diff options
| author | Tyler Hoang <tyler@tylerhoang.xyz> | 2026-05-30 00:21:03 -0700 |
|---|---|---|
| committer | Tyler Hoang <tyler@tylerhoang.xyz> | 2026-05-30 00:21:03 -0700 |
| commit | 5fbc175e540803d919863f3d90dffc3c0645a90b (patch) | |
| tree | 13713f582aa901311b2b2d05f289b351673f9827 /README.md | |
| parent | 66acc6f7d18c93f4b7960682bea5bd5ff1545802 (diff) | |
feat: add scripts/deploy.sh for idempotent production deploys
Handles first-time install (--install) and redeploys: pulls, builds backend
and frontend as www-data with the required HOME/NPM_CONFIG_CACHE env, restarts
systemd services, and smoke-checks /health and /.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 54 |
1 files changed, 17 insertions, 37 deletions
@@ -53,55 +53,35 @@ SQLite lives at `backend/data/prism.db`. Backend seeds a `default` profile on st Target topology: backend on `127.0.0.1:8001`, frontend on `127.0.0.1:3001`, nginx terminates TLS and reverse-proxies. Code lives at `/var/www/prism-v2/` owned by `www-data`. -### 1. Initial install +Use `scripts/deploy.sh` on the server — it is idempotent and handles both initial install and redeploys. -```bash -sudo mkdir -p /var/www && sudo chown www-data:www-data /var/www -sudo -u www-data git clone <repo> /var/www/prism-v2 -cd /var/www/prism-v2 - -# Backend -sudo -u www-data python3 -m venv backend/.venv -sudo -u www-data backend/.venv/bin/pip install -r backend/requirements.txt - -# Frontend (writable npm cache required for www-data) -sudo mkdir -p frontend/.npm && sudo chown -R www-data:www-data frontend -sudo -u www-data env HOME=/var/www/prism-v2/frontend NPM_CONFIG_CACHE=/var/www/prism-v2/frontend/.npm \ - npm --prefix frontend ci -sudo -u www-data env HOME=/var/www/prism-v2/frontend NPM_CONFIG_CACHE=/var/www/prism-v2/frontend/.npm \ - npm --prefix frontend run build -``` - -### 2. systemd +### First-time setup on a fresh server ```bash -sudo cp systemd/prismv2-backend.service systemd/prismv2-frontend.service /etc/systemd/system/ -sudo systemctl daemon-reload -sudo systemctl enable --now prismv2-backend.service prismv2-frontend.service -``` +# As root / via sudo +mkdir -p /var/www && chown www-data:www-data /var/www +sudo -u www-data git clone <repo-url> /var/www/prism-v2 +cd /var/www/prism-v2 -### 3. nginx + TLS +# Install systemd units + nginx site + build + start +sudo ./scripts/deploy.sh --install -```bash -sudo cp nginx/prism.tylerhoang.xyz.conf /etc/nginx/sites-available/prism.tylerhoang.xyz -sudo ln -sf /etc/nginx/sites-available/prism.tylerhoang.xyz /etc/nginx/sites-enabled/ -sudo certbot --nginx -d prism.tylerhoang.xyz # first time only -sudo nginx -t && sudo systemctl reload nginx +# First-time TLS (Certbot edits the nginx server block in-place) +sudo certbot --nginx -d prism.tylerhoang.xyz +sudo systemctl reload nginx ``` -### 4. Redeploy +### Redeploy ```bash cd /var/www/prism-v2 -sudo -u www-data git pull origin master -sudo -u www-data backend/.venv/bin/pip install -r backend/requirements.txt -sudo -u www-data env HOME=/var/www/prism-v2/frontend NPM_CONFIG_CACHE=/var/www/prism-v2/frontend/.npm \ - npm --prefix frontend ci -sudo -u www-data env HOME=/var/www/prism-v2/frontend NPM_CONFIG_CACHE=/var/www/prism-v2/frontend/.npm \ - npm --prefix frontend run build -sudo systemctl restart prismv2-backend.service prismv2-frontend.service +sudo ./scripts/deploy.sh # pull + build + restart + smoke check +sudo ./scripts/deploy.sh --no-pull # rebuild + restart without git pull +sudo ./scripts/deploy.sh --install # also refresh systemd units / nginx site ``` +The script runs all build steps as `www-data` (with `HOME` + `NPM_CONFIG_CACHE` set), restarts both services, and curls `/health` on the backend and `/` on the frontend before exiting. + ### Ops ```bash |