Socialink Documentation
Bootstrap 5 + jQuery · Static build
Live Get Started

Socialink — Full Stack Social Platform

A PHP-powered social network stack. This comprehensive guide covers all aspects of Socialink, a modern Laravel-based social networking platform.

PHP 8.2+ Laravel backend MySQL 8+ Bootstrap 5 UI
Current Version v1.0.0
Built with Laravel 12 + MySQL 8 + Bootstrap 5
Review Requirements

License

Purchase code
Important: You will need your purchase code to complete the installation and access support. Keep it safe and accessible.

Socialink follows a purchase-code-first licensing model. Keep your Envato (or marketplace) purchase code ready for installation and support.

  1. Sign in to your marketplace account and open Downloads.
  2. Download the License certificate & purchase code (PDF or text).
  3. Copy the purchase code and keep it secure; you will need it during installation or when opening support tickets.
  4. For re-installs, revoke old domains in your licensing portal before activating a new domain.
Support eligibility
  • Valid purchase code
  • Active support window
  • Production URL registered in your profile
  • Server meets minimum requirements

System Requirements

Runtime checklist
Server stack
  • • Apache or Nginx with HTTPS
  • • PHP 8.2+ with mysqli, mbstring, curl, gd, fileinfo, zip
  • • MySQL 8+ or MariaDB 10.5+
  • • PHP settings: allow_url_fopen=On, memory_limit ≥ 256M, max_upload_filesize ≥ 64M
  • • Recommended: OPcache enabled and tuned for production
Optional services
  • • Redis for sessions/queues
  • • Node-compatible queue workers for broadcasts
  • • SSL required for calls, push, and mobile builds
  • • Cron for scheduled tasks (php artisan schedule:run)

Installation

Step-by-step
  1. Prepare server
    PHP 8.2+, MySQL 8+, git/zip available, HTTPS ready.
  2. Create database
    Create DB + user with full privileges and UTF8MB4 collation.
    CREATE DATABASE socialink CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'socialink_user'@'%' IDENTIFIED BY 'strong_password';
GRANT ALL ON socialink.* TO 'socialink_user'@'%';
  3. Upload code
    Copy files to the server. Keep document root at public/.
  4. Set permissions
    Make storage/cache writable for the web user.
    chmod -R 775 storage bootstrap/cache
chown -R www-data:www-data storage bootstrap/cache
  5. ENV bootstrap
    Copy ENV and set app/db/mail/queue/storage keys.
    cp .env.example .env
php artisan key:generate
  6. Install dependencies
    composer install --no-dev --optimize-autoloader
  7. Run migrations & seeds
    php artisan migrate --seed
  8. Link storage
    php artisan storage:link
  9. Optimize & cache
    php artisan config:cache
php artisan route:cache
php artisan view:cache
  10. Configure web server & HTTPS
    Point vhost to public/, enable SSL, and force HTTPS.
  11. Finalize admin setup
    Login as admin, upload branding (favicon/og-image/logo), set policies, and enable required modules.
  12. Run installer wizard (if enabled)
    The wizard validates requirements, license (purchase code), DB, and admin user creation. If it fails to write config, ensure storage is writable and retry after clearing the DB.
  13. Supervisor (queues/websockets)
    Keep workers alive with Supervisor (recommended in production).
    [program:socialink-queue]
command=php /path/to/artisan queue:work --daemon --sleep=3 --tries=3
directory=/path/to
autostart=true
autorestart=true
redirect_stderr=true
stdout_logfile=/var/log/supervisor/socialink-queue.log

[program:socialink-websockets]
command=php /path/to/artisan websockets:serve
directory=/path/to
autostart=true
autorestart=true
redirect_stderr=true
stdout_logfile=/var/log/supervisor/socialink-ws.log
Permissions
  • storage/ → 775
  • bootstrap/cache/ → 775
  • • Optional uploads: public/storage symlink via php artisan storage:link
Web root

Ensure document root is the public/ directory to prevent exposing source files.

Web server (Apache)
<VirtualHost *:80>
    ServerName socialink.local
    DocumentRoot /path/to/public
    <Directory /path/to/public>
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

Enable mod_rewrite and restart Apache.

