This tutorial is done on a debian 11 system… it should work for wildcard (For all subdomains under a domain), but also for subdomains or the primary domain, obviously, all you need to do is replace the * which denotes wildcard with the subdomain of your choice, so *.qworqs.com is wildcard, yazeed.qworqs.com is a subdomain 😉 so let us get started
Let’s encrypt has certainly revolutionized the world of SSL certificates (By making them free), but when it comes to wildcard certificates, let’s encrypt will require more than just generating the certificate, it will require a system that automatically alters DNS at your registrar, and differs from registrar to registrar.
So while I am developing, and need a wildcard SSL, I can simply generate a self signed wildcard security certificate, and teach my browser to accept it, and that is that, so here is how to generate that certificate !
So let us get started, first let us create a public and private key in one go, and a folder to store them !
Now you are done with creating everything you need, the next step is to install them into your nginx configuration
this can be done directly in the website’s configuration files, since this is a wildcard certificate that is expected to be installed in multiple nginx files, it is a good idea to group then so that you can add one line to all the config files, this will serve you when the certificates expire and you need to renew them !
Every company has it’s own procedures, and sometimes it’s own standard for the following documents, but this is the most common, the order is loosely relevant to prerequisites and chronological order
I have put them down in a table to simplify
In this document, a client refers to a party that receives the code, (any of the steakholders), Implementation lead and developer refer to the programmers, system analyst refers to a system analyst.
Who writes it
Who is it written for
Statement of work
Project management, Chief Information Officer, third-party contractor, So from the developers perspective, any client such as the above
Marketing requirements document
All steakholders including Implementation lead
The user requirements document User requirements specification
This document is basically the client outlining the features the developers are to implement
Project management with help from system analysts (Clients)
Implementation lead and any relevant stakeholders
A software requirements specification sheet A description of a software system to be developed, laying out functional and non-functional requirements- or features This document bridges the gap between user/client and developer Also serves as an agreement
Business Analyst, System Analyst, and developers
Technical requirements document
Written by the developers based on the requirement documents submitted by the client, this is an extensive document that connects functionality, features, and purpose together, creating this document is a very lengthy process and it requires “Technical writing skills” as it is meant to convey the whole system to non technical steakholders.
Functional specification document
Functional Requirements Document
Product requirements document.
This document communicates the capabilities the product will need.
Software Requirements Document written statement of what the software will do or should do.
Far more detailed than an SRS
Implementation lead or System Analyst.
It is the prioritized list of task-level details needed to execute the strategic plan outlined in the product roadmap.
Drawn from the product backlog, this is the list of cross-functional team plans to work on in the next sprint.
Software documentation A user’s manual (Not for the developers)
This part of the tutorial is a hands on setup to have Laravel working on nginx under Linux. this is not the only way to run Laravel, for all the options, see here
NOTE: Most if not all of the popular development tools are available for Linux and Windows, so If this setup is for development, you might want to install Debian Linux with the Gnome GUI so that you can install the development tools used in the next part of this tutorial, if you are going to be developing on a different machine or this is for production, then you shouldn’t.
STEP 1: Install Debian 11 (Bullseye) on a computer.
STEP 2: Install the basic Laravel environment with the following commands, Laravel 9 requires PHP 8, which at the time of writing is not available in Debian 11 repositories, so we will need to add the repositories from the guy who manages PHP for Debian anyway
The last line above should show you what version of composer you have just installed
Now, remember to never run composer as root, but rather as a regular user, from this point on I am assuming you are running the terminal as a regular user.
I understand that Debian puts the web root in /var/www/html, but i usually like to create a separate directory called /var/vhosts and put all my web projects in it
Now, we need to create a sample project for our learning and training experience
composer create-project laravel/laravel laraveltestapp
chmod -R 0777 /var/vhosts/laravelapp/storage
Next, We would need to setup nginx to serve this website (“Would like to” actually, because there are alternatives, but I’m keeping it simple), here is an almost standard template for nginx, modify the host name and project name to match your project and preferences.
NGINX vhost config file (In my case /etc/nginx/sites-available/laraveltestapp)
On linux, when i needed to edit a video I usually go to Kdenlive, I used to think it is THE linux alternative to Adobe Premier Pro, until yesterday, when a friend recommended I try out OpenShot
I am a Gnome user, Kdenlive was designed for KDE, I have always run it in gnome (Unity) and it worked fine, but today, I am feeling adventurous and up for trying OpenShot, openshot too is pyQt which is a bummer, but hey, this is not why we doing this
Reminder KDE is based on Qt and Gnome is based on GTK. both applications here are meant for KDE, and I don’t really want to install KDE on my machine
This post here is where I will leave my impressions so hang tight.
A short while back, I was handed a repository with code written in Laravel, incomplete, and somewhat sketchy. with the purpose of taking a look at the code and deciding whether i would take it or not.
