vinny/iptv-stream-web
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
iptv-stream-web/DEPLOYMENT.md
Vincent 41cd7a4fd8 Add comprehensive unit tests for Security, UserModel, and Validation utilities 
- Implemented SecurityTest to validate token generation, CSRF protection, input sanitization, and rate limiting.
- Created UserModelTest to ensure correct database operations for user management, including creation, updating, banning, and fetching active users.
- Developed ValidationTest to verify input validation and sanitization for user IDs, nicknames, messages, and API requests.
- Introduced Security and Validation utility classes with methods for secure token generation, input sanitization, and comprehensive validation rules.
2025-09-30 21:22:28 -04:00

505 lines
11 KiB
Markdown
Raw Blame History

# 🚀 Dodgers IPTV - Deployment Guide
## Overview
The Dodgers IPTV Stream Theater has been completely rebuilt with enterprise-grade security, performance, and reliability. This deployment guide covers setup, configuration, and maintenance of the production-ready application.
---
## 📋 Prerequisites
### System Requirements
- **PHP**: 8.1 or higher
- **Database**: SQLite 3 (included with PHP)
- **Web Server**: Apache/Nginx with PHP-FPM recommended
- **Extensions**: pdo, pdo_sqlite, mbstring, json
- **Memory**: 128MB minimum, 256MB recommended
- **Storage**: 50MB for application, expandable for logs/database
### Development Tools
```bash
# Install Composer (PHP dependency manager)
curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer
# Verify installations
php --version # Should be 8.1+
composer --version # Should work
php -m | grep -E "(pdo|sqlite|mbstring|json)" # Extensions present
```
---
## 🛠️ Step-by-Step Setup
### 1. Code Deployment
```bash
# Clone or download the application
cd /var/www/html/
git clone https://your-repo-url/dodgers-iptv.git
cd dodgers-iptv
# Or extract from ZIP file
unzip dodgers-iptv-v1.0.0.zip
cd dodgers-iptv/
```
### 2. Dependency Installation
```bash
# Install PHP dependencies
composer install --no-dev --optimize-autoloader
# Verify autoloader
php -r "require 'vendor/autoload.php'; echo '✓ Composer setup complete\n';"
```
### 3. Environment Configuration
```bash
# Copy environment template
cp .env.example .env
# Edit configuration
nano .env
```
**Essential .env Configuration:**
```bash
# Environment
APP_ENV=production
# Admin Credentials (generate with included script)
ADMIN_USERNAME=your_admin_username
ADMIN_PASSWORD_HASH=run_php_generate_hash.php
# Database (SQLite - no configuration needed)
DB_DATABASE=data/app.db
# Security
SECRET_KEY=generate_random_64_char_key_here
# Stream Settings
STREAM_BASE_URL=http://your-stream-server:port
STREAM_ALLOWED_IPS=127.0.0.1,your.stream.ip
# Logging
LOG_LEVEL=WARNING
LOG_FILE=logs/app.log
```
### 4. Generate Admin Password
```bash
# Use included script to generate secure password hash
php generate_hash.php
# Enter your desired admin password
# Copy the generated hash to .env ADM_PASSWORD_HASH
```
### 5. Database Setup
```bash
# Run database migrations
make db
# Or manually:
php -r "
require_once 'bootstrap.php';
\$db = Database::getInstance()->getConnection();
\$sql = file_get_contents('migrations/001_create_tables.sql');
\$db->exec(\$sql);
echo 'Database initialized!\n';
"
```
### 6. File Permissions
```bash
# Set correct ownership (replace www-data with your web user)
sudo chown -R www-data:www-data /var/www/html/dodgers-iptv/
# Set permissions
find . -type f -name "*.php" -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;
# Database and logs need write access
chmod 664 data/app.db
chmod 775 logs/
chmod 664 logs/app.log
