poing/laravel-elb

Essentials for Laravel on AWS Elastic Beanstalk with HTTPS

Maintainers

Details

github.com/poing/laravel-elb

Source

Issues

Installs: 2 855

Dependents: 0

Suggesters: 0

Security: 0

Stars: 12

Watchers: 1

Forks: 1

Open Issues: 3

v1.0.3 2020-08-24 15:30 UTC

Requires

Suggests

MIT 4c5d70d640ed5f594b3644ab4f43272c0c66bdba

  • Brian LaVallee <brian.lavallee.woop@invite-comm.jp>

This package is auto-updated.

Last update: 2024-10-25 01:32:05 UTC

README

This package provides the essential elements for a Laravel app running on AWS Elastic Beanstalk (ELB) with HTTPS.

It provides the following:

  • Environment Configuration Files .ebextensions for Deployment
    • Set the document root to /public
    • Example showing how to read environment configuration variables
    • Copy .env.aws to .env
    • Run artisan commands
    • How to install and run npm commands
  • defaultStringLength() for MariaDB or Auroa
  • Middleware for HTTP to HTTPS redirection
    • Includes the ability to configure exceptions to the HTTPS redirection
  • Middleware to recognize secure requests

Elastic Beanstalk with HTTPS Quick Start Guide

Here are Step-by-Step instructions to deploy a new Laravel application to AWS Elastic Beanstalk.

Installation

You can install this package using composer

# With the Suggested Packages
composer require czproject/git-php ocramius/package-versions poing/laravel-elb

# Without the Suggested Packages
composer require poing/laravel-elb

Commands:

Once the package is installed, the following artisan commands will be available in your Laravel application:

  • elb:install: Add .ebextensions directory and .env.aws to the Laravel application.
  • elb:publish: Add config/laravel-elb.php to the Laravel application, to allow HTTPS redirection customization.
    • This will disable the sample route and view included with the package.

Elastic Beanstalk Configuration Files

This package provides Elastic Beanstalk configuration files (.ebextensions) to configure the environment, customize AWS resources, and perform Laravel tasks. Like running artisan commands.

.ebextensions/10-document-root.config
.ebextensions/20-app-key-test.config
.ebextensions/30-env-file.config
.ebextensions/40-artisan.config
.ebextensions/50-node-npm-gulp.config

These provide the basic requirements for deploying Laravel to Elastic Beanstalk. Files are named so you can insert files within the processing order.

If you think something is missing, something could be done better, feel free to submit a pull request.
Except for HTTP to HTTPS redirect, see the next section for an explanation.

MariaDB or Auroa

Because I often use Auroa or MarieDB, instead of MySQL. I added the fix for non-MySQL Databases.

Schema::defaultStringLength(191);

Laravel 5.4 made a change to the default database character set, and it’s now utf8mb4 which includes support for storing emojis. This only affects new applications and as long as you are running MySQL v5.7.7 and higher you do not need to do anything.

While AWS does provide a higher version of MySQL. Aurora (MySQL Compatabe), does not support the increased string length. yet

HTTP to HTTPS Redirection

Middleware included in this package eliminates the necessity of using .ebextensions to handle HTTP to HTTPS redirection with the Apache RewriteEngine method. While allowing some traffic not to be redirected, such as the Elastic Beanstalk HealthChecker.

Redirection does not occur for any of the following conditions:

  • The User-Agent is the Elastic Beanstalk HealthChecker
  • The Application Environment APP_ENV is set to local
  • The URI matches the exclude configuration settings

It provides the same functionality as the https-redirect recommended in the AWS documentation, and allows for custom paths to easily be excluded.

You may choose to use the .ebextensions method, it should not affect this middleware.

The middleware is a result of frustration trying to get the correct RewriteCond rules to exclude multiple conditions using the .ebextensions method. Handling the HTTP to HTTPS redirection with Laravel provides more flexibility with less headaches. I was working with an application that could not fetch content from third party domains with HTTPS.

  • This package does not prevent HTTPS access.
  • It does not redirect HTTPS to HTTP.
  • It only allows HTTP access to the specified URI paths.

Basic Usage

By default, this package includes a sample view and allows HTTP access to URI's with a base of /unsecure.

// Green = HTTP Allowed, Red = Redirected to HTTPS
+ http://{domain.tld}/unsecure
+ http://{domain.tld}/unsecure/your/web/route
- http://{domain.tld}/
- http://{domain.tld}/other

Configuration

To use your own configuration, run elb:publish to install config/laravel-elb.php in your Laravel application.

php artisan elb:publish

This will disable the sample view included with the package.

Excluded URI Paths
  • exclude: An array of URI paths that are not redirected to HTTPS.
    • Empty array will redirect all HTTP to HTTPS.
    'exclude' => [ 'alpha', 'bravo/charlie', ],
Behaviour:
// Green = HTTP Allowed, Red = Redirected to HTTPS
+ http://{domain.tld}/alpha
+ http://{domain.tld}/alpha/any/path
- http://{domain.tld}/bravo
+ http://{domain.tld}/bravo/charlie
+ http://{domain.tld}/bravo/charlie/any/path
- http://{domain.tld}/bravo/any
Strict Mode
  • strict: Boolean setting that will limit the path to only those specified in the exclude setting.
    'exclude' => [ 'alpha', 'bravo/charlie', ],
    'strict' => true,
Behaviour:
// Green = HTTP Allowed, Red = Redirected to HTTPS
+ http://{domain.tld}/alpha
- http://{domain.tld}/alpha/any/path
- http://{domain.tld}/bravo
+ http://{domain.tld}/bravo/charlie
- http://{domain.tld}/bravo/charlie/any/path
- http://{domain.tld}/bravo/any

Recognizing Secure Requests

The AWS Elastic Beanstalk environment uses a Load Balancer to serve HTTPS requests, while the Laravel application actually runs in an AWS Elastic Beanstalk environment that only supports HTTP.

This can cause the Laravel application to represent HTTP to helper methods that return URL information, since the Laravel application is not aware of the Load Balancer.

Incorrect Response:
// https://domain.tld
url()->current(); // Returns: 'http://domain.tld'

This package uses peppeocchi/laravel-elb-middleware to simplify using HTTPS with your Laravel application on AWS Elastic Beanstalk. Ensuring that your Laravel application will correctly recognize secure requests when running on Elastic Beanstalk with a Load Balancer. Allowing helper methods that return URL information, to represent the correct protocol scheme.

Correct Response:
// https://domain.tld
url()->current(); // Returns: 'https://domain.tld'

This middleware is based on a gist by Giuseppe Occhipinti that does the exact same thing.