Web server (Nginx)
server {
    listen 80;
    server_name socialink.local;
    root /path/to/public;

    index index.php;
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }
    location ~ \.php$ {
        include fastcgi_params;
        fastcgi_pass unix:/run/php/php8.2-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}

Add SSL server block and redirect HTTP → HTTPS in production.

Post-install checklist
  • • Create/confirm admin credentials.
  • • Upload favicon, og-image, and brand colors.
  • • Set upload extensions and size limits per type.
  • • Configure public mode and registration throttles.
  • • Enable cron: * * * * * php /path/to/artisan schedule:run
  • • Start workers: php artisan queue:work --daemon
PHP ini (recommended)
memory_limit = 512M
upload_max_filesize = 128M
post_max_size = 128M
max_execution_time = 120

Restart PHP-FPM/Apache after changes.

Background processes
  • • Cron: * * * * * php /path/to/artisan schedule:run
  • • Queue: php artisan queue:work --daemon under Supervisor.
  • • Websockets (if enabled): run your WS server under Supervisor.

Ensure logs rotate; restart workers after deploy.

Installer tips
  • • If config write fails, ensure storage/ writable.
  • • Clear DB and retry if wizard halted midway.
  • • Confirm APP_URL matches final domain (affects OAuth).
  • • Use UTF8MB4 collation to avoid emoji errors.
  • • Keep a copy of your purchase code for support/updates.

VPS Installation (Ubuntu/Debian)

SSH Access
Prerequisites: VPS with Ubuntu 20.04+ or Debian 11+, root/sudo access, and SSH connection.
Step 1: Update System & Install Dependencies
sudo apt update && sudo apt upgrade -y
sudo apt install -y software-properties-common
sudo add-apt-repository ppa:ondrej/php -y
sudo apt update
sudo apt install -y php8.2 php8.2-fpm php8.2-mysql php8.2-mbstring php8.2-xml php8.2-curl php8.2-zip php8.2-gd php8.2-bcmath php8.2-intl
sudo apt install -y nginx mysql-server composer git unzip redis-server
Step 2: Configure MySQL
sudo mysql_secure_installation
sudo mysql -u root -p

# In MySQL prompt:
CREATE DATABASE socialink CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'socialink_user'@'localhost' IDENTIFIED BY 'strong_password_here';
GRANT ALL PRIVILEGES ON socialink.* TO 'socialink_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;
Step 3: Upload & Configure Application
cd /var/www
sudo mkdir socialink
sudo chown -R $USER:$USER /var/www/socialink
cd socialink

# Upload your files via SCP/SFTP or extract zip
unzip socialink.zip  # if using zip file
# OR
git clone your-repository-url .

# Set permissions
sudo chown -R www-data:www-data /var/www/socialink
sudo chmod -R 755 /var/www/socialink
sudo chmod -R 775 /var/www/socialink/storage
sudo chmod -R 775 /var/www/socialink/bootstrap/cache
Step 4: Configure Laravel
cp .env.example .env
nano .env  # Edit database credentials

composer install --no-dev --optimize-autoloader
php artisan key:generate
php artisan migrate --seed
php artisan storage:link
php artisan config:cache
php artisan route:cache
php artisan view:cache
Step 5: Configure Nginx
sudo nano /etc/nginx/sites-available/socialink

# Add this configuration:
server {
    listen 80;
    server_name your-domain.com www.your-domain.com;
    root /var/www/socialink/public;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-Content-Type-Options "nosniff";

    index index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }
}

# Enable site and restart Nginx
sudo ln -s /etc/nginx/sites-available/socialink /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl restart nginx
Step 6: Setup SSL with Certbot
sudo apt install -y certbot python3-certbot-nginx
sudo certbot --nginx -d your-domain.com -d www.your-domain.com
Step 7: Setup Queue Worker & Cron
# Create supervisor config
sudo nano /etc/supervisor/conf.d/socialink-worker.conf

# Add:
[program:socialink-worker]
process_name=%(program_name)s_%(process_num)02d
command=php /var/www/socialink/artisan queue:work --sleep=3 --tries=3
autostart=true
autorestart=true
user=www-data
numprocs=2
redirect_stderr=true
stdout_logfile=/var/www/socialink/storage/logs/worker.log

# Start supervisor
sudo supervisorctl reread
sudo supervisorctl update
sudo supervisorctl start socialink-worker:*

# Add cron job
sudo crontab -e -u www-data
# Add this line:
* * * * * cd /var/www/socialink && php artisan schedule:run >> /dev/null 2>&1

cPanel Installation

Shared Hosting
Requirements: cPanel with PHP 8.2+, Composer, and SSH access (for optimal setup). Some features may be limited on shared hosting.
Step 1: Create Database via cPanel
  1. Login to cPanel and open MySQL Database Wizard
  2. Create database named: cpanel_socialink
  3. Create user with strong password
  4. Grant ALL PRIVILEGES to the user
  5. Note down: database name, username, and password
Step 2: Upload Files
  1. Upload the Socialink zip file using File Manager
  2. Extract to a temporary directory (e.g., socialink_temp)
  3. Move all files from socialink_temp to public_html
  4. Important: The public folder contents should be in public_html
Step 3: Fix File Structure
Correct structure:
  • public_html/ should contain: index.php, .htaccess, assets, etc.
  • public_html/../ (parent dir) should have: app, bootstrap, config, vendor, etc.
# Via SSH (if available):
cd public_html
mv public/* .
mv public/.htaccess .
rmdir public

# Update index.php paths from:
require __DIR__.'/../vendor/autoload.php';
# to:
require __DIR__.'/../../vendor/autoload.php';
Step 4: Configure Environment
  1. Rename .env.example to .env using File Manager
  2. Edit .env file and update: 
    APP_URL=https://yourdomain.com
DB_DATABASE=cpanel_socialink
DB_USERNAME=your_cpanel_db_user
DB_PASSWORD=your_db_password
Step 5: Install Dependencies (via SSH)
If SSH is not available, ask your hosting provider to run composer install, or use cPanel Terminal if available. 
cd ~/public_html/..
composer install --no-dev --optimize-autoloader
php artisan key:generate
php artisan migrate --seed
php artisan storage:link
php artisan config:cache
php artisan route:cache
Step 6: Set Permissions
# Via SSH:
chmod -R 755 ~/public_html
chmod -R 775 ~/public_html/../storage
chmod -R 775 ~/public_html/../bootstrap/cache

# Via File Manager:
# Select storage and bootstrap/cache folders
# Click Permissions and set to 775
Step 7: Setup Cron Job
  1. In cPanel, go to Cron Jobs
  2. Add new cron job with timing: * * * * *
  3. Command: /usr/bin/php /home/username/public_html/../artisan schedule:run >> /dev/null 2>&1
  4. Replace /home/username/ with your actual home path
Step 8: SSL Certificate
  1. In cPanel, go to SSL/TLS Status
  2. Enable AutoSSL for your domain (free Let's Encrypt)
  3. Or install custom SSL certificate if you have one
  4. Update APP_URL in .env to use https://
Note: Queue workers may not be available on shared hosting. Some features requiring background jobs may be limited. Consider upgrading to VPS for full functionality.

Configuration

ENV reference
Core keys
APP_NAME=Socialink
APP_ENV=production
APP_URL=https://socialink.example.com
APP_DEBUG=false

DB_HOST=127.0.0.1
DB_DATABASE=socialink
DB_USERNAME=socialink_user
DB_PASSWORD=strong_password

Always restart PHP-FPM (or your web server) after ENV changes.

Media & queues
QUEUE_CONNECTION=redis
BROADCAST_DRIVER=log
CACHE_DRIVER=redis
SESSION_DRIVER=redis

FILESYSTEM_DISK=local
MEDIA_MAX_UPLOAD_MB=64

Switch FILESYSTEM_DISK to s3, gcs, or do when offloading media.

Mail (SMTP sample)
MAIL_MAILER=smtp
MAIL_HOST=smtp.yourhost.com
MAIL_PORT=587
MAIL_USERNAME=postmaster@yourhost.com
MAIL_PASSWORD=your_password
MAIL_ENCRYPTION=tls
MAIL_FROM_ADDRESS=no-reply@yourdomain.com
MAIL_FROM_NAME="Socialink"

After saving, run php artisan config:clear and send a test email from admin.