```
### 7. Web Server Configuration
#### Apache (recommended)
```apache
<VirtualHost *:80>
ServerName your-domain.com
DocumentRoot /var/www/html/dodgers-iptv
<Directory /var/www/html/dodgers-iptv>
AllowOverride All
Require all granted
# Security headers
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
Header always set Referrer-Policy strict-origin-when-cross-origin
</Directory>
# Logs
ErrorLog /var/log/apache2/dodgers-error.log
CustomLog /var/log/apache2/dodgers-access.log combined
</VirtualHost>
```
#### Nginx
```nginx
server {
listen 80;
server_name your-domain.com;
root /var/www/html/dodgers-iptv;
index index.php;
# Security headers
add_header X-Frame-Options "DENY" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
# Deny access to sensitive files
location ~ /(config|\.env|logs)/ {
deny all;
}
}
```
---
## 🔧 Post-Installation Tasks
### Run Tests (Recommended)
```bash
# Install development dependencies
composer install
# Run test suite
make test
# Check code coverage
make test-coverage
```
### Health Check
```bash
# Basic functionality test
curl -I http://your-domain.com/
# Database connection test
php -r "
require_once 'bootstrap.php';
\$db = Database::getInstance();
echo 'Database connection: ✓\n';
"
# Chat system test
php -r "
require_once 'bootstrap.php';
\$chat = new ChatServer();
echo 'Chat system: ✓\n';
"
```
### SSL Certificate (Production Recommended)
```bash
# Using Let's Encrypt (certbot)
sudo certbot --apache -d your-domain.com
# Or manual certificates
# Place fullchain.pem and privkey.pem in /etc/ssl/certs/
# Update Apache/Nginx config with SSL settings
```
---
## 🔍 Monitoring & Maintenance
### Log Monitoring
```bash
# View recent logs
tail -f logs/app.log
# Search for errors
grep "ERROR\|CRITICAL" logs/app.log
# Log rotation (add to cron)
0 0 * * * /usr/sbin/logrotate /etc/logrotate.d/dodgers
# Logrotate configuration (/etc/logrotate.d/dodgers)
/var/www/html/dodgers-iptv/logs/*.log {
daily
rotate 30
compress
delaycompress
missingok
notifempty
create 644 www-data www-data
postrotate
systemctl reload apache2 2>/dev/null || true
endscript
}
```
### Performance Monitoring
```bash
# Check PHP-FPM status
systemctl status php8.1-fpm
# Monitor resource usage
htop
# PHP performance metrics
php -r "
echo 'Memory limit: ' . ini_get('memory_limit') . PHP_EOL;
echo 'Max execution time: ' . ini_get('max_execution_time') . PHP_EOL;
echo 'Upload max size: ' . ini_get('upload_max_filesize') . PHP_EOL;
"
```
### Database Maintenance
```bash
# Database size check
ls -lh data/app.db
# Optimization (run weekly)
php -r "
require_once 'bootstrap.php';
\$db = Database::getInstance()->getConnection();
\$db->exec('VACUUM');
\$db->exec('REINDEX');
echo 'Database optimized!\n';
"
```
### Backup Strategy
```bash
#!/bin/bash
# Weekly backup script (/etc/cron.weekly/dodgers-backup)
BACKUP_DIR="/var/backups/dodgers"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
# Create backup directory
mkdir -p $BACKUP_DIR
# Database backup
sqlite3 data/app.db ".backup '$BACKUP_DIR/app_$TIMESTAMP.db'"
# Log archive
tar -czf $BACKUP_DIR/logs_$TIMESTAMP.tar.gz logs/
# Configuration backup
cp .env $BACKUP_DIR/env_$TIMESTAMP.bak
# Cleanup old backups (keep 30 days)
find $BACKUP_DIR -name "*.db" -mtime +30 -delete
find $BACKUP_DIR -name "*.tar.gz" -mtime +30 -delete
find $BACKUP_DIR -name "*.bak" -mtime +30 -delete
```
---
## 🚨 Troubleshooting
### Common Issues
#### 1. White Screen / 500 Error
```bash
# Check PHP error logs
tail -f /var/log/apache2/error.log
tail -f /var/log/php8.1-fpm.log
# Enable debug mode temporarily
# Set APP_ENV=development in .env
# Reload web server
systemctl reload apache2
