vinny/iptv-stream-web
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
iptv-stream-web/DEPLOYMENT.md
Vincent 41cd7a4fd8 Add comprehensive unit tests for Security, UserModel, and Validation utilities 
- Implemented SecurityTest to validate token generation, CSRF protection, input sanitization, and rate limiting.
- Created UserModelTest to ensure correct database operations for user management, including creation, updating, banning, and fetching active users.
- Developed ValidationTest to verify input validation and sanitization for user IDs, nicknames, messages, and API requests.
- Introduced Security and Validation utility classes with methods for secure token generation, input sanitization, and comprehensive validation rules.
2025-09-30 21:22:28 -04:00

11 KiB
Raw Permalink Blame History

🚀 Dodgers IPTV - Deployment Guide

Overview

The Dodgers IPTV Stream Theater has been completely rebuilt with enterprise-grade security, performance, and reliability. This deployment guide covers setup, configuration, and maintenance of the production-ready application.

📋 Prerequisites

System Requirements

  • PHP: 8.1 or higher
  • Database: SQLite 3 (included with PHP)
  • Web Server: Apache/Nginx with PHP-FPM recommended
  • Extensions: pdo, pdo_sqlite, mbstring, json
  • Memory: 128MB minimum, 256MB recommended
  • Storage: 50MB for application, expandable for logs/database

Development Tools

# Install Composer (PHP dependency manager)
curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer

# Verify installations
php --version        # Should be 8.1+
composer --version   # Should work
php -m | grep -E "(pdo|sqlite|mbstring|json)"  # Extensions present

🛠️ Step-by-Step Setup

1. Code Deployment

# Clone or download the application
cd /var/www/html/
git clone https://your-repo-url/dodgers-iptv.git
cd dodgers-iptv

# Or extract from ZIP file
unzip dodgers-iptv-v1.0.0.zip
cd dodgers-iptv/

2. Dependency Installation

# Install PHP dependencies
composer install --no-dev --optimize-autoloader

# Verify autoloader
php -r "require 'vendor/autoload.php'; echo '✓ Composer setup complete\n';"

3. Environment Configuration

# Copy environment template
cp .env.example .env

# Edit configuration
nano .env

Essential .env Configuration:

# Environment
APP_ENV=production

# Admin Credentials (generate with included script)
ADMIN_USERNAME=your_admin_username
ADMIN_PASSWORD_HASH=run_php_generate_hash.php

# Database (SQLite - no configuration needed)
DB_DATABASE=data/app.db

# Security
SECRET_KEY=generate_random_64_char_key_here

# Stream Settings
STREAM_BASE_URL=http://your-stream-server:port
STREAM_ALLOWED_IPS=127.0.0.1,your.stream.ip

# Logging
LOG_LEVEL=WARNING
LOG_FILE=logs/app.log

4. Generate Admin Password

# Use included script to generate secure password hash
php generate_hash.php

# Enter your desired admin password
# Copy the generated hash to .env ADM_PASSWORD_HASH

5. Database Setup

# Run database migrations
make db

# Or manually:
php -r "
require_once 'bootstrap.php';
\$db = Database::getInstance()->getConnection();
\$sql = file_get_contents('migrations/001_create_tables.sql');
\$db->exec(\$sql);
echo 'Database initialized!\n';
"

6. File Permissions

# Set correct ownership (replace www-data with your web user)
sudo chown -R www-data:www-data /var/www/html/dodgers-iptv/

# Set permissions
find . -type f -name "*.php" -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;

# Database and logs need write access
chmod 664 data/app.db
chmod 775 logs/
chmod 664 logs/app.log

7. Web Server Configuration

Apache (recommended)

<VirtualHost *:80>
    ServerName your-domain.com
    DocumentRoot /var/www/html/dodgers-iptv

    <Directory /var/www/html/dodgers-iptv>
        AllowOverride All
        Require all granted

        # Security headers
        Header always set X-Frame-Options DENY
        Header always set X-Content-Type-Options nosniff
        Header always set Referrer-Policy strict-origin-when-cross-origin
    </Directory>

    # Logs
    ErrorLog /var/log/apache2/dodgers-error.log
    CustomLog /var/log/apache2/dodgers-access.log combined
</VirtualHost>

Nginx

server {
    listen 80;
    server_name your-domain.com;
    root /var/www/html/dodgers-iptv;
    index index.php;

    # Security headers
    add_header X-Frame-Options "DENY" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        include fastcgi_params;
        fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
    }

    # Deny access to sensitive files
    location ~ /(config|\.env|logs)/ {
        deny all;
    }
}

🔧 Post-Installation Tasks

Run Tests (Recommended)

# Install development dependencies
composer install

# Run test suite
make test

# Check code coverage
make test-coverage

Health Check

# Basic functionality test
curl -I http://your-domain.com/

# Database connection test
php -r "
require_once 'bootstrap.php';
\$db = Database::getInstance();
echo 'Database connection: ✓\n';
"

# Chat system test
php -r "
require_once 'bootstrap.php';
\$chat = new ChatServer();
echo 'Chat system: ✓\n';
"

SSL Certificate (Production Recommended)

# Using Let's Encrypt (certbot)
sudo certbot --apache -d your-domain.com

# Or manual certificates
# Place fullchain.pem and privkey.pem in /etc/ssl/certs/
# Update Apache/Nginx config with SSL settings

🔍 Monitoring & Maintenance

Log Monitoring

# View recent logs
tail -f logs/app.log

# Search for errors
grep "ERROR\|CRITICAL" logs/app.log

# Log rotation (add to cron)
0 0 * * * /usr/sbin/logrotate /etc/logrotate.d/dodgers

# Logrotate configuration (/etc/logrotate.d/dodgers)
/var/www/html/dodgers-iptv/logs/*.log {
    daily
    rotate 30
    compress
    delaycompress
    missingok
    notifempty
    create 644 www-data www-data
    postrotate
        systemctl reload apache2 2>/dev/null || true
    endscript
}

Performance Monitoring

# Check PHP-FPM status
systemctl status php8.1-fpm

# Monitor resource usage
htop

# PHP performance metrics
php -r "
echo 'Memory limit: ' . ini_get('memory_limit') . PHP_EOL;
echo 'Max execution time: ' . ini_get('max_execution_time') . PHP_EOL;
echo 'Upload max size: ' . ini_get('upload_max_filesize') . PHP_EOL;
"

Database Maintenance

# Database size check
ls -lh data/app.db

# Optimization (run weekly)
php -r "
require_once 'bootstrap.php';
\$db = Database::getInstance()->getConnection();
\$db->exec('VACUUM');
\$db->exec('REINDEX');
echo 'Database optimized!\n';
"

Backup Strategy

#!/bin/bash
# Weekly backup script (/etc/cron.weekly/dodgers-backup)

BACKUP_DIR="/var/backups/dodgers"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)

# Create backup directory
mkdir -p $BACKUP_DIR

# Database backup
sqlite3 data/app.db ".backup '$BACKUP_DIR/app_$TIMESTAMP.db'"

# Log archive
tar -czf $BACKUP_DIR/logs_$TIMESTAMP.tar.gz logs/

# Configuration backup
cp .env $BACKUP_DIR/env_$TIMESTAMP.bak

# Cleanup old backups (keep 30 days)
find $BACKUP_DIR -name "*.db" -mtime +30 -delete
find $BACKUP_DIR -name "*.tar.gz" -mtime +30 -delete
find $BACKUP_DIR -name "*.bak" -mtime +30 -delete

