#!/bin/bash # =========================== # MY Network v2.0 Production Deployment Script # Target: my-public-node-3.projscale.dev # =========================== set -e echo "==================================================" echo "๐Ÿš€ MY NETWORK v2.0 PRODUCTION DEPLOYMENT" echo "Target: my-public-node-3.projscale.dev" echo "==================================================" # =========================== # CONFIGURATION # =========================== PRODUCTION_HOST="my-public-node-3.projscale.dev" PRODUCTION_USER="root" PRODUCTION_PORT="22" MY_NETWORK_PORT="15100" PROJECT_NAME="my-uploader-bot" DOMAIN="my-public-node-3.projscale.dev" echo "" echo "=== CONFIGURATION ===" echo "Host: $PRODUCTION_HOST" echo "User: $PRODUCTION_USER" echo "MY Network Port: $MY_NETWORK_PORT" echo "Domain: $DOMAIN" # =========================== # PRODUCTION .ENV GENERATION # =========================== echo "" echo "=== 1. CREATING PRODUCTION .ENV ===" cat > .env.production << EOF # MY Network v2.0 Production Configuration MY_NETWORK_VERSION=v2.0 MY_NETWORK_PORT=15100 MY_NETWORK_HOST=0.0.0.0 # Production Database DATABASE_URL=sqlite+aiosqlite:///./data/my_network_production.db DB_TYPE=sqlite # Security (CHANGE THESE IN PRODUCTION!) SECRET_KEY=$(openssl rand -hex 32) JWT_SECRET=$(openssl rand -hex 32) # API Configuration API_VERSION=v1 DEBUG=false # Bootstrap Configuration BOOTSTRAP_CONFIG_PATH=bootstrap.json # Monitoring ENABLE_MONITORING=true MONITORING_THEME=matrix # Network Settings MAX_PEERS=100 SYNC_INTERVAL=30 PEER_DISCOVERY_INTERVAL=60 # Production Settings ENVIRONMENT=production LOG_LEVEL=INFO HOST_DOMAIN=$DOMAIN EXTERNAL_URL=https://$DOMAIN # SSL Configuration SSL_ENABLED=true SSL_CERT_PATH=/etc/letsencrypt/live/$DOMAIN/fullchain.pem SSL_KEY_PATH=/etc/letsencrypt/live/$DOMAIN/privkey.pem EOF echo "โœ… Production .env created" # =========================== # PRODUCTION BOOTSTRAP CONFIG # =========================== echo "" echo "=== 2. CREATING PRODUCTION BOOTSTRAP CONFIG ===" cat > bootstrap.production.json << EOF { "network": { "name": "MY Network v2.0 Production", "version": "2.0", "protocol_version": "1.0", "port": 15100, "host": "0.0.0.0", "external_url": "https://$DOMAIN" }, "bootstrap_nodes": [ { "id": "main-bootstrap-node", "host": "$DOMAIN", "port": 15100, "public_key": "production-key-placeholder", "weight": 100, "priority": 1, "region": "global" } ], "security": { "encryption_enabled": true, "authentication_required": true, "ssl_enabled": true, "rate_limiting": { "requests_per_minute": 1000, "burst_size": 100 } }, "api": { "endpoints": { "health": "/health", "metrics": "/api/metrics", "monitor": "/api/my/monitor/", "websocket": "/api/my/monitor/ws", "sync": "/api/sync", "peers": "/api/peers" }, "cors": { "enabled": true, "origins": ["https://$DOMAIN"] } }, "monitoring": { "enabled": true, "theme": "matrix", "real_time_updates": true, "websocket_path": "/api/my/monitor/ws", "dashboard_path": "/api/my/monitor/", "metrics_enabled": true }, "storage": { "type": "sqlite", "path": "./data/my_network_production.db", "backup_enabled": true, "backup_interval": 3600 }, "p2p": { "max_peers": 100, "sync_interval": 30, "discovery_interval": 60, "connection_timeout": 30, "keep_alive": true }, "logging": { "level": "INFO", "file_path": "./logs/my_network_production.log", "max_size": "100MB", "backup_count": 5 } } EOF echo "โœ… Production bootstrap config created" # =========================== # DEPLOYMENT COMMANDS # =========================== echo "" echo "=== 3. DEPLOYMENT COMMANDS ===" echo "๐Ÿ”‘ Testing SSH connection..." if ssh -o ConnectTimeout=10 -o BatchMode=yes $PRODUCTION_USER@$PRODUCTION_HOST 'echo "SSH connection successful"' 2>/dev/null; then echo "โœ… SSH connection successful" else echo "โŒ SSH connection failed. Please check:" echo " - SSH key is loaded: ssh-add -l" echo " - Server is accessible: ping $PRODUCTION_HOST" echo " - User has access: ssh $PRODUCTION_USER@$PRODUCTION_HOST" exit 1 fi echo "" echo "๐Ÿ“ Creating remote directories..." ssh $PRODUCTION_USER@$PRODUCTION_HOST " mkdir -p /opt/$PROJECT_NAME/data /opt/$PROJECT_NAME/logs chown -R root:root /opt/$PROJECT_NAME " echo "" echo "๐Ÿ“ค Uploading files..." # Upload project files scp -r . $PRODUCTION_USER@$PRODUCTION_HOST:/opt/$PROJECT_NAME/ # Upload production configs scp .env.production $PRODUCTION_USER@$PRODUCTION_HOST:/opt/$PROJECT_NAME/.env scp bootstrap.production.json $PRODUCTION_USER@$PRODUCTION_HOST:/opt/$PROJECT_NAME/bootstrap.json echo "" echo "๐Ÿณ Installing Docker and Docker Compose on remote server..." ssh $PRODUCTION_USER@$PRODUCTION_HOST " # Update system apt-get update -y apt-get install -y curl wget unzip # Install Docker if ! command -v docker &> /dev/null; then curl -fsSL https://get.docker.com -o get-docker.sh sh get-docker.sh systemctl enable docker systemctl start docker fi # Install Docker Compose if ! command -v docker-compose &> /dev/null; then curl -L \"https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)\" -o /usr/local/bin/docker-compose chmod +x /usr/local/bin/docker-compose fi echo 'โœ… Docker installation completed' " echo "" echo "๐Ÿ”ฅ Setting up firewall..." ssh $PRODUCTION_USER@$PRODUCTION_HOST " # Install UFW if not present apt-get install -y ufw # Configure firewall ufw --force reset ufw default deny incoming ufw default allow outgoing # Allow essential ports ufw allow 22/tcp # SSH ufw allow 80/tcp # HTTP ufw allow 443/tcp # HTTPS ufw allow $MY_NETWORK_PORT/tcp # MY Network v2.0 # Enable firewall ufw --force enable echo 'โœ… Firewall configured' " echo "" echo "๐ŸŒ Setting up Nginx..." ssh $PRODUCTION_USER@$PRODUCTION_HOST " # Install Nginx apt-get install -y nginx # Create Nginx configuration cat > /etc/nginx/sites-available/mynetwork << 'NGINX_EOF' server { listen 80; server_name $DOMAIN; # Redirect HTTP to HTTPS location / { return 301 https://\$server_name\$request_uri; } } server { listen 443 ssl http2; server_name $DOMAIN; # SSL Configuration (will be set up by Certbot) ssl_certificate /etc/letsencrypt/live/$DOMAIN/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/$DOMAIN/privkey.pem; # Security headers add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection \"1; mode=block\"; # MY Network v2.0 API location /api/ { proxy_pass http://localhost:$MY_NETWORK_PORT/api/; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto \$scheme; } # Health check location /health { proxy_pass http://localhost:$MY_NETWORK_PORT/health; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; } # Matrix Monitoring Dashboard location /api/my/monitor/ { proxy_pass http://localhost:$MY_NETWORK_PORT/api/my/monitor/; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; } # WebSocket for real-time monitoring location /api/my/monitor/ws { proxy_pass http://localhost:$MY_NETWORK_PORT/api/my/monitor/ws; proxy_http_version 1.1; proxy_set_header Upgrade \$http_upgrade; proxy_set_header Connection \"upgrade\"; proxy_set_header Host \$host; } } NGINX_EOF # Enable site ln -sf /etc/nginx/sites-available/mynetwork /etc/nginx/sites-enabled/ rm -f /etc/nginx/sites-enabled/default # Test configuration nginx -t echo 'โœ… Nginx configured' " echo "" echo "๐Ÿ”’ Setting up SSL with Let's Encrypt..." ssh $PRODUCTION_USER@$PRODUCTION_HOST " # Install Certbot apt-get install -y certbot python3-certbot-nginx # Get SSL certificate certbot --nginx -d $DOMAIN --non-interactive --agree-tos --email admin@$DOMAIN --redirect # Set up auto-renewal crontab -l 2>/dev/null | { cat; echo '0 12 * * * /usr/bin/certbot renew --quiet'; } | crontab - echo 'โœ… SSL certificate obtained' " echo "" echo "๐Ÿš€ Deploying MY Network v2.0..." ssh $PRODUCTION_USER@$PRODUCTION_HOST " cd /opt/$PROJECT_NAME # Build and start containers docker-compose --profile main-node up -d --build echo 'โœ… MY Network v2.0 containers started' " echo "" echo "๐Ÿ“Š Creating systemd service..." ssh $PRODUCTION_USER@$PRODUCTION_HOST " cat > /etc/systemd/system/my-network-v2.service << 'SERVICE_EOF' [Unit] Description=MY Network v2.0 Production Service After=docker.service Requires=docker.service [Service] Type=oneshot RemainAfterExit=yes WorkingDirectory=/opt/$PROJECT_NAME ExecStart=/usr/bin/docker-compose --profile main-node up -d ExecStop=/usr/bin/docker-compose down ExecReload=/usr/bin/docker-compose restart app TimeoutStartSec=300 TimeoutStopSec=120 User=root Environment=\"MY_NETWORK_PORT=$MY_NETWORK_PORT\" Environment=\"MY_NETWORK_VERSION=v2.0\" [Install] WantedBy=multi-user.target SERVICE_EOF systemctl daemon-reload systemctl enable my-network-v2 systemctl start my-network-v2 echo 'โœ… SystemD service created and started' " # =========================== # FINAL VERIFICATION # =========================== echo "" echo "=== 4. FINAL VERIFICATION ===" echo "โณ Waiting for services to start..." sleep 30 echo "๐Ÿ” Testing endpoints..." for endpoint in "https://$DOMAIN/health" "https://$DOMAIN/api/my/monitor/"; do if curl -f -s -k "$endpoint" > /dev/null; then echo "โœ… $endpoint - OK" else echo "โŒ $endpoint - FAILED" fi done # =========================== # DEPLOYMENT SUMMARY # =========================== echo "" echo "==================================================" echo "๐ŸŽ‰ MY NETWORK v2.0 PRODUCTION DEPLOYMENT COMPLETE!" echo "==================================================" echo "" echo "๐ŸŒ Access Points:" echo " โ€ข Matrix Dashboard: https://$DOMAIN/api/my/monitor/" echo " โ€ข Health Check: https://$DOMAIN/health" echo " โ€ข WebSocket: wss://$DOMAIN/api/my/monitor/ws" echo " โ€ข API Docs: https://$DOMAIN:$MY_NETWORK_PORT/docs" echo "" echo "๐Ÿ› ๏ธ Management Commands:" echo " โ€ข View logs: ssh $PRODUCTION_USER@$PRODUCTION_HOST 'docker-compose -f /opt/$PROJECT_NAME/docker-compose.yml logs -f'" echo " โ€ข Restart service: ssh $PRODUCTION_USER@$PRODUCTION_HOST 'systemctl restart my-network-v2'" echo " โ€ข Check status: ssh $PRODUCTION_USER@$PRODUCTION_HOST 'systemctl status my-network-v2'" echo "" echo "๐Ÿ”’ Security:" echo " โ€ข SSL/TLS: Enabled with Let's Encrypt" echo " โ€ข Firewall: UFW configured for ports 22, 80, 443, $MY_NETWORK_PORT" echo " โ€ข Auto-renewal: SSL certificates will auto-renew" echo "" echo "โœ… MY Network v2.0 is now live on production!" # Cleanup local temporary files rm -f .env.production bootstrap.production.json echo "" echo "๐Ÿงน Cleanup completed" echo "๐Ÿš€ Production deployment successful!"