```
#### 2. Database Connection Failed
```bash
# Check file permissions
ls -la data/app.db
# Test connection manually
php -r "
try {
\$pdo = new PDO('sqlite:data/app.db');
echo '✓ Database connection successful\n';
} catch(Exception \$e) {
echo '✗ Database error: ' . \$e->getMessage() . '\n';
}
"
```
#### 3. Chat Not Working
```bash
# Check SSE endpoint
curl -H "Accept: text/event-stream" "http://your-domain.com/?sse=1&user_id=test&csrf=test"
# Review chat logs
grep "chat\|ChatServer" logs/app.log
```
#### 4. High Memory Usage
```bash
# Monitor processes
ps aux | grep php
# Check PHP memory settings
php -r "echo 'Current memory_limit: ' . ini_get('memory_limit') . '\n';"
# Increase if needed (php.ini or .user.ini)
memory_limit = 256M
```
---
## 🔐 Security Hardening
### Additional Security Measures
```bash
# Install fail2ban for IP banning
sudo apt-get install fail2ban
# Configure fail2ban for application logs
# /etc/fail2ban/jail.local
[dodgers]
enabled = true
port = http,https
filter = dodgers
logpath = /var/www/html/dodgers-iptv/logs/app.log
maxretry = 3
bantime = 86400
# Create filter
# /etc/fail2ban/filter.d/dodgers.conf
[Definition]
failregex = ^.*SECURITY.*ip.*<HOST>.*$
ignoreregex =
```
### Firewall Configuration
```bash
# Allow only necessary ports
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow 'Apache Full'
# Enable firewall
sudo ufw enable
```
---
## 🚀 Performance Optimization
### PHP-FPM Tuning
```ini
# /etc/php/8.1/fpm/pool.d/www.conf
[www]
user = www-data
group = www-data
listen = /run/php/php8.1-fpm.sock
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 5
pm.max_spare_servers = 35
pm.process_idle_timeout = 10s
# Memory and timeouts
php_admin_value[memory_limit] = 128M
request_terminate_timeout = 300
```
### OPCache Configuration
```ini
# /etc/php/8.1/fpm/conf.d/opcache.ini
zend_extension=opcache.so
opcache.enable=1
opcache.memory_consumption=128
opcache.max_accelerated_files=7963
opcache.revalidate_freq=0
opcache.fast_shutdown=1
opcache.enable_cli=1
```
---
## 📊 Monitoring
### Health Check Endpoint
Add to monitoring system:
```
Health Check: http://your-domain.com/?api=health
Response: {"status":"ok","timestamp":"2025-01-01T12:00:00Z"}
```
### Metrics Collection
```bash
# Log analysis
#!/bin/bash
LOG_FILE="logs/app.log"
echo "=== Dodgers IPTV Daily Report ==="
echo "Requests today: $(grep "$(date +%Y-%m-%d)" "$LOG_FILE" | wc -l)"
echo "Errors today: $(grep "$(date +%Y-%m-%d)" "$LOG_FILE" | grep -i error | wc -l)"
echo "Chat messages today: $(grep "$(date +%Y-%m-%d)" "$LOG_FILE" | grep "message_sent" | wc -l)"
echo "Database size: $(ls -lh data/app.db | awk '{print $5}')"
echo "Log size: $(ls -lh logs/app.log | awk '{print $5}')"
```
---
## 🎯 Success Checklist
- [ ] PHP dependencies installed
- [ ] Environment variables configured
- [ ] Admin password hash generated
- [ ] Database tables created
- [ ] File permissions set correctly
- [ ] Web server configured and restarted
- [ ] SSL certificate installed (production)
- [ ] Basic functionality tested
- [ ] Application accessible at domain
- [ ] Chat system working
- [ ] Admin login functional
- [ ] Security headers verified
- [ ] Monitoring tools set up
- [ ] Backup strategy implemented
---
## 🎉 Deployment Complete!
Your Dodgers IPTV Stream Theater is now running with:
- ✅ Enterprise-grade security
- ✅ Real-time chat system
- ✅ Database-driven architecture
- ✅ Comprehensive monitoring
- ✅ Production-ready performance
**Access your application at: https://your-domain.com**
For support or questions, check the logs and test outputs for detailed error information.
Reference in a new issue View git blame Copy permalink