33 lines
1.3 KiB
Bash
Executable file
33 lines
1.3 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
# Deploy quinn.api-cache nginx vhost to vps-0.
|
|
# Idempotent: rsyncs the prod.conf into /etc/nginx/sites-available, links it
|
|
# from sites-enabled, nginx -t, reload.
|
|
set -euo pipefail
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
|
REMOTE="${REMOTE_HOST:-quinn-vps}"
|
|
VHOST="api.transquinnftw.com"
|
|
|
|
echo "==> Pushing nginx vhost ${VHOST} to ${REMOTE}..."
|
|
scp -q "${SCRIPT_DIR}/nginx/prod.conf" "${REMOTE}:/etc/nginx/sites-available/${VHOST}"
|
|
|
|
echo "==> Ensuring symlink + cache dir on ${REMOTE}..."
|
|
ssh "$REMOTE" bash -euo pipefail <<ENDSSH
|
|
mkdir -p /var/cache/nginx/quinn-api
|
|
chown -R www-data:www-data /var/cache/nginx/quinn-api
|
|
ln -sf /etc/nginx/sites-available/${VHOST} /etc/nginx/sites-enabled/${VHOST}
|
|
nginx -t
|
|
ENDSSH
|
|
|
|
echo "==> Reloading nginx..."
|
|
ssh "$REMOTE" "systemctl reload nginx"
|
|
|
|
echo "==> Smoke test (TLS cert must exist first — see notes)..."
|
|
ssh "$REMOTE" "curl -sk -o /dev/null -w 'HTTP %{http_code}\n' \
|
|
https://${VHOST}/www/tour/status || echo ' (expected before first deploy of admin-api on black)'"
|
|
|
|
echo "✓ quinn.api-cache deployed to ${REMOTE}"
|
|
echo ""
|
|
echo "Note: this script does not provision the TLS cert for ${VHOST}."
|
|
echo "Run 'certbot --nginx -d ${VHOST}' on ${REMOTE} before the first prod reload"
|
|
echo "if the cert isn't already in /etc/letsencrypt/live/${VHOST}/."
|