Laravel in AWS Lightsail

I set up a tiny Laravel App in AWS last weekend This was the fourth time that I had to deploy in AWS, but still it took me a considerable amount of time.

This is the cheatsheet with all the commands for deploying Laravel, setting up the domain and SSL on AWS LAMP 20.

Update the server
sudo apt-get update
Create projects folder
sudo mkdir /opt/bitnami/projects
sudo chown $USER /opt/bitnami/projects
cd /opt/bitnami/projects
Clone the project
git clone <PATH_TO_REPO>
sudo chown $USER /opt/bitnami/projects/<FOLDER-NAME>
Install the dependencies
composer install
Set the permissions
sudo chown -R daemon:daemon /opt/bitnami/projects/<FOLDER-NAME>/storage
Get your DB root password
cat ~/bitnami_application_password
Create the DB and User
mysql -u root -p
mysql> create database DATABASE_NAME;
mysql> create user 'USER_NAME'@'%' identified by 'PASSWORD';
mysql> grant all privileges on DATABASE_NAME.* TO 'USER_NAME'@'%';
mysql> flush privileges;
mysql> exit;
Create .env
mv .env.example .env

Generate the key
php artisan key:generate
Migrate the DB
php artisan migrate
Set up the Virtual Host

Create the /opt/bitnami/apache2/conf/vhosts/<FOLDER-NAME>-vhost.conf with following:

<VirtualHost _default_:80>
  ServerAlias *
  DocumentRoot /opt/bitnami/projects/<FOLDER-NAME>/public
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
  <Directory "/opt/bitnami/projects/<FOLDER-NAME>/public">
    Options -Indexes +FollowSymLinks -MultiViews
    AllowOverride All
    Require all granted

Create the /opt/bitnami/apache2/conf/vhosts/<FOLDER-NAME>-https-vhost.conf with following:

<VirtualHost _default_:443>
  ServerAlias *
  DocumentRoot /opt/bitnami/projects/<FOLDER-NAME>/public
  SSLEngine on
  SSLCertificateFile "/opt/bitnami/apache2/conf/bitnami/certs/server.crt"
  SSLCertificateKeyFile "/opt/bitnami/apache2/conf/bitnami/certs/server.key"
  <Directory "/opt/bitnami/projects/<FOLDER-NAME>/public">
    Options -Indexes +FollowSymLinks -MultiViews
    AllowOverride All
    Require all granted

Then restart the server

sudo /opt/bitnami/ restart apache
Get an SSL certificate.
sudo apt-get install software-properties-common
sudo apt-add-repository ppa:certbot/certbot -y
sudo apt-get update -y
sudo apt-get install certbot -y
sudo certbot -d $DOMAIN -d $WILDCARD --manual --preferred-challenges dns certonly

Now, update the TXT records and test it here

sudo /opt/bitnami/ stop
sudo mv /opt/bitnami/apache/conf/bitnami/certs/server.crt /opt/bitnami/apache/conf/bitnami/certs/server.crt.old
sudo mv /opt/bitnami/apache/conf/bitnami/certs/server.key /opt/bitnami/apache/conf/bitnami/certs/server.key.old
sudo ln -s /etc/letsencrypt/live/$DOMAIN/privkey.pem /opt/bitnami/apache/conf/bitnami/certs/server.key
sudo ln -s /etc/letsencrypt/live/$DOMAIN/fullchain.pem /opt/bitnami/apache/conf/bitnami/certs/server.crt
sudo /opt/bitnami/ restart