To give you the lowdown FIRST, while first researching Laravel, I started by investigating the limitations, my first google search sent me in the direction of a blog post by Beau Beauchamp, a developer who seems familiar with the framework.
I obviously didn’t take his word for it, I don’t really know who he is, so i gave myself a 2 day intensive Laravel course, unfortunately he was somewhat right.
The following two paragraphs are from his blog post, they don’t tell you much, but are better explained as I go
Laravel prides itself as the framework for “artisans”. The impression is that Laravel is the framework for people who don’t really know how to code and don’t want to learn. I get it.
Laravel is not PHP, per se, it uses an “expressive” syntax or what has been coined as “syntactic sugar” to hide things from you that it thinks “artisans” don’t need to worry about.
Having no experience with Laravel, and plenty of experience in PHP, the 2 day course i mentioned earlier left me with the following impressions, I was Impressed by how massive it is (Implementing plenty of features with very few lines), impressed by how simple and easy it is (Truly made for people who don’t want to learn programming). and thinking that this is basically a great framework for a simple straight forward website, but once you are looking to give the website more edge, a competitive advantage, or creating complex functionality, the framework is pretty restrictive and not so scalable.
yes, caching can help with the scalability part, but the degree caching helps with depends on the nature of the website, and for this particular purpose, it is not a perfect solution.
So should we throw the existing code away ?
My answer is NO, if i do end up taking this job, I plan to launch with the Laravel code, then extend the software with good old plain old PHP, with the database acting as the API between the new system and the old system, this way, the website owner can have a functional website where he can promote and advertise, and dip his toes in the water while a different system slowly takes this system’s place as it gets developed.
After updating the existing code from Laravel 7 to Laravel 9 (Overhead), running a security audit for the code, A varnish or nginx proxy should sit in the middle, and new code should run transparently through the proxy, when that happens, I am not even restricted to the same virtual machine running Laravel, I can have 2 virtual machines running different tools acting as one website, transparently, without the user ever knowing.
The front end with react
The other issue I have with this project is with react and react-native, which are the front ends of both web and mobile applications.
React is a very cool framework, but there is quite a bit of controversy around it and around Ajax in general when it comes to Search Engine optimization (SEO), in a statement by google ten years ago, googlebot is now able to read a website the same way a web browser does, and I have seen that they do see it that way from ten years ago when they were providing tools telling people what pages on their websites were having horizontal scroll bars, but regardless of that statement, the fact that most websites that appear in my search results are not Ajax, and that HTML and CSS still run most of the popular websites does raise some concerns, entering into a very competitive market dictates that every inch of a competitive advantage is vital to our success.
So, first let me get the advantages and disadvantages of Laravel out of the way, then get into the technicalities and how the new system should co-exist with Laravel and react.
Laravel is a very mature framework, but very opinionated, opinionated means the designers of the framework expect you to create your website in one specific way, and as long as you are within those lines, you can make things work, what mature and popular means is that when you don’t see those lines, someone online has probably mentioned how to do it with Laravel.
Laravel is not the greatest in backwards compatibility, so when a new release comes out, it is not just PHP that you need to worry about, it is also Laravel, and from people’s experiences online, things tend to either break or become buggy when a major release of Laravel is out
Laravel is heavy, very heavy, and to deal with that, the developers have come up with workarounds, mainly caching, which lends itself to certain websites more than others, sometimes caching can have so little benefit, and sometimes it is a magic recipe for super snappy
Laravel is based on symphony, and works great with react, but even though google has claimed that their spider treats
So the short of this story, if you are having problems with page loading without the theme or design, and you have a similar setup, odds are the problem is with wordpress settings not with nginx or with varnish !
So a closer look at the page source reveals that the page was loaded with https, but the links to all the page resources are in HTTP ! why is that ? simple
when you open the website in SSL, your browser creates a secure connection with nginx (termination), nginx requests the page from varnish, which relays the page again to the server.
As far as the web server serving wordpress is concerned, this request came in http, not https ! so all the page resources should be in http right ? yes, this is what is happening, but what is the solution
I tried a few solutions, for example, i changed the wordpress address and site address to httpS, but wordpress is smart enough to use whatever protocol the user accessed and use it for all resources !
there are many solutions programmatically, which is something i avoid because i update wordpress, and don’t want to fix it every time i upgrade, so whatever solution i need has got to be in the only file that is never modified when upgrading wordpress, the config file
wordpress knows it is on SSL from the following two entries in the environment, the entries $_SERVER[‘HTTPS’] and $_SERVER[‘SERVER_PORT’], the proxy sends a hint that the user used https with the variable $_SERVER[‘HTTP_X_FORWARDED_PROTO’] in the request header, hence, adding the following code snippet somewhere in the beginning of the config file should deceive wordpress into thinking it has been accessed over https !