tfgrid/projectmycelium
11
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
0b812768ee9828230dc1637eeba2d226f619db20
projectmycelium/scripts/deploy.sh
mik-tf b41efb0e99 init projectmycelium
2025-09-01 21:37:01 -04:00

155 lines
3.9 KiB
Bash
Raw Blame History

#!/bin/bash
# Exit on error
set -e
echo "===== Project Mycelium Simplified Deployment Script ====="
echo "Date: $(date)"
echo "User: $(whoami)"
# Check required commands
for cmd in git cargo zinit caddy; do
if ! command -v $cmd &> /dev/null; then
echo "Error: Required command '$cmd' not found."
echo "Please install all prerequisites before running this script."
exit 1
fi
done
# Variables
REPO_URL="https://git.ourworld.tf/tfgrid_research/projectmycelium"
INSTALL_DIR="/root/code/github.com/tfgrid_research/projectmycelium"
SERVICE_NAME="tf-marketplace"
PORT=9999
DOMAIN="example.com" # Replace with your actual domain
# Prompt for domain name
read -p "Enter your domain name [default: $DOMAIN]: " input_domain
DOMAIN=${input_domain:-$DOMAIN}
# Generate a random secret key if not provided
if [ -z "$SECRET_KEY" ]; then
SECRET_KEY=$(openssl rand -base64 32)
echo "Generated random SECRET_KEY"
fi
echo "===== Cloning Repository ====="
mkdir -p $(dirname "$INSTALL_DIR")
if [ -d "$INSTALL_DIR" ]; then
echo "Directory already exists. Updating repository..."
cd "$INSTALL_DIR"
git checkout main
git fetch
git pull
else
echo "Cloning repository..."
git clone "$REPO_URL" "$INSTALL_DIR"
cd "$INSTALL_DIR"
git checkout main
fi
echo "===== Creating zinit Service ====="
# Create service script directory
sudo mkdir -p /etc/zinit/cmds
# Create service script
cat > /tmp/tf-marketplace.sh << EOF
#!/bin/bash
cd $INSTALL_DIR
export RUST_LOG=info
export SECRET_KEY="$SECRET_KEY"
exec /root/.cargo/bin/cargo run --release -- --port $PORT
EOF
sudo cp /tmp/tf-marketplace.sh /etc/zinit/cmds/$SERVICE_NAME.sh
sudo chmod +x /etc/zinit/cmds/$SERVICE_NAME.sh
rm /tmp/tf-marketplace.sh
# Create zinit service definition
cat > /tmp/tf-marketplace.yaml << EOF
exec: "/bin/bash -c /etc/zinit/cmds/$SERVICE_NAME.sh"
EOF
sudo cp /tmp/tf-marketplace.yaml /etc/zinit/$SERVICE_NAME.yaml
rm /tmp/tf-marketplace.yaml
echo "===== Configuring Caddy ====="
cat > /tmp/Caddyfile << EOF
$DOMAIN {
# Enable compression
encode gzip zstd
# Serve static files
handle /static/* {
root * $INSTALL_DIR/src
file_server
}
# Reverse proxy to the application
reverse_proxy localhost:$PORT {
# Customize timeouts if needed
timeout 2m
# Enable WebSocket support
header_up Connection {>Connection}
header_up Upgrade {>Upgrade}
}
# Add security headers
header {
# Enable HSTS
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
# Prevent MIME type sniffing
X-Content-Type-Options "nosniff"
# Protect against clickjacking
X-Frame-Options "SAMEORIGIN"
# Enable XSS protection
X-XSS-Protection "1; mode=block"
# Control browser features
Permissions-Policy "geolocation=(), midi=(), camera=(), usb=(), magnetometer=(), accelerometer=(), gyroscope=(), payment=()"
# Remove server information
-Server
}
# Log access
log {
output file /var/log/caddy/access.log
format json
}
}
EOF
sudo mkdir -p /etc/caddy
sudo cp /tmp/Caddyfile /etc/caddy/Caddyfile
rm /tmp/Caddyfile
echo "===== Starting Services ====="
# Start the marketplace service
zinit start $SERVICE_NAME
# Restart Caddy to load new configuration
zinit restart caddy
echo "===== Configuring Firewall ====="
if command -v ufw &> /dev/null; then
sudo ufw allow http
sudo ufw allow https
echo "Firewall configured to allow HTTP and HTTPS traffic."
fi
echo "===== Deployment Complete ====="
echo "Project Mycelium has been deployed at: https://$DOMAIN"
echo
echo "You can monitor the application with:"
echo " zinit list"
echo " zinit log $SERVICE_NAME"
echo " tail -f /var/log/zinit/$SERVICE_NAME.log"
echo
echo "Caddy status and logs:"
echo " zinit status caddy"
echo " zinit log caddy"
Reference in New Issue View Git Blame Copy Permalink