RogueWave
d159ad5196
- apps/web: redesigned landing (Hero/Scanner/HowItWorks/Features/Footer), honest live-vs-coming-soon badges, same-origin /api/scan, ember theme. - ecosystem.config.cjs: runnable — pyre-api/worker via `node --import tsx`, pyre-web via `next start`, fork mode, env wired. pm2 web+api verified online (api /health 200, scan 200, web 200). - infra/nginx/feedthepyre.com.conf: app at / (proxy :3000), API at /api (proxy :4000, prefix preserved), dev tracker at /status (static). - scripts/deploy-web.sh: sudo cutover (install vhost, nginx -t, reload, certbot --nginx --keep-until-expiring). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
46 lines
1.7 KiB
Bash
Executable File
46 lines
1.7 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# =============================================================================
|
|
# Cut nginx over to serve the PYRE app at / (and the dev tracker at /status).
|
|
# =============================================================================
|
|
# Prereqs: the app is built + running under pm2 (pyre-web:3000, pyre-api:4000),
|
|
# and Phase 0 provisioning already obtained a TLS cert for feedthepyre.com.
|
|
#
|
|
# Run as root: sudo bash scripts/deploy-web.sh
|
|
# Idempotent + re-runnable.
|
|
# =============================================================================
|
|
set -euo pipefail
|
|
|
|
DOMAIN="feedthepyre.com"
|
|
WWW_DOMAIN="www.feedthepyre.com"
|
|
REPO_DIR="/home/pyre/pyre"
|
|
CERTBOT_EMAIL="${CERTBOT_EMAIL:-a31s15.roguewave@gmail.com}"
|
|
VHOST_SRC="${REPO_DIR}/infra/nginx/${DOMAIN}.conf"
|
|
VHOST_AVAIL="/etc/nginx/sites-available/${DOMAIN}"
|
|
VHOST_ENABLED="/etc/nginx/sites-enabled/${DOMAIN}"
|
|
|
|
if [[ "${EUID}" -ne 0 ]]; then
|
|
echo "Must run as root: sudo bash ${0}" >&2
|
|
exit 1
|
|
fi
|
|
|
|
echo "==> Installing nginx vhost (app at / , tracker at /status , api at /api)"
|
|
install -m 0644 "${VHOST_SRC}" "${VHOST_AVAIL}"
|
|
ln -sfn "${VHOST_AVAIL}" "${VHOST_ENABLED}"
|
|
|
|
echo "==> nginx -t"
|
|
nginx -t
|
|
systemctl reload nginx
|
|
|
|
echo "==> Re-applying TLS (certbot mirrors the server to a 443 block; idempotent)"
|
|
certbot --nginx -d "${DOMAIN}" -d "${WWW_DOMAIN}" \
|
|
--non-interactive --agree-tos -m "${CERTBOT_EMAIL}" \
|
|
--redirect --keep-until-expiring || {
|
|
echo "[WARN] certbot did not complete; HTTP is live, re-run once DNS/cert is ready." >&2
|
|
}
|
|
systemctl reload nginx
|
|
|
|
echo "Done."
|
|
echo " https://${DOMAIN}/ -> PYRE app (pm2 pyre-web:3000)"
|
|
echo " https://${DOMAIN}/api/scan -> API (pm2 pyre-api:4000)"
|
|
echo " https://${DOMAIN}/status/ -> dev status tracker (static)"
|