script
This commit is contained in:
overcuriousity
parent
fd721ce930
commit
1beefb93bb
333
deploy.sh
333
deploy.sh
@ -1,6 +1,5 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
# ForensicPathways Deployment Script – *ownership-aware*
|
||||||
# ForensicPathways Deployment Script
|
|
||||||
# Usage: sudo ./deploy.sh
|
# Usage: sudo ./deploy.sh
|
||||||
|
|
||||||
set -e
|
set -e
|
||||||
@ -20,244 +19,212 @@ echo "👤 Original user: $ORIGINAL_USER"
|
|||||||
echo "📁 Working directory: $(pwd)"
|
echo "📁 Working directory: $(pwd)"
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
# Check if running as root
|
###############################################################################
|
||||||
|
# 0. Safety checks
|
||||||
|
###############################################################################
|
||||||
if [ "$EUID" -ne 0 ]; then
|
if [ "$EUID" -ne 0 ]; then
|
||||||
echo "❌ Error: This script must be run as root (use sudo)"
|
echo "❌ Error: This script must be run as root (use sudo)"; exit 1
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Verify we're in the right directory
|
|
||||||
if [ ! -f "package.json" ] || [ ! -f "astro.config.mjs" ]; then
|
if [ ! -f "package.json" ] || [ ! -f "astro.config.mjs" ]; then
|
||||||
echo "❌ Error: Must run from ForensicPathways project root"
|
echo "❌ Error: Must run from ForensicPathways project root"
|
||||||
echo "🔍 Current directory: $(pwd)"
|
echo "🔍 Current directory: $(pwd)"; echo "🔍 Files found: $(ls -la)"; exit 1
|
||||||
echo "🔍 Files found: $(ls -la)"
|
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Function to find and use npm
|
###############################################################################
|
||||||
|
# 1. Helper – build with whichever npm is available for the original user
|
||||||
|
###############################################################################
|
||||||
find_and_use_npm() {
|
find_and_use_npm() {
|
||||||
echo "🔍 Searching for npm installation..."
|
echo "🔍 Searching for npm installation..."
|
||||||
|
|
||||||
# Try system npm first
|
# A) system-wide npm
|
||||||
if command -v npm &> /dev/null; then
|
if command -v npm &>/dev/null; then
|
||||||
echo "✅ Found system npm: $(which npm)"
|
echo "✅ Found system npm: $(which npm)"
|
||||||
echo "📦 Installing dependencies..."
|
echo "📦 Installing dependencies…"
|
||||||
sudo -u "$ORIGINAL_USER" npm install
|
sudo -u "$ORIGINAL_USER" npm install
|
||||||
echo "📦 Building application..."
|
echo "📦 Building application…"
|
||||||
sudo -u "$ORIGINAL_USER" npm run build
|
sudo -u "$ORIGINAL_USER" npm run build
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Try nvm-installed npm
|
# B) nvm-managed npm
|
||||||
echo "🔍 Checking for nvm installation..."
|
echo "🔍 Checking for nvm installation..."
|
||||||
if sudo -u "$ORIGINAL_USER" bash -c "
|
if sudo -u "$ORIGINAL_USER" bash -c "
|
||||||
export NVM_DIR='$ORIGINAL_HOME/.nvm'
|
export NVM_DIR='$ORIGINAL_HOME/.nvm'
|
||||||
[ -s '\$NVM_DIR/nvm.sh' ] && source '\$NVM_DIR/nvm.sh'
|
[ -s \"\$NVM_DIR/nvm.sh\" ] && source \"\$NVM_DIR/nvm.sh\"
|
||||||
[ -s '$ORIGINAL_HOME/.bashrc' ] && source '$ORIGINAL_HOME/.bashrc'
|
[ -s '$ORIGINAL_HOME/.bashrc' ] && source '$ORIGINAL_HOME/.bashrc'
|
||||||
command -v npm &> /dev/null
|
command -v npm &>/dev/null
|
||||||
"; then
|
"; then
|
||||||
echo "✅ Found nvm-managed npm"
|
echo "✅ Found nvm-managed npm"
|
||||||
echo "📦 Installing dependencies with nvm..."
