A comprehensive collection of scripts and documentation to prepare a fresh Ubuntu/Debian server for production website hosting with modern deployment practices.
This repository provides everything you need to:
- Set up a production-ready web server with Nginx and PHP-FPM [PHP 8.3 most stable]
- Secure your server with Fail2ban and SSL certificates
- Choose your SSL method: Let's Encrypt (Certbot) OR Cloudflare Origin certificates
- Optional MySQL/MariaDB database server with phpMyAdmin
- GitHub CI/CD deployment - automatically deploy from GitHub on push
- Multi-server sync with lsyncd - real-time file synchronization across multiple servers
The scripts/ folder contains ready-to-run shell scripts that automate the setup process, NOTE: replace example.com with your domain/subdomain name before you proceed;
# Clone the repository
git clone https://github.com/melancholic-ksm/AZ-Plan-detailed.git
cd AZ-Plan-detailed/scripts
# Make scripts executable
chmod +x *.sh
# Run the scripts in order:
sudo ./01-system-setup.sh # System updates and essentials
sudo ./02-nginx-php-setup.sh example.com # Nginx + PHP-FPM
sudo ./03-fail2ban-setup.sh # Security with Fail2ban
# Choose ONE SSL method:
sudo ./04-certbot-ssl-setup.sh example.com # Free Let's Encrypt SSL
# OR
sudo ./05-cloudflare-ssl-setup.sh example.com # Cloudflare Origin SSL
# Optional components:
sudo ./06-mysql-setup.sh # MySQL + phpMyAdmin
sudo ./07-lsyncd-setup.sh # Multi-server file sync
sudo ./08-github-cicd-setup.sh # GitHub Actions deployment├── scripts/ # Executable shell scripts
│ ├── 01-system-setup.sh # System updates and essentials
│ ├── 02-nginx-php-setup.sh # Nginx + PHP-FPM installation
│ ├── 03-fail2ban-setup.sh # Fail2ban security setup
│ ├── 04-certbot-ssl-setup.sh # Let's Encrypt SSL (free)
│ ├── 05-cloudflare-ssl-setup.sh # Cloudflare Origin SSL
│ ├── 06-mysql-setup.sh # MySQL + phpMyAdmin (optional)
│ ├── 07-lsyncd-setup.sh # lsyncd multi-server sync
│ └── 08-github-cicd-setup.sh # GitHub Actions CI/CD setup
├── Github-cicd/ # CI/CD documentation
├── lsyncd/ # lsyncd setup guides
├── mysql/ # MySQL troubleshooting guides
└── README.md
Automatically deploy your website when you push to GitHub:
- Run
./08-github-cicd-setup.shon your server - Add the generated secrets to your GitHub repository
- Push to
mainbranch - your site deploys automatically!
Features:
- Uses rsync for efficient incremental updates
- Supports multiple servers
- Works with both GitHub-hosted and self-hosted runners
Keep multiple servers in sync in real-time:
- Run
./07-lsyncd-setup.shon your main server - Configure target servers
- Any file changes automatically sync to all servers
Use cases:
- Multi-region deployments
- High availability setups
- Development to staging sync
- Automatic certificate management
- 90-day validity with auto-renewal
- Requires public domain pointing to server
- No Cloudflare required
- 15-year validity
- Works behind Cloudflare proxy
- Requires Cloudflare account
- Recommended when using Cloudflare for DNS/CDN
For detailed step-by-step guides, see:
- Nginx, PHP, Fail2ban Setup - Manual installation guide
- GitHub CI/CD Setup - Detailed CI/CD configuration
- lsyncd Setup - Multi-server synchronization
- MySQL Setup & Troubleshooting - Database configuration
- OS: Ubuntu 22.04/24.04 or Debian 11/12
- Access: Root or sudo privileges
- Network: SSH access to server
- Domain: A domain name (for SSL)
- Always use strong passwords for MySQL and other services
- Keep your SSH keys secure
- Consider additional hardening (SSH key-only auth, custom SSH port)
- Regularly update your system:
sudo apt update && sudo apt upgrade
This project is open source and available for personal and commercial use.
Contributions are welcome! Feel free to submit issues and pull requests.