arifal/CKB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add update nginx config to domain and create production setup docker

Browse Source
This commit is contained in:
arifal
2025-06-11 19:02:02 +07:00
parent 647aa51187
commit 0b211915f1
13 changed files with 1899 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

360
PRODUCTION-DEPLOYMENT.md Normal file
View File

@@ -0,0 +1,360 @@
# CKB Production Deployment Guide
Panduan deployment aplikasi CKB Laravel ke production server dengan domain `bengkel.digitaloasis.xyz`.
## 🚀 Quick Start
### 1. Deploy ke Production
```bash
# Full deployment (recommended untuk pertama kali)
./docker-deploy-prod.sh deploy
# Hanya build containers
./docker-deploy-prod.sh build
# Setup SSL certificate
./docker-deploy-prod.sh ssl
# Check deployment status
./docker-deploy-prod.sh status
```
### 2. Akses Aplikasi
- **Domain**: https://bengkel.digitaloasis.xyz
- **Health Check**: https://bengkel.digitaloasis.xyz/health
## 📋 Prerequisites
### Server Requirements
- **OS**: Ubuntu 20.04+ atau CentOS 7+
- **Memory**: Minimum 2GB RAM (4GB recommended)
- **Storage**: Minimum 20GB SSD
- **Docker**: Version 20.10+
- **Docker Compose**: Version 2.0+
### Domain Setup
1. **DNS Configuration**:
```
A Record: bengkel.digitaloasis.xyz → [Server IP]
CNAME: www.bengkel.digitaloasis.xyz → bengkel.digitaloasis.xyz
```
2. **Firewall Configuration**:
```bash
# Allow HTTP/HTTPS traffic
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
# Allow SSH (if needed)
sudo ufw allow 22/tcp
```
## 🛡️ Security Configuration
### 1. Environment Variables
Edit `.env` file untuk production:
```env
# Application
APP_ENV=production
APP_DEBUG=false
APP_URL=https://bengkel.digitaloasis.xyz
APP_KEY=base64:...
# Database (GANTI dengan credentials yang aman!)
DB_HOST=db
DB_DATABASE=ckb_production
DB_USERNAME=ckb_user
DB_PASSWORD=secure_password_here
DB_ROOT_PASSWORD=secure_root_password_here
# Redis
REDIS_HOST=redis
REDIS_PASSWORD=secure_redis_password
# Mail
MAIL_MAILER=smtp
MAIL_HOST=your-smtp-host
MAIL_PORT=587
MAIL_USERNAME=your-email@domain.com
MAIL_PASSWORD=your-email-password
MAIL_ENCRYPTION=tls
# Session & Cache
SESSION_DRIVER=redis
CACHE_DRIVER=redis
QUEUE_CONNECTION=redis
# Trusted Proxies
TRUSTED_PROXIES=*
```
### 2. Database Security
```bash
# Setelah deployment, jalankan MySQL secure installation
docker-compose -f docker-compose.prod.yml exec db mysql_secure_installation
```
## 🔧 Deployment Process
### Manual Step-by-Step
1. **Persiapan Server**:
```bash
# Update system
sudo apt update && sudo apt upgrade -y
# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
# Install Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
```
2. **Clone Repository**:
```bash
git clone https://github.com/your-repo/ckb.git
cd ckb
```
3. **Setup Environment**:
```bash
# For production environment
./docker-setup-env.sh production
# Edit production settings (IMPORTANT!)
nano .env
# Change all CHANGE_THIS_* values with secure passwords
```
4. **Deploy Application**:
```bash
./docker-deploy-prod.sh deploy
```
5. **Setup SSL Certificate**:
```bash
./docker-deploy-prod.sh ssl
```
## 📊 Monitoring & Maintenance
### 1. Health Checks
```bash
# Check application status
./docker-deploy-prod.sh status
# Check specific service logs
docker-compose -f docker-compose.prod.yml logs -f app
docker-compose -f docker-compose.prod.yml logs -f nginx-proxy
docker-compose -f docker-compose.prod.yml logs -f db
```
### 2. Database Backup
```bash
# Manual backup
docker-compose -f docker-compose.prod.yml exec -T db mysqldump -u root -p"$DB_ROOT_PASSWORD" ckb_production > backup_$(date +%Y%m%d).sql
# Automated backup (add to crontab)
0 2 * * * /path/to/ckb/docker-backup.sh
```
### 3. SSL Certificate Renewal
Certificate akan otomatis renewal. Untuk manual renewal:
```bash
