my-dev
/
configs
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix config

This commit is contained in:
Doctor Delpy 2025-12-11 20:37:08 +03:00
parent 8dd84fadc8
commit 099b624c63
1 changed files with 25 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
Makefile
View File

@ -13,9 +13,8 @@ CONTAINER_NAME = $(COMPOSE_PROJECT)-$(SERVICE)-1
ENV_REQUIRED := TELEGRAM_API_KEY CLIENT_TELEGRAM_API_KEY POSTGRES_DB POSTGRES_USER POSTGRES_PASSWORD DATABASE_URL SANIC_PORT BACKEND_HTTP_PORT
# Derive external domain and ports from .env for nginx/bootstrap helpers.
# PUBLIC_HOST may look like https://my-public-node-103.projscale.dev or be empty.
PUBLIC_HOST_RAW := $(shell awk -F= '$$1=="PUBLIC_HOST"{print $$2}' $(ENV_FILE) 2>/dev/null | tail -n1)
DOMAIN_FROM_ENV := $(shell printf '%s\n' "$(PUBLIC_HOST_RAW)" | sed -E 's#^https?://##; s#/.*$$##')
# PUBLIC_HOST may look like "https://my-public-node-103.projscale.dev" or have whitespace.
DOMAIN_FROM_ENV := $(shell awk -F= '$$1=="PUBLIC_HOST"{print $$2}' $(ENV_FILE) 2>/dev/null | tail -n1 | sed -E 's/^[[:space:]]+//; s/[[:space:]]+$$//; s#^https?://##; s#/.*$$##')
DOMAIN ?= $(DOMAIN_FROM_ENV)
BACKEND_HTTP_PORT ?= $(shell awk -F= '$$1=="BACKEND_HTTP_PORT"{print $$2}' $(ENV_FILE) 2>/dev/null | tail -n1)
FRONTEND_HTTP_PORT ?= $(shell awk -F= '$$1=="FRONTEND_HTTP_PORT"{print $$2}' $(ENV_FILE) 2>/dev/null | tail -n1)
@ -137,9 +136,9 @@ nuke destroy:
#
# This target:
# - Validates that DOMAIN and ports are known (PUBLIC_HOST/BACKEND_HTTP_PORT/FRONTEND_HTTP_PORT/TUSD_HTTP_PORT)
# - Renders /etc/nginx/sites-available/$(DOMAIN).conf from configs/nginx.conf with the correct domain/ports
# - Enables the site and reloads nginx
# - Optionally runs certbot --nginx if available to obtain TLS certificates
# - Stops nginx, obtains/renews a certificate via certbot --standalone (port 80)
# - Renders /etc/nginx/conf.d/$(DOMAIN).conf from configs/nginx.conf with the correct domain/ports
# - Starts nginx with the new vhost config
setup-nginx:
@if [ "$$(id -u)" -ne 0 ]; then \
echo "setup-nginx must be run as root (to write /etc/nginx and run certbot)"; \
@ -160,14 +159,28 @@ setup-nginx:
echo "Ensure ./start.sh finished and .env contains these ports, then retry." >&2; \
exit 1; \
fi
@echo "Configuring nginx for domain $(DOMAIN) ..."
@echo "Configuring nginx for domain '$(DOMAIN)' ..."
@echo " Backend HTTP port: $(BACKEND_HTTP_PORT)"
@echo " Frontend HTTP port: $(FRONTEND_HTTP_PORT)"
@echo " tusd HTTP port: $(TUSD_HTTP_PORT)"
@if ! command -v nginx >/dev/null 2>&1; then \
echo "nginx binary not found; install nginx (e.g. 'apt install nginx') and retry." >&2; \
exit 1; \
fi
@nginx_conf="/etc/nginx/conf.d/$(DOMAIN).conf"; \
mkdir -p /etc/nginx/conf.d; \
# Render nginx.conf template with actual domain and ports into a dedicated vhost file.
# We do NOT touch the distro's default site; this file will coexist alongside it.
if ! command -v certbot >/dev/null 2>&1; then \
echo "certbot not found; install it (e.g. 'apt install certbot') and rerun 'make setup-nginx'." >&2; \
exit 1; \
fi; \
echo "Stopping nginx (if running) to free port 80 for certbot ..."; \
systemctl stop nginx 2>/dev/null || nginx -s stop 2>/dev/null || true; \
echo "Obtaining/renewing TLS certificate via certbot --standalone for $(DOMAIN) ..."; \
if ! certbot certonly --standalone -d "$(DOMAIN)"; then \
echo "certbot failed; cannot proceed with nginx SSL setup. Start nginx manually if needed." >&2; \
exit 1; \
fi; \
echo "Rendering nginx vhost config at $$nginx_conf ..."; \
sed -e 's/my-public-node-8\.projscale\.dev/$(DOMAIN)/g' \
-e 's|/etc/letsencrypt/live/my-public-node-8\.projscale\.dev/|/etc/letsencrypt/live/$(DOMAIN)/|g' \
-e 's/server 127\.0\.0\.1:13200;/server 127.0.0.1:$(BACKEND_HTTP_PORT);/' \
@ -175,15 +188,9 @@ setup-nginx:
-e 's/server 127\.0\.0\.1:13400;/server 127.0.0.1:$(TUSD_HTTP_PORT);/' \
"$(CURDIR)/nginx.conf" > "$$nginx_conf"; \
if ! nginx -t; then \
echo "nginx configuration test failed; not reloading." >&2; \
echo "nginx configuration test failed; not starting nginx." >&2; \
exit 1; \
fi; \
systemctl reload nginx || nginx -s reload || true; \
if command -v certbot >/dev/null 2>&1; then \
echo "Attempting to obtain/renew TLS certificate via certbot for $(DOMAIN) ..."; \
certbot --nginx -d "$(DOMAIN)" || echo "certbot failed or was cancelled; ensure certificates are configured manually."; \
else \
echo "certbot not found; install certbot (e.g. 'apt install certbot python3-certbot-nginx') and run:"; \
echo " certbot --nginx -d $(DOMAIN)"; \
fi; \
echo "Starting nginx with new configuration ..."; \
systemctl start nginx 2>/dev/null || nginx || true; \
echo "Nginx setup for $(DOMAIN) complete. Verify HTTPS availability in a browser."