This guide walks you through deploying a Laravel app with MySQL on AWS EC2. You'll learn to set up NGINX, enable HTTPS, and configure your firewall.
Laravel is a popular PHP framework known for its elegant syntax and powerful features, making it a favorite choice for web developers. AWS EC2 (Elastic Compute Cloud) provides scalable computing capacity in the cloud, allowing you to run applications on virtual servers. Together, they create a robust environment for deploying web applications. In this guide, we'll explore how to deploy a Laravel application with a MySQL database on AWS EC2 using NGINX as the web server and secure it with HTTPS.
Setting up a Laravel application on AWS EC2 involves several steps, including server configuration and security measures. You'll need to launch an EC2 instance, install necessary packages, and configure the web server. Additionally, securing your application with HTTPS is crucial for protecting user data and ensuring secure communication. We'll walk through the entire process, providing you with command-line instructions to set up your environment efficiently.
Before diving into the deployment, ensure you have an AWS account with administrative privileges and a basic understanding of the AWS Management Console. Familiarity with the Linux command line is also beneficial as you'll be executing commands to configure the server. For more information on AWS EC2, you can visit the AWS EC2 documentation. Let's get started with launching your EC2 instance and preparing it for your Laravel application.
To begin setting up your AWS EC2 instance for deploying a Laravel and MySQL application, you'll first need to log in to your AWS Management Console. Once logged in, navigate to the EC2 dashboard and click on "Launch Instance." Choose an Amazon Machine Image (AMI) that suits your needs; for a Laravel app, a Linux-based AMI like Amazon Linux 2 or Ubuntu is recommended. Select an instance type that provides sufficient resources for your application, such as t2.micro for small-scale applications.
After selecting your instance type, configure instance details. Ensure that you select a VPC and subnet that allow internet access. Also, enable auto-assign Public IP to facilitate SSH access. Next, you'll need to configure storage; the default 8 GB is usually sufficient for initial deployment. Proceed to "Add Tags" where you can label your instance for easier identification. Under "Configure Security Group," create a new security group with rules allowing SSH (port 22), HTTP (port 80), and HTTPS (port 443) access. Once configured, review and launch your instance, ensuring you download the key pair for SSH access.
After launching your instance, connect to it via SSH using the key pair you downloaded earlier. Open a terminal and run the following command, replacing your-key.pem and your-ec2-public-ip with your key file and instance's public IP address respectively:
ssh -i "your-key.pem" ec2-user@your-ec2-public-ipOnce connected, you can begin installing necessary packages such as NGINX, PHP, and MySQL to support your Laravel application. This setup is crucial for ensuring your server environment is ready for deploying your application stack.
To install NGINX on your AWS EC2 instance, you'll first need to SSH into your server. If you haven't done so already, connect to your instance using a terminal with the command:
ssh -i your-key-file.pem ec2-user@your-ec2-public-dnsOnce connected, update your package index to ensure you have the latest package information. Then, install NGINX using the following commands:
sudo yum update -y
sudo amazon-linux-extras install nginx1After installation, start the NGINX service and enable it to start on boot. This ensures that NGINX will automatically launch whenever your server restarts:
sudo systemctl start nginx
sudo systemctl enable nginxTo verify that NGINX is running, you can check its status with:
sudo systemctl status nginxIf all is well, you should see NGINX listed as "active (running)". You can also visit your server's public IP address in a web browser to see the default NGINX welcome page, confirming that the installation was successful.
For more detailed information on configuring NGINX, you can refer to the official NGINX documentation.
Configuring MySQL for your Laravel application involves a few crucial steps to ensure a seamless connection and optimal performance. First, ensure that MySQL is installed and running on your AWS EC2 instance. You can verify this by executing the command sudo systemctl status mysql. If it's not installed, you can do so by running sudo apt-get install mysql-server. Once installed, secure your MySQL installation by running sudo mysql_secure_installation, which will guide you through setting a root password and removing anonymous users.
Next, you'll need to create a database and a user for your Laravel application. Access the MySQL shell using mysql -u root -p and then use the following commands:
CREATE DATABASE laravel_app;
CREATE USER 'laravel_user'@'localhost' IDENTIFIED BY 'securepassword';
GRANT ALL PRIVILEGES ON laravel_app.* TO 'laravel_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;
With the database and user in place, the final step involves updating your Laravel application's environment configuration. Open the .env file in your Laravel project directory and set the database connection information:
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=laravel_app
DB_USERNAME=laravel_user
DB_PASSWORD=securepassword
Ensure that the MySQL service is accessible by checking your AWS security group settings. Add a rule to allow traffic on port 3306 for the IP addresses that need access. For more details on setting up security groups, refer to the AWS Security Groups documentation.
Deploying a Laravel application on AWS EC2 with NGINX and HTTPS involves several steps. First, ensure your EC2 instance is running a compatible Linux distribution, such as Amazon Linux 2 or Ubuntu. Begin by connecting to your instance via SSH. Update your system packages and install necessary software like PHP, MySQL, and composer. It's crucial to configure your environment with the correct PHP version supported by Laravel. Additionally, install Git to clone your Laravel project from a repository.
Once your environment is set, configure NGINX to serve your Laravel application. Create a new NGINX configuration file for your site in /etc/nginx/sites-available/ and link it to /etc/nginx/sites-enabled/. Ensure the root directive points to the public directory of your Laravel project. Next, configure your firewall to allow HTTP and HTTPS traffic. On AWS, this is done through Security Groups. Open ports 80 and 443 for web traffic, and port 22 for SSH access.
To secure your application with HTTPS, use Certbot to obtain and install a free SSL certificate from Let's Encrypt. Follow the prompts to generate your certificate and configure NGINX to use it. Finally, run Laravel migrations to set up your database schema, and configure the .env file to connect to your MySQL database. With these steps completed, your Laravel application should be live and accessible over HTTPS!
To set up NGINX for your Laravel application on an AWS EC2 instance, begin by installing NGINX. Connect to your EC2 instance using SSH, then execute the following command to install NGINX:
sudo apt update
sudo apt install nginx
Once NGINX is installed, configure it to serve your Laravel application. First, navigate to the NGINX configuration directory and create a new configuration file for your app. You can do this by running:
sudo nano /etc/nginx/sites-available/laravel
Inside this file, define the server block to point to your Laravel public directory. Here is a basic configuration example:
server {
listen 80;
server_name your_domain_or_IP;
root /var/www/laravel/public;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
After configuring the server block, enable the new site by creating a symbolic link to the sites-enabled directory:
sudo ln -s /etc/nginx/sites-available/laravel /etc/nginx/sites-enabled/
Test your NGINX configuration for syntax errors with:
sudo nginx -t
If there are no errors, restart NGINX to apply the changes:
sudo systemctl restart nginx
For additional information on configuring NGINX, you can refer to the NGINX documentation. With NGINX configured, your Laravel application should be accessible via your server's public IP or domain name.
Enabling HTTPS for your Laravel application on AWS EC2 is crucial for ensuring secure communication. Let's Encrypt provides a free, automated, and open certificate authority that simplifies this process. First, ensure that your domain is correctly pointed to your EC2 instance. You can achieve this by configuring your DNS settings to map your domain to the public IP address of your EC2 instance. Once your domain is set up, you can proceed with installing Certbot, a tool that automates the process of obtaining and renewing SSL certificates from Let's Encrypt.
To install Certbot on your EC2 instance, connect via SSH and execute the following command:
sudo apt-get update
sudo apt-get install certbot python3-certbot-nginxAfter installation, use Certbot to obtain and install the SSL certificate by running:
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.comCertbot will automatically configure NGINX to use the new certificate. It will prompt you to enter your email address and agree to the terms of service. Once completed, Certbot will configure HTTPS for your domain.
Finally, to ensure your SSL certificate remains valid, set up a cron job to automatically renew it. Open the crontab editor:
sudo crontab -eAdd the following line to schedule a renewal check twice a day:
0 0,12 * * * /usr/bin/certbot renew --quietThis command will attempt to renew the certificate, and if successful, reload NGINX to apply the updated certificate. For more information, you can visit the Certbot website.
Configuring your firewall is a crucial step in securing your Laravel + MySQL application on AWS EC2. By setting up the firewall correctly, you can control which network traffic is allowed to enter and leave your server. AWS provides a built-in firewall feature called Security Groups, which acts as a virtual firewall for your EC2 instances. Security Groups allow you to specify the protocols, ports, and source IP ranges that are permitted to access your instance.
To configure the firewall, start by navigating to the AWS Management Console and selecting your EC2 instance. Under the "Security" tab, click on the "Security Groups" associated with your instance. Edit the inbound rules to allow HTTP (port 80) and HTTPS (port 443) traffic. Additionally, allow SSH (port 22) only from trusted IP addresses for secure remote access. You can use CIDR notation to specify IP ranges. For example, to allow SSH access from a specific IP, you could use 203.0.113.0/24.
After configuring the inbound rules, ensure your outbound rules are set to allow all traffic, which is usually the default setting. This is necessary for your application to communicate with external services, such as a MySQL database hosted on AWS RDS. For more detailed guidance on setting up Security Groups, refer to the AWS Security Groups documentation. Proper firewall configuration not only enhances security but also ensures that your application remains accessible to users while blocking unauthorized access.
After successfully deploying your Laravel application on an AWS EC2 instance with NGINX and HTTPS, it's crucial to conduct thorough testing to ensure everything operates smoothly. Begin by verifying that your application is accessible over HTTPS. Open your browser and navigate to your domain or public IP address. You should see your Laravel application's homepage, indicating that NGINX is correctly serving your app and the SSL certificate is properly configured.
Next, test the functionality of your application. Ensure all routes are accessible and that forms, links, and database queries function as expected. You can use tools like Postman to test API endpoints if your application includes them. Additionally, check the browser's developer console for any errors, which might indicate issues with your front-end code or network requests.
Finally, review the server logs to confirm there are no hidden errors. Access the logs using the following command:
sudo tail -f /var/log/nginx/error.logand
sudo tail -f /var/log/nginx/access.logThese logs will provide insights into any server-side issues and help you troubleshoot any problems. Regular log monitoring is a best practice to catch potential issues early in your deployment lifecycle.
Deploying a Laravel + MySQL application on AWS EC2 with NGINX and HTTPS can sometimes present challenges. One common issue involves incorrect NGINX configuration, which may lead to a "502 Bad Gateway" error. Ensure that your NGINX configuration file is correctly pointing to the Laravel application's socket or port. Double-check the path to the fastcgi_pass directive and ensure it matches the PHP-FPM configuration. Restarting the NGINX service with sudo systemctl restart nginx can help apply the changes.
Another frequent problem is related to database connectivity. If your Laravel application cannot connect to the MySQL database, verify that the database credentials in the .env file are accurate. Additionally, ensure that the MySQL server is running and accessible. You may need to adjust security group settings in the AWS console to allow traffic on the MySQL port (default is 3306). Use sudo systemctl status mysql to check the MySQL service status.
SSL/TLS issues can also arise when setting up HTTPS. If your site isn't serving over HTTPS, confirm that your SSL certificates are correctly configured and that the server block in your NGINX config includes the listen 443 ssl; directive. Utilize Let's Encrypt with Certbot for free SSL certificates and refer to Certbot's official guide for installation instructions. Remember to renew your certificates regularly to maintain secure connections.