Start a PHP 7.2 Slim Project on Ubuntu 18.04

I use Slim, a lightweight PHP framework for creating HTTP applications and APIs using “routes.”

Here’s my formula for deploying my Slim app on Ubuntu 18.04 with PHP 7.2. This has worked on GCP and AWS, as well as my own hosted cluster.

Please note that I will be working with a raw sudo terminal session, so I will omit the use of sudo from these instructions.

One Fresh LAMP Image, Please

Let us start with a fresh installation of Ubuntu 18.04.

# important!
apt update
apt -y upgrade
reboot

I like using tasksel to install LAMP (Apache, MySql and PHP). tasksel is the menu you encounter when installing Ubuntu from an ISO. If I am installing on a cloud service, I don’t get the opportunity to use this menu, so I have to install it manually.

apt install -y tasksel
tasksel
# Scroll down to LAMP Server
# Hit Spacebar to select
# Tab to the OK button and hit Enter

After I install MySql, I always secure it.

mysql_secure_installation
# Follow the prompts and accept all security recommendations

Use Certbot for Free SSL

Hooray for Certbot and Let’s Encrypt! Now it only takes a few minutes to configure Apache with SSL certificates.

Configure Public Domain Names

Super-important first step: assign a domain name you control to the public IP address of your hosted Ubuntu instance. The public clouds give you a public IP when you set up a new instance. Use that IP address to set up DNS A records for your host.

For example, if I have a domain called mydomain.com, and I want a host to be called api.mydomain.com and www.mydomain.com, and I want mydomain.com to work as well, and my public-facing IP address is 34.34.34.34, then I need these A records in my mydomain.com.db DNS zone file:

@    14400  IN  A  34.34.34.34
api  14400  IN  A  34.34.34.34
www 14400 IN A 34.34.34.34

Use Certbot to Install Let’s Encrypt Certificates

Start by installing Certbot and accepting the license terms.

add-apt-repository ppa:certbot/certbot
# Hit Enter to accept the terms
apt install -y python-certbot-apache

Run the certbot command as shown, entering all of your domain names. Enter your email address for identification and sign up for the EFF.org newsletter! Pick the option to automatically redirect your HTTP traffic to HTTPS.

certbot --apache -d mydomain.com -d www.mydomain.com -d api.mydomain.com
# Enter your email address
# Pick the option to redirect HTTP to HTTPS

Install PHP Modules and Composer

Slim uses the popular Composer module management system for PHP. I need a few PHP modules to get Composer to work with my Slim projects.

apt install -y composer zip php-curl php-xml php-mbstring php-zip

Load Project Files

For day-to-day work on a PHP/Slim project, I use a regular, unprivileged user account. I set up a new account with the adduser command. In this example the username vern is just an example. Select any username you want.

adduser vern
# Select a strong password
# Complete the "Full Name" field
# Hit Enter for the remaining prompts

Now, I need to impersonate the new user and load the project files from GitHub (or wherever I have my repository) into the project directory. After that I bring in all the dependent modules by running Composer.

In this example, I start a new Slim project called myproject using the Slim Skeleton repository.

cd ~vern
su vern
git clone https://github.com/slimphp/Slim-Skeleton.git myproject
cd myproject
composer install
exit

The last step in developer account preparation is to give Apache ownership of the log directory. Change vern to your developer account name.

chown www-data:www-data /home/vern/myproject/logs

Configure Apache for Slim

Edit the Apache SSL configuration file that was generated by Certbot:

vi /etc/apache2/sites-enabled/000-default-le-ssl.conf

The contents should like like this.

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName api.mydomain.com
SSLCertificateFile /etc/letsencrypt/live/api.mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/api.mydomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

Change the DocumentRoot directive to point to the project’s public directory.

DocumentRoot /home/vern/myproject/public

Add the following <Directory> directive before the </VirtualHost> tag.

<Directory "/home/vern/myproject/public">
  Options Indexes FollowSymLinks MultiViews
   AllowOverride all
   Require all granted
   <IfModule mod_rewrite.c>
    RewriteEngine on
      RewriteCond %{REQUEST_FILENAME} !-f
      RewriteRule ^(.*)$ index.php?_url=/$1 [QSA,L]
   </IfModule>
</Directory>

Finally, your 000-default-le-ssl.conf file should look like this:

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /home/vern/myproject/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName api.telnexus.com
SSLCertificateFile /etc/letsencrypt/live/api.mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/api.mydomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
<Directory "/home/vern/myproject/public">
   Options Indexes FollowSymLinks MultiViews
   AllowOverride all
   Require all granted
   <IfModule mod_rewrite.c>
     RewriteEngine on
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteRule ^(.*)$ index.php?_url=/$1 [QSA,L]
   </IfModule>
</Directory>
</VirtualHost>
</IfModule>

Save and restart Apache.

apache2ctl restart

Bask In The Glory!

Fire up your browser and go to https://api.mydomain.com/ and you should see the Slim default page.

Leave a Reply