Last active
May 3, 2018 15:11
-
-
Save cnicodeme/6a9638fc5327d7ac285056f01c7e03f9 to your computer and use it in GitHub Desktop.
Deploy a new NGinx serrver with git, Auto deploy, Supervisor+uWSGI
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| read -e -p "Project Name: " project_name | |
| mkdir -p "/var/www/$project_name/project.git" | |
| cd "/var/www/$project_name/project.git" | |
| git init --bare | |
| cd "/var/www/$project_name/" | |
| # Loading the latest changes | |
| read -e -p "Project current repository (http): " project_repository | |
| git clone $project_repository tmp | |
| cd tmp | |
| git push "file:///var/www/$project_name/project.git" master | |
| cd .. | |
| rm -rf tmp | |
| # Cloning the code into place | |
| git clone /var/www/$project_name/project.git www | |
| touch reloaded | |
| cd www | |
| virtualenv --system-site-package ../env | |
| /var/www/$project_name/env/bin/pip install -r requirements.txt | |
| cd .. | |
| echo "#!/bin/bash" > project.git/hooks/post-receive | |
| echo "" >> project.git/hooks/post-receive | |
| echo "unset \$(git rev-parse --local-env-vars)" >> project.git/hooks/post-receive | |
| echo "cd /var/www/$project_name/www/" >> project.git/hooks/post-receive | |
| echo "git pull" >> project.git/hooks/post-receive | |
| echo "" >> project.git/hooks/post-receive | |
| echo "/var/www/$project_name/env/bin/python manage.py db upgrade" >> project.git/hooks/post-receive | |
| echo "" >> project.git/hooks/post-receive | |
| echo "touch /var/www/$project_name/reloaded" >> project.git/hooks/post-receive | |
| chmod +x project.git/hooks/post-receive | |
| chown cx42:cx42 project.git/hooks/post-receive | |
| # Setting UWSGI | |
| mkdir /etc/uwsgi | |
| echo "" > "/etc/uwsgi/${project_name}.conf" | |
| echo "uwsgi:" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " socket: /var/www/$project_name/uwsgi.sock" >> "/etc/uwsgi/${project_name}.conf" | |
| echo "# daemonize: /var/log/${project_name}_uwsgi.log" >> "/etc/uwsgi/${project_name}.conf" | |
| echo "# pidfile: /var/run/${project_name}_uwsgi.pid" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " master: true" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " processes: 2" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " uid: cx42" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " gid: cx42" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " chmod-socket: 666" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " vacuum: true" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " wsgi-file: /var/www/${project_name}/www/wsgi.py" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " callable: app" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " virtualenv: /var/www/${project_name}/env/" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " pythonpath: /var/www/${project_name}/env/lib/python2.7/site-packages" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " pythonpath: /var/www/${project_name}/www/" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " post-buffering: 8192" >> "/etc/uwsgi/${project_name}.conf" | |
| echo " touch-reload: /var/www/${project_name}/reloaded" >> "/etc/uwsgi/${project_name}.conf" | |
| touch "/var/www/$project_name/uwsgi.sock" && chown cx42:cx42 "/var/www/$project_name/uwsgi.sock" | |
| touch "/var/log/${project_name}_uwsgi.log" && chown cx42:cx42 "/var/log/${project_name}_uwsgi.log" | |
| touch "/var/run/${project_name}_uwsgi.pid" && chown cx42:cx42 "/var/run/${project_name}_uwsgi.pid" | |
| # Setting NGINX | |
| read -e -p "Project main URL (ie: sponsored.tech): " project_url | |
| read -e -p "Project sub URL (ie: www.sponsored.tech): " project_sub_url | |
| echo "server {" > "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " listen 80;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " listen [::]:80;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " server_name ${project_sub_url};" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " include /etc/nginx/snippets/letsencrypt.conf;" >> "/etc/nginx/sites-available/$project_name" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " return 301 https://${project_url}\$request_uri;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "}" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "server {" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " listen 80;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " listen [::]:80;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " server_name ${project_url};" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " include /etc/nginx/snippets/letsencrypt.conf;" >> "/etc/nginx/sites-available/$project_name" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " return 301 https://${project_url}\$request_uri;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "}" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "server {" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " listen 443 ssl http2;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " listen [::]:443 ssl http2;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " server_name ${project_sub_url};" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " access_log off;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " error_log /var/log/nginx/${project_name}.error.log;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " return 301 https://${project_url}\$request_uri;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " include /etc/nginx/snippets/ssl.conf;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " ssl