Skip to content

Instantly share code, notes, and snippets.

@adgedenkers
Created December 17, 2024 20:31
Show Gist options
  • Save adgedenkers/1f2e098055aa64ebbff398e00c3a67a0 to your computer and use it in GitHub Desktop.
Save adgedenkers/1f2e098055aa64ebbff398e00c3a67a0 to your computer and use it in GitHub Desktop.
Bash script to remove and setup nginx, and then configure two sites - one FastAPI app, and one Streamlit app, on different sub-domains of denkers.co
#!/bin/bash
# File: ~/src/setup_nginx_and_services.sh
set -e # Exit immediately if a command exits with a non-zero status
# Variables
DOMAIN_DASHBOARD="dashboard.denkers.co"
DOMAIN_API="api.denkers.co"
NGINX_CONF="/etc/nginx/sites-available/denkers.co"
SYSTEMD_DIR="/etc/systemd/system"
STREAMLIT_WORKDIR="/home/ubuntu/src/dashboard"
FASTAPI_WORKDIR="/home/ubuntu/src/queue"
EMAIL="[email protected]"
echo "=========================================="
echo " 1️⃣ Removing old Nginx and cleaning up"
echo "=========================================="
# Remove Nginx and Certbot
sudo apt-get purge -y nginx nginx-common || true
sudo apt-get autoremove -y
sudo rm -rf /etc/nginx /etc/letsencrypt /var/log/nginx
sudo systemctl stop nginx || true
echo "=========================================="
echo " 2️⃣ Reinstalling Nginx and Certbot"
echo "=========================================="
# Reinstall Nginx, Certbot, and dependencies
sudo apt-get update
sudo apt-get install -y nginx certbot python3-certbot-nginx python3-pip
echo "=========================================="
echo " 3️⃣ Setting up directory structure"
echo "=========================================="
# Create directories for Streamlit and FastAPI apps
sudo mkdir -p $STREAMLIT_WORKDIR
sudo mkdir -p $FASTAPI_WORKDIR
# Create directories for self-signed certificates
sudo mkdir -p /etc/ssl/certs /etc/ssl/private
echo "=========================================="
echo " 4️⃣ Generating self-signed SSL certificates"
echo "=========================================="
# Generate self-signed SSL certificates for dashboard and api
sudo openssl req -x509 -newkey rsa:4096 -days 365 -nodes \
-keyout /etc/ssl/private/selfsigned.key \
-out /etc/ssl/certs/selfsigned.crt \
-subj "/CN=localhost"
echo "=========================================="
echo " 5️⃣ Writing Nginx configuration"
echo "=========================================="
# Write the Nginx configuration file
sudo tee /etc/nginx/sites-available/denkers.co > /dev/null <<EOL
server {
listen 80;
server_name dashboard.denkers.co api.denkers.co;
return 301 https://\$host\$request_uri;
}
server {
listen 443 ssl;
server_name $DOMAIN_DASHBOARD;
ssl_certificate /etc/ssl/certs/selfsigned.crt;
ssl_certificate_key /etc/ssl/private/selfsigned.key;
location / {
proxy_pass http://127.0.0.1:8501;
}
client_max_body_size 10M;
}
server {
listen 443 ssl;
server_name $DOMAIN_API;
ssl_certificate /etc/ssl/certs/selfsigned.crt;
ssl_certificate_key /etc/ssl/private/selfsigned.key;
location / {
proxy_pass http://127.0.0.1:8000;
}
client_max_body_size 50M;
}
EOL
echo "=========================================="
echo " 6️⃣ Enabling Nginx configuration"
echo "=========================================="
# Create symbolic link to enable the configuration
if [ ! -f /etc/nginx/sites-enabled/denkers.co ]; then
sudo ln -s /etc/nginx/sites-available/denkers.co /etc/nginx/sites-enabled/
fi
# Test Nginx configuration
sudo nginx -t
# Restart Nginx
sudo systemctl restart nginx
echo "=========================================="
echo " 7️⃣ Obtaining real SSL certificates with Certbot"
echo "=========================================="
# Obtain real SSL certificates
sudo certbot --nginx -d $DOMAIN_DASHBOARD -d $DOMAIN_API --non-interactive --agree-tos -m $EMAIL
echo "=========================================="
echo " 8️⃣ Reloading Nginx with real certificates"
echo "=========================================="
# Restart Nginx to use the new certificates
sudo systemctl reload nginx
echo "=========================================="
echo " 9️⃣ Writing systemd services for Streamlit and FastAPI"
echo "=========================================="
# Write systemd service for Streamlit
sudo tee $SYSTEMD_DIR/streamlit.service > /dev/null <<EOL
[Unit]
Description=Streamlit Application
After=network.target
[Service]
User=ubuntu
WorkingDirectory=$STREAMLIT_WORKDIR
ExecStart=/usr/bin/streamlit run main.py --server.port 8501
Restart=always
[Install]
WantedBy=multi-user.target
EOL
# Write systemd service for FastAPI
sudo tee $SYSTEMD_DIR/fastapi.service > /dev/null <<EOL
[Unit]
Description=FastAPI Application
After=network.target
[Service]
User=ubuntu
WorkingDirectory=$FASTAPI_WORKDIR
ExecStart=/usr/bin/uvicorn main:app --host 0.0.0.0 --port 8000 --reload
Restart=always
[Install]
WantedBy=multi-user.target
EOL
echo "=========================================="
echo " 🔄 Reloading systemd and enabling services"
echo "=========================================="
# Reload systemd and enable the services
sudo systemctl daemon-reload
sudo systemctl enable streamlit.service
sudo systemctl enable fastapi.service
# Start services
sudo systemctl start streamlit.service
sudo systemctl start fastapi.service
echo "=========================================="
echo " 🎉 Setup Complete!"
echo "=========================================="
echo "Streamlit is live at https://$DOMAIN_DASHBOARD"
echo "FastAPI is live at https://$DOMAIN_API"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment