poing / laravel-elb
Essentials for Laravel on AWS Elastic Beanstalk with HTTPS
Installs: 3 193
Dependents: 0
Suggesters: 0
Security: 0
Stars: 12
Watchers: 1
Forks: 1
Open Issues: 3
Requires
Suggests
- czproject/git-php: Provides branch information for the sample view.
- ocramius/package-versions: Provides package version for the sample view.
- dev-master
- v1.0.3
- v1.0.2
- v1.0.1
- v1.0.0
- v0.1.22
- v0.1.21
- v0.1.20
- v0.1.19
- v0.1.18
- v0.1.17
- v0.1.16
- v0.1.15
- v0.1.14
- v0.1.13
- v0.1.12
- v0.1.11
- v0.1.10
- v0.1.9
- v0.1.8
- v0.1.7
- v0.1.6
- v0.1.5
- v0.1.4
- v0.1.3
- 0.1.2.x-dev
- v0.1.2
- 0.1.1.x-dev
- v0.1.1
- 0.1.0.x-dev
- v0.1.0
- v0.0.16
- v0.0.15
- v0.0.14
- v0.0.13
- v0.0.12
- v0.0.11
- v0.0.10
- v0.0.9
- v0.0.8
- v0.0.7
- v0.0.6
- v0.0.5
- v0.0.4
- v0.0.3
- v0.0.2
- v0.0.1
This package is auto-updated.
Last update: 2024-11-25 01:42:17 UTC
README
This package provides the essential elements for a Laravel app running on AWS Elastic Beanstalk (ELB)
with HTTPS.
It provides the following:
- Environment Configuration Files
.ebextensions
for Deployment- Set the document root to
/public
- Example showing how to read environment configuration variables
- Copy
.env.aws
to.env
- Run
artisan
commands - How to install and run
npm
commands
- Set the document root to
defaultStringLength()
for MariaDB or Auroa- Middleware for HTTP to HTTPS redirection
- Includes the ability to configure exceptions to the HTTPS redirection
- Middleware to recognize secure requests
Elastic Beanstalk with HTTPS Quick Start Guide
Here are Step-by-Step instructions to deploy a new Laravel application to AWS Elastic Beanstalk.
Installation
You can install this package using composer
# With the Suggested Packages composer require czproject/git-php ocramius/package-versions poing/laravel-elb # Without the Suggested Packages composer require poing/laravel-elb
Commands:
Once the package is installed, the following artisan
commands will be available in your Laravel application:
elb:install
: Add.ebextensions
directory and.env.aws
to the Laravel application.elb:publish
: Addconfig/laravel-elb.php
to the Laravel application, to allow HTTPS redirection customization.- This will disable the sample
route
andview
included with the package.
- This will disable the sample
Elastic Beanstalk Configuration Files
This package provides Elastic Beanstalk configuration files (.ebextensions) to configure the environment, customize AWS resources, and perform Laravel tasks. Like running artisan
commands.
.ebextensions/10-document-root.config
.ebextensions/20-app-key-test.config
.ebextensions/30-env-file.config
.ebextensions/40-artisan.config
.ebextensions/50-node-npm-gulp.config
These provide the basic requirements for deploying Laravel to Elastic Beanstalk. Files are named so you can insert files within the processing order.
If you think something is missing, something could be done better, feel free to submit a pull request.
Except forHTTP
toHTTPS
redirect, see the next section for an explanation.
MariaDB or Auroa
Because I often use Auroa or MarieDB, instead of MySQL. I added the fix for non-MySQL Databases.
Schema::defaultStringLength(191);
Laravel 5.4 made a change to the default database character set, and it’s now utf8mb4 which includes support for storing emojis. This only affects new applications and as long as you are running MySQL v5.7.7 and higher you do not need to do anything.
While AWS does provide a higher version of MySQL. Aurora (MySQL Compatabe), does not support the increased string length. yet
HTTP to HTTPS Redirection
Middleware included in this package eliminates the necessity of using .ebextensions
to handle HTTP
to HTTPS
redirection with the Apache RewriteEngine
method. While allowing some traffic not to be redirected, such as the Elastic Beanstalk HealthChecker.
Redirection does not occur for any of the following conditions:
- The
User-Agent
is the Elastic Beanstalk HealthChecker - The Application Environment
APP_ENV
is set tolocal
- The
URI
matches theexclude
configuration settings
It provides the same functionality as the https-redirect
recommended in the AWS documentation, and allows for custom paths to easily be excluded.
You may choose to use the .ebextensions
method, it should not affect this middleware.
The middleware is a result of frustration trying to get the correct
RewriteCond
rules to exclude multiple conditions using the.ebextensions
method. Handling theHTTP
toHTTPS
redirection with Laravel provides more flexibility with less headaches. I was working with an application that could not fetch content from third party domains with HTTPS.
- This package does not prevent
HTTPS
access. - It does not redirect
HTTPS
toHTTP
. - It only allows
HTTP
access to the specifiedURI
paths.
Basic Usage
By default, this package includes a sample view
and allows HTTP
access to URI
's with a base of /unsecure
.
// Green = HTTP Allowed, Red = Redirected to HTTPS + http://{domain.tld}/unsecure + http://{domain.tld}/unsecure/your/web/route - http://{domain.tld}/ - http://{domain.tld}/other
Configuration
To use your own configuration, run elb:publish
to install config/laravel-elb.php
in your Laravel application.
php artisan elb:publish
This will disable the sample
view
included with the package.
Excluded URI Paths
exclude
: An array ofURI
paths that are not redirected toHTTPS
.- Empty array will redirect all
HTTP
toHTTPS
.
- Empty array will redirect all
'exclude' => [ 'alpha', 'bravo/charlie', ],
Behaviour:
// Green = HTTP Allowed, Red = Redirected to HTTPS + http://{domain.tld}/alpha + http://{domain.tld}/alpha/any/path - http://{domain.tld}/bravo + http://{domain.tld}/bravo/charlie + http://{domain.tld}/bravo/charlie/any/path - http://{domain.tld}/bravo/any
Strict Mode
strict
: Boolean setting that will limit the path to only those specified in theexclude
setting.
'exclude' => [ 'alpha', 'bravo/charlie', ],
'strict' => true,
Behaviour:
// Green = HTTP Allowed, Red = Redirected to HTTPS + http://{domain.tld}/alpha - http://{domain.tld}/alpha/any/path - http://{domain.tld}/bravo + http://{domain.tld}/bravo/charlie - http://{domain.tld}/bravo/charlie/any/path - http://{domain.tld}/bravo/any
Recognizing Secure Requests
The AWS Elastic Beanstalk environment uses a Load Balancer to serve HTTPS
requests, while the Laravel application actually runs in an AWS Elastic Beanstalk environment that only supports HTTP
.
This can cause the Laravel application to represent HTTP
to helper methods that return URL
information, since the Laravel application is not aware of the Load Balancer.
Incorrect Response:
// https://domain.tld url()->current(); // Returns: 'http://domain.tld'
This package uses peppeocchi/laravel-elb-middleware
to simplify using HTTPS
with your Laravel application on AWS Elastic Beanstalk. Ensuring that your Laravel application will correctly recognize secure requests when running on Elastic Beanstalk with a Load Balancer. Allowing helper methods that return URL
information, to represent the correct protocol scheme
.
Correct Response:
// https://domain.tld url()->current(); // Returns: 'https://domain.tld'
This middleware is based on a gist by Giuseppe Occhipinti that does the exact same thing.