Created
December 17, 2024 20:31
-
-
Save adgedenkers/1f2e098055aa64ebbff398e00c3a67a0 to your computer and use it in GitHub Desktop.
Bash script to remove and setup nginx, and then configure two sites - one FastAPI app, and one Streamlit app, on different sub-domains of denkers.co
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# File: ~/src/setup_nginx_and_services.sh | |
set -e # Exit immediately if a command exits with a non-zero status | |
# Variables | |
DOMAIN_DASHBOARD="dashboard.denkers.co" | |
DOMAIN_API="api.denkers.co" | |
NGINX_CONF="/etc/nginx/sites-available/denkers.co" | |
SYSTEMD_DIR="/etc/systemd/system" | |
STREAMLIT_WORKDIR="/home/ubuntu/src/dashboard" | |
FASTAPI_WORKDIR="/home/ubuntu/src/queue" | |
EMAIL="[email protected]" | |
echo "==========================================" | |
echo " 1️⃣ Removing old Nginx and cleaning up" | |
echo "==========================================" | |
# Remove Nginx and Certbot | |
sudo apt-get purge -y nginx nginx-common || true | |
sudo apt-get autoremove -y | |
sudo rm -rf /etc/nginx /etc/letsencrypt /var/log/nginx | |
sudo systemctl stop nginx || true | |
echo "==========================================" | |
echo " 2️⃣ Reinstalling Nginx and Certbot" | |
echo "==========================================" | |
# Reinstall Nginx, Certbot, and dependencies | |
sudo apt-get update | |
sudo apt-get install -y nginx certbot python3-certbot-nginx python3-pip | |
echo "==========================================" | |
echo " 3️⃣ Setting up directory structure" | |
echo "==========================================" | |
# Create directories for Streamlit and FastAPI apps | |
sudo mkdir -p $STREAMLIT_WORKDIR | |
sudo mkdir -p $FASTAPI_WORKDIR | |
# Create directories for self-signed certificates | |
sudo mkdir -p /etc/ssl/certs /etc/ssl/private | |
echo "==========================================" | |
echo " 4️⃣ Generating self-signed SSL certificates" | |
echo "==========================================" | |
# Generate self-signed SSL certificates for dashboard and api | |
sudo openssl req -x509 -newkey rsa:4096 -days 365 -nodes \ | |
-keyout /etc/ssl/private/selfsigned.key \ | |
-out /etc/ssl/certs/selfsigned.crt \ | |
-subj "/CN=localhost" | |
echo "==========================================" | |
echo " 5️⃣ Writing Nginx configuration" | |
echo "==========================================" | |
# Write the Nginx configuration file | |
sudo tee /etc/nginx/sites-available/denkers.co > /dev/null <<EOL | |
server { | |
listen 80; | |
server_name dashboard.denkers.co api.denkers.co; | |
return 301 https://\$host\$request_uri; | |
} | |
server { | |
listen 443 ssl; | |
server_name $DOMAIN_DASHBOARD; | |
ssl_certificate /etc/ssl/certs/selfsigned.crt; | |
ssl_certificate_key /etc/ssl/private/selfsigned.key; | |
location / { | |
proxy_pass http://127.0.0.1:8501; | |
} | |
client_max_body_size 10M; | |
} | |
server { | |
listen 443 ssl; | |
server_name $DOMAIN_API; | |
ssl_certificate /etc/ssl/certs/selfsigned.crt; | |
ssl_certificate_key /etc/ssl/private/selfsigned.key; | |
location / { | |
proxy_pass http://127.0.0.1:8000; | |
} | |
client_max_body_size 50M; | |
} | |
EOL | |
echo "==========================================" | |
echo " 6️⃣ Enabling Nginx configuration" | |
echo "==========================================" | |
# Create symbolic link to enable the configuration | |
if [ ! -f /etc/nginx/sites-enabled/denkers.co ]; then | |
sudo ln -s /etc/nginx/sites-available/denkers.co /etc/nginx/sites-enabled/ | |
fi | |
# Test Nginx configuration | |
sudo nginx -t | |
# Restart Nginx | |
sudo systemctl restart nginx | |
echo "==========================================" | |
echo " 7️⃣ Obtaining real SSL certificates with Certbot" | |
echo "==========================================" | |
# Obtain real SSL certificates | |
sudo certbot --nginx -d $DOMAIN_DASHBOARD -d $DOMAIN_API --non-interactive --agree-tos -m $EMAIL | |
echo "==========================================" | |
echo " 8️⃣ Reloading Nginx with real certificates" | |
echo "==========================================" | |
# Restart Nginx to use the new certificates | |
sudo systemctl reload nginx | |
echo "==========================================" | |
echo " 9️⃣ Writing systemd services for Streamlit and FastAPI" | |
echo "==========================================" | |
# Write systemd service for Streamlit | |
sudo tee $SYSTEMD_DIR/streamlit.service > /dev/null <<EOL | |
[Unit] | |
Description=Streamlit Application | |
After=network.target | |
[Service] | |
User=ubuntu | |
WorkingDirectory=$STREAMLIT_WORKDIR | |
ExecStart=/usr/bin/streamlit run main.py --server.port 8501 | |
Restart=always | |
[Install] | |
WantedBy=multi-user.target | |
EOL | |
# Write systemd service for FastAPI | |
sudo tee $SYSTEMD_DIR/fastapi.service > /dev/null <<EOL | |
[Unit] | |
Description=FastAPI Application | |
After=network.target | |
[Service] | |
User=ubuntu | |
WorkingDirectory=$FASTAPI_WORKDIR | |
ExecStart=/usr/bin/uvicorn main:app --host 0.0.0.0 --port 8000 --reload | |
Restart=always | |
[Install] | |
WantedBy=multi-user.target | |
EOL | |
echo "==========================================" | |
echo " 🔄 Reloading systemd and enabling services" | |
echo "==========================================" | |
# Reload systemd and enable the services | |
sudo systemctl daemon-reload | |
sudo systemctl enable streamlit.service | |
sudo systemctl enable fastapi.service | |
# Start services | |
sudo systemctl start streamlit.service | |
sudo systemctl start fastapi.service | |
echo "==========================================" | |
echo " 🎉 Setup Complete!" | |
echo "==========================================" | |
echo "Streamlit is live at https://$DOMAIN_DASHBOARD" | |
echo "FastAPI is live at https://$DOMAIN_API" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment