A Fresh, Secure and Tidy Strapi Project from Source

A clean work space is a happy work space.

In this tutorial, we will be creating and rebuilding a fresh Strapi application. This article will be beneficial for future upgrades and aid in documentation for other sites being created. 

Requirements:

  • Yarn or NPM
  • Git
  • Linux CLI knowledge
  • A previous or new Strapi project

0. Make a complete backup of your current, soon to be previous Strapi project.

cp -rv strapi-project ./strapi-project_backup

If you are starting with a fresh Strapi project, you should follow the instructions on the Strapi website; however, you could begin a Strapi project by cloning one of the releases examples and following through this article.

Understanding how to build your own application with yarn or npm allows for understanding how a node package is created.

1. The File directory should have the following:

1a. If you have a previous Strapi project, remove the following files and folders and upgrade to the latest stable release.

rm -rv directory

rm file.txt

  • build
  • .cache
  • database
  • node_modules
  • .strapi-updater.json
  • yarn.lock

then, the following folders should be leftover.

  • config dir
  • public dir
  • src dir
  • favicon.ico
  • package.json
  • .env (if you have a previous Strapi build)
  • .tmp dir 

1b. Upgrade Your Strapi Application if need bees

In your package.json, manually change the versions for each Strapi package. As an example, if you are upgrading from v4.5.2 to v4.5.4, the following should be changed. I personally reflect these changes from the latest release examples.

  "dependencies": {
   "@strapi/plugin-color-picker": "4.5.4",
   "@strapi/plugin-documentation": "4.5.4",
   "@strapi/plugin-graphql": "4.5.4",
   "@strapi/plugin-i18n": "4.5.4",
   "@strapi/plugin-sentry": "4.5.4",
   "@strapi/plugin-users-permissions": "4.5.4",
   "@strapi/provider-email-mailgun": "4.5.4",
   "@strapi/provider-upload-aws-s3": "4.5.4",
   "@strapi/provider-upload-cloudinary": "4.5.4",
   "@strapi/strapi": "4.5.4",

2. If Your Strapi Project Needs New Keys

If you are upgrading your Strapi project, you most likely want to keep the keys you are using before. If however you want to change your keys after an upgrade, then you will need to recreate all keys previously used for the Strapi API.

In the root of your Strapi project should be a .env file. This file is used to keep your secrets secret

I personally recommend creating your own keys, rather than allowing someone else to do it for you. There are various ways to go about creating these keys, but for simplicity sake, we will use free software openssl.

In a Linux terminal or a terminal that has openssl functionality, 

openssl rand -base64 32 | openssl enc -A -base64

the above command creates a key from your machine that is random with base64 encoded output at 32 bytes; then, we pipe that output into another function that again encodes the previous output without any line breaks.

After generating many of these keys from our machine with our own spacetime continuum, we input them into our .env file. 

PORT=1337
APP_KEYS=xxx,xxx,xxx,xxx
API_TOKEN_SALT=xxx
ADMIN_JWT_SECRET=xxx
JWT_SECRET=xxx

3. Install the Strapi Application

From the root file structure we begin by installing the appropriate packages from the package.json.     
This will create a directory called node_modules, a build dir, a yarn.lock file and a couple of other files to build your Strapi app.

I also recommend disabling the tracking analytics by updating the package.json to the following:

./package.json

 "strapi": {
   "uuid": false
 },
 …

Finally, we yarn install && yarn build && yarn develop

References:

Strapi Package.json Example: https://github.com/strapi/strapi/blob/main/examples/getstarted/package.json 
Strapi QuickStart Guide: https://docs.strapi.io/developer-docs/latest/getting-started/quick-start.html 
Unsplash by Toa Heftiba: https://unsplash.com/@heftiba
OpenSSL Enc https://wiki.openssl.org/index.php/Enc

CharlesCharles