Menu
Use when managing Laravel Forge servers, sites, deployments, SSL, databases, queue workers, scheduled jobs, security rules, and server provisioning. Covers Forge CLI, API, deployment scripts, Nginx templates, daemon management, and zero-downtime deployments.
Project-specific Ansible operations template — customize with your inventory, playbook catalog, deployment workflows, and host group details
Use when implementing or auditing accessibility features. Covers WCAG 2.1 AA/AAA compliance, ARIA roles and attributes, keyboard navigation, screen reader support, color contrast, focus management, and accessible component patterns.
Use when evaluating AI/LLM systems — benchmark design, automated evaluation pipelines, human evaluation protocols, A/B testing, hallucination detection, factuality checking, bias testing, safety evaluation (red teaming), latency/cost metrics, eval datasets, regression testing for prompts, and model comparison frameworks.
Use when building KPI frameworks, designing dashboards, analyzing marketing performance, setting up attribution models, or creating automated reports. Covers Google Analytics 4, social media analytics, funnel analysis, cohort analysis, A/B test analysis, ROI calculation, competitive benchmarking, and stakeholder reporting.
Use when designing or implementing REST APIs. Covers RESTful conventions, versioning, pagination, filtering, error handling, rate limiting, HATEOAS, OpenAPI documentation, and API security best practices.
Use when implementing authentication, authorization, or access control. Covers Laravel Sanctum, OAuth 2.0, RBAC with Spatie Permissions, multi-tenant auth, API token management, MFA, and session security.
| name | laravel-forge |
| description | Use when managing Laravel Forge servers, sites, deployments, SSL, databases, queue workers, scheduled jobs, security rules, and server provisioning. Covers Forge CLI, API, deployment scripts, Nginx templates, daemon management, and zero-downtime deployments. |
| user-invocable | false |
| allowed-tools | ["Read","Write","Edit","Bash","Grep","Glob"] |
Laravel Forge provisions and manages PHP servers on cloud providers (DigitalOcean, AWS, Hetzner, Linode, Vultr, custom VPS). It handles:
composer global require laravel/forge-cli
forge login # Authenticate with API token
# List servers
forge server:list
# SSH into server
forge ssh # Default server
forge ssh my-server # Named server
forge server:switch my-server # Set default server
# Server info
forge server:info
forge server:logs # System logs
forge server:reboot # Reboot (with confirmation)
# List sites
forge site:list
# Deploy a site
forge deploy # Default site
forge deploy example.com # Named site
# View deploy log
forge deploy:log
forge deploy:log example.com
# Enable/disable push-to-deploy
forge deploy:enable
forge deploy:disable
# Maintenance mode
forge site:down example.com
forge site:up example.com
# View Nginx config
forge nginx:get example.com
forge nginx:edit example.com
forge database:list
forge database:create my_database
forge database:delete my_database
forge daemon:list
forge daemon:create --command="php artisan horizon" --user=forge
forge daemon:delete <id>
forge daemon:restart <id>
forge ssh-key:list
forge ssh-key:add "Key Name" --file=~/.ssh/id_rsa.pub
forge ssh-key:delete <id>
forge env # View .env
forge env:pull # Download .env to local
forge env:push # Upload local .env to server
Base URL: https://forge.laravel.com/api/v1
# All requests require Bearer token
curl -H "Authorization: Bearer $FORGE_API_TOKEN" \
-H "Accept: application/json" \
https://forge.laravel.com/api/v1/servers
GET /servers # List servers
GET /servers/{id} # Server details
POST /servers # Create server
DELETE /servers/{id} # Delete server
GET /servers/{id}/sites # List sites
POST /servers/{id}/sites # Create site
GET /servers/{id}/sites/{id} # Site details
DELETE /servers/{id}/sites/{id} # Delete site
POST /servers/{id}/sites/{id}/deployment/deploy # Trigger deploy
GET /servers/{id}/sites/{id}/deployment/log # Deploy log
GET /servers/{id}/sites/{id}/env # Get .env
PUT /servers/{id}/sites/{id}/env # Update .env
POST /servers/{id}/sites/{id}/certificates/letsencrypt # SSL cert
GET /servers/{id}/sites/{id}/certificates # List certs
GET /servers/{id}/daemons # List daemons
POST /servers/{id}/daemons # Create daemon
DELETE /servers/{id}/daemons/{id} # Delete daemon
GET /servers/{id}/jobs # List scheduled jobs
POST /servers/{id}/jobs # Create scheduled job
DELETE /servers/{id}/jobs/{id} # Delete scheduled job
