Foilen Cloud
Fran├žais

PHP - Basic


Diagram of the Applications

All the machines where there are websites and/or URL redirects, there is an HA Proxy server which will receive all requests in HTTP (port 80) and HTTPS (port 443). Thus, a single machine can take care of several websites. Here are some reasons why HA Proxy is added to the deployment:

  • Simplification of the management of certificates for HTTPS by having them all at this level rather than at the application level.
  • Make the site available on one or more machines (those with HA Proxy) while sharing the load on several machines by running the site’s application (like Apache PHP) on several machines.

To serve sites in HTTPS, you need a certificate (which can be free or paid) and as it is HA Proxy which receives the requests, it is this one which has all the certificates. Then, the connection between HA Proxy and the website’s application is normally not encrypted if these two applications are on the same machine.

For URL redirects, an Apache process is started for all HTTP redirects and another process for all HTTPS redirects.

graph LR R[Apache HTTP Redirection] RS[Apache HTTPS Redirection] PHP[Apache PHP] HA[HA Proxy] HA --> R HA --> RS HA --> PHP

Diagram of the Resources to Create

The Website resource

  • allows you to define a website that is accessible by HTTP or HTTPS. To support both protocols, you need to create two Website. So the HTTP site could be a redirect to HTTPS and the HTTPS could be the site itself.
  • can be considered as the HA Proxy application and that is why all its configuration (like the HTTPS certificate) is present on it and it only points to an application which responds to requests.

The ApachePhp resource is the application that contains PHP files and responds to requests. Without a Website pointing to it, the site itself cannot be accessed off the machine.

graph LR Website -- POINTS_TO --> ApachePhp Website -- USES --> WebsiteCertificate Website -- INSTALLED_ON --> A[Machines HA Proxy] Website -- INSTALLED_ON_NO_DNS --> A[Machines HA Proxy] ApachePhp -- RUN_AS --> UnixUser ApachePhp -- INSTALLED_ON --> Machine ApachePhp -- ATTACHED --> AttachablePart

Diagram of the Generated Resources

graph LR Website -. MANAGES -.-> Domain Website -. MANAGES -.-> DnsPointer Website -. MANAGES -.-> U[UnixUser infra_web] DnsPointer -- POINTS_TO --> M[Machine HA Proxy] DnsPointer -. MANAGES -.-> Domain DnsPointer -. MANAGES -.-> DnsEntry

Create the HTTPS certificate

If the site is accessible via https, you must create a certificate.

  1. Go to Foilen Infra in the Plugin tab (https://infra.foilen.com/plugin/list) and click on Let’s Encrypt WebsiteCertificate
  2. Choose the owner
  3. Write the domain name
  4. Click on Create

Create redirections

If the site is accessible via https, it is good to create a redirect from http to https.

  1. Go to Foilen Infra in the Plugin tab (https://infra.foilen.com/plugin/list) and click on Url Redirection
  2. Choose the owner
  3. Enter the domain name
  4. To redirect http://{domaine}
    1. fill Url Redirection when http with https://{domaine}
    2. put true in Redirection is permanent for http
  5. Choose a machine

Create the database

Choose one of the available databases and don’t forget to create an Attachable if available.

Create website

Unix user

  1. Go to Foilen Infra in the Plugin tab (https://infra.foilen.com/plugin/list) and click on Unix User
  2. Choose the owner
  3. Enter the name
  4. For Install on, choose a machine
  5. Click on Create

Website

  1. Go to Foilen Infra in the Plugin tab (https://infra.foilen.com/plugin/list) and click on Website
  2. Choose the owner
  3. Enter the name
  4. The domain name
  5. For HTTPS, set to TRUE if the site will be accessible via https
  6. For Website Certificate (if HTTPS), choose the website certificate if you have chosen “https”
  7. Install on a machine
  8. Click on Create

Apache and PHP

  1. Go to Foilen Infra in the Plugin tab (https://infra.foilen.com/plugin/list) and click on Apache PHP
  2. Choose the owner
  3. Enter the name
  4. Put the version 7.4.3-1 or more recent (check via the link in the editor)
  5. For Base Folder Path, put the path of the Unix user’s directory and add a subdirectory to it
  6. For Unix User, choose the previously created Unix user
  7. For Websites that points to the generated application, choose the previously created website
  8. Add Parts (for the database), choose the previously created database attachment
  9. For Installed on Machines, choose the same machine as the one where the Unix user is installed
  10. Click on Create

Extras

To send emails

Sending emails using PHP is sometimes more complicated than necessary. This is because it depends on the Sendmail application and the configuration that the administrator places in “php.ini”. In this file, it is possible to put several different arguments to pass to Sendmail and this has different impacts for the PHP application to choose certain parameters such as the email which must go in the “From” field.

To keep things simple, Apache PHP incorporates sendmail-to-msmtp which

  • replaces the Sendmail application,
  • supports a “From” email to use if none is specified,
  • supports different arguments
  • and supports different headers.

This program sends everything to the msmtp application and that’s why you have to attach a msmtp configuration file by following the steps below.

Email Relay

Prerequisite: have an email account that allows you to send emails as the “From” address you want. This can be your GMail account, AWS SES, Sendgrid, your email account on Foilen Cloud or any other platform that allows sending in SMTP.

  1. Go to Foilen Infra in the Plugin tab (https://infra.foilen.com/plugin/list) and click on Email Relay
  2. Choose the owner
  3. Enter the name
  4. Enter the hostname, port, username and password.
  5. Click on Create

Attachable Email Relay to msmtp Config File

  1. Go to Foilen Infra in the Plugin tab (https://infra.foilen.com/plugin/list) and click on Attachable Email Relay to msmtp Config File
  2. Choose the owner
  3. Enter the name
  4. For Email Relay, choose the relay
  5. Click on Create

Add on Apache and PHP

  1. Edit the Apache and PHP resource
  2. Add Parts, choose the attachment of the email relay
  3. Click on Edit