Till Tomczak
8366a9295e
- Add essential system packages and networking tools - Install official Docker CE with proper configuration - Configure backend connection to static IP 192.168.0.105 - Generate secure random AUTH_SECRET during installation - Add environment example file for version control - Improve post-installation information and helpful commands 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
372 lines
12 KiB
Bash
Executable File
372 lines
12 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# MYP Frontend Installation Script for Debian
|
|
# This script installs and configures the MYP frontend reservation platform
|
|
|
|
set -e # Exit immediately if a command exits with non-zero status
|
|
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
|
|
LOG_FILE="$SCRIPT_DIR/frontend-install.log"
|
|
|
|
# Function for logging with timestamps
|
|
log() {
|
|
local timestamp=$(date +"%Y-%m-%d %H:%M:%S")
|
|
echo -e "[$timestamp] $1" | tee -a "$LOG_FILE"
|
|
}
|
|
|
|
# Function to check if a command exists
|
|
command_exists() {
|
|
command -v "$1" >/dev/null 2>&1
|
|
}
|
|
|
|
# Clear log file
|
|
> "$LOG_FILE"
|
|
|
|
log "===== Starting MYP Frontend Installation ====="
|
|
log "Installation directory: $SCRIPT_DIR"
|
|
|
|
# Display system information
|
|
log "System information:"
|
|
uname -a >> "$LOG_FILE" 2>&1
|
|
lsb_release -a >> "$LOG_FILE" 2>&1 || cat /etc/os-release >> "$LOG_FILE" 2>&1
|
|
log "CPU: $(grep "model name" /proc/cpuinfo | head -n1 | cut -d':' -f2 | sed 's/^ *//')"
|
|
log "Memory: $(free -h | grep "Mem:" | awk '{print $2}')"
|
|
log "Disk space: $(df -h / | awk 'NR==2 {print $4}') free on /"
|
|
|
|
# Check for root privileges
|
|
if [ "$EUID" -ne 0 ]; then
|
|
log "ERROR: This script must be run as root"
|
|
exit 1
|
|
fi
|
|
|
|
# System update
|
|
log "Updating system packages..."
|
|
apt update -y >> "$LOG_FILE" 2>&1
|
|
apt upgrade -y >> "$LOG_FILE" 2>&1
|
|
|
|
# Install required packages
|
|
log "Installing essential system packages and network tools..."
|
|
apt install -y curl git wget htop net-tools iptables iputils-ping traceroute nmap tcpdump nftables \
|
|
netcat-openbsd dnsutils whois vim nano rsync zip unzip xz-utils sqlite3 \
|
|
apt-transport-https ca-certificates gnupg lsb-release >> "$LOG_FILE" 2>&1
|
|
|
|
# Install Docker using the official Docker repository
|
|
log "Installing Docker from official repository..."
|
|
if ! command_exists docker; then
|
|
# Remove any old Docker versions
|
|
apt remove -y docker docker-engine docker.io containerd runc >> "$LOG_FILE" 2>&1 || true
|
|
|
|
# Add Docker's official GPG key
|
|
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg >> "$LOG_FILE" 2>&1
|
|
|
|
# Set up the stable repository
|
|
echo \
|
|
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
|
|
https://download.docker.com/linux/debian \
|
|
$(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
|
|
|
|
# Update apt and install Docker
|
|
apt update -y >> "$LOG_FILE" 2>&1
|
|
apt install -y docker-ce docker-ce-cli containerd.io >> "$LOG_FILE" 2>&1
|
|
|
|
# Install Docker Compose
|
|
log "Installing Docker Compose..."
|
|
curl -L "https://github.com/docker/compose/releases/download/v2.20.3/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose >> "$LOG_FILE" 2>&1
|
|
chmod +x /usr/local/bin/docker-compose >> "$LOG_FILE" 2>&1
|
|
ln -sf /usr/local/bin/docker-compose /usr/bin/docker-compose >> "$LOG_FILE" 2>&1
|
|
else
|
|
log "Docker already installed: $(docker --version)"
|
|
log "Docker Compose already installed: $(docker-compose --version)"
|
|
fi
|
|
|
|
# Install Node.js 20.x
|
|
if ! command_exists node || [ $(node -v | cut -d. -f1 | tr -d 'v') -lt 20 ]; then
|
|
log "Installing Node.js 20.x..."