Caching & performance
  • • Use Redis for cache/session/queue for best realtime performance.
  • • Enable route/view/config cache in production.
  • • Set heartbeat intervals in admin to tune realtime checks.
  • • Use a CDN for public/storage or S3 assets.
Queues & broadcasting
QUEUE_CONNECTION=redis
BROADCAST_DRIVER=pusher
PUSHER_APP_ID=your-app-id
PUSHER_APP_KEY=your-key
PUSHER_APP_SECRET=your-secret
PUSHER_HOST=127.0.0.1
PUSHER_PORT=6001
PUSHER_SCHEME=http

Match these with your websocket server config. For production, run behind HTTPS and WSS.

Logging
  • • Default channel: stack → daily files in storage/logs.
  • • Reduce noise by lowering heartbeat log level.
  • • Rotate logs with logrotate or cloud logging sinks.
  • • Mask secrets in logs; avoid logging access tokens.

File Structure

What lives where
Application
  • app/Http/Controllers — backend controllers
  • app/Models — Eloquent models
  • routes/web.php — web routes
  • routes/api.php — API routes
Frontend & assets
  • resources/views — Blade templates
  • public/assets — compiled JS/CSS
  • resources/js|sass — sources
  • public/storage — user uploads (symlink)
Config & storage
  • config/*.php — app settings
  • database/migrations — schema
  • storage/logs — logs
  • storage/app — private files

Feature Set

Core modules
Feeds & Profiles

Timeline posts, reactions, comments, mentions, hashtags, media galleries, and custom privacy per post.

Messaging

Real-time chat with receipts, typing indicators, media sharing, and moderation controls.

Monetization

Memberships, wallet funding, paywall content, and ads placements across feed, search, and messaging.

Social Logins

OAuth callbacks

Configure provider apps with your domain and redirect URIs. Replace {base} with your site URL (shown below). These steps mirror the reference docs flow, adapted to Socialink endpoints.

Detected base URL: https://example.com
Provider Redirect URI Notes
Facebook {base}/connect/facebook Add your domain to App Domains and set the above as Valid OAuth redirect URI.
Google {base}/connect/google Enable OAuth consent screen and add the exact redirect.
X (Twitter) {base}/connect/twitter Use OAuth 2.0 client; ensure callbacks match the project settings.
LinkedIn {base}/connect/linkedin Request r_emailaddress + r_liteprofile scopes.
Apple {base}/connect/apple Requires services ID and private key in admin settings.
Facebook
  1. Create app at developers.facebook.com → App Domains & Site URL = your domain.
  2. Valid OAuth redirect: {base}/connect/facebook.
  3. Publish the app (not in development).
  4. Paste App ID & Secret in admin > Registration > Social Login.
Google
  1. In console.cloud.google.com create OAuth consent + Web client.
  2. Authorized redirect: {base}/connect/google.
  3. Add authorized domain and publish the app.
  4. Paste Client ID/Secret in admin > Registration > Social Login.
  5. If using restricted scopes, complete verification.
X (Twitter)
  1. Create a project/app in the X developer portal.
  2. Callback URL: {base}/connect/twitter.
  3. Enable OAuth 2.0 client; set scopes for email/profile.
  4. Paste Client ID/Secret in admin.
  5. Ensure app is not in “development only” when going live.
LinkedIn
  1. Create app at developer.linkedin.com.
  2. Authorized redirect: {base}/connect/linkedin.
  3. Request scopes: r_emailaddress, r_liteprofile.
  4. Paste Client ID/Secret in admin.
Apple
  1. Create a Services ID and private key in Apple Developer.
  2. Redirect: {base}/connect/apple.
  3. Collect Team ID, Key ID, and bundle/service ID.
  4. Paste credentials in admin > Social Login.
  5. Match redirect on both Apple and Socialink exactly (HTTPS required).

Payments

Gateways

Enable or disable gateways from the admin billing panel. Common callback pattern: {base}/payments/{provider}/callback.

Supported
  • • Stripe (cards, wallets, 3DS)
  • • PayPal (Checkout)
  • • Flutterwave
  • • Paystack
  • • Coinbase Commerce
  • • Razorpay
Best practices
  • • Use webhooks for wallet top-ups and subscriptions.
  • • Lock currency to your marketplace region.
  • • Store secrets in .env, not in the database.
  • • Run test mode before switching live keys.
Webhooks (examples)
  • • Stripe: {base}/payments/stripe/webhook
  • • PayPal: {base}/payments/paypal/webhook
  • • Paystack: {base}/payments/paystack/webhook
  • • Flutterwave: {base}/payments/flutterwave/webhook

Whitelist your IP/firewall to let gateways reach these endpoints.

