channvichea

Download a clone of Let’s Encrypt from the official GitHub repository. /opt is a common installation directory for third-party packages, so let’s install the clone to /opt/letsencrypt:

git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

Navigate to the new /opt/letsencrypt directory:

cd /opt/letsencrypt

> Create an SSL Certificate

Stop Apache server

systemctl stop httpd.service

Run Let’s Encrypt with the --standalone parameter. For each additional domain name requiring a certificate, add -d example.com to the end of the command.

./letsencrypt-auto certonly --standalone -d example.com -d www.example.com

Let’s Encrypt does not deploy wildcard certificates. Each subdomain requires its own certificate.

For the first time, enter your email and agree to the Terms of Service
If all goes well, a message similar to the one below will appear. Its appearance means Let’s Encrypt has approved and issued your certificates.

IMPORTANT NOTES:
- If you lose your account credentials, you can recover them through
 e-mails sent to somebody@example.com.
- Congratulations! Your certificate and chain have been saved at
 /etc/letsencrypt/live/example.com/fullchain.pem. Your
 cert will expire on 2016-03-31. To obtain a new version of the
 certificate in the future, simply run Let's Encrypt again.
- Your account credentials have been saved in your Let's Encrypt
 configuration directory at /etc/letsencrypt. You should make a
 secure backup of this folder now. This configuration directory will
 also contain certificates and private keys obtained by Let's
 Encrypt, so making regular backups of this folder is ideal.
- If you like Let's Encrypt, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

Each key (.pem) file in /etc/letsencrypt/live/example.com/serves a different purpose:
- cert.pem: server certificate only.
- chain.pem: root and intermediate certificates only.
- fullchain.pem: combination of server, root and intermediate certificates (replaces cert.pem and chain.pem).
- privkey.pem: private key (do not share this with anyone!).

> Apply SSL Certificate in Apache

Add a VirtualHost in /etc/httpd/conf.d/ssl.conf or in other .conf file in /etc/httpd/conf.d/

<VirtualHost *:443>
 ServerName example.com
 ServerAlias www.example.com
 DocumentRoot /var/www/html/example.com/public_html
 SSLEngine on
 SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
 SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
 SSLCertificateChainFile /etc/letsencrypt/live/example.com/fullchain.pem
</VirtualHost>

Restart Apache server

systemctl restart httpd.service

References:

cPanel, web

Redirect to www with https in htaccess

Posted on July 17, 2017 by channvichea

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*) https://www.%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

cPanel, linux, web

Fixing the cPanel SoftException writable by group

Posted on January 12, 2017 by channvichea

If you’ve been following these posts, we now have a lovely git push to deploy setup, and can ssh into our server without constantly needing to enter our password through the use of ssh keys.

However, if you’re running on cPanel, you will probably have bumped into this error:

SoftException in Application.cpp:256: File "/home/username/public_html/index.php" is writeable by group

This is clearly a permissions error, and so the obvious thought is to chmod it. However, we don’t want to ssh in and chmod every time we push! On the testing server, the permissions are fine, but they are different once the git push has done its post-update.

The reason for this is something to do with a thing called umask. Umask is a user mask which is created for processes that are performing tasks, and affects new files and folders.

The solution to this is to edit ~/.bash_profile, and insert the following command:

umask 022

From now on you shouldn’t have the problem. With newly created files.

To sort already existing files, Chmod -R 755 any folders affected, OR just log out and in, and git pull or git reset –hard HEAD^ in order to re-fetch the files. This time they should be created without any strange permission errors!

Source: https://delboy1978uk.wordpress.com/2014/01/31/fixing-the-cpanel-softexception-writable-by-group/

git, linux command, web

Laravel + Git + GoDaddy

Posted on January 11, 2017 by channvichea

1. Configuring SSH and Git

Enable SSH: from cPanel go on Security > SSH Access > Enable SSH, then import your public key.

Check the SSH connection:

# From your local pc 
$ ssh [godaddy-user]@[domain-name.com]

where [godaddy-user] is the username configured for your GoDaddy’s cPanel and [domain-name.com] is the site domain name.

Check that Git is correctly installed on GoDaddy:

$ # From the GoDaddy host 
$ git --version

Create the bin directory on the user’s home:

$ # Always from the GoDaddy host
$ mkdir ~/bin

2. Check the PHP version

Open an SSH connection with GoDaddy, then:

$ php --version

Should print something like:

  PHP 5.5.24 (cgi-fcgi) (built: Apr 20 2015 06:24:55)

Check that the php version is correct (for Laravel 5.1 must be greater than 5.5.9).

Troubleshooting: wrong php version

Can happen that you have setted the newest PHP version from cPanel but via SSH you still have an old version.

If the PHP version is wrong, for example is 5.4.43 instead of 5.5.24, make sure you have changed it in cPanel (in Software > Select PHP Version) then try with:

$ /opt/alt/php55/usr/bin/php --version

If the path /opt/alt/php55/usr/bin/php print out the correct version then set it as your php default command:

$ cd
$ vim .bash_profile

In the file .bash_profile change the row

PATH=$PATH:$HOME/bin

with

PATH=$HOME/bin:$PATH

That is: prepend your local bin directory to assign it the first priority.

Create a link to the right php version:

$ cd bin
$ ln -s /opt/alt/php55/usr/bin/php

Close and reopen the ssh connection and check now the php version.