|
echo "📦 Installing dependencies with nvm…"
|
||||||
sudo -u "$ORIGINAL_USER" bash -c "
|
sudo -u "$ORIGINAL_USER" bash -c "
|
||||||
export NVM_DIR='$ORIGINAL_HOME/.nvm'
|
export NVM_DIR='$ORIGINAL_HOME/.nvm'
|
||||||
[ -s '\$NVM_DIR/nvm.sh' ] && source '\$NVM_DIR/nvm.sh'
|
[ -s \"\$NVM_DIR/nvm.sh\" ] && source \"\$NVM_DIR/nvm.sh\"
|
||||||
[ -s '$ORIGINAL_HOME/.bashrc' ] && source '$ORIGINAL_HOME/.bashrc'
|
[ -s '$ORIGINAL_HOME/.bashrc' ] && source '$ORIGINAL_HOME/.bashrc'
|
||||||
npm install
|
npm install
|
||||||
"
|
npm run build
|
||||||
echo "📦 Building application with nvm..."
|
"
|
||||||
sudo -u "$ORIGINAL_USER" bash -c "
|
return 0
|
||||||
export NVM_DIR='$ORIGINAL_HOME/.nvm'
|
fi
|
||||||
[ -s '\$NVM_DIR/nvm.sh' ] && source '\$NVM_DIR/nvm.sh'
|
|
||||||
[ -s '$ORIGINAL_HOME/.bashrc' ] && source '$ORIGINAL_HOME/.bashrc'
|
|
||||||
npm run build
|
|
||||||
"
|
|
||||||
return 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "❌ npm not found in system or user environment"
|
# C) nothing found
|
||||||
echo ""
|
cat <<'EOF'
|
||||||
echo "💡 Please install Node.js and npm first:"
|
❌ npm not found in system or user environment
|
||||||
echo " # Option 1: System package manager"
|
|
||||||
echo " sudo apt update && sudo apt install nodejs npm"
|
💡 Please install Node.js and npm first:
|
||||||
echo ""
|
# Option 1 (apt):
|
||||||
echo " # Option 2: NodeSource repository (recommended)"
|
sudo apt update && sudo apt install nodejs npm
|
||||||
echo " curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -"
|
# Option 2 (NodeSource – recommended):
|
||||||
echo " sudo apt-get install -y nodejs"
|
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
|
||||||
echo ""
|
sudo apt-get install -y nodejs
|
||||||
echo " # Option 3: nvm (as user $ORIGINAL_USER)"
|
# Option 3 (nvm – as user):
|
||||||
echo " curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash"
|
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash
|
||||||
echo " source ~/.bashrc"
|
source ~/.bashrc && nvm install 20
|
||||||
echo " nvm install 20"
|
EOF
|
||||||
echo ""
|
return 1
|
||||||
return 1
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Check for existing build or build if needed
|
###############################################################################
|
||||||
|
# 2. Build (if needed) – runs as ORIGINAL_USER so $PATH is intact
|
||||||
|
###############################################################################
|
||||||
if [ ! -d "dist" ] || [ ! "$(ls -A dist 2>/dev/null)" ]; then
|
if [ ! -d "dist" ] || [ ! "$(ls -A dist 2>/dev/null)" ]; then
|
||||||
echo "📦 No dist/ directory found, building..."
|
echo "📦 No dist/ directory found, building…"
|
||||||
if ! find_and_use_npm; then
|
find_and_use_npm || exit 1
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
else
|
else
|
||||||
echo "📦 Found existing dist/ directory"
|
echo "📦 Found existing dist/ directory"
|
||||||
read -p "🤔 Rebuild application? (y/N): " -n 1 -r
|
read -rp "🤔 Rebuild application? (y/N): " REPLY; echo
|
||||||
echo
|
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
||||||
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
find_and_use_npm || { echo "💡 Using existing dist/ due to build failure"; }
|
||||||
if ! find_and_use_npm; then
|
else
|
||||||
echo ""
|
echo "📦 Using existing build"
|
||||||
echo "💡 Using existing dist/ due to build failure"
|
fi
|
||||||
fi
|
|
||||||
else
|
|
||||||
echo "📦 Using existing build"
|
|
||||||
fi
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Verify build succeeded
|
|
||||||
if [ ! -d "dist" ] || [ ! "$(ls -A dist 2>/dev/null)" ]; then
|
if [ ! -d "dist" ] || [ ! "$(ls -A dist 2>/dev/null)" ]; then
|
||||||
echo "❌ Error: Build failed or dist/ is empty"
|
echo "❌ Error: Build failed or dist/ is empty"; exit 1
|
||||||
echo "🔍 Dist contents: $(ls -la dist/ 2>/dev/null || echo 'dist/ not found')"
|
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "✅ Build completed successfully"
|
echo "✅ Build completed successfully"
|
||||||
|
|
||||||
# Create target directories
|
###############################################################################
|
||||||
|
# 3. Prepare target directories
|
||||||
|
###############################################################################
|
||||||
echo "📁 Setting up target directories..."