# Test renewal
docker-compose -f docker-compose.prod.yml run --rm certbot renew --dry-run
# Manual renewal
./docker-ssl-renew.sh
# Setup auto-renewal (add to crontab)
0 12 * * * /path/to/ckb/docker-ssl-renew.sh
```
## 🔍 Troubleshooting
### Common Issues
1. **Application Not Loading**:
```bash
# Check container status
docker-compose -f docker-compose.prod.yml ps
# Check application logs
docker-compose -f docker-compose.prod.yml logs app
# Restart application
docker-compose -f docker-compose.prod.yml restart app
```
2. **SSL Certificate Issues**:
```bash
# Check certificate status
openssl s_client -connect bengkel.digitaloasis.xyz:443 -servername bengkel.digitaloasis.xyz
# Re-setup SSL
./docker-ssl-setup.sh
```
3. **Database Connection Issues**:
```bash
# Check database logs
docker-compose -f docker-compose.prod.yml logs db
# Test database connection
docker-compose -f docker-compose.prod.yml exec app php artisan tinker
>>> DB::connection()->getPdo();
```
4. **Permission Issues**:
```bash
# Fix Laravel permissions
./docker-fix-permissions.sh prod
```
### Performance Issues
```bash
# Check resource usage
docker stats
# Clean up Docker system
docker system prune -a -f
# Optimize Laravel
docker-compose -f docker-compose.prod.yml exec app php artisan optimize
```
## 🚦 Load Testing
Before going live, test your application:
```bash
# Install testing tools
sudo apt install apache2-utils
# Basic load test
ab -n 1000 -c 10 https://bengkel.digitaloasis.xyz/
# More comprehensive testing with siege
sudo apt install siege
siege -c 25 -t 60s https://bengkel.digitaloasis.xyz/
```
## 📈 Performance Optimization
### 1. Laravel Optimizations
```bash
# Run after each deployment
docker-compose -f docker-compose.prod.yml exec app php artisan config:cache
docker-compose -f docker-compose.prod.yml exec app php artisan route:cache
docker-compose -f docker-compose.prod.yml exec app php artisan view:cache
docker-compose -f docker-compose.prod.yml exec app composer install --optimize-autoloader --no-dev
```
### 2. Database Optimization
```bash
# MySQL tuning
docker-compose -f docker-compose.prod.yml exec db mysql -u root -p -e "
SET GLOBAL innodb_buffer_pool_size = 1073741824;
SET GLOBAL query_cache_size = 67108864;
SET GLOBAL query_cache_type = 1;
"
```
### 3. Nginx Optimization
Edit `docker/nginx-proxy.conf` untuk mengoptimalkan:
- Gzip compression
- Browser caching
- Connection pooling
## 🔄 Updates & Maintenance
### Application Updates
```bash
# Pull latest code
git pull origin main
# Backup before update
./docker-deploy-prod.sh backup
# Deploy updates
./docker-deploy-prod.sh deploy
```
### Security Updates
```bash
# Update base images
docker-compose -f docker-compose.prod.yml pull
# Rebuild with latest security patches
./docker-deploy-prod.sh build
```
## 📞 Support & Contact
Untuk bantuan deployment atau issues:
- **Email**: admin@digitaloasis.xyz
- **Documentation**: https://github.com/your-repo/ckb/docs
- **Issues**: https://github.com/your-repo/ckb/issues
## 📄 File Structure
```
ckb/
├── docker/
│ ├── nginx-proxy.conf # Main nginx configuration
│ ├── nginx-temp.conf # Temporary config for SSL setup
│ ├── env.example # Environment template
│ └── ...
├── docker-compose.prod.yml # Production compose file
├── docker-deploy-prod.sh # Main deployment script
├── docker-ssl-setup.sh # SSL certificate setup
├── docker-ssl-renew.sh # SSL renewal script
└── PRODUCTION-DEPLOYMENT.md # This file
```
## ✅ Production Checklist
- [ ] Domain DNS configured
- [ ] Firewall rules configured
- [ ] .env file configured with production values
- [ ] Database credentials changed from defaults
- [ ] SSL certificate obtained and configured
- [ ] Backup system configured
- [ ] Monitoring setup
- [ ] Load testing completed
- [ ] Security audit completed
---
**🚨 Remember**: Always test in staging environment before deploying to production!