vue-JS components====

php artisan ui vue

====7.2.3.3 Bootstrap====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

====7.2.3.4 Content package.json====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

====7.2.3.5 Warnings====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

====7.2.3.6 Severity vulnarability====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

====7.2.3.7 BootstrapVue====

To be written yet....

===7.2.5 File and directory permissions===

I assume that these settings are correct after the installation, but if not set them as follows:

====7.2.5.1 Files====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

====7.2.5.2 Directories====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

===7.2.7 Give apache the right to write to storage (upload, logs…) and cache===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

==7.3 Create webconfiguration for this project==

===7.3.1 Create a new config file with:===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

===7.3.2 Activate the new website and deactivate the default one===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

===7.3.3 Alias the website in your /etc/hosts for easy access vie your browser===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

=8. Create Database and User=

==8.1 Create Database in PHPMyAdmin==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

==8.2 Create a User for this databases==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

==8.3 Grant user rights to the databases==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

==8.3 Verify the new username==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

=9. Give Laravel access to the databases=

==9.1 Edit the .env file==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

==9.2 First migration==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

=A. Extras=

Atom addons for developing Laravel projects

*Language-blade
*Blade-snippets
*Blade spacer

*Language-vue
*Vue-snippets

Development environment for Laravel with Vue-JS

2020-08-06T08:27:29Z

Froggi:

{{tocleft}}
<div style="text-align:center;">Install apache2, php 7.4, mariadb, phpmyadmin, composer, Laravel and VueJS on Linux Mint</div>

<sub>August 2020</sub>

= 1. Apache2 =

== 1.1 Installation ==

As the Apache-webserver is part of the most distributions repositories install it with:

sudo apt install apache2

== 1.2 Check successful installation ==

sudo systemctl status apache2
= 2. PHP 7.4 =

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

== 2.1 PHP PPA ==

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's.
The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

sudo add-apt-repository ppa:ondrej/php
sudo apt update

== 2.2 Install PHP 7.4 ==

sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

= 3. MariaDB =

== 3.1 Install MariaDB server ==

For the installation see also the repository configuration page of MariaDB at:
[https://downloads.mariadb.org/mariadb/repositories/ https://downloads.mariadb.org/mariadb/repositories/]

sudo apt-get install software-properties-common
sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

sudo apt update
sudo apt install mariadb-server

Note!: In my case the mirrorserver is at [ftp://ftp.nluug.nl/ ftp.nluug.nl]. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

== 3.2 Securing MariaDB ==

The secure (harden) your MariaDB installation use the following command:

sudo mysql_secure_installation

and follow the instructions.

== 3.3 Add user with admin privileges ==

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

=== 3.3.1 Log in MariaDB a last time as root with: ===

mysql -u root -p

Enter the above in part 3.2 created password.

=== 3.3.2 Add a user with: ===

CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

=== 3.3.3 Give all necessary rights / permissions to this user: ===

GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

=== 3.3.4 Make it active with: ===

FLUSH PRIVILEGES;

=== 3.3.5 Verify all is correct with: ===

SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

== 3.4 No remote access if installed on server ==

If you can not access mariadb from a remote client, it is possible that mariadb is only listening on 127.0.0.1. Security setting!

<span style="color: darkgreen">TODO: To change that, further info is provided in the near future!</span>

= 4. PHPMyAdmin =

== 4.1 Install dependencies with: ==

sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

== 4.2 Activate the modules ==

sudo phpenmod mysqli mbstring zip

== 4.3 Download the latest stable version with ==

wget [https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip]

unzip it:

unzip phpMyAdmin-latest-all-languages.zip

== 4.4 Make directory for PHPMyAdmin ==

sudo mkdir /var/www/phpmyadmin

== 4.5 Copy files in place: ==

sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

== 4.6 Allow access to apache ==

sudo chown -R www-data:www-data /var/www/phpmyadmin
sudo chmod -R 755 /var/www/phpmyadmin

== 4.7 Tell Apache hat phpmyadmin exists ==

To access PHPMyAdmin at ''www.domain.com/phpmyadmin'' you have to tell apache to do so by adding a configuration.