🚨 Troubleshooting

Common Issues

1. White Screen / 500 Error

# Check PHP error logs
tail -f /var/log/apache2/error.log
tail -f /var/log/php8.1-fpm.log

# Enable debug mode temporarily
# Set APP_ENV=development in .env
# Reload web server
systemctl reload apache2

2. Database Connection Failed

# Check file permissions
ls -la data/app.db

# Test connection manually
php -r "
try {
    \$pdo = new PDO('sqlite:data/app.db');
    echo '✓ Database connection successful\n';
} catch(Exception \$e) {
    echo '✗ Database error: ' . \$e->getMessage() . '\n';
}
"

3. Chat Not Working

# Check SSE endpoint
curl -H "Accept: text/event-stream" "http://your-domain.com/?sse=1&user_id=test&csrf=test"

# Review chat logs
grep "chat\|ChatServer" logs/app.log

4. High Memory Usage

# Monitor processes
ps aux | grep php

# Check PHP memory settings
php -r "echo 'Current memory_limit: ' . ini_get('memory_limit') . '\n';"

# Increase if needed (php.ini or .user.ini)
memory_limit = 256M

🔐 Security Hardening

Additional Security Measures

# Install fail2ban for IP banning
sudo apt-get install fail2ban

# Configure fail2ban for application logs
# /etc/fail2ban/jail.local
[dodgers]
enabled = true
port = http,https
filter = dodgers
logpath = /var/www/html/dodgers-iptv/logs/app.log
maxretry = 3
bantime = 86400

# Create filter
# /etc/fail2ban/filter.d/dodgers.conf
[Definition]
failregex = ^.*SECURITY.*ip.*<HOST>.*$
ignoreregex =

Firewall Configuration

# Allow only necessary ports
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow 'Apache Full'

# Enable firewall
sudo ufw enable

🚀 Performance Optimization

PHP-FPM Tuning

# /etc/php/8.1/fpm/pool.d/www.conf
[www]

user = www-data
group = www-data

listen = /run/php/php8.1-fpm.sock
listen.owner = www-data
listen.group = www-data

pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.process_idle_timeout = 10s

# Memory and timeouts
php_admin_value[memory_limit] = 128M
request_terminate_timeout = 300

OPCache Configuration

# /etc/php/8.1/fpm/conf.d/opcache.ini
zend_extension=opcache.so
opcache.enable=1
opcache.memory_consumption=128
opcache.max_accelerated_files=7963
opcache.revalidate_freq=0
opcache.fast_shutdown=1
opcache.enable_cli=1

📊 Monitoring

Health Check Endpoint

Add to monitoring system:

Health Check: http://your-domain.com/?api=health
Response: {"status":"ok","timestamp":"2025-01-01T12:00:00Z"}

Metrics Collection

# Log analysis
#!/bin/bash
LOG_FILE="logs/app.log"
echo "=== Dodgers IPTV Daily Report ==="
echo "Requests today: $(grep "$(date +%Y-%m-%d)" "$LOG_FILE" | wc -l)"
echo "Errors today: $(grep "$(date +%Y-%m-%d)" "$LOG_FILE" | grep -i error | wc -l)"
echo "Chat messages today: $(grep "$(date +%Y-%m-%d)" "$LOG_FILE" | grep "message_sent" | wc -l)"
echo "Database size: $(ls -lh data/app.db | awk '{print $5}')"
echo "Log size: $(ls -lh logs/app.log | awk '{print $5}')"

🎯 Success Checklist

  • PHP dependencies installed
  • Environment variables configured
  • Admin password hash generated
  • Database tables created
  • File permissions set correctly
  • Web server configured and restarted
  • SSL certificate installed (production)
  • Basic functionality tested
  • Application accessible at domain
  • Chat system working
  • Admin login functional
  • Security headers verified
  • Monitoring tools set up
  • Backup strategy implemented

🎉 Deployment Complete!

Your Dodgers IPTV Stream Theater is now running with:

  • Enterprise-grade security
  • Real-time chat system
  • Database-driven architecture
  • Comprehensive monitoring
  • Production-ready performance

Access your application at: https://your-domain.com

For support or questions, check the logs and test outputs for detailed error information.