3. Create the application folder

From GoDaddy host, create the [app] folder in your home, where [app] is the name of your Laravel application:

$ cd ~
$ mkdir [app]

This folder will contains your application.

Depending if you want to install the application in the main domain, e.g. http://example.com, or in a subdomain, e.g. http://[app].example.com, do one of the following.

Main domain

Replace the public_html folder with a symbolic link to [app]/public (be sure public_html is empty before delete it):

$ rm -r public_html
$ ln -s [app]/public public_html

Subdomains

Create a sub domain in GoDaddy

http://[sub-domain].[domain-name.com]

access the cPanel at the url http://[domain-name.com]/cpanel then go on Domains > Subdomains > Create Subdomain and insert:

Subdomain: [sub-domain] (e.g. app)
Document root: /[app]/public

4. Get Composer

From GoDaddy host:

$ # Install composer
$ cd bin
$ curl -sS https://getcomposer.org/installer | php
$ ln -s ./composer.phar composer

5. Configuring Git for automatic deploy

Create the Git bare repository on the GoDaddy’s host:

$ # Create the git directory where the repository will be mantained
$ cd ~
$ mkdir git

$ # Create the repository
$ cd git
$ git init --bare --shared [app].git

$ # Create the post-receive hook file
$ cd [app].git/hooks
$ touch post-receive

$ # Make the hook executable
$ chmod +x post-receive

$ # Configure the hook
$ vim post-receive

Write in the file post-receive all the operations that will be performed after the push is done:

#!/bin/sh

# Set up our PATH variable and export it
PATH="/home/[godaddy-user]/bin":$PATH
export PATH

# App directories
APP_WEB_DIR="/home/[godaddy-user]/[app]"
APP_GIT_DIR="/home/[godaddy-user]/git/[app].git"

# Checkout the last commit inside the web app directory
git --work-tree=${APP_WEB_DIR} --git-dir=${APP_GIT_DIR} checkout -f

# Clean the app directory
# Use -e "[pattern]" to exclude some file or directory to be cleaned,
# as they are in the .gitignore file
# git --work-tree=${APP_WEB_DIR} clean -fd

# Run composer
cd ${APP_WEB_DIR}
composer install
   
# Ensure that storage's folder have write permission for the group
chmod -R g+w storage

# Optimizations
echo "Running optimizations"
php artisan config:cache
php artisan route:cache

# Do other things here, for example load database changes automatically
# php artisan migrate
# ...

6. Add the ‘production’ remote in your repository

From your PC:

$ # Go in the project's folder
$ cd /path/to/your/project
  
# Add the 'production' server's URL
$ git remote add production ssh://[godaddy-user]@[domain-name.com]/~/git/[app].git

Now you can deploy the project on GoDaddy (pushing it on the production remote) with:

$ git push production master

You should now be able to see your code on the folder ~/[app] on the GoDaddy’s host.

After configured the database in the host and configured your application (for example you have to create the .env file in the host and set here the db connection parameters) you will be able to access your application from your domain.

Link: http://blog.netgloo.com/2015/08/06/configuring-godaddys-shared-hosting-for-laravel-and-git/

git, web

Learn Git

Posted on October 26, 2016 by channvichea

Git is the industry-standard version control system for web developers.

git init creates a new Git repository
git status inspects the contents of the working directory and staging area
git add adds files from the working directory to the staging area
git diff shows the difference between the working directory and the staging area
git commit permanently stores file changes from the staging area in the repository
git log shows a list of all previous commits

Git backtrack allow you to undo changes made to your Git project.

git checkout HEAD filename: Discards changes in the working directory.
git reset HEAD filename: Unstages file changes in the staging area.
git reset SHA: Can be used to reset to a previous commit in your commit history.

Git branching allows users to experiment with different versions of a project by checking out separate branches to work on.

git branch: Lists all a Git project’s branches.
git branch branch_name: Creates a new branch.
git checkout branch_name: Used to switch from one branch to another.
git merge branch_name: Used to join file changes from one branch to another.
git branch -d branch_name: Deletes the branch specified.

A remote is a Git repository that lives outside your Git project folder. Remotes can live on the web, on a shared network or even in a separate folder on your local computer.

The Git Collaborative Workflow are steps that enable smooth project development when multiple collaborators are working on the same Git project.

git clone: Creates a local copy of a remote.
git remote -v: Lists a Git project’s remotes.
git fetch: Fetches work from the remote into the local copy.
git merge origin/master: Merges origin/master into your local branch.
git push origin <branch_name>: Pushes a local branch to the originremote.

web

HTTP Status Codes

Posted on September 7, 2016 by channvichea

2xx : Success
- 200 -> OK
- 201 -> Created
- 202 -> Accepted
- 203 -> Partial Information
- 204 -> No Response
3xx : Redirection
- 301 -> Moved
- 302 -> Found
- 303 -> Method
- 304 -> Not Modified
4xx, 5xx : Error
- 400 -> Bad Request
- 401 -> Unauthorized
- 402 -> Payment Required
- 403 -> Forbidden
- 404 -> Not Found
- 500 -> Internal Server Error
- 501 -> Not Implemented
- 502 -> Service Temporarily Overloaded
- 503 -> Gateway Timeout

linux command

Some Linux commands