服务器搭建

搭建服务的系统为ubuntu16.0.4 ，用户为root
1、选定一个目录作为git仓库, 比如我的仓库目录为i/data/laravel.git

cd /data

git init --bare laravel.git

Git就会创建一个裸仓库，裸仓库是没有工作区的。laravel.git仓库里的内容如下：

image.png
2、收集需要使用该仓库的用户的公钥id_rsa.pub, 将公钥id_rsa.pub的内容复制到~/.ssh/authorized_keys里，一行一个用户

cd ~/.ssh
//看看是否有id_rsa.pub,没有的话就生成一个
//生成秘钥
ssh-keygen

3、克隆测试，创建好的仓库地址：root@47.106.124.198:/data/laravel.git

git clone root@47.106.124.198:/data/laravel.git
Cloning into 'laravel'...
warning: You appear to have cloned an empty repository.

服务器git仓库搭建成功

自动化部署

每当有项目要提交到laravel.git,然后到项目目录下执行git pull origin master,将项目更新，这种操作太繁琐了。

git的钩子hooks可以帮我自动完成这些操作 /data/laravel.git/hooks

root@iZwz956snfyrvah6yq8sa4Z:/data/laravel.git/hooks# ll
total 52
drwxr-xr-x 2 root root 4096 Oct 30 15:57 ./
drwxr-xr-x 7 root root 4096 Oct 30 15:03 ../
-rwxr-xr-x 1 root root  478 Oct 30 15:03 applypatch-msg.sample*
-rwxr-xr-x 1 root root  896 Oct 30 15:03 commit-msg.sample*
-rwxr-xr-x 1 root root  124 Oct 30 15:57 post-receive*
-rwxr-xr-x 1 root root  189 Oct 30 15:03 post-update.sample*
-rwxr-xr-x 1 root root  424 Oct 30 15:03 pre-applypatch.sample*
-rwxr-xr-x 1 root root 1642 Oct 30 15:03 pre-commit.sample*
-rwxr-xr-x 1 root root 1239 Oct 30 15:03 prepare-commit-msg.sample*
-rwxr-xr-x 1 root root 1348 Oct 30 15:03 pre-push.sample*
-rwxr-xr-x 1 root root 4898 Oct 30 15:03 pre-rebase.sample*
-rwxr-xr-x 1 root root 3610 Oct 30 15:03 update.sample*

在hooks里加入post-receive

vim /data/laravel.git/hooks/post-receive

在里面加入

#!/bin/sh
DEPLOY_PATH=/home/www/laravel/ #项目地址

unset  GIT_DIR #这条命令很重要GIT_DIR ==> .git/
cd $DEPLOY_PATH
git pull origin master

这样就完成了自动化部署。当你git push origin master后，会自动将文件检出到指定的项目目录下了

部署laravel

使用IP访问，因为域名需要备案，如果有已经备案好的域名，可以把它解析了就可以使用了。

选定目录为/home/www/

1、 使用composer来安装

composer create-project laravel/laravel laravel --prefer-dist "5.6.*"

注：如果composer安装慢或者安装不成功，可以是composer中国镜像来加速

//全局配置
composer config -g repo.packagist composer https://packagist.laravel-china.or

//单独使用，去掉 -g
composer config repo.packagist composer https://packagist.laravel-china.org

//取消配置
composer config -g --unset repos.packagist

2、直接克隆laravel.git里的项目

cd /home/www

git clone root@47.106.124.198:/data/laravel.git

cd /home/www/laravel

# 查看是否有.env文件，如果没有，则
cp .env.example .env

vim .env    # 修改APP_URL=http://47.106.124.198， 保存并退出

#更新APP_KEY
php artisan key:generate

#修改storage目录权限
chmod -R 777 storage/

配置Nginx

进入Nginx目录下

cd /etc/nginx

在nginx.conf同级下创建vhost目录, 并在vhost目录创建一个跟项目同名的配置文件，如：laravel.conf

mkdir vhost

cd vhost

vim laravel.conf

以后每个域名的配置都在vhost目录下创建一个xx.conf文件，方便管理

在laravel.conf里加入

server {
    listen 80;
    #listen [::]:80 default_server;

    root /home/www/laravel/public;

    index index.php index.html index.htm;

    server_name 47.106.124.198;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        try_files $uri /index.php =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/run/php/php7.1-fpm.sock; #对应/etc/php/7.1/fpm/pool.d/www.conf中的listen = /run/php/php7.1-fpm.sock
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

配置php.ini文件，文件目录：/etc/php/7.1/fpm/php.ini

搜索cgi.fix_pathinfo , 将cgi.fix_pathinfo=1 修改为 cgi.fix_pathinfo=0

cgi.fix_pathinfo=0

重启nginx和php-fpm

service nginx restart

service php7.1-fpm restart

优化自动加载

composer install --optimize-autoloader --no-dev

配置HTTPS证书

我的系统是ubuntu，服务器是Nginx

安装cerbot工具

sudo apt-get update

sudo apt-get install software-properties-common

sudo add-apt-repository ppa:certbot/certbot

sudo apt-get update

sudo apt-get install python-certbot-nginx 

开始使用

# 这个命令是获取HTTPS证书，并让cerbot自动配置到Nginx配置中

sudo certbot --nginx

# 也可以使用下面命令获取HTTPS证书后，手动去配置

sudo certbot --nginx certonly

使用过程中，使用竖排...来表示省略

Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): czhd2552@163.com

# 需要输入邮箱地址
.
.
.
-------------------------------------------------------------------------------
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
-------------------------------------------------------------------------------
(A)gree/(C)ancel: a

# A同意、C退出
.
.
.
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
-------------------------------------------------------------------------------
(Y)es/(N)o: y

# 你愿意与电子前沿分享你的电子邮件地址吗？
.
.
.
Which names would you like to activate HTTPS for?
-------------------------------------------------------------------------------
1: chois.xin
2: tp.chois.xin
-------------------------------------------------------------------------------
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 

# 列出所有需要配置的域名，你可以选则域名前面的号码给某个域名配置HTTPS证书，或者直接Enter回车选择全部

.
.
.
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
-------------------------------------------------------------------------------
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1

# 1是不重定向，2是重定向
.
.
.
IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/chois.xin/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/chois.xin/privkey.pem
   Your cert will expire on 2018-07-03. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

配置证书到期自动更新

sudo certbot renew --dry-run

配置完成，证书的配置都在/etc/letsencrypt目录下，使用https://xx访问试试吧

Composer 中文镜像

Certbot官方文档

廖雪峰之搭建git服务器

Pro Git教程

Laravel 5.6 中文文档