So create one with:
sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

Alias /phpmyadmin /var/www/phpmyadmin/

<Directory /var/www/phpmyadmin/>

AllowOverride all

</Directory>

== 4.8 Activate the configuration ==

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

== 4.9 Securing PHPMyAdmin ==

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

=== 4.9.1 Create an .htaccess file with ===

sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /var/www/phpmyadmin/.htpasswd

Require valid-user

=== 4.9.2 Create the .htpasswd file ===

sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

== 4.10 Secret passphrase for cookie-authentication ==

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

sudo vi /var/www/phpmyadmin/config.inc.php

or
sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

to

$cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

openssl rand -base64 32

That will create an output like

lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

== 4.11 Warning about configuration storage ==

You may see this warning at the startscreen

The phpMyAdmin configuration storage is not completely configured,
some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

= 5. Composer =

<span style="color: #8B0000 ;">'''Note: Do this in your homedir!'''</span>

Install composer on your system following the instructions on their website to get the latest:
[https://getcomposer.org/download/ Install composer]

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at [https://getcomposer.org/download/ the composer website].

php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"

php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=bin --filename=composer

php -r "unlink('composer-setup.php');"

= 6. NodeJS and NPM =

== 6.1 Official install instructions per version: ==

[https://github.com/nodesource/distributions#debinstall Install NodeJS instructions]

== 6.2 tl;dr ==

curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -

sudo apt-get install -y nodejs

== 6.3 Verify the version(s) ==

node -v

should respond with something like

v12.18.3

and

npm -v

should respond with something like

6.14.6

= 7. Laravel =

== 7.1 Laravel installer ==

Install it via composer.

composer global require laravel/installer

=== 7.1.1 Add the path to the laravel installer binary===

<span style="color: #8B0000">Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.</span>

Edit $HOME/.profile

Mine looks like this:

# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.

# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022

# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi

# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
PATH="$HOME/.local/bin:$PATH"
fi

Add the following to the end of the file:

# set PATH so it includes the path to the composers binary if it exists
if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
PATH="$HOME/.config/composer/vendor/bin:$PATH"
fi

The exact location can be found by the following command:

composer global about

=== 7.1.2 Activate the laravel installer ===

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

== 7.2 Create a new Laravel project ==

=== 7.2.1 PHP-dependencies ===

The installer requires the php-xml dependency. So install it with:

sudo apt install php7.4-xml

=== 7.2.2 Create new project ===

Go to the location where your project should live and execute:

laravel new <projectsname>

After that cd into the new project directory.

=== 7.2.3 Frontend Scaffolding aka get an UserInterface (UI) ===

<span style="color: #8B0000">Go to your projects root directory.</span>

==== 7.2.3.1 Install the laravel ui ====

composer require laravel/ui

==== 7.2.3.2 Get the Vue-JS components ====

php artisan ui vue

==== 7.2.3.3 Bootstrap ====

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

==== 7.2.3.4 Content package.json ====

"devDependencies": {

"axios": "^0.19",

"bootstrap": "^4.0.0", ← '''There it is!!!'''

"cross-env": "^7.0",

"jquery": "^3.2",

"laravel-mix": "^5.0.1",

"lodash": "^4.17.19",

"popper.js": "^1.12",

"resolve-url-loader": "^2.3.1",

"sass": "^1.20.1",

"sass-loader": "^8.0.0",

"vue": "^2.5.17",

"vue-template-compiler": "^2.6.10"

}

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

npm install && npm run dev

==== 7.2.3.5 Warnings ====

A number of warnings can be shown. At the time of writing this, i get the following warnings

npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

npm install @popperjs/core --save

==== 7.2.3.6 Severity vulnarability ====

You also will get this message

found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

fixed 0 of 1 vulnerability in 1093 scanned packages
1 vulnerability required manual review and could not be updated

So lets look what is going on with

npm audit

I get this

=== npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ laravel-mix [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ laravel-mix > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 1093 scanned packages
1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: [https://github.com/JeffreyWay/laravel-mix/issues/2389 Issue on github]

==== 7.2.3.7 BootstrapVue ====

To be written yet....

=== 7.2.5 File and directory permissions ===

I assume that these settings are correct after the installation, but if not set them as follows:

==== 7.2.5.1 Files ====

sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \;

==== 7.2.5.2 Directories ====

sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

=== 7.2.7 Give apache the right to write to storage (upload, logs…) and cache ===

Go to your projects root directory and execute the following commands:

sudo chgrp -R www-data storage bootstrap/cache
sudo chmod -R ug+rwx storage bootstrap/cache

== 7.3 Create webconfiguration for this project ==

=== 7.3.1 Create a new config file with: ===

sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

<VirtualHost *:80>

ServerAdmin webmaster@localhost

ServerName my-website.localhost

ServerAlias www.my-website.localhost

DocumentRoot /path/to/your/project/public/

LogLevel debug

ErrorLog ${APACHE_LOG_DIR}/error.log

CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /path/to/your/project/public/>
Options Indexes FollowSymLinks MultiViews

AllowOverride All

Order allow,deny

allow from all

Require all granted

</Directory>
</VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

sudo mkdir /var/log/apache/my-website

=== 7.3.2 Activate the new website and deactivate the default one ===

sudo a2ensite www.my-website.localhost.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

=== 7.3.3 Alias the website in your /etc/hosts for easy access vie your browser ===

Open the file with:

sudo vi /etc/hosts

and add

127.0.0.1www.my-website.localhost

= 8. Create Database and User =

== 8.1 Create Database in PHPMyAdmin ==

Open PHPMyAdmin in your browser ([http://www.my-website.com/phpmyadmin www.my-website.com/phpmyadmin]) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

== 8.2 Create a User for this databases ==

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

== 8.3 Grant user rights to the databases ==

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

== 8.3 Verify the new username ==

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

= 9. Give Laravel access to the databases =

== 9.1 Edit the .env file ==

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=MyDB
DB_USERNAME=MyDBUser
DB_PASSWORD=MYDBPassword

Save that changes.

