1. Apache2

1.1 Installation

As the Apache-webserver is part of the most distributions repositories install it with:

 sudo apt install apache2

1.2 Check successful installation

 sudo systemctl status apache2

1.3 Allow redirects for Laravel / Vue-JS

At the terminal execute the following

sudo a2enmod rewrite

sudo systemctl restart apache2

Now redirects shoudl work. This is necessary for the APP to work correctly.

2. PHP 7.4

As some parts need PHP 7.3 or higher we will use PHP 7.4 which is the highes stable vesrion at the moment.

2.1 PHP PPA

PHP 7.3 and PHP 7.4 are not available from the repositories of the distributions. So we will use a PPA (Private Public Archive). Be aware of possible security issues when using PPA's. The newest PHP versions as by now (August 2020) can be found at the PPA from Ondřej Surý.

So lets add that:

 sudo add-apt-repository ppa:ondrej/php
 sudo apt update

2.2 Install PHP 7.4

 sudo apt install php7.4

To check it enter

php -v

It should show version 7.4

3. MariaDB

3.1 Install MariaDB server

For the installation see also the repository configuration page of MariaDB at: https://downloads.mariadb.org/mariadb/repositories/

 sudo apt-get install software-properties-common
 sudo apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'
 sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://ftp.nluug.nl/db/mariadb/repo/10.5/ubuntu bionic main'

Once this is ready get the MariaDB-server installed with:

 sudo apt update
 sudo apt install mariadb-server

Note!: In my case the mirrorserver is at ftp.nluug.nl. In your case it may vary. So check the commands with the repository configuration page of MariaDB. See link above.

3.2 Securing MariaDB

The secure (harden) your MariaDB installation use the following command:

 sudo mysql_secure_installation

and follow the instructions.

3.3 Add user with admin privileges

Don’t use the root user at all. Via the command above remote access for root is prohibited. So you need another user with admin rights to allow remote login and administer your MariaDB installation.

3.3.1 Log in MariaDB a last time as root with:

 mysql -u root -p

Enter the above in part 3.2 created password.

3.3.2 Add a user with:

 CREATE USER IF NOT EXISTS 'username' IDENTIFIED BY 'password';

3.3.3 Give all necessary rights / permissions to this user:

 GRANT ALL PRIVILEGES ON *.* TO 'username' IDENTIFIED BY 'password' with grant option;

3.3.4 Make it active with:

 FLUSH PRIVILEGES;

3.3.5 Verify all is correct with:

 SHOW GRANTS FOR 'username';

And log out as root and log in back as the new user. It should be successful.

3.4 No remote access if installed on server

If you can not access mariadb from a remote client, it is likely that mariadb is only listening on 127.0.0.1. Security setting! By default the bind-address is set to 127.0.0.1. To get mariadb to listen on the ip-address of your server open the folowing file:

 /etc/mysql/mariadb.conf.d/50-server.cnf

and change the line with bind-address to:

 bind-address            = <your-servers-ip>

Restart the database servers with:

 sudo systemctl restart mysql.service
 sudo systemctl restart mariadb.service

Check that the database server now is listening at the correct address with:

 sudo netstat -anp | grep 3306

It should now show something like this

 tcp        0      0 <your-server-ip>:3306      0.0.0.0:*               LISTEN      19039/mariadbd

4. PHPMyAdmin

4.1 Install dependencies with:

 sudo apt install php7.4-mysql php7.4-mbstring php7.4-zip unzip

4.2 Activate the modules

 sudo phpenmod mysqli mbstring zip

4.3 Download the latest stable version with

 wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

unzip it:

 unzip phpMyAdmin-latest-all-languages.zip

4.4 Make directory for PHPMyAdmin

 sudo mkdir /var/www/phpmyadmin

4.5 Copy files in place:

 sudo cp -r phpMyAdmin-*/* /var/www/phpmyadmin/

4.6 Allow access to apache

 sudo chown -R www-data:www-data /var/www/phpmyadmin
 sudo chmod -R 755 /var/www/phpmyadmin

4.7 Tell Apache hat phpmyadmin exists

To access PHPMyAdmin at www.domain.com/phpmyadmin you have to tell apache to do so by adding a configuration.

