arifal/CKB

Fork 0

Files

arifal 3fb598ae4d fix permission on local using root

2025-06-13 18:29:16 +07:00

7.8 KiB

Executable File

Raw Blame History

CKB Production Deployment Guide

Panduan deployment aplikasi CKB Laravel ke production server dengan domain bengkel.digitaloasis.xyz.

🚀 Quick Start

1. Deploy ke Production

# Full deployment (recommended untuk pertama kali)
./docker-deploy-prod.sh deploy

# Hanya build containers
./docker-deploy-prod.sh build

# Setup SSL certificate
./docker-deploy-prod.sh ssl

# Check deployment status
./docker-deploy-prod.sh status

2. Akses Aplikasi

Domain: https://bengkel.digitaloasis.xyz
Health Check: https://bengkel.digitaloasis.xyz/health

📋 Prerequisites

Server Requirements

OS: Ubuntu 20.04+ atau CentOS 7+
Memory: Minimum 2GB RAM (4GB recommended)
Storage: Minimum 20GB SSD
Docker: Version 20.10+
Docker Compose: Version 2.0+

Domain Setup

DNS Configuration:

A Record: bengkel.digitaloasis.xyz → [Server IP]
CNAME: www.bengkel.digitaloasis.xyz → bengkel.digitaloasis.xyz

Firewall Configuration:

# Allow HTTP/HTTPS traffic
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

# Allow SSH (if needed)
sudo ufw allow 22/tcp

🛡️ Security Configuration

1. Environment Variables

Edit .env file untuk production:

# Application
APP_ENV=production
APP_DEBUG=false
APP_URL=https://bengkel.digitaloasis.xyz
APP_KEY=base64:...

# Database (GANTI dengan credentials yang aman!)
DB_HOST=db
DB_DATABASE=ckb_production
DB_USERNAME=ckb_user
DB_PASSWORD=secure_password_here
DB_ROOT_PASSWORD=secure_root_password_here

# Redis
REDIS_HOST=redis
REDIS_PASSWORD=secure_redis_password

# Mail
MAIL_MAILER=smtp
MAIL_HOST=your-smtp-host
MAIL_PORT=587
MAIL_USERNAME=your-email@domain.com
MAIL_PASSWORD=your-email-password
MAIL_ENCRYPTION=tls

# Session & Cache
SESSION_DRIVER=redis
CACHE_DRIVER=redis
QUEUE_CONNECTION=redis

# Trusted Proxies
TRUSTED_PROXIES=*

2. Database Security

# Setelah deployment, jalankan MySQL secure installation
docker-compose -f docker-compose.prod.yml exec db mysql_secure_installation

🔧 Deployment Process

Manual Step-by-Step

Persiapan Server:

# Update system
sudo apt update && sudo apt upgrade -y

# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

# Install Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

Clone Repository:

git clone https://github.com/your-repo/ckb.git
cd ckb

Setup Environment:

# For production environment
./docker-setup-env.sh production

# Edit production settings (IMPORTANT!)
nano .env
# Change all CHANGE_THIS_* values with secure passwords

Deploy Application:
```
./docker-deploy-prod.sh deploy
```
Setup SSL Certificate:
```
./docker-deploy-prod.sh ssl
```

📊 Monitoring & Maintenance

1. Health Checks

# Check application status
./docker-deploy-prod.sh status

# Check specific service logs
docker-compose -f docker-compose.prod.yml logs -f app
docker-compose -f docker-compose.prod.yml logs -f nginx-proxy
docker-compose -f docker-compose.prod.yml logs -f db

2. Database Backup

# Manual backup
docker-compose -f docker-compose.prod.yml exec -T db mysqldump -u root -p"$DB_ROOT_PASSWORD" ckb_production > backup_$(date +%Y%m%d).sql

# Automated backup (add to crontab)
0 2 * * * /path/to/ckb/docker-backup.sh

3. SSL Certificate Renewal

Certificate akan otomatis renewal. Untuk manual renewal:

# Test renewal
docker-compose -f docker-compose.prod.yml run --rm certbot renew --dry-run

# Manual renewal
./docker-ssl-renew.sh

# Setup auto-renewal (add to crontab)
0 12 * * * /path/to/ckb/docker-ssl-renew.sh

🔍 Troubleshooting

Common Issues

Application Not Loading:

# Check container status
docker-compose -f docker-compose.prod.yml ps

# Check application logs
docker-compose -f docker-compose.prod.yml logs app

# Restart application
docker-compose -f docker-compose.prod.yml restart app

SSL Certificate Issues:

# Check certificate status
openssl s_client -connect bengkel.digitaloasis.xyz:443 -servername bengkel.digitaloasis.xyz

# Re-setup SSL
./docker-ssl-setup.sh

Database Connection Issues:

# Check database logs
docker-compose -f docker-compose.prod.yml logs db

# Test database connection
docker-compose -f docker-compose.prod.yml exec app php artisan tinker
>>> DB::connection()->getPdo();

Permission Issues:

# Fix Laravel permissions
./docker-fix-permissions.sh prod

Performance Issues

# Check resource usage
docker stats

# Clean up Docker system
docker system prune -a -f

# Optimize Laravel
docker-compose -f docker-compose.prod.yml exec app php artisan optimize

🚦 Load Testing

Before going live, test your application:

# Install testing tools
sudo apt install apache2-utils

# Basic load test
ab -n 1000 -c 10 https://bengkel.digitaloasis.xyz/

# More comprehensive testing with siege
sudo apt install siege
siege -c 25 -t 60s https://bengkel.digitaloasis.xyz/

📈 Performance Optimization

1. Laravel Optimizations

# Run after each deployment
docker-compose -f docker-compose.prod.yml exec app php artisan config:cache
docker-compose -f docker-compose.prod.yml exec app php artisan route:cache
docker-compose -f docker-compose.prod.yml exec app php artisan view:cache
docker-compose -f docker-compose.prod.yml exec app composer install --optimize-autoloader --no-dev

2. Database Optimization

# MySQL tuning
docker-compose -f docker-compose.prod.yml exec db mysql -u root -p -e "
  SET GLOBAL innodb_buffer_pool_size = 1073741824;
  SET GLOBAL query_cache_size = 67108864;
  SET GLOBAL query_cache_type = 1;
"

3. Nginx Optimization

Edit docker/nginx-proxy.conf untuk mengoptimalkan:

Gzip compression
Browser caching
Connection pooling

🔄 Updates & Maintenance

Application Updates

# Pull latest code
git pull origin main

# Backup before update
./docker-deploy-prod.sh backup

# Deploy updates
./docker-deploy-prod.sh deploy

Security Updates

# Update base images
docker-compose -f docker-compose.prod.yml pull

# Rebuild with latest security patches
./docker-deploy-prod.sh build

📞 Support & Contact

Untuk bantuan deployment atau issues:

Email: admin@digitaloasis.xyz
Documentation: https://github.com/your-repo/ckb/docs
Issues: https://github.com/your-repo/ckb/issues

📄 File Structure

ckb/
├── docker/
│   ├── nginx-proxy.conf      # Main nginx configuration
│   ├── nginx-temp.conf       # Temporary config for SSL setup
│   ├── env.example          # Environment template
│   └── ...
├── docker-compose.prod.yml   # Production compose file
├── docker-deploy-prod.sh     # Main deployment script
├── docker-ssl-setup.sh       # SSL certificate setup
├── docker-ssl-renew.sh       # SSL renewal script
└── PRODUCTION-DEPLOYMENT.md  # This file

✅ Production Checklist

Domain DNS configured
Firewall rules configured
.env file configured with production values
Database credentials changed from defaults
SSL certificate obtained and configured
Backup system configured
Monitoring setup
Load testing completed
Security audit completed

🚨 Remember: Always test in staging environment before deploying to production!

7.8 KiB Executable File Raw Blame History