Testing tips
  • • Use gateway test keys and test cards first.
  • • Verify webhook signature/secret to avoid spoofed events.
  • • Check wallet balance and subscription status after callbacks.
  • • Retry failed webhook deliveries (idempotent handlers recommended).

Cloud Storage

Media offload
Supported
  • • Amazon S3
  • • Google Cloud Storage
  • • DigitalOcean Spaces
  • • Wasabi
  • • Backblaze B2
  • • Cloudflare R2
Generic ENV
FILESYSTEM_DISK=s3
AWS_ACCESS_KEY_ID=...
AWS_SECRET_ACCESS_KEY=...
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=socialink-media

After switching, run php artisan config:clear and php artisan storage:link.

Pathing
  • • Uploads organized by year/month/type (like reference docs).
  • • Use CDN in front of bucket for faster delivery.
  • • Prefer private buckets + signed URLs for sensitive media.
  • • Enable CORS for images/video if your CDN uses a different domain.
Google Cloud Storage
FILESYSTEM_DISK=gcs
GCS_PROJECT_ID=...
GCS_BUCKET=socialink-media
GCS_KEY_FILE=/path/to/key.json

Grant Storage Object Admin; keep key file outside web root.

DigitalOcean Spaces
FILESYSTEM_DISK=do
DO_SPACES_KEY=...
DO_SPACES_SECRET=...
DO_SPACES_REGION=nyc3
DO_SPACES_BUCKET=socialink-media

Use CDN endpoint for public access; enforce HTTPS.

Cloudflare R2
FILESYSTEM_DISK=r2
R2_ACCOUNT_ID=...
R2_ACCESS_KEY_ID=...
R2_SECRET_ACCESS_KEY=...
R2_BUCKET=socialink-media
R2_PUBLIC_URL=https://cdn.example.com

Set public URL for asset links; prefer signed URLs for private media.

S3 CORS (example)
[
  {
    "AllowedHeaders": ["*"],
    "AllowedMethods": ["GET", "PUT", "POST", "DELETE"],
    "AllowedOrigins": ["*"],
    "ExposeHeaders": [],
    "MaxAgeSeconds": 3000
  }
]
CDN tips
  • • Set long cache-control headers for media.
  • • Invalidate only changed paths when deploying brand assets.
  • • Use custom domain (CNAME) for consistent cookies/policies.

SMS

OTP & alerts
Providers
  • • Twilio
  • • BulkSMS
  • • Infobip
  • • MSG91
Setup
  • • Add API keys in admin > SMS settings.
  • • Verify sender IDs where required.
  • • Enable OTP for sign-up, password reset, and 2FA as needed.
  • • Test with sandbox numbers before going live.

Match reference flows: configure heartbeats and rate limits to avoid blocking.

Twilio ENV (example)
SMS_DRIVER=twilio
TWILIO_SID=ACxxxxxxxx
TWILIO_TOKEN=your_token
TWILIO_FROM=+1234567890
Delivery tips
  • • Use region-appropriate sender IDs/templates.
  • • Avoid sending OTP more than 3–5 times per hour per user.
  • • Log message SID/ID for debugging delivery with the provider.
  • • Fallback to email if SMS is delayed in some regions.

Push Notifications

Firebase (FCM)
Channels
  • • Firebase Cloud Messaging for web push
  • • FCM for mobile apps
  • • Timeline notifications for feed/messaging
Setup (FCM)
  • • In Firebase console, create project & enable Cloud Messaging.
  • • Download Web push cert (VAPID) or use FCM SDK key.
  • • Add FCM server key and sender ID in admin > notifications.
  • • Host firebase-messaging-sw.js at site root if required by your frontend.
  • • Serve site over HTTPS and test with a pilot audience first.
  • • For mobile, include FCM config in the app bundle (Android/iOS).
Minimal web service worker
importScripts('https://www.gstatic.com/firebasejs/10.12.1/firebase-app-compat.js');
importScripts('https://www.gstatic.com/firebasejs/10.12.1/firebase-messaging-compat.js');

firebase.initializeApp({
  apiKey: '...',
  authDomain: '...',
  projectId: '...',
  messagingSenderId: '...',
  appId: '...'
});

const messaging = firebase.messaging();
Troubleshooting
  • • Ensure notifications permissions granted in browser.
  • • Verify FCM key/sender ID match environment.
  • • Check service worker served from root and correct scope.
  • • Clear caches after changing the service worker.