|
|
curl -fsSL https://deb.nodesource.com/setup_20.x | bash - >> "$LOG_FILE" 2>&1
|
|
apt install -y nodejs >> "$LOG_FILE" 2>&1
|
|
log "Node.js $(node -v) installed"
|
|
else
|
|
log "Node.js $(node -v) already installed"
|
|
fi
|
|
|
|
# Install pnpm
|
|
if ! command_exists pnpm; then
|
|
log "Installing pnpm package manager..."
|
|
curl -fsSL https://get.pnpm.io/install.sh | sh - >> "$LOG_FILE" 2>&1
|
|
source ~/.bashrc
|
|
log "pnpm $(pnpm --version) installed"
|
|
else
|
|
log "pnpm $(pnpm --version) already installed"
|
|
fi
|
|
|
|
# Enable and start Docker
|
|
log "Ensuring Docker is running..."
|
|
systemctl enable docker >> "$LOG_FILE" 2>&1
|
|
systemctl start docker >> "$LOG_FILE" 2>&1
|
|
|
|
# Configure Docker for multi-architecture builds
|
|
log "Setting up Docker for multi-architecture builds..."
|
|
if ! docker buildx ls | grep -q "default"; then
|
|
docker buildx create --name mybuilder --use >> "$LOG_FILE" 2>&1
|
|
log "Docker buildx configured"
|
|
else
|
|
log "Docker buildx already configured"
|
|
fi
|
|
|
|
# Make sure we have the docker directory for configuration
|
|
mkdir -p "$SCRIPT_DIR/docker/caddy"
|
|
|
|
# Check if Caddyfile exists
|
|
if [ ! -f "$SCRIPT_DIR/docker/caddy/Caddyfile" ]; then
|
|
log "Creating Caddyfile template..."
|
|
cat > "$SCRIPT_DIR/docker/caddy/Caddyfile" << EOF
|
|
# Caddyfile for MYP Frontend
|
|
# Replace example.com with your actual domain
|
|
|
|
:80 {
|
|
# Automatic HTTPS will be enabled if you use a domain name
|
|
# For local development or internal network, HTTP is fine
|
|
|
|
# Reverse proxy to frontend app
|
|
reverse_proxy frontend:3000
|
|
|
|
# Basic headers for security
|
|
header {
|
|
# Enable HSTS
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
# Enable XSS protection
|
|
X-XSS-Protection "1; mode=block"
|
|
# Prevent content type sniffing
|
|
X-Content-Type-Options "nosniff"
|
|
# Clickjacking protection
|
|
X-Frame-Options "SAMEORIGIN"
|
|
}
|
|
|
|
# Log access
|
|
log {
|
|
output file /var/log/caddy/access.log
|
|
}
|
|
}
|
|
EOF
|
|
log "Caddyfile created. Edit it to configure your domain if needed."
|
|
fi
|
|
|
|
# Create GitHub OAuth credentials file
|
|
if [ ! -d "/srv/myp-env" ]; then
|
|
log "Creating directory for environment variables..."
|
|
mkdir -p /srv/myp-env
|
|
fi
|
|
|
|
if [ ! -f "/srv/myp-env/github.env" ]; then
|
|
log "Creating GitHub OAuth credentials file with static backend URL..."
|
|
cat > /srv/myp-env/github.env << EOF
|
|
# GitHub OAuth Credentials
|
|
# Replace these with your actual GitHub OAuth app credentials
|
|
|
|
AUTH_GITHUB_ID=your_github_client_id
|
|
AUTH_GITHUB_SECRET=your_github_client_secret
|
|
AUTH_SECRET=$(openssl rand -hex 32)
|
|
AUTH_TRUST_HOST=true
|
|
NEXT_PUBLIC_BACKEND_URL=http://192.168.0.105:5000
|
|
|
|
# Add additional environment variables as needed
|
|
EOF
|
|
log "ATTENTION: GitHub OAuth credentials file created with generated AUTH_SECRET"
|
|
log " Backend URL set to http://192.168.0.105:5000"
|
|
log " Please edit /srv/myp-env/github.env with your actual GitHub OAuth app credentials"
|
|
fi
|
|
|
|
# Create a copy of the environment file in the git repository
|
|
log "Creating a copy of the environment file for version control..."
|
|
if [ ! -f "$SCRIPT_DIR/.env.example" ]; then
|
|
cat > "$SCRIPT_DIR/.env.example" << EOF
|
|
# GitHub OAuth Credentials Example
|
|
# This is a template for the required environment variables
|
|
|
|
AUTH_GITHUB_ID=your_github_client_id
|
|
AUTH_GITHUB_SECRET=your_github_client_secret
|
|
AUTH_SECRET=random_string_generated_during_installation
|
|
AUTH_TRUST_HOST=true
|
|
NEXT_PUBLIC_BACKEND_URL=http://192.168.0.105:5000
|
|
|
|
# Add additional environment variables as needed
|
|
EOF
|
|
log "Environment example file created at $SCRIPT_DIR/.env.example"
|
|
fi
|
|
|
|
# Create database directory if it doesn't exist
|
|
log "Setting up database directory..."
|
|
mkdir -p /srv/MYP-DB
|
|
|
|
# Check if we need to run in development or production mode
|
|
read -p "Do you want to set up the frontend in production mode? (y/n): " production_mode
|
|
|
|
if [ "$production_mode" = "y" ] || [ "$production_mode" = "Y" ]; then
|
|
# Production mode - using Docker
|
|
log "Setting up in production mode using Docker..."
|
|
|
|
# Create docker-compose file if it doesn't exist
|
|
if [ ! -f "$SCRIPT_DIR/docker/compose.yml" ]; then
|
|
log "Creating docker-compose.yml file with network configuration..."
|
|
cat > "$SCRIPT_DIR/docker/compose.yml" << EOF
|
|
version: '3.8'
|
|
|
|
services:
|
|
frontend:
|
|
image: myp-rp:latest
|
|
restart: unless-stopped
|
|
environment:
|
|
- NODE_ENV=production
|
|
env_file:
|
|
- /srv/myp-env/github.env
|
|
volumes:
|
|
- /srv/MYP-DB:/app/.next/cache/drizzle
|
|
networks:
|
|
- myp-network
|
|
- backend-network # Network for communicating with backend
|
|
|
|
caddy:
|
|
image: caddy:2.8
|
|
restart: unless-stopped
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- ./caddy/Caddyfile:/etc/caddy/Caddyfile
|
|
- caddy_data:/data
|
|
- caddy_config:/config
|
|
networks:
|
|
- myp-network
|
|
depends_on:
|
|
- frontend
|
|
|
|
networks:
|
|
myp-network:
|
|
driver: bridge
|
|
backend-network: # Network for connecting to the backend at 192.168.0.105
|
|
driver: bridge
|
|
ipam:
|
|
config:
|
|
- subnet: 192.168.0.0/24
|
|
gateway: 192.168.0.1
|
|
|
|
volumes:
|
|
caddy_data:
|
|
caddy_config:
|
|
EOF
|
|
log "docker-compose.yml created with backend network configuration"
|
|
fi
|
|
|
|
# Build Docker image
|
|
log "Building Docker image (this may take a while)..."
|
|
cd "$SCRIPT_DIR/docker"
|
|
|
|
if [ -f "build.sh" ]; then
|
|
bash build.sh >> "$LOG_FILE" 2>&1
|
|
log "Docker image built successfully"
|
|
else
|
|
log "Building Docker image manually..."
|
|
cd "$SCRIPT_DIR"
|
|
docker build -t myp-rp:latest . >> "$LOG_FILE" 2>&1
|
|
log "Docker image built"
|
|
fi
|
|
|
|
# Start the application
|
|
log "Starting the application using Docker Compose..."
|
|
cd "$SCRIPT_DIR/docker"
|
|
docker-compose -f compose.yml up -d
|
|
|
|
log "Frontend installed and running in production mode!"