== 9.2 First migration ==

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2019_08_19_000000_create_failed_jobs_table
Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

= A. Extras =

Atom addons for developing Laravel projects

* Language-blade
* Blade-snippets
* Blade spacer

* Language-vue
* Vue-snippets

Testseite

2020-08-05T21:34:35Z

Froggi:

<div class="flex-row row">
<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Bastel und Reparatureck</h5></div>
<div class="panel-body">
'''MariaDB'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
MariaDB_How_to's | <span class="glyphicon glyphicon-share-alt">''MariaDB How to's''</span>
</btn>

'''PHPMyAdmin'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
PHPMyAdmin_How_to's | <span class="glyphicon glyphicon-share-alt">''PHPMyAdmin How to's''</span>
</btn>

'''Bootstrap'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Bootstrap | <span class="glyphicon glyphicon-share-alt">''Bootstrap How to's''</span>
</btn>

'''Apache'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
Apache_How_to's | <span class="glyphicon glyphicon-share-alt">''Apache How to's''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading"><h5 class="text-muted">Windows Knoffhoff</h5></div>
<div class="panel-body">
'''Systemzeit ist UTC'''
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
UTCSystemClock | <span class="glyphicon glyphicon-share-alt">''Windows UTC beibringen''</span>
</btn>
</div>
</div>
</div>

<div class="col-xs-12 col-md-6 col-lg-4">
<div class="panel panel-default">
<div class="panel-heading">Development</div>
<div class="panel-body">
<btn wrapperclass="btn-group-vertical" class="btn-info" size="sm">
[[Development environment for Laravel with Vue-JS|Development_environment_for_Laravel_with_Vue-JS | <span class="glyphicon glyphicon-share-alt">''DevEnv for Laravel / Vue-JS''</span>]]
</btn>
</div>
</div>
</div>

</div>

Hauptseite

2020-08-05T21:32:31Z

Froggi: Minor changes

[[Datei:Knowhow.png|200x200px|zentriert]]

==Zutatenliste==
[[Froggi's_Weisheiten |''Froggi's Weisheiten'']]<br>[[Nextcloud_Knoffhoff|''Nexcloud knoffhoff'']]<br>[[GrubRescue_Bootanleitung|''Grub Rescue Dingsgedongs'']]<br>[[Schleppi_zu_dunkel|''Samsung R730 zu dunkel unter Linux Mint'']]<br>[[BTRFS-Entfernen |''Check auf btrfs-Partitionen entfernen'']]<br>[[Ktimezoned-entries |''Wenn Korganizer die Zeitzonen nicht kennt'']]<br>''[[Testseite |Testseite]]''<br>[[Bootstrap |''Bootstrap how to's'']]<br>[[Python_things |''Python things'']]<br>[[Git_stuff |''Git stuff'']]<br>[[Laravel_etc |''Laravel for me'']]<br>[[Testseite |''Bastel und Reparatureck'']]

Hauptseite

2020-08-05T15:15:33Z

Froggi:

[[Datei:Knowhow.png|200x200px|zentriert]]

== Zutatenliste ==
[[Froggi's_Weisheiten |''Froggi's Weisheiten'']]<br>
[[Nextcloud_Knoffhoff| ''Nexcloud knoffhoff'']]<br>
[[GrubRescue_Bootanleitung|''Grub Rescue Dingsgedongs'']]<br>
[[Schleppi_zu_dunkel|''Samsung R730 zu dunkel unter Linux Mint'']]<br>
[[BTRFS-Entfernen |''Check auf btrfs-Partitionen entfernen'']]<br>
[[Ktimezoned-entries | ''Wenn Korganizer die Zeitzonen nicht kennt'']]<br>
[[Testseite | ''Testseite'']]<br>
[[Bootstrap | ''Bootstrap how to's'']]<br>
[[Python_things | ''Python things'']]<br>
[[Git_stuff | ''Git stuff'']]<br>
[[Laravel_etc |''Laravel for me'']]<br>
[[Testseite | ''Bastel und Reparatureck'']]

Hauptseite

2020-08-05T15:14:59Z

Froggi: