232 lines
8.8 KiB
Bash
Executable File
232 lines
8.8 KiB
Bash
Executable File
#!/bin/bash
|
||
# ForensicPathways Deployment Script – *ownership-aware*
|
||
# Usage: sudo ./deploy.sh
|
||
|
||
set -e
|
||
|
||
WEBROOT="/var/www/forensic-pathways"
|
||
LOG_DIR="$WEBROOT/logs"
|
||
DATA_DIR="$WEBROOT/data"
|
||
UPLOADS_DIR="$WEBROOT/public/uploads"
|
||
|
||
# Get original user who called sudo
|
||
ORIGINAL_USER="${SUDO_USER:-$USER}"
|
||
ORIGINAL_HOME=$(eval echo "~$ORIGINAL_USER")
|
||
|
||
echo "🚀 ForensicPathways Deployment Starting..."
|
||
echo "📅 $(date '+%Y-%m-%d %H:%M:%S')"
|
||
echo "👤 Original user: $ORIGINAL_USER"
|
||
echo "📁 Working directory: $(pwd)"
|
||
echo ""
|
||
|
||
###############################################################################
|
||
# 0. Safety checks
|
||
###############################################################################
|
||
if [ "$EUID" -ne 0 ]; then
|
||
echo "❌ Error: This script must be run as root (use sudo)"; exit 1
|
||
fi
|
||
|
||
if [ ! -f "package.json" ] || [ ! -f "astro.config.mjs" ]; then
|
||
echo "❌ Error: Must run from ForensicPathways project root"
|
||
echo "🔍 Current directory: $(pwd)"; echo "🔍 Files found: $(ls -la)"; exit 1
|
||
fi
|
||
|
||
###############################################################################
|
||
# 1. Helper – build with whichever npm is available for the original user
|
||
###############################################################################
|
||
find_and_use_npm() {
|
||
echo "🔍 Searching for npm installation..."
|
||
|
||
# A) system-wide npm
|
||
if command -v npm &>/dev/null; then
|
||
echo "✅ Found system npm: $(which npm)"
|
||
echo "📦 Installing dependencies…"
|
||
sudo -u "$ORIGINAL_USER" npm install
|
||
echo "📦 Building application…"
|
||
sudo -u "$ORIGINAL_USER" npm run build
|
||
return 0
|
||
fi
|
||
|
||
# B) nvm-managed npm
|
||
echo "🔍 Checking for nvm installation..."
|
||
if sudo -u "$ORIGINAL_USER" bash -c "
|
||
export NVM_DIR='$ORIGINAL_HOME/.nvm'
|
||
[ -s \"\$NVM_DIR/nvm.sh\" ] && source \"\$NVM_DIR/nvm.sh\"
|
||
[ -s '$ORIGINAL_HOME/.bashrc' ] && source '$ORIGINAL_HOME/.bashrc'
|
||
command -v npm &>/dev/null
|
||
"; then
|
||
echo "✅ Found nvm-managed npm"
|
||
echo "📦 Installing dependencies with nvm…"
|
||
sudo -u "$ORIGINAL_USER" bash -c "
|
||
export NVM_DIR='$ORIGINAL_HOME/.nvm'
|
||
[ -s \"\$NVM_DIR/nvm.sh\" ] && source \"\$NVM_DIR/nvm.sh\"
|
||
[ -s '$ORIGINAL_HOME/.bashrc' ] && source '$ORIGINAL_HOME/.bashrc'
|
||
npm install
|
||
npm run build
|
||
"
|
||
return 0
|
||
fi
|
||
|
||
# C) nothing found
|
||
cat <<'EOF'
|
||
❌ npm not found in system or user environment
|
||
|
||
💡 Please install Node.js and npm first:
|
||
# Option 1 (apt):
|
||
sudo apt update && sudo apt install nodejs npm
|
||
# Option 2 (NodeSource – recommended):
|
||
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
|
||
sudo apt-get install -y nodejs
|
||
# Option 3 (nvm – as user):
|
||
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash
|
||
source ~/.bashrc && nvm install 20
|
||
EOF
|
||
return 1
|
||
}
|
||
|
||
###############################################################################
|
||
# 2. Build (if needed) – runs as ORIGINAL_USER so $PATH is intact
|
||
###############################################################################
|
||
if [ ! -d "dist" ] || [ ! "$(ls -A dist 2>/dev/null)" ]; then
|
||
echo "📦 No dist/ directory found, building…"
|
||
find_and_use_npm || exit 1
|
||
else
|
||
echo "📦 Found existing dist/ directory"
|
||
read -rp "🤔 Rebuild application? (y/N): " REPLY; echo
|
||
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
||
find_and_use_npm || { echo "💡 Using existing dist/ due to build failure"; }
|
||
else
|
||
echo "📦 Using existing build"
|
||
fi
|
||
fi
|
||
|
||
if [ ! -d "dist" ] || [ ! "$(ls -A dist 2>/dev/null)" ]; then
|
||
echo "❌ Error: Build failed or dist/ is empty"; exit 1
|
||
fi
|
||
echo "✅ Build completed successfully"
|
||
|
||
###############################################################################
|
||
# 3. Prepare target directories
|
||
###############################################################################
|
||
echo "📁 Setting up target directories..."