GET /servers/{id}/databases # List databases
POST /servers/{id}/databases # Create database
GET /servers/{id}/workers # List workers
POST /servers/{id}/workers # Create worker
DELETE /servers/{id}/workers/{id} # Delete worker
# Trigger deployment
curl -X POST \
-H "Authorization: Bearer $FORGE_API_TOKEN" \
-H "Accept: application/json" \
"https://forge.laravel.com/api/v1/servers/$SERVER_ID/sites/$SITE_ID/deployment/deploy"
# Get deployment log
curl -H "Authorization: Bearer $FORGE_API_TOKEN" \
-H "Accept: application/json" \
"https://forge.laravel.com/api/v1/servers/$SERVER_ID/sites/$SITE_ID/deployment/log"
# Update environment variables
curl -X PUT \
-H "Authorization: Bearer $FORGE_API_TOKEN" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d '{"content":"APP_ENV=production\nAPP_KEY=base64:..."}' \
"https://forge.laravel.com/api/v1/servers/$SERVER_ID/sites/$SITE_ID/env"
cd /home/forge/example.com
git pull origin $FORGE_SITE_BRANCH
$FORGE_COMPOSER install --no-dev --no-interaction --prefer-dist --optimize-autoloader
( flock -w 10 9 || exit 1
echo 'Restarting FPM...'; sudo -S service $FORGE_PHP_FPM reload ) 9>/tmp/fpmlock
if [ -f artisan ]; then
$FORGE_PHP artisan migrate --force
$FORGE_PHP artisan config:cache
$FORGE_PHP artisan route:cache
$FORGE_PHP artisan view:cache
$FORGE_PHP artisan event:cache
fi
cd /home/forge/example.com
# Pull latest code
git pull origin $FORGE_SITE_BRANCH
# Install dependencies (no dev)
$FORGE_COMPOSER install --no-dev --no-interaction --prefer-dist --optimize-autoloader
# Build frontend assets
npm ci --production
npm run build
# Run migrations
$FORGE_PHP artisan migrate --force
# Cache configuration
$FORGE_PHP artisan config:cache
$FORGE_PHP artisan route:cache
$FORGE_PHP artisan view:cache
$FORGE_PHP artisan event:cache
# Restart queue workers gracefully
$FORGE_PHP artisan queue:restart
# Restart Horizon (if used)
if [ -f artisan ] && $FORGE_PHP artisan list 2>/dev/null | grep -q horizon; then
$FORGE_PHP artisan horizon:terminate
fi
# Reload PHP-FPM (zero-downtime)
( flock -w 10 9 || exit 1
echo 'Restarting FPM...'; sudo -S service $FORGE_PHP_FPM reload ) 9>/tmp/fpmlock
echo "Deployment finished at $(date)"
cd /home/forge/example.com
git pull origin $FORGE_SITE_BRANCH
$FORGE_COMPOSER install --no-dev --no-interaction --prefer-dist --optimize-autoloader
$FORGE_PHP artisan migrate --force
$FORGE_PHP artisan config:cache
$FORGE_PHP artisan route:cache
$FORGE_PHP artisan view:cache
( flock -w 10 9 || exit 1
sudo -S service $FORGE_PHP_FPM reload ) 9>/tmp/fpmlock
# Health check
sleep 2
HTTP_STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://localhost/api/health)
if [ "$HTTP_STATUS" != "200" ]; then
echo "Health check failed with status $HTTP_STATUS"
exit 1
fi
echo "Deploy successful — health check passed"
Forge provides these variables in deployment scripts:
| Variable | Description |
|---|---|
$FORGE_SERVER_ID | Server ID |
$FORGE_SITE_BRANCH | Git branch configured for the site |
$FORGE_COMPOSER | Path to Composer binary |
$FORGE_PHP | Path to PHP binary (versioned) |
$FORGE_PHP_FPM | PHP-FPM service name |
$FORGE_SITE_PATH | Full path to the site directory |
server {
listen 80;
listen [::]:80;
server_name example.com;
# Forge handles SSL redirect automatically
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
server_tokens off;
root /home/forge/example.com/public;
# SSL managed by Forge (Let's Encrypt)
ssl_certificate /etc/nginx/ssl/example.com/server.crt;
ssl_certificate_key /etc/nginx/ssl/example.com/server.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:...;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Add in Forge UI under Site > Nginx > "Before" or "After" sections:
# Rate limiting
limit_req_zone $binary_remote_addr zone=api:10m rate=60r/m;
location /api/ {
limit_req zone=api burst=20 nodelay;
try_files $uri $uri/ /index.php?$query_string;
}
# Static file caching
location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg|woff2)$ {
expires 1y;
add_header Cache-Control "public, immutable";
access_log off;
}
# WebSocket support (Laravel Reverb / Pusher)
location /app {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
Command: php artisan queue:work redis --sleep=3 --tries=3 --max-time=3600
Number: 2
User: forge
Directory: /home/forge/example.com
Stop Signal: SIGTERM
Stop Secs: 10
Command: php artisan horizon
Number: 1
User: forge
Directory: /home/forge/example.com
Stop Signal: SIGTERM
Stop Secs: 30
Forge auto-generates Supervisor configs at /etc/supervisor/conf.d/.
Configure in Forge UI or via API:
| Field | Example |
|---|---|
| Command | php /home/forge/example.com/artisan schedule:run |
| User | forge |
| Frequency | * * * * * (every minute) |
This runs Laravel's built-in scheduler. Individual job schedules are defined in routes/console.php (Laravel 11+) or app/Console/Kernel.php.
Forge handles auto-issuance and renewal:
# Via CLI
forge ssl:install example.com
# Via API
curl -X POST \
-H "Authorization: Bearer $FORGE_API_TOKEN" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-d '{"domains":["example.com","www.example.com"]}' \
"https://forge.laravel.com/api/v1/servers/$SERVER_ID/sites/$SITE_ID/certificates/letsencrypt"
Upload via Forge UI: Site > SSL > Install Existing Certificate.
Forge configures UFW with sensible defaults:
22/tcp ALLOW # SSH
80/tcp ALLOW # HTTP
443/tcp ALLOW # HTTPS
Add custom rules via Forge UI or API:
# Allow IP for database access
curl -X POST \
-H "Authorization: Bearer $FORGE_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{"name":"Office DB Access","port":"5432","type":"allow","ip_address":"203.0.113.10"}' \
"https://forge.laravel.com/api/v1/servers/$SERVER_ID/firewall-rules"
Forge installs MySQL or PostgreSQL during server provisioning. Manage via UI or API:
# Create database
curl -X POST \
-H "Authorization: Bearer $FORGE_API_TOKEN" \
-H "Content-Type: application/json" \
-d '{"name":"my_app_db","user":"my_app_user","password":"secure_password"}' \
"https://forge.laravel.com/api/v1/servers/$SERVER_ID/databases"
Forge supports automated backups to S3-compatible storage:
Recipes are Bash scripts that run across one or more servers:
# Example: Update system packages
apt-get update && apt-get upgrade -y
# Example: Install additional PHP extension
apt-get install -y php8.3-imagick
service php8.3-fpm restart
# Example: Configure log rotation
cat > /etc/logrotate.d/laravel << 'EOF'
/home/forge/example.com/storage/logs/*.log {
daily
missingok
rotate 14
compress
delaycompress
notifempty
}
EOF
Forge tracks:
Alerts configurable per metric with thresholds.
Complement Forge monitoring with:
// routes/api.php — Health endpoint
Route::get('/health', function () {
return response()->json([
'status' => 'ok',
'database' => DB::connection()->getPdo() ? 'connected' : 'disconnected',
'cache' => Cache::store()->get('health_check_ping') !== null ? 'ok' : 'degraded',
'queue' => Queue::size() < 1000 ? 'ok' : 'backlogged',
'disk' => disk_free_space('/') > 1073741824 ? 'ok' : 'low', // 1GB threshold
]);
});
Server 1: Web (Nginx + PHP-FPM)
- Sites: example.com
- No queue workers
Server 2: Worker (Queue + Scheduler)
- No sites
- Horizon: 1 daemon
- Scheduler: cron every minute
- Same codebase deployed via Git
Load Balancer (Forge-managed or external)
├── Web Server 1 (Forge)
├── Web Server 2 (Forge)
└── Web Server 3 (Forge)
Shared:
- Database: Managed RDS/Cloud SQL (external)
- Redis: Managed ElastiCache/Memorystore (external)
- Storage: S3 for file uploads
- Sessions: Redis (shared)
- Cache: Redis (shared)
Deploy fails — permission denied:
# Fix storage permissions
ssh forge@server
cd /home/forge/example.com
chmod -R 775 storage bootstrap/cache
chown -R forge:www-data storage bootstrap/cache
PHP-FPM not restarting:
# Check PHP-FPM status
sudo systemctl status php8.3-fpm
# Manual restart
sudo systemctl restart php8.3-fpm
Queue workers stuck:
# Via Forge CLI
forge daemon:restart <worker-id>
# Or SSH and restart Supervisor
sudo supervisorctl restart all
SSL renewal failed:
# Check certbot logs
sudo cat /var/log/letsencrypt/letsencrypt.log
# Manual renewal
sudo certbot renew --nginx
Disk space full:
# Check disk usage
df -h
# Clear old logs
sudo truncate -s 0 /var/log/nginx/access.log
php artisan log:clear
# Clear old releases/backups
find /home/forge/example.com/storage/logs -name "*.log" -mtime +30 -delete
.env; manage via Forge UI or forge env:pushforge user password