From 3269a836a2567f3c55e1691d3c40c84aff748137 Mon Sep 17 00:00:00 2001 From: Hamza-Ayed Date: Wed, 22 Apr 2026 22:45:47 +0300 Subject: [PATCH] Initial V2 commit 3 --- config/intaleq.php | 8 ++--- nginx-vhost.conf | 48 +++++++++++++++++++++++++++++ setup.sh | 76 ++++++++++++++++++++++++---------------------- 3 files changed, 92 insertions(+), 40 deletions(-) create mode 100644 nginx-vhost.conf diff --git a/config/intaleq.php b/config/intaleq.php index 7176cce..e6c4c46 100644 --- a/config/intaleq.php +++ b/config/intaleq.php @@ -10,17 +10,17 @@ return [ 'hmac_tolerance' => env('HMAC_TOLERANCE_SECONDS', 300), // Encryption - 'legacy_enc_key_path' => env('LEGACY_ENC_KEY_PATH', '/home/intaleq-api/.enckey'), + 'legacy_enc_key_path' => env('LEGACY_ENC_KEY_PATH', base_path('.enckey')), 'legacy_iv' => env('LEGACY_IV', ''), // FCM - 'fcm_credentials_path' => env('FCM_CREDENTIALS_PATH', '/home/intaleq-api/firebase-credentials.json'), - 'fcm_cache_path' => env('FCM_CACHE_PATH', '/home/intaleq-api/fcm_token_cache.json'), + 'fcm_credentials_path' => env('FCM_CREDENTIALS_PATH', base_path('firebase-credentials.json')), + 'fcm_cache_path' => env('FCM_CACHE_PATH', storage_path('app/fcm_token_cache.json')), // Internal Services 'location_server_url' => env('LOCATION_SERVER_URL', 'http://localhost:2021'), 'ride_socket_url' => env('RIDE_SOCKET_URL', 'http://localhost:3031'), - 'internal_socket_key_path' => env('INTERNAL_SOCKET_KEY_PATH', '/home/intaleq-api/.internal_socket_key'), + 'internal_socket_key_path' => env('INTERNAL_SOCKET_KEY_PATH', base_path('.internal_socket_key')), // Rate Limiting 'rate_limit_login' => (int) env('RATE_LIMIT_LOGIN', 5), diff --git a/nginx-vhost.conf b/nginx-vhost.conf new file mode 100644 index 0000000..fe40147 --- /dev/null +++ b/nginx-vhost.conf @@ -0,0 +1,48 @@ +server { + listen 80; + listen [::]:80; + listen 443 ssl http2; + listen [::]:443 ssl http2; + {{ssl_certificate_key}} + {{ssl_certificate}} + server_name {{domain}}; + root {{root_path}}; + index index.php; + + {{root}} + + # Security headers + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options "nosniff"; + + charset utf-8; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + error_page 404 /index.php; + + location ~ \.php$ { + fastcgi_pass unix:/run/php/php{{php_version}}-fpm.sock; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + include fastcgi_params; + } + + location ~ /\.(?!well-known).* { + deny all; + } + + # Optimization for static files + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|otf)$ { + expires 30d; + add_header Cache-Control "public, no-transform"; + } + + {{vhost_config}} +} diff --git a/setup.sh b/setup.sh index 41cb781..52402f9 100755 --- a/setup.sh +++ b/setup.sh @@ -1,63 +1,67 @@ #!/bin/bash ############################################### -# Intaleq V2 — Server Setup Script -# Run this ONCE on the server after uploading +# Intaleq V2 — Server Setup Script (CloudPanel Optimized) ############################################### set -e -echo "=== Intaleq V2 Setup ===" +# Colors for output +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +RED='\033[0;31m' +NC='\033[0m' # No Color -# 1. Install dependencies -echo "[1/6] Installing Composer dependencies..." +echo -e "${GREEN}=== Intaleq V2 Setup ===${NC}" + +# 1. Detect User +CURRENT_USER=$(whoami) +echo -e "Detected user: ${YELLOW}$CURRENT_USER${NC}" + +# 2. Install dependencies +echo -e "[1/6] ${GREEN}Installing Composer dependencies...${NC}" composer install --no-dev --optimize-autoloader -# 2. Copy environment file +# 3. Copy environment file if [ ! -f .env ]; then - echo "[2/6] Creating .env from template..." + echo -e "[2/6] ${YELLOW}Creating .env from template...${NC}" cp .env.example .env - echo "⚠️ IMPORTANT: Edit .env with your actual credentials!" + echo -e "${RED}⚠️ IMPORTANT: Edit .env with your actual credentials!${NC}" else - echo "[2/6] .env already exists, skipping..." + echo -e "[2/6] .env already exists, skipping..." fi -# 3. Generate app key -echo "[3/6] Generating application key..." +# 4. Generate app key +echo -e "[3/6] ${GREEN}Generating application key...${NC}" php artisan key:generate -# 4. Cache config for performance -echo "[4/6] Caching configuration..." +# 5. Cache config for performance +echo -e "[4/6] ${GREEN}Caching configuration...${NC}" php artisan config:cache php artisan route:cache +php artisan view:cache -# 5. Set permissions -echo "[5/6] Setting permissions..." +# 6. Set permissions +echo -e "[5/6] ${GREEN}Setting permissions...${NC}" +# For CloudPanel, the web user is usually the SSH user chmod -R 775 storage bootstrap/cache -chown -R www-data:www-data storage bootstrap/cache - -# 6. Run migrations (add indexes and api columns) -echo "[6/6] Running database migrations..." -echo "⚠️ This will add api_key/api_secret columns and missing indexes." -echo "⚠️ It will NOT delete or modify existing data." -read -p "Continue? (y/n): " confirm -if [ "$confirm" = "y" ]; then - php artisan migrate - echo "✅ Migrations complete!" +# Attempt to set ownership if running as root or sudo +if [ "$EUID" -eq 0 ]; then + chown -R www-data:www-data storage bootstrap/cache else - echo "⏭️ Migrations skipped. Run 'php artisan migrate' manually." + echo -e "${YELLOW}Skipping chown as non-root user. Ensure storage is writable.${NC}" fi +# 7. Run migrations +echo -e "[6/6] ${GREEN}Running database migrations...${NC}" +# Use --force for production +php artisan migrate --force + echo "" -echo "=== Setup Complete ===" +echo -e "${GREEN}=== Setup Complete ===${NC}" echo "" -echo "Next steps:" -echo "1. Edit .env with real DB credentials, JWT secret, etc." -echo "2. Configure Nginx to point to public/ directory" -echo "3. Run: php artisan config:cache" +echo "Next steps for CloudPanel:" +echo "1. In CloudPanel, set the 'Root Directory' to: ${YELLOW}/public${NC}" +echo "2. Update the VHost Nginx configuration (see nginx-vhost.conf)" +echo "3. Ensure PHP version is 8.2 or 8.3" echo "4. Test: curl https://your-domain/v2/auth/passenger/login" -echo "" -echo "Nginx config example:" -echo " location /v2 {" -echo " try_files \$uri \$uri/ /index.php?\$query_string;" -echo " }"