|
echo "📁 Setting up target directories..."
|
||||||
mkdir -p "$WEBROOT"
|
mkdir -p "$WEBROOT" "$LOG_DIR" "$DATA_DIR" "$UPLOADS_DIR" "$WEBROOT/src/data"
|
||||||
mkdir -p "$LOG_DIR"
|
|
||||||
mkdir -p "$DATA_DIR"
|
|
||||||
mkdir -p "$UPLOADS_DIR"
|
|
||||||
mkdir -p "$WEBROOT/src/data"
|
|
||||||
|
|
||||||
# Copy application files
|
###############################################################################
|
||||||
echo "📋 Copying application files..."
|
# 4. Deploy build files
|
||||||
|
###############################################################################
|
||||||
|
echo "📋 Copying application files…"
|
||||||
cp -r dist/. "$WEBROOT/"
|
cp -r dist/. "$WEBROOT/"
|
||||||
echo "✅ Application files copied ($(du -sh dist | cut -f1))"
|
echo "✅ Application files copied ($(du -sh dist | cut -f1))"
|
||||||
|
|
||||||
# Copy package.json for runtime dependencies
|
|
||||||
echo "📦 Setting up runtime dependencies..."
|
|
||||||
cp package.json "$WEBROOT/"
|
cp package.json "$WEBROOT/"
|
||||||
echo "✅ package.json copied"
|
echo "✅ package.json copied"
|
||||||
|
|
||||||
# Install production dependencies in webroot
|
###############################################################################
|
||||||
echo "📦 Installing runtime dependencies..."
|
# 5. **Runtime dependencies** – temporarily chown to ORIGINAL_USER
|
||||||
cd "$WEBROOT"
|
###############################################################################
|
||||||
if command -v npm &> /dev/null; then
|
echo "📦 Installing runtime dependencies…"
|
||||||
|
|
||||||
|
# Temporary hand-off
|
||||||
|
chown -R "$ORIGINAL_USER":"$ORIGINAL_USER" "$WEBROOT"
|
||||||
|
|
||||||
|
sudo -u "$ORIGINAL_USER" bash -c '
|
||||||
|
set -e
|
||||||
|
cd "'"$WEBROOT"'"
|
||||||
|
if command -v npm &>/dev/null; then
|
||||||
npm install --production
|
npm install --production
|
||||||
echo "✅ Runtime dependencies installed"
|
else
|
||||||
else
|
export NVM_DIR="'$ORIGINAL_HOME'/.nvm"
|
||||||
sudo -u "$ORIGINAL_USER" bash -c "
|
[ -s "$NVM_DIR/nvm.sh" ] && source "$NVM_DIR/nvm.sh"
|
||||||
cd '$WEBROOT'
|
[ -s "'$ORIGINAL_HOME'/.bashrc" ] && source "'$ORIGINAL_HOME'/.bashrc"
|
||||||
export NVM_DIR='$ORIGINAL_HOME/.nvm'
|
npm install --production
|
||||||
[ -s '\$NVM_DIR/nvm.sh' ] && source '\$NVM_DIR/nvm.sh'
|
fi
|
||||||
[ -s '$ORIGINAL_HOME/.bashrc' ] && source '$ORIGINAL_HOME/.bashrc'
|
'
|
||||||
npm install --production
|
echo "✅ Runtime dependencies installed"
|
||||||
"
|
|
||||||
echo "✅ Runtime dependencies installed via nvm"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Return to source directory
|
###############################################################################
|
||||||
cd - > /dev/null
|
# 6. Additional data & content
|
||||||
|
###############################################################################
|
||||||
# Copy essential data files
|
echo "🗂️ Setting up data files…"
|
||||||
echo "🗂️ Setting up data files..."
