From 01a83f940395f11e211902acc16c062d9883067d Mon Sep 17 00:00:00 2001
From: Anthony Bocci <boccianthony@yahoo.fr>
Date: Thu, 21 Jun 2018 21:37:00 +0200
Subject: [PATCH] Complete the installation documentation

The documentation was hosted online, but the "installation" part is now
in Markdown.
---
 docs/installation.md | 99 +++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 98 insertions(+), 1 deletion(-)

diff --git a/docs/installation.md b/docs/installation.md
index b32e56ad8..17301cbe2 100644
--- a/docs/installation.md
+++ b/docs/installation.md
@@ -52,7 +52,7 @@ The `.env` file set environment variables that will be used by the application.
 Cachet uses dependencies, so it's required to have Composer installed.  
 Composer can be installed following the [official guide][1]
 
-## Installing Composer
+## Installing dependencies
 
 ```bash
 composer install --no-dev -o
@@ -88,6 +88,103 @@ php artisan app:install
 
 You can also try to give permissions to cache chmod -R 777 bootstrap/
 
+## Running Cachet on Apache
+
+> **Required Apache Modules**
+>
+> You need to enable `mod_rewrite` for Apache. On Debian-based systems you can do this by
+>
+> `sudo a2enmod rewrite`
+
+Once Cachet is setup, the Apache installation is as simple as creating a
+new Virtual Host entry in the httpd-vhosts.conf file.
+
+```
+<VirtualHost *:80>
+    ServerName cachet.dev 
+    # Or whatever you want to use
+    ServerAlias cachet.dev 
+    # Make this the same as ServerName
+    DocumentRoot "/var/www/Cachet/public"
+    <Directory "/var/www/Cachet/public">
+        Require all granted 
+        # Used by Apache 2.4
+        Options Indexes FollowSymLinks
+        AllowOverride All
+        Order allow,deny
+        Allow from all
+    </Directory>
+</VirtualHost>
+```
+
+Restart Apache by running the following:
+
+`sudo service apache2 restart`
+
+
+If you also need HTTPS on apache you will need to get the ssl mod installed
+and the default ssl conf file enabled. See DigitalOcean's [documentation][2]. 
+
+## Running Cachet on nginx
+
+- You'll need to install php5-fpm - [DigitalOcean][3] has a nice LEMP installation tutorial
+- Generate your SSL key+certificate
+- Create a new vhost such as `/etc/nginx/sites-enabled/cachet.conf:`
+
+```
+# Upstream to abstract backend connection(s) for php
+upstream php {
+    server unix:/tmp/php-cgi.socket;
+    server 127.0.0.1:9000;
+}
+
+server {
+    server_name  cachet.mycompany.com; # Or whatever you want to use
+    listen 80 default;
+    rewrite ^(.*) https://cachet.mycompany.com$1 permanent;
+}
+
+# HTTPS server
+
+server {
+    listen 443;
+    server_name cachet.mycompany.com;
+
+    root /var/vhost/cachet.mycompany.com/public;
+    index index.php;
+
+    ssl on;
+    ssl_certificate /etc/ssl/crt/cachet.mycompany.com.crt; # Or wherever your crt is
+    ssl_certificate_key /etc/ssl/key/cachet.mycompany.com.key; # Or wherever your key is
+    ssl_session_timeout 5m;
+
+    # Best practice as at March 2014
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";
+    ssl_buffer_size 1400; # 1400 bytes, within MTU - because we generally have small responses. Could increase to 4k, but default 16k is too big
+
+    location / {
+        add_header Strict-Transport-Security max-age=15768000;
+        try_files $uri /index.php$is_args$args;
+    }
+
+    location ~ \.php$ {
+                include fastcgi_params;
+                fastcgi_pass unix:/var/run/php5-fpm.sock;
+                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+                fastcgi_index index.php;
+                fastcgi_keep_conn on;
+                add_header Strict-Transport-Security max-age=15768000;
+    }
+}
+```
+
+Start php5-fpm and nginx and you're done!
 
 
 [1]: https://getcomposer.org/download/
+[2]: https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-14-04
+[3]: https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-on-ubuntu-12-04
+
+