Laravel Forge

Contents

• Server
• Backups
• Site
• SSL
• Packages
• GitHub Actions
• Cache-Control
• Password Protection
• Cron Jobs
• Redis
• Production

Server

First, set up a server on Laravel Forge. Store the sudo password and database password in 1Password as a server item. Name it after the production domain and remember to add the IP address to the server.

Backups

Remember to add backup snapshots on the server, whether on DigitalOcean, Glesys, or your service of choice. Preferably set up daily backups and store them for at least seven days.

Site

Create a site on Laravel Forge using the production domain with the subdomain www. We prefer not to use naked domains for websites. Additionally, delete the default site created during the initial setup.

SSL

Enable SSL for the site using Let’s Encrypt. This process will take a few minutes.

Packages

If you’re building a WordPlate site and using private package repositories like ACF, remember to add the credentials under Composer Package Authentication.

GitHub Actions

Use the GitHub Actions SSH key to deploy the site, which you can find in 1Password. Add the public key to the server and the private key to GitHub Secrets. Create a new secret named SSH_PRIVATE_KEY on GitHub with the private key. Also, add the server’s IP as a variable called SERVER_IP. Additionally, include the FORGE_API_TOKEN secret to enable calls to the Forge API.

Cache-Control

I recently read “Your Cache Headers Could Probably Be More Aggressive”, which serves as a reminder to review the Cache-Control header of your websites. Below is a straightforward nginx configuration for this purpose.

location ~* \.(?:css|js|woff2|jpg|jpeg|png|gif|svg|webp|avif|mp4)$ {
    expires 1y;
    access_log off;
    add_header Cache-Control "public";
}

Password Protection

During the development phase, you may want to password-protect the site. Enable basic authentication through the dashboard on Laravel Forge with an easy-to-remember username and password, which we can send to the client.

Cron Jobs

If we are building a WordPlate site, it is recommended to disable the default cron in WordPress. This can be done by adding the following to the environment:

DISABLE_WP_CRON=true

Then, set up a cron job in the Laravel Forge dashboard to call the WordPress cron every minute.

* * * * * curl https://example.se/wordpress/wp-cron.php

Redis

Install Redis Object Cache plugin as a must-use plugin. This plugin will cache the database queries, which can significantly improve performance.

To enable Redis through the dashboard, you’ll temporarily need to allow file edits.

DISALLOW_FILE_MODS=false

Production

When the time comes, change the DNS records to point to the new server. Remember to update the www subdomain as well.

A example.se "123.45.678.90"
CNAME www.example.se "example.se."

Next, set the environment variable to production in the Laravel Forge dashboard.

Once the domain is active, update the cron job to reflect the production domain.

Disable basic authentication in the Laravel Forge dashboard.