# CKB Production Deployment Guide Panduan deployment aplikasi CKB Laravel ke production server dengan domain `bengkel.digitaloasis.xyz`. ## 🚀 Quick Start ### 1. Deploy ke Production ```bash # Full deployment (recommended untuk pertama kali) ./docker-deploy-prod.sh deploy # Hanya build containers ./docker-deploy-prod.sh build # Setup SSL certificate ./docker-deploy-prod.sh ssl # Check deployment status ./docker-deploy-prod.sh status ``` ### 2. Akses Aplikasi - **Domain**: https://bengkel.digitaloasis.xyz - **Health Check**: https://bengkel.digitaloasis.xyz/health ## 📋 Prerequisites ### Server Requirements - **OS**: Ubuntu 20.04+ atau CentOS 7+ - **Memory**: Minimum 2GB RAM (4GB recommended) - **Storage**: Minimum 20GB SSD - **Docker**: Version 20.10+ - **Docker Compose**: Version 2.0+ ### Domain Setup 1. **DNS Configuration**: ``` A Record: bengkel.digitaloasis.xyz → [Server IP] CNAME: www.bengkel.digitaloasis.xyz → bengkel.digitaloasis.xyz ``` 2. **Firewall Configuration**: ```bash # Allow HTTP/HTTPS traffic sudo ufw allow 80/tcp sudo ufw allow 443/tcp # Allow SSH (if needed) sudo ufw allow 22/tcp ``` ## 🛡️ Security Configuration ### 1. Environment Variables Edit `.env` file untuk production: ```env # Application APP_ENV=production APP_DEBUG=false APP_URL=https://bengkel.digitaloasis.xyz APP_KEY=base64:... # Database (GANTI dengan credentials yang aman!) DB_HOST=db DB_DATABASE=ckb_production DB_USERNAME=ckb_user DB_PASSWORD=secure_password_here DB_ROOT_PASSWORD=secure_root_password_here # Redis REDIS_HOST=redis REDIS_PASSWORD=secure_redis_password # Mail MAIL_MAILER=smtp MAIL_HOST=your-smtp-host MAIL_PORT=587 MAIL_USERNAME=your-email@domain.com MAIL_PASSWORD=your-email-password MAIL_ENCRYPTION=tls # Session & Cache SESSION_DRIVER=redis CACHE_DRIVER=redis QUEUE_CONNECTION=redis # Trusted Proxies TRUSTED_PROXIES=* ``` ### 2. Database Security ```bash # Setelah deployment, jalankan MySQL secure installation docker-compose -f docker-compose.prod.yml exec db mysql_secure_installation ``` ## 🔧 Deployment Process ### Manual Step-by-Step 1. **Persiapan Server**: ```bash # Update system sudo apt update && sudo apt upgrade -y # Install Docker curl -fsSL https://get.docker.com -o get-docker.sh sudo sh get-docker.sh # Install Docker Compose sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose ``` 2. **Clone Repository**: ```bash git clone https://github.com/your-repo/ckb.git cd ckb ``` 3. **Setup Environment**: ```bash # For production environment ./docker-setup-env.sh production # Edit production settings (IMPORTANT!) nano .env # Change all CHANGE_THIS_* values with secure passwords ``` 4. **Deploy Application**: ```bash ./docker-deploy-prod.sh deploy ``` 5. **Setup SSL Certificate**: ```bash ./docker-deploy-prod.sh ssl ``` ## 📊 Monitoring & Maintenance ### 1. Health Checks ```bash # Check application status ./docker-deploy-prod.sh status # Check specific service logs docker-compose -f docker-compose.prod.yml logs -f app docker-compose -f docker-compose.prod.yml logs -f nginx-proxy docker-compose -f docker-compose.prod.yml logs -f db ``` ### 2. Database Backup ```bash # Manual backup docker-compose -f docker-compose.prod.yml exec -T db mysqldump -u root -p"$DB_ROOT_PASSWORD" ckb_production > backup_$(date +%Y%m%d).sql # Automated backup (add to crontab) 0 2 * * * /path/to/ckb/docker-backup.sh ``` ### 3. SSL Certificate Renewal Certificate akan otomatis renewal. Untuk manual renewal: ```bash # Test renewal docker-compose -f docker-compose.prod.yml run --rm certbot renew --dry-run # Manual renewal ./docker-ssl-renew.sh # Setup auto-renewal (add to crontab) 0 12 * * * /path/to/ckb/docker-ssl-renew.sh ``` ## 🔍 Troubleshooting ### Common Issues 1. **Application Not Loading**: ```bash # Check container status docker-compose -f docker-compose.prod.yml ps # Check application logs docker-compose -f docker-compose.prod.yml logs app # Restart application docker-compose -f docker-compose.prod.yml restart app ``` 2. **SSL Certificate Issues**: ```bash # Check certificate status openssl s_client -connect bengkel.digitaloasis.xyz:443 -servername bengkel.digitaloasis.xyz # Re-setup SSL ./docker-ssl-setup.sh ``` 3. **Database Connection Issues**: ```bash # Check database logs docker-compose -f docker-compose.prod.yml logs db # Test database connection docker-compose -f docker-compose.prod.yml exec app php artisan tinker >>> DB::connection()->getPdo(); ``` 4. **Permission Issues**: ```bash # Fix Laravel permissions ./docker-fix-permissions.sh prod ``` ### Performance Issues ```bash # Check resource usage docker stats # Clean up Docker system docker system prune -a -f # Optimize Laravel docker-compose -f docker-compose.prod.yml exec app php artisan optimize ``` ## 🚦 Load Testing Before going live, test your application: ```bash # Install testing tools sudo apt install apache2-utils # Basic load test ab -n 1000 -c 10 https://bengkel.digitaloasis.xyz/ # More comprehensive testing with siege sudo apt install siege siege -c 25 -t 60s https://bengkel.digitaloasis.xyz/ ``` ## 📈 Performance Optimization ### 1. Laravel Optimizations ```bash # Run after each deployment docker-compose -f docker-compose.prod.yml exec app php artisan config:cache docker-compose -f docker-compose.prod.yml exec app php artisan route:cache docker-compose -f docker-compose.prod.yml exec app php artisan view:cache docker-compose -f docker-compose.prod.yml exec app composer install --optimize-autoloader --no-dev ``` ### 2. Database Optimization ```bash # MySQL tuning docker-compose -f docker-compose.prod.yml exec db mysql -u root -p -e " SET GLOBAL innodb_buffer_pool_size = 1073741824; SET GLOBAL query_cache_size = 67108864; SET GLOBAL query_cache_type = 1; " ``` ### 3. Nginx Optimization Edit `docker/nginx-proxy.conf` untuk mengoptimalkan: - Gzip compression - Browser caching - Connection pooling ## 🔄 Updates & Maintenance ### Application Updates ```bash # Pull latest code git pull origin main # Backup before update ./docker-deploy-prod.sh backup # Deploy updates ./docker-deploy-prod.sh deploy ``` ### Security Updates ```bash # Update base images docker-compose -f docker-compose.prod.yml pull # Rebuild with latest security patches ./docker-deploy-prod.sh build ``` ## 📞 Support & Contact Untuk bantuan deployment atau issues: - **Email**: admin@digitaloasis.xyz - **Documentation**: https://github.com/your-repo/ckb/docs - **Issues**: https://github.com/your-repo/ckb/issues ## 📄 File Structure ``` ckb/ ├── docker/ │ ├── nginx-proxy.conf # Main nginx configuration │ ├── nginx-temp.conf # Temporary config for SSL setup │ ├── env.example # Environment template │ └── ... ├── docker-compose.prod.yml # Production compose file ├── docker-deploy-prod.sh # Main deployment script ├── docker-ssl-setup.sh # SSL certificate setup ├── docker-ssl-renew.sh # SSL renewal script └── PRODUCTION-DEPLOYMENT.md # This file ``` ## ✅ Production Checklist - [ ] Domain DNS configured - [ ] Firewall rules configured - [ ] .env file configured with production values - [ ] Database credentials changed from defaults - [ ] SSL certificate obtained and configured - [ ] Backup system configured - [ ] Monitoring setup - [ ] Load testing completed - [ ] Security audit completed --- **🚨 Remember**: Always test in staging environment before deploying to production!