VPS shopify app deploy.md

Got it — your project already contains Dockerfile + docker-compose.yml, and you want a clean step-by-step deployment guide using only the existing files, cloning via SSH, and setting up Nginx + Certbot on Ubuntu 22.04.

Below is the exact sequence of commands you’ll run on a fresh server.

Everything is copy-paste ready.

---

✅ 1) Install Git + SSH + Docker + Docker Compose

sudo apt update && sudo apt upgrade -y
sudo apt install -y git openssh-client ca-certificates curl gnupg lsb-release

Install Docker:

sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg \
 | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg

echo "deb [arch=$(dpkg --print-architecture) \
 signed-by=/etc/apt/keyrings/docker.gpg] \
 https://download.docker.com/linux/ubuntu \
 $(lsb_release -cs) stable" \
 | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin

---

✅ 2) Create SSH key for GitHub and add it

Generate key:

ssh-keygen -t ed25519 -C "your_email@example.com"

Show the key:

cat ~/.ssh/id_ed25519.pub

Copy → paste into GitHub: GitHub → Settings → SSH & GPG Keys → New key

Test GitHub access:

ssh -T git@github.com

---

✅ 3) Create app directory and clone SSH repo

mkdir -p ~/apps/warranty
cd ~/apps/warranty

Clone your app (SSH URL):

git clone git@github.com:YOUR_USERNAME/YOUR_REPO.git .

---

✅ 4) Create your .env file (only step needed)

cat > .env <<'EOF'
SHOPIFY_API_KEY=xxx
SHOPIFY_API_SECRET=yyy
SESSION_SECRET=zzz
HOST=https://warranty.yourdomain.com
NODE_ENV=production
DATABASE_URL=postgresql://warranty:warrantypass@warranty-db:5432/warrantydb
EOF

(Use the database URL format your project expects.)

---

✅ 5) Run your containers using your existing files

docker compose up -d --build

Check logs:

docker logs -f warranty-web

---

🟦 IMPORTANT: Ensure your existing docker-compose.yml exposes web port to localhost only

If your compose already has this:

ports:
  - "4200:3000"

Change it to:

ports:
  - "127.0.0.1:4200:3000"

So the app is not public directly (safer for production).

If the project already exposes correctly → skip.

Restart after change:

docker compose down
docker compose up -d --build

---

✅ 6) Install Nginx

sudo apt install -y nginx
sudo ufw allow 'Nginx Full'
sudo systemctl enable nginx

---

✅ 7) Create Nginx reverse proxy for your domain

Create config:

sudo tee /etc/nginx/sites-available/warranty.conf > /dev/null <<'EOF'
server {
    listen 80;
    server_name warranty.yourdomain.com;

    location / {
        proxy_pass http://127.0.0.1:4200;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}
EOF

Enable:

sudo ln -s /etc/nginx/sites-available/warranty.conf /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

Add DNS record:

warranty.yourdomain.com  → your_server_ip

---

✅ 8) Add HTTPS (Let's Encrypt)

sudo apt install -y certbot python3-certbot-nginx
sudo certbot --nginx -d warranty.yourdomain.com --non-interactive --agree-tos -m you@yourdomain.com

Check:

sudo certbot renew --dry-run

---

🎉 DONE

Your production Shopify app is live at:

https://warranty.yourdomain.com

---

🔁 Deploy another Shopify app later

Repeat:

mkdir -p ~/apps/newapp
cd ~/apps/newapp
git clone git@github.com:your/repo.git .
docker compose up -d --build

Add Nginx file, new port (4201), run Certbot again.