prod setup

server/nginx.conf

@@ -0,0 +1,25 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+error_log /var/log/nginx/error.log;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+	worker_connections 768;
+}
+
+http {
+	tcp_nopush on;
+	types_hash_max_size 2048;
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
+	ssl_prefer_server_ciphers on;
+
+	access_log /var/log/nginx/access.log;
+
+	gzip on;
+	include /etc/nginx/sites-enabled/*;
+
+	include /etc/nginx/conf.d/*.conf;
+}

server/setup.md

@@ -0,0 +1,119 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+apt-get update
+sudo add-apt-repository ppa:ondrej/php
+apt-get update
+sudo apt-get install php8.2-cli php8.2-fpm
+sudo apt install php8.2-common php8.2-mysql php8.2-xml php8.2-xmlrpc php8.2-curl php8.2-gd php8.2-imagick php8.2-cli php8.2-dev php8.2-imap php8.2-mbstring php8.2-opcache php8.2-soap php8.2-zip php8.2-redis php8.2-intl unzip -y
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+mkdir /etc/nginx/ssl/
+chmod -R 655 /etc/nginx/ssl
+chown -R www-data:www-data /etc/nginx/ssl
+<copy paste the key and pem files from cloudflare ssl setup>
+
+
+
+
+
+
+mkdir /etc/nginx/sites-available/old/
+sudo mv /etc/nginx/sites-available/* /etc/nginx/sites-available/old/
+sudo touch /etc/nginx/sites-available/thetempusproject.com.conf
+<updated the main site conf>
+<uploaded the ttp snippet>
+<updated the nginx.conf>
+
+
+sudo rm -rf /etc/nginx/sites-enabled/*
+sudo ln -s /etc/nginx/sites-available/thetempusproject.com.conf /etc/nginx/sites-enabled/thetempusproject.com.conf
+sudo systemctl restart nginx.service
+
+
+
+
+
+cd ~
+curl -sS https://getcomposer.org/installer -o /tmp/composer-setup.php
+
+HASH=`curl -sS https://composer.github.io/installer.sig`
+
+php -r "if (hash_file('SHA384', '/tmp/composer-setup.php') === '$HASH') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
+
+
+sudo php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer
+
+
+
+
+
+
+
+
+cd /var/www/
+composer create-project thetempusproject/thetempusproject thetempusproject.com
+
+
+sudo ln -s /etc/nginx/sites-available/black-airplane /etc/nginx/sites-enabled/
+
+
+
+
+
+
+
+
+
+
+
+1Ag5calIO8xXwS
+
+
+
+mysql
+
+
+CREATE USER 'ttp'@'localhost' IDENTIFIED BY '1Ag5calIO8xXwS';
+GRANT ALL PRIVILEGES ON * . * TO 'ttp'@'localhost';
+
+FLUSH PRIVILEGES;
+CREATE DATABASE ttp;

server/thetempusproject.com.conf

@@ -1,36 +1,24 @@
-# upstream to abstract backend connection(s) for php 
-upstream php { 
-    server unix:/run/php/php8.1-fpm.sock;
+upstream php {
+    server unix:/run/php/php8.2-fpm.sock;
 }
-server {
-    listen 80;
-    listen [::]:80;
-        server_name thetempusproject.com;
-        include snippets/well-known;
-    return 301 https://$host$request_uri;
-}
-server {
-    listen 443 ssl http2 default_server;
-    listen [::]:443 ssl http2 default_server;
-    server_name thetempusproject.com;
-    include snippets/ssl-params.conf;
-    root           /var/www/thetempusproject.com;
-    index          index.php;
 
-    # max php upload size
-    client_max_body_size 100M;
-  
-    # disable direcory indexing
-    autoindex off;
+server {
+    listen 80 default_server;
+    index index.php;
+    server_name thetempusproject.com;
+    root /var/www/thetempusproject.com;
+    charset utf-8;
+    sendfile off;
+    client_max_body_size 100m;
 
     # custom TTP code
     include snippets/ttp.conf;
-
+    
     location ~* \.php$ {
-      fastcgi_pass php;
-      include         fastcgi_params;
-      fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
-      include fastcgi_params;
-      fastcgi_intercept_errors on;
+        fastcgi_pass php;
+        include         fastcgi_params;
+        fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+        include fastcgi_params;
+        fastcgi_intercept_errors on;
     }
 }

server/ttp.conf

@@ -6,8 +6,6 @@ error_log /var/log/nginx/error.log;
 
 index index.php;
 
-charset utf-8;
-
 error_page 404 /index.php;
 
 ssl_certificate /etc/nginx/ssl/thetempusproject.com.pem;
@@ -17,7 +15,7 @@ location = /favicon.ico {
     log_not_found off;
     access_log off;
 }
- 
+
 location = /robots.txt {
     allow all;
     log_not_found off;
@@ -40,7 +38,7 @@ location ~ /\. {
     deny all;
 }
 
-location ~* \.(?:js|css|png|jpg|gif|ico|woff|ttf|woff2)$ {
+location ~* \.(?:js|css|png|jpg|gif|ico|woff|tff|woff2|min.css.map)$ {
     access_log off;
     log_not_found off;
 }
@@ -69,6 +67,27 @@ location /errors/ {
     try_files $uri /index.php?error=$uri;
 }
 
+location /api/ {
+    # Handle CORS for all requests
+    if ($request_method = 'POST') {
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'Authorization, DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range' always;
+        add_header 'Access-Control-Expose-Headers' 'Content-Length, Content-Range' always;
+    }
+    # Handle preflight requests
+    if ($request_method = 'OPTIONS') {
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Headers' 'Authorization, DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range' always;
+        add_header 'Access-Control-Max-Age' 1728000;
+        add_header 'Content-Type' 'text/plain; charset=utf-8' always;
+        return 204; # Return no content for preflight
+    }
+
+    rewrite ^/(.+)$ /index.php?url=$1&$args;
+}
+
 location / {
     rewrite ^/(.+)$ /index.php?url=$1&$args;
-}
+}
+