|
|
||||||
if [ -f "src/data/tools.yaml" ]; then
|
if [ -f "src/data/tools.yaml" ]; then
|
||||||
cp src/data/tools.yaml "$WEBROOT/src/data/"
|
cp src/data/tools.yaml "$WEBROOT/src/data/"
|
||||||
TOOL_COUNT=$(grep -c "^ - name:" "src/data/tools.yaml" || echo "unknown")
|
TOOL_COUNT=$(grep -c "^ - name:" "src/data/tools.yaml" || echo "unknown")
|
||||||
echo "✅ tools.yaml copied ($TOOL_COUNT tools)"
|
echo "✅ tools.yaml copied ($TOOL_COUNT tools)"
|
||||||
else
|
else
|
||||||
echo "❌ Error: src/data/tools.yaml not found"
|
echo "❌ Error: src/data/tools.yaml not found"; exit 1
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Copy knowledgebase content if it exists
|
|
||||||
if [ -d "src/content/knowledgebase" ]; then
|
if [ -d "src/content/knowledgebase" ]; then
|
||||||
mkdir -p "$WEBROOT/src/content"
|
mkdir -p "$WEBROOT/src/content"
|
||||||
cp -r src/content/knowledgebase "$WEBROOT/src/content/"
|
cp -r src/content/knowledgebase "$WEBROOT/src/content/"
|
||||||
KB_COUNT=$(find src/content/knowledgebase -name "*.md" 2>/dev/null | wc -l)
|
KB_COUNT=$(find src/content/knowledgebase -name "*.md" 2>/dev/null | wc -l)
|
||||||
echo "✅ Knowledgebase content copied ($KB_COUNT articles)"
|
echo "✅ Knowledgebase content copied ($KB_COUNT articles)"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Setup environment configuration
|
###############################################################################
|
||||||
echo "🔧 Setting up environment configuration..."
|
# 7. Environment configuration
|
||||||
|
###############################################################################
|
||||||
|
echo "🔧 Setting up environment configuration…"
|
||||||
cp .env.example "$WEBROOT/.env"
|
cp .env.example "$WEBROOT/.env"
|
||||||
echo "✅ Created .env from .env.example template"
|
echo "✅ Created .env from .env.example template"
|
||||||
echo "⚠️ IMPORTANT: Edit $WEBROOT/.env with your configuration"
|
echo "⚠️ IMPORTANT: Edit $WEBROOT/.env with your configuration"
|
||||||
|
|
||||||
# Create log files
|
###############################################################################
|
||||||
echo "📝 Creating log files..."
|
# 8. Logs
|
||||||
touch "$LOG_DIR/access.log"
|
###############################################################################
|
||||||
touch "$LOG_DIR/error.log"
|
echo "📝 Creating log files…"
|
||||||
touch "$LOG_DIR/ai-pipeline.log"
|
touch "$LOG_DIR/access.log" "$LOG_DIR/error.log" "$LOG_DIR/ai-pipeline.log"
|
||||||
|
|
||||||
# Set permissions
|
###############################################################################
|
||||||
echo "🔐 Setting permissions..."
|
# 9. FINAL permissions – hand back to www-data
|
||||||
|
###############################################################################
|
||||||
|
echo "🔐 Setting final permissions…"
|
||||||
chown -R www-data:www-data "$WEBROOT"
|
chown -R www-data:www-data "$WEBROOT"
|
||||||
chmod -R 755 "$WEBROOT"
|
chmod -R 755 "$WEBROOT"
|
||||||
chmod 600 "$WEBROOT/.env"
|
chmod 600 "$WEBROOT/.env"
|
||||||
chmod 755 "$DATA_DIR"
|
chmod 755 "$DATA_DIR" "$UPLOADS_DIR" "$LOG_DIR"
|
||||||
chmod 755 "$UPLOADS_DIR"
|
|
||||||
chmod 755 "$LOG_DIR"
|
|
||||||
chmod 644 "$LOG_DIR"/*.log
|
chmod 644 "$LOG_DIR"/*.log
|
||||||
|
|
||||||
# Make server executable if it exists
|
|
||||||
if [ -f "$WEBROOT/server/entry.mjs" ]; then
|
if [ -f "$WEBROOT/server/entry.mjs" ]; then
|
||||||
chmod 755 "$WEBROOT/server/entry.mjs"
|
chmod 755 "$WEBROOT/server/entry.mjs"
|
||||||
echo "✅ Server entry point permissions set"
|
echo "✅ Server entry point permissions set"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "✅ Permissions configured"
|
echo "✅ Permissions configured"
|
||||||
|
|
||||||
# Final validation
|
###############################################################################
|
||||||
|
# 10. Post-deployment validation
|
||||||
|
###############################################################################
|
||||||
echo ""
|
echo ""
|
||||||
echo "🔍 Post-deployment validation..."
|
echo "🔍 Post-deployment validation…"
|
||||||
VALIDATION_ERRORS=0
|
VALIDATION_ERRORS=0
|
||||||
|
[ -f "$WEBROOT/.env" ] && echo "✅ Environment configuration exists" || { echo "❌ Environment configuration missing"; ((VALIDATION_ERRORS++)); }
|
||||||
if [ -f "$WEBROOT/.env" ]; then
|
[ -f "$WEBROOT/src/data/tools.yaml" ] && echo "✅ Tools database exists" || { echo "❌ Tools database missing"; ((VALIDATION_ERRORS++)); }
|
||||||
echo "✅ Environment configuration exists"
|
{ [ -f "$WEBROOT/index.html" ] || [ -d "$WEBROOT/server" ]; } && \
|
||||||
else
|
echo "✅ Application files deployed" || { echo "❌ Application files missing"; ((VALIDATION_ERRORS++)); }
|
||||||
echo "❌ Environment configuration missing"
|
|
||||||
((VALIDATION_ERRORS++))
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -f "$WEBROOT/src/data/tools.yaml" ]; then
|
|
||||||
echo "✅ Tools database exists"
|
|
||||||
else
|
|
||||||
echo "❌ Tools database missing"
|
|
||||||
((VALIDATION_ERRORS++))
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -f "$WEBROOT/index.html" ] || [ -d "$WEBROOT/server" ]; then
|
|
||||||
echo "✅ Application files deployed"
|
|
||||||
else
|
|
||||||
echo "❌ Application files missing"
|
|
||||||
((VALIDATION_ERRORS++))
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
if [ $VALIDATION_ERRORS -eq 0 ]; then
|
if [ $VALIDATION_ERRORS -eq 0 ]; then
|
||||||
echo "═══════════════════════════════════════════════════════════════"
|
cat <<EOF
|
||||||
echo "✅ Deployment Successful!"
|
═══════════════════════════════════════════════════════════════
|
||||||
echo "═══════════════════════════════════════════════════════════════"
|
✅ Deployment Successful!
|
||||||
echo ""
|
═══════════════════════════════════════════════════════════════
|
||||||
echo "📋 Next Steps:"
|
|
||||||
echo " 1. 🔧 Configure $WEBROOT/.env:"
|
📋 Next Steps:
|
||||||
echo " - Set PUBLIC_BASE_URL to your domain"
|
1. 🔧 Configure $WEBROOT/.env
|
||||||
echo " - Configure AI services (AI_ANALYZER_ENDPOINT, etc.)"
|
• Set PUBLIC_BASE_URL, AI service endpoints, AUTH_SECRET, etc.
|
||||||
echo " - Set AUTH_SECRET to a secure random value"
|
2. 🔄 Restart services:
|
||||||
echo ""
|
sudo systemctl restart forensic-pathways
|
||||||
echo " 2. 🔄 Restart services:"
|
sudo systemctl reload nginx
|
||||||
echo " sudo systemctl restart forensic-pathways"
|
3. 🔍 Monitor:
|
||||||
echo " sudo systemctl reload nginx"
|
sudo systemctl status forensic-pathways
|
||||||
echo ""
|
sudo tail -f $LOG_DIR/error.log
|
||||||
echo " 3. 🔍 Monitor:"
|
|
||||||
echo " sudo systemctl status forensic-pathways"
|
🌐 Application deployed to: $WEBROOT
|
||||||
echo " sudo tail -f $LOG_DIR/error.log"
|
EOF
|
||||||
echo ""
|
|
||||||
echo "🌐 Application deployed to: $WEBROOT"
|
|
||||||
else
|
else
|
||||||
echo "❌ Deployment completed with $VALIDATION_ERRORS errors"
|
echo "❌ Deployment completed with $VALIDATION_ERRORS errors"
|
||||||
echo "📋 Please check the issues above before proceeding"
|
echo "📋 Please check the issues above before proceeding"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user