|
|
log "The application should be accessible at http://localhost"
|
|
log "Check logs with: docker-compose -f $SCRIPT_DIR/docker/compose.yml logs -f"
|
|
|
|
else
|
|
# Development mode
|
|
log "Setting up in development mode..."
|
|
|
|
# Install dependencies
|
|
log "Installing project dependencies with pnpm..."
|
|
cd "$SCRIPT_DIR"
|
|
# Source pnpm if needed
|
|
source ~/.bashrc
|
|
export PATH="$HOME/.local/share/pnpm:$PATH"
|
|
|
|
pnpm install >> "$LOG_FILE" 2>&1
|
|
log "Dependencies installed"
|
|
|
|
# Create .env.local file for development
|
|
if [ ! -f "$SCRIPT_DIR/.env.local" ]; then
|
|
log "Creating development environment file with static backend URL..."
|
|
cat > "$SCRIPT_DIR/.env.local" << EOF
|
|
# Development Environment Variables
|
|
|
|
# GitHub OAuth
|
|
AUTH_GITHUB_ID=your_github_client_id
|
|
AUTH_GITHUB_SECRET=your_github_client_secret
|
|
AUTH_SECRET=$(openssl rand -hex 32)
|
|
AUTH_TRUST_HOST=true
|
|
|
|
# Backend URL - Static IP for backend
|
|
NEXT_PUBLIC_BACKEND_URL=http://192.168.0.105:5000
|
|
EOF
|
|
log "ATTENTION: Development environment file created with generated AUTH_SECRET"
|
|
log " Backend URL set to http://192.168.0.105:5000"
|
|
log " Please edit $SCRIPT_DIR/.env.local with your actual GitHub OAuth credentials"
|
|
fi
|
|
|
|
# Create systemd service for development mode
|
|
log "Creating systemd service for development mode..."
|
|
cat > /etc/systemd/system/myp-frontend-dev.service << EOF
|
|
[Unit]
|
|
Description=MYP Frontend Development Service
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=$SUDO_USER
|
|
WorkingDirectory=$SCRIPT_DIR
|
|
ExecStart=$(which pnpm) dev
|
|
Restart=always
|
|
RestartSec=10
|
|
Environment=PATH=/usr/bin:/usr/local/bin:$HOME/.local/share/pnpm
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
# Reload systemd and enable the service
|
|
systemctl daemon-reload
|
|
systemctl enable myp-frontend-dev.service
|
|
|
|
log "Installation complete!"
|
|
log ""
|
|
log "To start the frontend development service, run: systemctl start myp-frontend-dev"
|
|
log "To check service status, run: systemctl status myp-frontend-dev"
|
|
log "To view logs, run: journalctl -u myp-frontend-dev -f"
|
|
log ""
|
|
log "For manual development startup, run: cd $SCRIPT_DIR && pnpm dev"
|
|
log ""
|
|
log "The application should be accessible at http://localhost:3000 when running"
|
|
fi
|
|
|
|
log "For issues, check the log file at: $LOG_FILE"
|
|
# Add helpful commands for post-installation management
|
|
log "===== Post-Installation Information ====="
|
|
log "Here are some helpful commands for managing your installation:"
|
|
log ""
|
|
log "System management:"
|
|
log " - Check system status: htop, free -h, df -h"
|
|
log " - Network status: ip a, netstat -tulpn, ss -tulpn"
|
|
log " - View logs: tail -f /var/log/syslog, journalctl -f"
|
|
log ""
|
|
log "Docker management:"
|
|
log " - List containers: docker ps -a"
|
|
log " - Container logs: docker logs <container_id>"
|
|
log " - Stop containers: docker-compose -f $SCRIPT_DIR/docker/compose.yml down"
|
|
log " - Start containers: docker-compose -f $SCRIPT_DIR/docker/compose.yml up -d"
|
|
log " - Restart containers: docker-compose -f $SCRIPT_DIR/docker/compose.yml restart"
|
|
log ""
|
|
log "Backend connection:"
|
|
log " - Test backend connection: curl -I http://192.168.0.105:5000/api/test"
|
|
log " - Check backend accessibility: ping 192.168.0.105"
|
|
log ""
|
|
log "Installation Complete! 🎉" |