daniel.w
/
finance-tools
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
finance-tools/scripts/remote-bootstrap.sh

95 lines
2.6 KiB
Bash
Executable File
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env bash
set -euo pipefail
APP_USER="${APP_USER:-daniel}"
APP_DIR="${APP_DIR:-/opt/investor-rpg}"
SERVICE_NAME="${SERVICE_NAME:-investor-rpg}"
SERVER_NAME="${SERVER_NAME:-_}"
if [[ "${EUID}" -ne 0 ]]; then
echo "請用 sudo 執行sudo bash $0" >&2
exit 1
fi
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y ca-certificates curl nginx rsync sqlite3
if ! command -v node >/dev/null 2>&1 || [[ "$(node -p 'Number(process.versions.node.split(".")[0])')" -lt 22 ]]; then
curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
DEBIAN_FRONTEND=noninteractive apt-get install -y nodejs
fi
install -d -o "${APP_USER}" -g "${APP_USER}" "${APP_DIR}" "${APP_DIR}/backups"
install -d -o "${APP_USER}" -g "${APP_USER}" "/opt/content" "/opt/content/raw" "/opt/content/raw/patterns"
cat >"/etc/systemd/system/${SERVICE_NAME}.service" <<EOF
[Unit]
Description=Investor RPG Node backend
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
User=${APP_USER}
Group=${APP_USER}
WorkingDirectory=${APP_DIR}
Environment=NODE_ENV=production
Environment=PORT=3000
Environment=HOST=127.0.0.1
ExecStart=/usr/bin/npm start
Restart=always
RestartSec=5
TimeoutStopSec=20
[Install]
WantedBy=multi-user.target
EOF
cat >"/etc/nginx/sites-available/${SERVICE_NAME}" <<EOF
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name ${SERVER_NAME};
root ${APP_DIR}/dist;
index index.html;
client_max_body_size 5m;
location /api/ {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_read_timeout 180s;
}
location /book-patterns/ {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Host \$host;
proxy_read_timeout 60s;
}
location / {
try_files \$uri \$uri/ /index.html;
}
}
EOF
rm -f /etc/nginx/sites-enabled/default
ln -sfn "/etc/nginx/sites-available/${SERVICE_NAME}" "/etc/nginx/sites-enabled/${SERVICE_NAME}"
cat >"/etc/sudoers.d/${SERVICE_NAME}-deploy" <<EOF
${APP_USER} ALL=(root) NOPASSWD: /usr/bin/systemctl restart ${SERVICE_NAME}, /usr/sbin/nginx -t
EOF
chmod 0440 "/etc/sudoers.d/${SERVICE_NAME}-deploy"
systemctl daemon-reload
systemctl enable "${SERVICE_NAME}" nginx
nginx -t
systemctl restart nginx
echo "Bootstrap 完成Node $(node -v)Nginx 已啟動,應用程式目錄為 ${APP_DIR}"
Reference in New Issue View Git Blame Copy Permalink