|
||
mkdir -p "$WEBROOT" "$LOG_DIR" "$DATA_DIR" "$UPLOADS_DIR" "$WEBROOT/src/data"
|
||
|
||
###############################################################################
|
||
# 4. Deploy build files
|
||
###############################################################################
|
||
echo "📋 Copying application files…"
|
||
cp -r dist/. "$WEBROOT/"
|
||
echo "✅ Application files copied ($(du -sh dist | cut -f1))"
|
||
|
||
cp package.json "$WEBROOT/"
|
||
echo "✅ package.json copied"
|
||
|
||
###############################################################################
|
||
# 5. **Runtime dependencies** – temporarily chown to ORIGINAL_USER
|
||
###############################################################################
|
||
echo "📦 Installing runtime dependencies…"
|
||
|
||
# Temporary hand-off
|
||
chown -R "$ORIGINAL_USER":"$ORIGINAL_USER" "$WEBROOT"
|
||
|
||
sudo -u "$ORIGINAL_USER" bash -c '
|
||
set -e
|
||
cd "'"$WEBROOT"'"
|
||
if command -v npm &>/dev/null; then
|
||
npm install --production
|
||
else
|
||
export NVM_DIR="'$ORIGINAL_HOME'/.nvm"
|
||
[ -s "$NVM_DIR/nvm.sh" ] && source "$NVM_DIR/nvm.sh"
|
||
[ -s "'$ORIGINAL_HOME'/.bashrc" ] && source "'$ORIGINAL_HOME'/.bashrc"
|
||
npm install --production
|
||
fi
|
||
'
|
||
echo "✅ Runtime dependencies installed"
|
||
|
||
###############################################################################
|
||
# 6. Additional data & content
|
||
###############################################################################
|
||
echo "🗂️ Setting up data files…"
|
||
if [ -f "src/data/tools.yaml" ]; then
|
||
cp src/data/tools.yaml "$WEBROOT/src/data/"
|
||
TOOL_COUNT=$(grep -c "^ - name:" "src/data/tools.yaml" || echo "unknown")
|
||
echo "✅ tools.yaml copied ($TOOL_COUNT tools)"
|
||
else
|
||
echo "❌ Error: src/data/tools.yaml not found"; exit 1
|
||
fi
|
||
|
||
if [ -d "src/content/knowledgebase" ]; then
|
||
mkdir -p "$WEBROOT/src/content"
|
||
cp -r src/content/knowledgebase "$WEBROOT/src/content/"
|
||
KB_COUNT=$(find src/content/knowledgebase -name "*.md" 2>/dev/null | wc -l)
|
||
echo "✅ Knowledgebase content copied ($KB_COUNT articles)"
|
||
fi
|
||
|
||
###############################################################################
|
||
# 7. Environment configuration
|
||
###############################################################################
|
||
echo "🔧 Setting up environment configuration…"
|
||
cp .env.example "$WEBROOT/.env"
|
||
echo "✅ Created .env from .env.example template"
|
||
echo "⚠️ IMPORTANT: Edit $WEBROOT/.env with your configuration"
|
||
|
||
###############################################################################
|
||
# 8. Logs
|
||
###############################################################################
|
||
echo "📝 Creating log files…"
|
||
touch "$LOG_DIR/access.log" "$LOG_DIR/error.log" "$LOG_DIR/ai-pipeline.log"
|
||
|
||
###############################################################################
|
||
# 9. FINAL permissions – hand back to www-data
|
||
###############################################################################
|
||
echo "🔐 Setting final permissions…"
|
||
chown -R www-data:www-data "$WEBROOT"
|
||
chmod -R 755 "$WEBROOT"
|
||
chmod 600 "$WEBROOT/.env"
|
||
chmod 755 "$DATA_DIR" "$UPLOADS_DIR" "$LOG_DIR"
|
||
chmod 644 "$LOG_DIR"/*.log
|
||
|
||
if [ -f "$WEBROOT/server/entry.mjs" ]; then
|
||
chmod 755 "$WEBROOT/server/entry.mjs"
|
||
echo "✅ Server entry point permissions set"
|
||
fi
|
||
echo "✅ Permissions configured"
|
||
|
||
###############################################################################
|
||
# 10. Post-deployment validation
|
||
###############################################################################
|
||
echo ""
|
||
echo "🔍 Post-deployment validation…"
|
||
VALIDATION_ERRORS=0
|
||
[ -f "$WEBROOT/.env" ] && echo "✅ Environment configuration exists" || { echo "❌ Environment configuration missing"; ((VALIDATION_ERRORS++)); }
|
||
[ -f "$WEBROOT/src/data/tools.yaml" ] && echo "✅ Tools database exists" || { echo "❌ Tools database missing"; ((VALIDATION_ERRORS++)); }
|
||
{ [ -f "$WEBROOT/index.html" ] || [ -d "$WEBROOT/server" ]; } && \
|
||
echo "✅ Application files deployed" || { echo "❌ Application files missing"; ((VALIDATION_ERRORS++)); }
|
||
|
||
echo ""
|
||
if [ $VALIDATION_ERRORS -eq 0 ]; then
|
||
cat <<EOF
|
||
═══════════════════════════════════════════════════════════════
|
||
✅ Deployment Successful!
|
||
═══════════════════════════════════════════════════════════════
|
||
|
||
📋 Next Steps:
|
||
1. 🔧 Configure $WEBROOT/.env
|
||
• Set PUBLIC_BASE_URL, AI service endpoints, AUTH_SECRET, etc.
|
||
2. 🔄 Restart services:
|
||
sudo systemctl restart forensic-pathways
|
||
sudo systemctl reload nginx
|
||
3. 🔍 Monitor:
|
||
sudo systemctl status forensic-pathways
|
||
sudo tail -f $LOG_DIR/error.log
|
||
|
||
🌐 Application deployed to: $WEBROOT
|
||
EOF
|
||
else
|
||
echo "❌ Deployment completed with $VALIDATION_ERRORS errors"
|
||
echo "📋 Please check the issues above before proceeding"
|
||
fi
|
||
|
||
echo ""
|
||
echo "🎉 Deploy script completed at $(date '+%Y-%m-%d %H:%M:%S')"
|