Wediah Emmanuel

Posted on Nov 6

How to host a PHP/Laravel app on Google Cloud.

#webdev #backenddevelopment #programming #api

Taking a Laravel application from a local development environment to a production system is a critical step in shipping your product.

Below is the step by step method, I use to deploy my Laravel apps to Google cloud;

First, we starting by creating a project on the Google Cloud console (fig. 1), then we create a virtual machine by choosing the subscription model which fits our app (fig. 2, 3).

fig. 1

fig. 2

fig. 3

Secondly, after creating the virtual machine, we SSH into the server. For simplicity, we go with the SSH-in-browser (fig. 4).

fig. 4

After SSHing into the virtual machine, we perform an update,

sudo apt update && sudo apt upgrade -y

then install Nginx (our web server),

sudo apt install -y nginx

followed by checking the PHP version that comes with our virtual machine,

php --version

then we install these essential components for PHP (NB: the version of the component should match up with the version of PHP installed on the virtual machine. In the command below, we are using PHP version 8.3),

sudo apt install -y php8.3-fpm php8.3-mysql php8.3-mbst ring php8.3-xml php8.3-zip php8.3-gd php8.3-bcmath php8.3-cli php8.3-common

after installing the components, we move to installing mysql and composer on the server,

sudo apt install -y mysql-server

curl -sS https://getcomposer.org/installer | php

After installing composer, we move to the bin of our virtual machine,

sudo mv composer.phar /usr/local/bin/composer

The next step is to run a secure installation of MySQL,

sudo mysql_secure_installation

After running the secure MySQL installation, we validate a password component for our SQL server.

`**_Securing the MySQL server deployment.

Connecting to MySQL using a blank password.

VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No: Y

There are three levels of password validation policy:

LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1

Skipping password set for root as authentication with auth_socket is used by default.
If you would like to use password authentication instead, this can be done with the "ALTER_USER" command.
See https://dev.mysql.com/doc/refman/8.0/en/alter-user.html#alter-user-password-management for more information.

By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.

Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y
Success.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y

Dropping test database...
Success.
Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.

All done! _**`

Then we setup a root user for our sql server. (NB: in the password section, we enter a new password),

sudo mysql -u root -p

`Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 14
Server version: 8.0.42-0ubuntu0.20.04.1 (Ubuntu)

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> CREATE USER 'laravel_user'@'localhost' IDENTIFIED BY 'Core2eng$';
Query OK, 0 rows affected (0.11 sec)

mysql> GRANT ALL PRIVILEGES ON yourdatabasename.* TO 'laravel_user'@'localhost';
Query OK, 0 rows affected (0.01 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)

mysql> EXIT;
`

The next step comes with cloning our code hosted on GitHub and create a folder on our virtual machine where it will cloned into,

sudo git clone https://github.com/yourcode.git yourfoldername

Then we set permissions and navigate to the location of the folder where our code has been cloned into and install composer,

`sudo chown -R $USER:$USER /var/www/yourfoldername

cd /var/www/yourfoldername

composer install --optimize-autoloader --no-dev`

Followed by setting up the following permissions;

sudo chown -R username:username . sudo chown -R www-data:www-data /var/www/yourfoldername sudo chmod -R 775 /var/www/yourfoldername/storage sudo chmod -R 775 /var/www/yourfoldername/bootstrap/cache

After these, we copy the example environment file to the environment file and add our variables using the nano editor , generate our app's key and run our migrations,

cp .env.example .env nano .env php artisan key:generate php artisan migrate --force

The last step is to configure the web server; the first step at this to to edit the site config to point to our root file.

sudo nano /etc/nginx/sites-available/yourfoldername after this we make it look like this

`server {
listen 80;
server_name _;
root /var/www/yourfoldername/public;

add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";

index index.php;

charset utf-8;

location / {
    try_files $uri $uri/ /index.php?$query_string;
}

location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt  { access_log off; log_not_found off; }

error_page 404 /index.php;

location ~ \.php$ {
    fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
    include fastcgi_params;
}

location ~ /\.(?!well-known).* {
    deny all;
}

The next step is to enable our site;

sudo ln -s /etc/nginx/sites-available/mefiedirectory /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl reload nginx

Finally can can visit our app on the web at

http://[YOUR_EXTERNAL_IP]