So create one with:

 sudo vi /etc/apache2/conf-available/phpmyadmin.conf

With this content:

 Alias /phpmyadmin /var/www/phpmyadmin/ 
 
 <Directory /var/www/phpmyadmin/> 
 
  AllowOverride all 
 
 </Directory>

4.8 Activate the configuration

 sudo a2enconf phpmyadmin
 sudo systemctl reload apache2

4.9 Securing PHPMyAdmin

For security reasons and in a production environment it is recommended to harden access to the phpmyadmin directory with an .htaccess file and password

4.9.1 Create an .htaccess file with

 sudo vi /var/www/phpmyadmin/.htaccess

with the following content:

 AuthType Basic
 
 AuthName "Restricted Files"
 
 AuthUserFile /var/www/phpmyadmin/.htpasswd
 
 Require valid-user

4.9.2 Create the .htpasswd file

 sudo htpasswd -c /var/www/phpmyadmin/.htpasswd <username>

Choose a password different then the passwords you use in MariaDB for extra security.

When ready you should be prompted for a password when attempting to open phpmyadmin.

4.10 Secret passphrase for cookie-authentication

After the installation and your first login in to phpMyAdmin you’ll see a warning about the missing secret passphrase.

Open config.inc.php. Rename config.sample.inc.php to config.inc.php if you haven’t done that yet.

 sudo vi /var/www/phpmyadmin/config.inc.php

or

 sudo mv /var/www/phpmyadmin/config.sample.inc.php /var/www/phpmyadmin/config.inc.php
 sudo vi /var/www/phpmyadmin/config.inc.php

Change the line with

 $cfg['blowfish_secret'] = ; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

to

 $cfg['blowfish_secret'] = '<verysecretpassword>'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

where <verysecretpassword> must be 32 characters long.

You don’t have to remember this password, so I can be a happy mix of chars, numbers and special characters you like.

Never use a password you use in production.

A possible way to get a password is with openssl:

 openssl rand -base64 32

That will create an output like

 lQjnenlFAaGbeBvFGNWotx2wuQwa80NphNZ7bETSlkY=

4.11 Warning about configuration storage

You may see this warning at the startscreen

 The phpMyAdmin configuration storage is not completely configured,
 some extended features have been deactivated. To find out why click here.

To get rid of it click on the link. phpMyAdmin will show you a new message with a link ('Create'). Click on it and it should create all necessary settings and database table.

5. Composer

Note: Do this in your homedir!

Install composer on your system following the instructions on their website to get the latest: Install composer

Beware that this commands may change on new releases. Below is only an example.

For the actual installation instructions look at the composer website.

 php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
 
 php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
 
 php composer-setup.php --install-dir=bin --filename=composer
 
 php -r "unlink('composer-setup.php');"

6. NodeJS and NPM

6.1 Official install instructions per version:

Install NodeJS instructions

6.2 tl;dr

 curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -
 
 sudo apt-get install -y nodejs

6.3 Verify the version(s)

 node -v

should respond with something like

 v12.18.3

and

 npm -v

should respond with something like

 6.14.6

7. Laravel

7.1 Laravel installer

Install it via composer.

 composer global require laravel/installer

7.1.1 Add the path to the laravel installer binary

Note: If you decide to install it in an other place then your own bin, you must add the path to it in your $PATH envvariable.

Edit $HOME/.profile

Mine looks like this:

 # ~/.profile: executed by the command interpreter for login shells.
 # This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
 # exists.
 # see /usr/share/doc/bash/examples/startup-files for examples.
 # the files are located in the bash-doc package.
 
 # the default umask is set in /etc/profile; for setting the umask
 # for ssh logins, install and configure the libpam-umask package.
 #umask 022
 
 # if running bash
 if [ -n "$BASH_VERSION" ]; then
     # include .bashrc if it exists
     if [ -f "$HOME/.bashrc" ]; then
         . "$HOME/.bashrc"
     fi
 fi
 
 # set PATH so it includes user's private bin if it exists
 if [ -d "$HOME/bin" ] ; then
     PATH="$HOME/bin:$PATH"
 fi
 
 # set PATH so it includes user's private bin if it exists
 if [ -d "$HOME/.local/bin" ] ; then
     PATH="$HOME/.local/bin:$PATH"
 fi

Add the following to the end of the file:

 # set PATH so it includes the path to the composers binary if it exists
 if [ -d "$HOME/.config/composer/vendor/bin" ] ; then
     PATH="$HOME/.config/composer/vendor/bin:$PATH"
 fi

The exact location can be found by the following command:

 composer global about

7.1.2 Activate the laravel installer

To get access to the binary the path must be known. As you added it into your .profile file it must be reread. To do so, relogin.

7.2 Create a new Laravel project

7.2.1 PHP-dependencies

The installer requires the php-xml dependency. So install it with:

 sudo apt install php7.4-xml

7.2.2 Create new project

Go to the location where your project should live and execute:

 laravel new <projectsname>

After that cd into the new project directory.