Video & Audio Calls

Twilio · LiveKit · Agora
Prerequisites
  • • SSL enabled on the domain
  • • TURN/STUN credentials (if using custom servers)
  • • Provider keys (Twilio/LiveKit/Agora)
Callback URLs

Match the reference: enable provider webhooks for call status where available. Use HTTPS endpoints and validate signatures.

Live Streaming

Agora

Enable live streaming via Agora (mirroring the reference docs). Provide App ID and App Certificate in admin, and ensure tokens are generated per session.

  • • Enforce HTTPS and secure tokens.
  • • Configure bandwidth caps and recording if needed.
  • • Integrate moderation hooks to stop streams that violate policy.

Integrations

Add-ons
Google Suite
  • • Maps (geolocation in posts)
  • • Vision (image safety)
  • • reCAPTCHA / Turnstile
  • • Translate (auto captions)
Media & Fun
  • • Giphy / Tenor for GIF picker
  • • OpenGraph link previews
  • • Safe-search filters
Analytics
  • • Google Analytics / Tag Manager
  • • Custom pixels from admin widgets
  • • Search ads placements across feed/search/messaging

Realtime & Presence

Engagement
Channels
  • • In-app alerts (feed, messages, mentions)
  • • Email via SMTP or transactional providers
  • • Web push (VAPID) with optional Firebase
  • • SMS for OTP via Twilio/MSG91
Realtime
  • • Broadcasting via Pusher-compatible drivers or internal WebSocket server.
  • • Presence channels for chat typing/online status.
  • • Interval heartbeats configurable in admin settings.

For production, run queue workers and websocket server under a supervisor to keep events flowing.

Mobile Apps

Android · iOS

Build with your preferred stack (Flutter/React Native). Use the Socialink REST APIs and enable OAuth clients for mobile redirect URIs.

  • • Enable CORS for mobile origins.
  • • Use HTTPS endpoints only.
  • • Configure push keys (FCM/APNS) under admin > notifications.
  • • For deep links, use {base}/connect/{provider} with universal links/app links.

Flutter App Setup Guide

iOS & Android
Complete Guide: Follow these steps to configure and build the Socialink Flutter mobile app for both iOS and Android platforms.
Prerequisites
  • Flutter SDK 3.6.0 or higher
  • Android Studio with Android SDK
  • Xcode (for iOS, Mac only)
  • Firebase account
  • Backend server configured
# Verify Flutter installation
flutter doctor

# Get dependencies
flutter pub get
Step 1: Firebase Configuration
1.1 Create Firebase Project
  1. Go to Firebase Console
  2. Click "Add Project" and enter project name
  3. Enable/disable Analytics (optional)
  4. Create project
1.2 Add Android App
  1. Click "Add app" → Android icon
  2. Enter package name: com.yourcompany.yourapp
  3. Download google-services.json
  4. Place at: android/app/google-services.json
1.3 Add iOS App
  1. Click "Add app" → iOS icon
  2. Enter bundle ID: com.yourcompany.yourapp
  3. Download GoogleService-Info.plist
  4. Place at: ios/Runner/GoogleService-Info.plist
1.4 Enable Firebase Services
Authentication:
  • Email/Password
  • Google Sign-In
  • Facebook Login
  • Apple Sign-In (iOS)
Other Services:
  • Cloud Firestore
  • Cloud Messaging (FCM)
  • Storage
1.5 Update Firebase Options

