# Deployment Guide — Career Path Job Portal ## Server Requirements - PHP 8.3+ with extensions: `pdo_mysql`, `mbstring`, `openssl`, `tokenizer`, `xml`, `ctype`, `json`, `bcmath`, `fileinfo`, `redis` - MySQL 8.0+ - Redis 6+ - Nginx or Apache - Node.js 18+ (build only) - SSL certificate (required for production) ## VPS / Cloud Deployment (Recommended) ### 1. Clone & Install ```bash git clone /var/www/careerpath cd /var/www/careerpath composer install --optimize-autoloader --no-dev npm ci && npm run build ``` ### 2. Environment ```bash cp .env.example .env php artisan key:generate ``` Configure `.env`: ```env APP_ENV=production APP_DEBUG=false APP_URL=https://careerpath.lk DB_CONNECTION=mysql DB_HOST=127.0.0.1 DB_DATABASE=careerpath DB_USERNAME=careerpath DB_PASSWORD= CACHE_STORE=redis SESSION_DRIVER=redis QUEUE_CONNECTION=redis REDIS_HOST=127.0.0.1 REDIS_PORT=6379 FILESYSTEM_DISK=s3 # or local AWS_BUCKET=careerpath-cvs ``` ### 3. Database & Storage ```bash php artisan migrate --force php artisan db:seed --force # first deploy only php artisan storage:link ``` ### 4. Permissions ```bash chown -R www-data:www-data storage bootstrap/cache chmod -R 775 storage bootstrap/cache ``` ### 5. Optimize ```bash php artisan config:cache php artisan route:cache php artisan view:cache php artisan event:cache ``` ### 6. Queue Worker (Supervisor) ```ini [program:careerpath-worker] process_name=%(program_name)s_%(process_num)02d command=php /var/www/careerpath/artisan queue:work redis --sleep=3 --tries=3 --max-time=3600 autostart=true autorestart=true user=www-data numprocs=2 redirect_stderr=true stdout_logfile=/var/www/careerpath/storage/logs/worker.log ``` ### 7. Cron Jobs ```cron * * * * * cd /var/www/careerpath && php artisan schedule:run >> /dev/null 2>&1 ``` Scheduled tasks: - `jobs:expire` — Daily job expiry - `sitemap:generate` — Daily sitemap cache refresh ### 8. Nginx Configuration ```nginx server { listen 443 ssl http2; server_name careerpath.lk www.careerpath.lk; root /var/www/careerpath/public; add_header X-Frame-Options "SAMEORIGIN"; add_header X-Content-Type-Options "nosniff"; index index.php; charset utf-8; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ \.php$ { fastcgi_pass unix:/var/run/php/php8.3-fpm.sock; fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; include fastcgi_params; } location ~ /\.(?!well-known).* { deny all; } # Cache static assets location ~* \.(css|js|jpg|jpeg|png|gif|ico|svg|webp|woff2)$ { expires 30d; add_header Cache-Control "public, immutable"; } } ``` ### 9. Cloudflare - Enable proxy (orange cloud) - Page Rules: Cache static assets - Enable Brotli compression - SSL: Full (strict) ## Shared Hosting 1. Upload files (exclude `node_modules`, `.git`) 2. Point document root to `/public` 3. Set PHP version to 8.3 4. Import database via phpMyAdmin 5. Configure `.env` 6. Run migrations via SSH or deploy script 7. Use cPanel cron for `schedule:run` ## Backup Strategy ```bash # Daily database backup mysqldump -u careerpath -p careerpath > backup_$(date +%Y%m%d).sql # CV files (if local storage) tar -czf cvs_$(date +%Y%m%d).tar.gz storage/app/private/cvs/ ``` Recommended: Automated S3 backups with lifecycle policies. ## Performance Checklist - [ ] Redis for cache, sessions, queues - [ ] `config:cache`, `route:cache`, `view:cache` - [ ] OPcache enabled (128MB+) - [ ] MySQL slow query log monitored - [ ] CDN for static assets - [ ] WebP images with lazy loading - [ ] Database indexes verified - [ ] Lighthouse audit 95+ ## Security Checklist - [ ] `APP_DEBUG=false` - [ ] HTTPS enforced - [ ] Rate limiting active (login, applications) - [ ] CV storage on private disk (not public) - [ ] Regular dependency updates (`composer audit`) ## Monitoring Integrate via Admin Panel analytics settings: - Google Analytics 4 - Google Search Console - Microsoft Clarity - Meta Pixel ## Testing Plan 1. **Functional** — Registration, job posting, application flow, admin approval 2. **SEO** — Validate JSON-LD with Google Rich Results Test 3. **Performance** — Lighthouse CI on homepage, job listing, job detail 4. **Security** — CSRF, file upload validation, RBAC policies 5. **API** — `/api/v1/jobs` pagination and filters