7.2.3 Frontend Scaffolding aka get an UserInterface (UI)

Go to your projects root directory.

7.2.3.1 Install the laravel ui

 composer require laravel/ui

7.2.3.2 Get the Vue-JS components

 php artisan ui vue

7.2.3.3 Bootstrap

With the installation of the vue ui also Bootstrap is installed. Open package.json in the projects root folder to verify.

7.2.3.4 Content package.json

 "devDependencies": {
 
     "axios": "^0.19",
 
     "bootstrap": "^4.0.0", ← There it is!!!
 
     "cross-env": "^7.0",
 
     "jquery": "^3.2",
 
     "laravel-mix": "^5.0.1",
 
     "lodash": "^4.17.19",
 
     "popper.js": "^1.12",
 
     "resolve-url-loader": "^2.3.1",
 
     "sass": "^1.20.1",
 
     "sass-loader": "^8.0.0",
 
     "vue": "^2.5.17",
 
     "vue-template-compiler": "^2.6.10"
 
 }

So we can use it now.

You will see a notice on the terminalwindow to use npm to install everything needed.

 npm install && npm run dev

7.2.3.5 Warnings

A number of warnings can be shown. At the time of writing this, i get the following warnings

 npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
 npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.3 (node_modules/watchpack/node_modules/fsevents):
 npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.3: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
 npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/fsevents):
 npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

The warnings about fsevents can be ignored as it is indeed an unsupportde platform and fsevents will not be used anyway.

Update it with

 npm install @popperjs/core --save

7.2.3.6 Severity vulnarability

You also will get this message

 found 1 low severity vulnerability
   run `npm audit fix` to fix them, or `npm audit` for details

If you execute npm audit fix it will come with a message that it could not be automatically fixed

 fixed 0 of 1 vulnerability in 1093 scanned packages
   1 vulnerability required manual review and could not be updated

So lets look what is going on with

 npm audit

I get this

                        === npm audit security report ===                        
                                                                                 
 ┌──────────────────────────────────────────────────────────────────────────────┐
 │                                Manual Review                                 │
 │            Some vulnerabilities require your attention to resolve            │
 │                                                                              │
 │         Visit https://go.npm.me/audit-guide for additional guidance        │
 └──────────────────────────────────────────────────────────────────────────────┘
 ┌───────────────┬──────────────────────────────────────────────────────────────┐
 │ Low           │ Prototype Pollution                                          │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Package       │ yargs-parser                                                 │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Dependency of │ laravel-mix [dev]                                            │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Path          │ laravel-mix > yargs > yargs-parser                           │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ More info     │ https://npmjs.com/advisories/1500                          │
 └───────────────┴──────────────────────────────────────────────────────────────┘
 found 1 low severity vulnerability in 1093 scanned packages
  1 vulnerability requires manual review. See the full report for details.

Until today there is no solution for this. The main cause seems laravel-mix which uses an older version of the yargs-parser. See also here: Issue on github

7.2.3.7 BootstrapVue

To be written yet....

7.2.5 File and directory permissions

I assume that these settings are correct after the installation, but if not set them as follows:

7.2.5.1 Files

 sudo find <laravel-rootdirectory> -type f -exec chmod 644 {} \; 

7.2.5.2 Directories

 sudo find <laravel-rootdirectory> -type d -exec chmod 755 {} \;

7.2.7 Give apache the right to write to storage (upload, logs…) and cache

Go to your projects root directory and execute the following commands:

 sudo chgrp -R www-data storage bootstrap/cache
 sudo chmod -R ug+rwx storage bootstrap/cache

7.3 Create webconfiguration for this project

7.3.1 Create a new config file with:

 sudo vi /etc/apache2/sites-available/www.my-website.localhost.conf

and insert this content:

 <VirtualHost *:80>
 
     ServerAdmin webmaster@localhost
 
     ServerName my-website.localhost
 
     ServerAlias www.my-website.localhost
 
     DocumentRoot /path/to/your/project/public/
 
     LogLevel debug
 
     ErrorLog ${APACHE_LOG_DIR}/error.log
 
     CustomLog ${APACHE_LOG_DIR}/access.log combined
 
     <Directory /path/to/your/project/public/>
         Options Indexes FollowSymLinks MultiViews
 
         AllowOverride All
 
         Order allow,deny
 
         allow from all
 
         Require all granted
 
     </Directory>
 </VirtualHost>

Where my-website.localhost should be your website name / address and the ServerAdmin email should be your actual email address for that website admin.

