signal-works/ice
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions
ice/scripts/deploy.sh
Claude Code 8f7c805cd9 Update deployment script to use /opt/icewatch directory 
- Change app directory from /opt/great-lakes-ice-report to /opt/icewatch
- Update system user from great-lakes-ice-report to icewatch
- Update service file name to icewatch.service
- Update all paths and references throughout the script

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-06 17:40:34 -04:00

164 lines
5 KiB
Bash
Raw Blame History

#!/bin/bash
# Great Lakes Ice Report Deployment Script for Debian 12 (ARM64/x86_64)
# Supports both ARM64 and x86_64 architectures
set -e
echo "🚀 Starting Great Lakes Ice Report deployment..."
# Detect architecture
ARCH=$(uname -m)
echo "🔍 Raw architecture from uname -m: $ARCH"
# Also check dpkg architecture as fallback
DPKG_ARCH=$(dpkg --print-architecture 2>/dev/null || echo "unknown")
echo "🔍 dpkg architecture: $DPKG_ARCH"
case $ARCH in
x86_64|amd64)
GO_ARCH="amd64"
echo "📋 Detected x86_64 architecture"
;;
aarch64|arm64)
GO_ARCH="arm64"
echo "📋 Detected ARM64 architecture"
;;
armv7l|armhf)
echo "❌ Detected 32-bit ARM architecture"
echo "This script requires 64-bit architecture (x86_64 or ARM64)."
exit 1
;;
*)
echo "❌ Unsupported architecture: $ARCH"
echo "This script supports x86_64 and ARM64 only."
exit 1
;;
esac
# Update system
echo "📦 Updating system packages..."
sudo apt update && sudo apt upgrade -y
# Install Node.js (ARM64 compatible)
echo "📦 Installing Node.js..."
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt install -y nodejs build-essential
# Install Go (required for xcaddy)
echo "📦 Installing Go for $GO_ARCH architecture..."
GO_VERSION="1.21.5"
GO_TARBALL="go${GO_VERSION}.linux-${GO_ARCH}.tar.gz"
wget -q "https://go.dev/dl/${GO_TARBALL}"
sudo rm -rf /usr/local/go
sudo tar -C /usr/local -xzf "${GO_TARBALL}"
export PATH=$PATH:/usr/local/go/bin
echo 'export PATH=$PATH:/usr/local/go/bin' >> ~/.bashrc
# Install xcaddy to build Caddy with plugins
echo "📦 Installing xcaddy..."
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
export PATH=$PATH:$(go env GOPATH)/bin
# Build Caddy with rate limiting plugin
echo "🔧 Building Caddy with rate limiting plugin..."
xcaddy build --with github.com/mholt/caddy-ratelimit
# Install the custom Caddy binary
echo "📦 Installing custom Caddy..."
sudo mv caddy /usr/local/bin/caddy
sudo chmod +x /usr/local/bin/caddy
# Create Caddy user and directories
sudo groupadd --system caddy
sudo useradd --system --gid caddy --create-home --home-dir /var/lib/caddy --shell /usr/sbin/nologin caddy
sudo mkdir -p /etc/caddy /var/log/caddy
sudo chown -R caddy:caddy /var/log/caddy
# Create systemd service for custom Caddy
echo "⚙️ Creating Caddy systemd service..."
sudo tee /etc/systemd/system/caddy.service > /dev/null <<EOF
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/local/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/local/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=1048576
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
EOF
# Clean up Go archive
rm -f "${GO_TARBALL}"
echo "✅ Caddy with rate limiting plugin installed successfully!"
# Create app directory
echo "📁 Setting up app directory..."
sudo mkdir -p /opt/icewatch
sudo chown $USER:$USER /opt/icewatch
# Navigate to app directory
cd /opt/icewatch
# Create icewatch user for security
echo "👤 Creating icewatch user..."
sudo useradd --system --shell /bin/false --home /opt/icewatch --create-home icewatch
# Download additional configuration files from S3
echo "📥 Downloading configuration files..."
S3_BASE_URL="https://greatlakes-conditions.s3.amazonaws.com/scripts"
# Download systemd service file
echo "📥 Downloading systemd service..."
curl -sSL "$S3_BASE_URL/icewatch.service" | sudo tee /etc/systemd/system/icewatch.service > /dev/null
# Download Caddyfile template
echo "📥 Downloading Caddy configuration..."
curl -sSL "$S3_BASE_URL/Caddyfile" | sudo tee /etc/caddy/Caddyfile.template > /dev/null
echo "✅ Server setup complete!"
echo ""
echo "🚀 Next steps to deploy Great Lakes Ice Report:"
echo ""
echo "1. Clone your repository:"
echo " git clone git@git.deco.sh:deco/ice.git /opt/icewatch"
echo ""
echo "2. Set up the application:"
echo " cd /opt/icewatch"
echo " npm install"
echo " cp .env.example .env"
echo " nano .env # Add your MapBox token and admin password"
echo ""
echo "3. Configure domain in Caddyfile:"
echo " sudo nano /etc/caddy/Caddyfile.template"
echo " # Replace 'yourdomain.com' with your actual domain"
echo " sudo mv /etc/caddy/Caddyfile.template /etc/caddy/Caddyfile"
echo ""
echo "4. Set permissions:"
echo " sudo chown -R icewatch:icewatch /opt/icewatch"
echo " sudo chmod 660 /opt/icewatch/.env"
echo ""
echo "5. Start services:"
echo " sudo systemctl daemon-reload"
echo " sudo systemctl enable icewatch caddy"
echo " sudo systemctl start icewatch caddy"
echo ""
echo "6. Check status:"
echo " sudo systemctl status icewatch"
echo " sudo systemctl status caddy"
echo ""
echo "🌐 Your Great Lakes Ice Report app will be available at: https://ice.puremichigan.lol"
Reference in a new issue View git blame Copy permalink