Start a PHP 7.2 Slim Project on Ubuntu 18.04
I use Slim, a lightweight PHP framework for creating HTTP applications and APIs using “routes.”
Here’s my formula for deploying my Slim app on Ubuntu 18.04 with PHP 7.2. This has worked on GCP and AWS, as well as my own hosted cluster.
Please note that I will be working with a raw sudo
terminal session, so I will omit the use of sudo
from these instructions.
One Fresh LAMP Image, Please
Let us start with a fresh installation of Ubuntu 18.04.
# important!
apt update
apt -y upgrade
reboot
I like using tasksel
to install LAMP (Apache, MySql and PHP). tasksel
is the menu you encounter when installing Ubuntu from an ISO. If I am installing on a cloud service, I don’t get the opportunity to use this menu, so I have to install it manually.
apt install -y tasksel
tasksel
# Scroll down to LAMP Server
# Hit Spacebar to select
# Tab to the OK button and hit Enter
After I install MySql, I always secure it.
mysql_secure_installation
# Follow the prompts and accept all security recommendations
Use Certbot for Free SSL
Hooray for Certbot and Let’s Encrypt! Now it only takes a few minutes to configure Apache with SSL certificates.
Configure Public Domain Names
Super-important first step: assign a domain name you control to the public IP address of your hosted Ubuntu instance. The public clouds give you a public IP when you set up a new instance. Use that IP address to set up DNS A records for your host.
For example, if I have a domain called mydomain.com
, and I want a host to be called api.mydomain.com
and www.mydomain.com
, and I want mydomain.com
to work as well, and my public-facing IP address is 34.34.34.34
, then I need these A records in my mydomain.com.db
DNS zone file:
@ 14400 IN A 34.34.34.34
api 14400 IN A 34.34.34.34
www 14400 IN A 34.34.34.34
Use Certbot to Install Let’s Encrypt Certificates
Start by installing Certbot and accepting the license terms.
add-apt-repository ppa:certbot/certbot
# Hit Enter to accept the terms
apt install -y python-certbot-apache
Run the certbot
command as shown, entering all of your domain names. Enter your email address for identification and sign up for the EFF.org newsletter! Pick the option to automatically redirect your HTTP traffic to HTTPS.
certbot --apache -d mydomain.com -d www.mydomain.com -d api.mydomain.com
# Enter your email address
# Pick the option to redirect HTTP to HTTPS
Install PHP Modules and Composer
Slim uses the popular Composer module management system for PHP. I need a few PHP modules to get Composer to work with my Slim projects.
apt install -y composer zip php-curl php-xml php-mbstring php-zip
Load Project Files
For day-to-day work on a PHP/Slim project, I use a regular, unprivileged user account. I set up a new account with the adduser
command. In this example the username vern
is just an example. Select any username you want.
adduser vern
# Select a strong password
# Complete the "Full Name" field
# Hit Enter for the remaining prompts
Now, I need to impersonate the new user and load the project files from GitHub (or wherever I have my repository) into the project directory. After that I bring in all the dependent modules by running Composer.
In this example, I start a new Slim project called myproject
using the Slim Skeleton repository.
cd ~vern
su vern
git clone https://github.com/slimphp/Slim-Skeleton.git myproject
cd myproject
composer install
exit
The last step in developer account preparation is to give Apache ownership of the log directory. Change vern
to your developer account name.
chown www-data:www-data /home/vern/myproject/logs
Configure Apache for Slim
Edit the Apache SSL configuration file that was generated by Certbot:
vi /etc/apache2/sites-enabled/000-default-le-ssl.conf
The contents should like like this.
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName api.mydomain.com
SSLCertificateFile /etc/letsencrypt/live/api.mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/api.mydomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Change the DocumentRoot directive to point to the project’s public directory.
DocumentRoot /home/vern/myproject/public
Add the following <Directory> directive before the </VirtualHost> tag.
<Directory "/home/vern/myproject/public">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?_url=/$1 [QSA,L]
</IfModule>
</Directory>
Finally, your 000-default-le-ssl.conf
file should look like this:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /home/vern/myproject/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName api.telnexus.com
SSLCertificateFile /etc/letsencrypt/live/api.mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/api.mydomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
<Directory "/home/vern/myproject/public">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?_url=/$1 [QSA,L]
</IfModule>
</Directory>
</VirtualHost>
</IfModule>
Save and restart Apache.
apache2ctl restart
Bask In The Glory!
Fire up your browser and go to https://api.mydomain.com/
and you should see the Slim default page.