DocumentRoot should be the path to your website files.

If you decide to keep the logfiles apart for each website, for instance at

 ${APACHE_LOG_DIR}/my-website/error.log

don’t forget to add a subdirectory to /var/log/apache or apache won't start.

 sudo mkdir /var/log/apache/my-website

7.3.2 Activate the new website and deactivate the default one

 sudo a2ensite www.my-website.localhost.conf
 
 sudo a2dissite 000-default.conf
 
 sudo systemctl restart apache2

7.3.3 Alias the website in your /etc/hosts for easy access vie your browser

Open the file with:

 sudo vi /etc/hosts

and add

 127.0.0.1www.my-website.localhost

7.4 Create SSL webconfiguration for this project

When userdata is neccesaary, think about login for example, accessing the webpage vie HTTPS is recommended. So lets create the necesarry config and activate ssl for apache.

7.4.1 Create the SSL key and certificate

The command to create these two is openssl.

sudo sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/my-website-selfsigned.key -out /etc/ssl/certs/my-website-selfsigned.crt

With this exampke we create a set for mny-website.

A couple of questions will be asked. A good explanation of what is going on here can be found at: https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-20-04

7.4.2 The ssl configfile for your website

After the key and certificate is in place we need a configfile for aoacxhe to know that there is a ssl version of your website.

An example can be found at /etc/apache2/sites-available/default-ssl.conf

For our website i will look like this.

<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerAdmin webmaster@localhost
                ServerName www.my-website.com
                ServerAlias www.my-website.com
 
                DocumentRoot /path/to/your/website/root/
 
                LogLevel debug
                ErrorLog ${APACHE_LOG_DIR}/my-website/error.log
                CustomLog ${APACHE_LOG_DIR}/my-website/access.log combined
 
                SSLEngine on
                SSLCertificateFile      /etc/ssl/certs/my-website-selfsigned.crt
                SSLCertificateKeyFile /etc/ssl/private/my-website-selfsigned.key
 
                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
                <Directory /path/to/your/website/root/>
                        Allowoverride All
                        Require all granted
                </Directory>
        </VirtualHost>
</IfModule>

7.4.3 Activate SSL

To activate ssl execute the following command:

 sudo a2enmod ssl

7.4.4 Activate the ssl site

To do so execute

 sudo a2ensite www.my-website-ssl.com.conf

7.4.5 Restart / reload apache to make these changes available

 sudo systemctl restart / reload apache2

8. Create Database and User

8.1 Create Database in PHPMyAdmin

Open PHPMyAdmin in your browser (www.my-website.com/phpmyadmin) and click on New on the left panel or go to the databases tab and create there a new one.

I prefer utf8mb4_unicode_ci as collation.

8.2 Create a User for this databases

In PHPMyAdmin go to the Userstab. If you don’t see it (because you are on the databasetab for instance), first go back to the startpage.

Add a user by clicking on Add User. The new user can have only local access if app and database are on the same server / machine, but if not choose any host.

8.3 Grant user rights to the databases

In the user tab click on Edit privileges to go to the user preferences page.

There click on the database button and select the database your user should get the rights to and click ok.

On the next screen grant rights to data and structure by checking the boxes and click ok.

8.3 Verify the new username

Log out of PHPMyAdmin and login again with the new created user and password. If successful you should only see the database you granted the permissions to.

9. Give Laravel access to the databases

9.1 Edit the .env file

Open the .env file in your editor of choice (I use Atom for development) and set the DB_ variables according the data you used to create the database and user.

As an example

 DB_CONNECTION=mysql
 DB_HOST=127.0.0.1
 DB_PORT=3306
 DB_DATABASE=MyDB
 DB_USERNAME=MyDBUser
 DB_PASSWORD=MYDBPassword

Save that changes.

9.2 First migration

Go to projects root directory in your shell and execute the following command.

php artisan migrate:install

You should be answered with:

 Migration table created successfully.

In your database a new table migrations is created. Here all migrations will be stored.

Now execute

 php artisan migrate

The response will show that a user table, a password reset table and failed jobs table are created.

Migrating: 2014_10_12_000000_create_users_table
 Migrated: 2014_10_12_000000_create_users_table (0.02 seconds)
 Migrating: 2014_10_12_100000_create_password_resets_table
 Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
 Migrating: 2019_08_19_000000_create_failed_jobs_table
 Migrated: 2019_08_19_000000_create_failed_jobs_table (0.01 seconds)

A. Extras

Atom addons for developing Laravel projects

• Language-blade
• Blade-snippets
• Blade spacer

• Language-vue
• Vue-snippets