Edit lib/firebase_options.dart:

static const FirebaseOptions android = FirebaseOptions(
  apiKey: 'YOUR_ANDROID_API_KEY',
  appId: 'YOUR_ANDROID_APP_ID',
  messagingSenderId: 'YOUR_SENDER_ID',
  projectId: 'your-project-id',
  storageBucket: 'your-project-id.firebasestorage.app',
);

static const FirebaseOptions ios = FirebaseOptions(
  apiKey: 'YOUR_IOS_API_KEY',
  appId: 'YOUR_IOS_APP_ID',
  messagingSenderId: 'YOUR_SENDER_ID',
  projectId: 'your-project-id',
  storageBucket: 'your-project-id.firebasestorage.app',
  iosClientId: 'YOUR_IOS_CLIENT_ID',
  iosBundleId: 'com.yourcompany.yourapp',
);
Step 2: Package Name Configuration
2.1 Android Package Name

Update android/app/build.gradle:

android {
    namespace = "com.yourcompany.yourapp"
    
    defaultConfig {
        applicationId = "com.yourcompany.yourapp"
    }
}

Update MainActivity.kt:

package com.yourcompany.yourapp

import io.flutter.embedding.android.FlutterFragmentActivity

class MainActivity: FlutterFragmentActivity()
Rename folder from com/example/socialink_app/ to com/yourcompany/yourapp/
2.2 iOS Bundle Identifier
  1. Open ios/Runner.xcworkspace in Xcode
  2. Select "Runner" in project navigator
  3. In "General" tab, update "Bundle Identifier" to: com.yourcompany.yourapp
  4. Update app name in Info.plist
Step 3: Backend & API Configuration
3.1 Configure Server URL

Edit lib/util/app_config.dart:

static const String _baseUrl = 'https://your-server-url.com';
3.2 OpenAI API (AI Image Generation)
static const String aiApiKey = 'sk-proj-YOUR_OPENAI_API_KEY';

Get from: OpenAI Platform

Step 4: Payment Gateway Setup
Stripe

Edit lib/util/stripe_config.dart:

static const String publishableKey = 'pk_test_YOUR_KEY';
static const String secretKey = 'sk_test_YOUR_KEY';
Get Keys →
PayPal

Edit lib/util/paypal_config.dart:

static const String clientId = 'YOUR_CLIENT_ID';
static const bool isTestMode = true;
Get Keys →
Flutterwave

Edit lib/util/flutterwave_config.dart:

static const String publicKey = 'FLWPUBK_TEST_YOUR_KEY';
Get Keys →
Security: Never expose secret keys in the app. Use backend server for sensitive operations.
Step 5: Agora Setup (Live Streaming)
  1. Sign up at Agora Console
  2. Create new project and get App ID
  3. Update in these files:
# lib/features/live_stream/live_stream_view.dart
const appId = "YOUR_AGORA_APP_ID";

# lib/features/spaces/space_detail/space_detail_cubit.dart
const String kAgoraAppId = "YOUR_AGORA_APP_ID";
For production, generate Agora tokens from your backend server for security.
Step 6: Android Configuration
6.1 Generate Keystore
keytool -genkey -v -keystore upload-keystore.jks -keyalg RSA -keysize 2048 -validity 10000 -alias your-key-alias
6.2 Configure key.properties

Create android/key.properties:

storePassword=your_keystore_password
keyPassword=your_key_password
keyAlias=your-key-alias
storeFile=upload-keystore.jks
6.3 Google Sign-In Setup

Add to AndroidManifest.xml:

<meta-data
    android:name="com.google.android.gms.auth.GOOGLE_SIGN_IN_SERVER_CLIENT_ID"
    android:value="YOUR_WEB_CLIENT_ID.apps.googleusercontent.com" />
Step 7: iOS Configuration
7.1 Configure Signing
  1. Open ios/Runner.xcworkspace in Xcode
  2. Select "Runner" target
  3. Go to "Signing & Capabilities"
  4. Select your Team (Xcode manages provisioning automatically)
7.2 Apple Sign-In
  1. In Xcode, select "Runner" target
  2. Go to "Signing & Capabilities"
  3. Click "+ Capability"
  4. Add "Sign in with Apple"
Step 8: Building the App
Android Build
# Debug
flutter run

# Release APK
flutter build apk --release

# App Bundle (Play Store)
flutter build appbundle --release

Output: build/app/outputs/

iOS Build
# Build
flutter build ios --release

Then in Xcode:

  1. Product → Archive
  2. Distribute App
  3. Upload to App Store Connect
Common Issues & Solutions

Error: FirebaseOptions are not configured
Solution: Update lib/firebase_options.dart with actual credentials from Firebase console.

Solution: Ensure package names match in:
  • build.gradle (namespace & applicationId)
  • MainActivity.kt
  • Firebase console & google-services.json

flutter clean
flutter pub get
cd ios && pod install && cd ..
flutter build apk --release
Pre-Launch Checklist
  • All API keys configured
  • Firebase properly set up
  • Package names updated
  • App name and icons updated
  • Keystore configured (Android)
  • Signing configured (iOS)
  • Backend URL configured
  • Payment gateways tested
  • Agora streaming tested
  • Tested on real devices
  • Privacy policy added
  • Release builds successful

Maintenance

Ops
Backups
  • • Daily DB dumps with encryption.
  • • Media backups per provider (S3 lifecycle rules recommended).
  • • Test restores monthly.
Housekeeping
  • php artisan schedule:run via cron.
  • php artisan queue:work --daemon under supervisor.
  • • Rotate logs and clear caches each deploy (php artisan optimize:clear).
Backup commands (examples)
mysqldump -u user -p socialink | gzip > /backups/socialink-$(date +%F).sql.gz
php artisan media:backup   # if you have a custom media backup command
aws s3 sync /backups s3://your-backup-bucket/socialink/
Disaster recovery
  • • Keep offsite copies of DB + media.
  • • Document restore steps and test quarterly.
  • • Ensure encryption keys and .env backups are stored securely.

Security

Hardening
  • • Enforce HTTPS and HSTS.
  • • Rate-limit login and OTP endpoints.
  • • Keep dependencies updated; run composer audit in CI.
  • • Restrict admin routes by IP if possible.
  • • Use signed URLs for media when offloading to public buckets.
  • • Disable directory listing on the web server.
  • • Allow only required upload extensions; scan uploads when possible.
  • • Keep .env outside VCS and secure backups with encryption.

Updates & Upgrade

Releases
Zero-downtime flow
  1. Put site in maintenance mode: php artisan down.
  2. Backup DB and .env.
  3. Pull new release or upload update package.
  4. Run: composer install --no-dev --optimize-autoloader.
  5. Run: php artisan migrate --force.
  6. Clear caches: php artisan optimize:clear.
  7. Rebuild caches: php artisan config:cache && php artisan route:cache.
  8. Restart queue/websocket supervisors.
  9. Bring site up: php artisan up.
After update
  • • Verify homepage, login, and uploads.
  • • Test payments in sandbox mode.
  • • Confirm webhooks still firing (wallet/subscriptions).
  • • Check cron and workers are running.
  • • Clear browser cache if UI assets changed.

Troubleshooting

Common fixes
Installer/config issues
  • • 500 error after install → check storage/logs/laravel.log.
  • • ENV not applied → run php artisan config:clear.
  • • Redirect loop → ensure APP_URL and HTTPS config match.
  • • Storage 403 → confirm php artisan storage:link and web server allows symlinks.
  • • Migrations failing → verify DB user permissions and charset utf8mb4.
Feature-specific
  • • Social login failing → verify redirect URIs and app is published.
  • • Payments not updating → check webhooks and queue worker status.
  • • Push not received → HTTPS required; verify VAPID/FCM keys.
  • • Calls/live stream not connecting → ensure SSL and correct TURN/Agora keys.
  • • Media not showing from CDN → confirm CORS, cache headers, and correct CDN domain.

Support

Help desk
  • • Open a ticket with purchase code, domain, and issue details.
  • • Include server specs and recent logs for faster triage.
  • • For installation help, provide temporary admin access (optional).
  • • Community FAQs and comprehensive guides available for all features.

Response windows depend on support plan. Keep credentials rotated after assistance.

FAQ

Common

Yes. Keep your license handy for installation support and updates.

You can enable or disable public mode. When disabled, only authenticated users can view content.

Use the password reset flow or run a database update to set a new password hash for the admin user, then rotate credentials.

Yes. In admin > uploads you can disable photos, videos, audio, or files and set per-type size limits.

You can allow visitors to browse search/feed or lock the site to authenticated users. Toggle this in admin > registration/public mode.

Changelog

Recent
v1.0.0
Initial Release
  • Initial commit
  • Complete Laravel 12 social networking platform
  • Full-featured mobile app support (Flutter)
  • Comprehensive documentation