on;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " ssl_certificate /etc/letsencrypt/live/${project_url}/fullchain.pem;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " ssl_certificate_key /etc/letsencrypt/live/${project_url}/privkey.pem;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " ssl_trusted_certificate /etc/letsencrypt/live/${project_url}/fullchain.pem;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "}" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "server {" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " listen 443;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " listen [::]:443;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " server_name ${project_url};" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " access_log off;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " error_log /var/log/nginx/${project_name}.error.log;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " client_max_body_size 4m;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " include /etc/nginx/snippets/letsencrypt.conf;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " # enable gzip compression" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " gzip on;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " gzip_min_length 1100;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " gzip_buffers 4 32k;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " gzip_types text/plain application/x-javascript text/xml text/css;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " gzip_vary on;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " # end gzip configuration" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " include /etc/nginx/snippets/ssl.conf;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " ssl on;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " ssl_certificate /etc/letsencrypt/live/${project_url}/fullchain.pem;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " ssl_certificate_key /etc/letsencrypt/live/${project_url}/privkey.pem;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " ssl_trusted_certificate /etc/letsencrypt/live/${project_url}/fullchain.pem;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " location / { try_files \$uri @yourapplication; }" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " location @yourapplication {" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " include uwsgi_params;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " uwsgi_pass unix:/var/www/$project_name/uwsgi.sock;" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo " }" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| echo "}" >> "/etc/nginx/sites-available/$project_name-ssl" | |
| # NON SSL version: | |
| echo "server {" > "/etc/nginx/sites-available/$project_name" | |
| echo " listen 80;" >> "/etc/nginx/sites-available/$project_name" | |
| echo " listen [::]:80;" >> "/etc/nginx/sites-available/$project_name" | |
| echo " server_name ${project_sub_url};" >> "/etc/nginx/sites-available/$project_name" | |
| echo " include /etc/nginx/snippets/letsencrypt.conf;" >> "/etc/nginx/sites-available/$project_name" | |
| echo "" >> "/etc/nginx/sites-available/$project_name" | |
| echo " return 301 http://${project_url}\$request_uri;" >> "/etc/nginx/sites-available/$project_name" | |
| echo "}" >> "/etc/nginx/sites-available/$project_name" | |
| echo "" >> "/etc/nginx/sites-available/$project_name" | |
| echo "server {" >> "/etc/nginx/sites-available/$project_name" | |
| echo " listen 80;" >> "/etc/nginx/sites-available/$project_name" | |
| echo " listen [::]:80;" >> "/etc/nginx/sites-available/$project_name" | |
| echo " server_name ${project_url};" >> "/etc/nginx/sites-available/$project_name" | |
| echo " include /etc/nginx/snippets/letsencrypt.conf;" >> "/etc/nginx/sites-available/$project_name" | |
| echo "" >> "/etc/nginx/sites-available/$project_name" | |
| echo " location / { try_files \$uri @yourapplication; }" >> "/etc/nginx/sites-available/$project_name" | |
| echo " location @yourapplication {" >> "/etc/nginx/sites-available/$project_name" | |
| echo " include uwsgi_params;" >> "/etc/nginx/sites-available/$project_name" | |
| echo " uwsgi_pass unix:/var/www/$project_name/uwsgi.sock;" >> "/etc/nginx/sites-available/$project_name" | |
| echo " }" >> "/etc/nginx/sites-available/$project_name" | |
| echo "}" >> "/etc/nginx/sites-available/$project_name" | |
| echo "" >> "/etc/nginx/sites-available/$project_name" | |
| ln -s /etc/nginx/sites-available/$project_name /etc/nginx/sites-enabled/$project_name.conf | |
| # Now configuring Supervisor | |
| echo "[program:$project_name]" > /etc/supervisor/conf.d/$project_name.conf | |
| echo "user = cx42" >> /etc/supervisor/conf.d/$project_name.conf | |
| echo "command=/usr/local/bin/uwsgi --yml /etc/uwsgi/${project_name}.conf" >> /etc/supervisor/conf.d/$project_name.conf | |
| echo "autostart=true" >> /etc/supervisor/conf.d/$project_name.conf | |
| echo "autorestart=true" >> /etc/supervisor/conf.d/$project_name.conf | |
| echo "stopsignal=QUIT" >> /etc/supervisor/conf.d/$project_name.conf | |
| echo "startsecs=5" >> /etc/supervisor/conf.d/$project_name.conf | |
| chown -R cx42:cx42 /var/www/$project_name | |
| # Starting the services: | |
| service nginx restart | |
| supervisorctl update && supervisorctl reread | |
| echo "" | |
| echo "Done!" | |
| echo "" | |
| echo "What's left:" | |
| echo " * letsencrypt certbot command" | |
| echo " * Restart NGinx" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment