9 lessons · 95 min Intermediate

Deploy on a VPS — minimal DevOps

A hardened Debian/Ubuntu server, your Symfony app packaged with FrankenPHP, tested and deployed automatically on every git push. The system of a well-run personal project.

FR EN
Progress 0/9
1

What is a VPS?

Hotel, empty flat or Airbnb? Shared hosting, VPS, PaaS: pick the right level of control, the right provider, the right size — and your first SSH login.

10 min
2

Hardening your VPS

Bots hit your IP from minute one. The 5 moves that lock the door: deploy user, SSH keys, ufw, fail2ban, automatic updates.

12 min
3

systemd, the caretaker

Your Messenger worker must survive a 3 a.m. crash and a reboot. One .service file, Restart=always, and journalctl to read what happened.

10 min
4

Docker Compose on a VPS

End "works on my machine": your Symfony app packaged with FrankenPHP, its database and its workers in a single compose.yml recipe.

11 min
5

Automatic HTTPS with Caddy

A domain on HTTPS with nothing more to install: FrankenPHP embeds Caddy. SERVER_NAME, a volume for the certificates, and the ACME mechanism explained.

9 min
6

The CI pipeline

On every push, GitHub tests (PHPUnit, composer audit) then builds your image and pushes it to GHCR, tagged by commit. Red blocks everything.

10 min
7

Deploying automatically

git push = live: the VPS pulls the finished image (pull, up -d --wait), runs the Doctrine migrations and restarts the workers. Dedicated SSH key, secrets.

12 min
8

Robustness and rollback

A broken deploy is fixed in 15 seconds: every commit has its sha-tagged image, rollback = re-point a tag. And the migrations trap.

10 min
9

Backups and monitoring

The minimum that saves you: database dump from the container + off-site rclone copy, volumes, an UptimeRobot alert. And step 2: FrankenPHP worker mode.

11 min

What you will learn

Harden a VPS in 5 moves: deploy user, SSH keys, firewall, fail2ban, auto-updates

Run an app that survives crashes and reboots (systemd, Docker Compose) with automatic HTTPS (Caddy)

Set up automated deployment: git push → tests → SSH → healthcheck, with secrets handled properly

Make the system robust: atomic switch, one-command rollback, off-site backups, downtime alerts

Prerequisites: being comfortable with the terminal and Git (see the Git & terminal course). The Testing your code course is the ideal companion: your tests are what will block a bad deploy. Every command is practiced here in a simulated terminal — no server to pay for to follow the course.

Start lesson 1

Free · No signup · 10 minutes