If you haven't already, initialize your Fly.io application:
fly launchAdd the required Aikido environment variables to your Fly.io application:
fly secrets set AIKIDO_TOKEN=AIK_RUNTIME_... # Replace with your actual token
fly secrets set AIKIDO_BLOCK=false # Set to "true" to enable blocking modeYou can get your token from the Aikido Security Dashboard.
Create a script to install the Aikido PHP Firewall during deployment:
- Go to the
./.fly/scriptsfolder in your repository - Create an
aikido.shfile with the following content:
#!/usr/bin/env bash
cd /tmp
curl -L -O https://github.com/AikidoSec/firewall-php/releases/download/v1.5.12/aikido-php-firewall.x86_64.deb
dpkg -i -E ./aikido-php-firewall.x86_64.deb- Make the script executable:
chmod +x ./.fly/scripts/aikido.shDeploy your application to Fly.io:
fly deployYou can verify the installation by connecting to your Fly.io instance and checking if the Aikido module is loaded:
fly ssh console
php -i | grep "aikido support"Expected output: aikido support => enabled
If you encounter any issues, check the logs:
fly ssh console
cat /var/log/aikido-*/*For instructions on creating a token, see our help documentation.