#!/bin/bash # GNX-WEB Complete Deployment Script # This script sets up and deploys the entire application set -e # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color # Get script directory SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" BACKEND_DIR="$SCRIPT_DIR/backEnd" FRONTEND_DIR="$SCRIPT_DIR/frontEnd" # Function to generate secure random key generate_secret_key() { python3 -c "import secrets; print(secrets.token_urlsafe($1))" 2>/dev/null || \ openssl rand -base64 $((($1 * 3) / 4)) | tr -d '\n' | head -c $1 } # Function to update .env file with generated keys update_env_file() { local env_file="$1" local secret_key="$2" local api_key="$3" # Update SECRET_KEY if grep -q "^SECRET_KEY=" "$env_file"; then sed -i "s|^SECRET_KEY=.*|SECRET_KEY=$secret_key|" "$env_file" else echo "SECRET_KEY=$secret_key" >> "$env_file" fi # Update INTERNAL_API_KEY if grep -q "^INTERNAL_API_KEY=" "$env_file"; then sed -i "s|^INTERNAL_API_KEY=.*|INTERNAL_API_KEY=$api_key|" "$env_file" else echo "INTERNAL_API_KEY=$api_key" >> "$env_file" fi # Update STATIC_ROOT and MEDIA_ROOT paths sed -i "s|^STATIC_ROOT=.*|STATIC_ROOT=$BACKEND_DIR/staticfiles|" "$env_file" sed -i "s|^MEDIA_ROOT=.*|MEDIA_ROOT=$BACKEND_DIR/media|" "$env_file" } # Function to update nginx config with API key update_nginx_config() { local nginx_config="$1" local api_key="$2" # Escape special characters in API key for sed local escaped_key=$(echo "$api_key" | sed 's/[[\.*^$()+?{|]/\\&/g') # Update API key in both /api/ and /admin/ locations sudo sed -i "s|set \$api_key \".*\";|set \$api_key \"$escaped_key\";|g" "$nginx_config" } echo -e "${BLUE}==========================================" echo "GNX-WEB Deployment Script" echo "==========================================${NC}" echo "" # Check if running as root for system-level operations if [ "$EUID" -ne 0 ]; then echo -e "${YELLOW}Note: Some operations require root privileges${NC}" echo -e "${YELLOW}You may be prompted for sudo password${NC}" echo "" fi # Generate secure keys echo -e "${GREEN}[0/8] Generating secure keys...${NC}" SECRET_KEY=$(generate_secret_key 50) INTERNAL_API_KEY=$(generate_secret_key 32) echo -e "${GREEN}✓ Generated SECRET_KEY${NC}" echo -e "${GREEN}✓ Generated INTERNAL_API_KEY${NC}" echo "" # Step 1: Install PostgreSQL echo -e "${GREEN}[1/8] Installing PostgreSQL...${NC}" if [ -f "$SCRIPT_DIR/install-postgresql.sh" ]; then sudo bash "$SCRIPT_DIR/install-postgresql.sh" else echo -e "${RED}Error: install-postgresql.sh not found${NC}" exit 1 fi # Step 2: Setup Backend echo -e "${GREEN}[2/8] Setting up Backend...${NC}" cd "$BACKEND_DIR" # Create virtual environment if it doesn't exist if [ ! -d "venv" ]; then echo -e "${BLUE}Creating Python virtual environment...${NC}" python3 -m venv venv fi # Activate virtual environment source venv/bin/activate # Install Python dependencies echo -e "${BLUE}Installing Python dependencies...${NC}" pip install --upgrade pip pip install -r requirements.txt # Create .env file if it doesn't exist if [ ! -f ".env" ]; then echo -e "${BLUE}Creating .env file from production.env.example...${NC}" cp production.env.example .env fi # Update .env file with generated keys and paths echo -e "${BLUE}Updating .env file with generated keys...${NC}" update_env_file ".env" "$SECRET_KEY" "$INTERNAL_API_KEY" echo -e "${GREEN}✓ Updated .env file with generated keys${NC}" # Check if critical values still need to be updated if grep -q "your_password_here\|your-email\|your-server-ip" .env; then echo -e "${YELLOW}⚠ Some values in .env still need to be updated:${NC}" echo -e "${YELLOW} - DATABASE_URL (database password)${NC}" echo -e "${YELLOW} - Email settings${NC}" echo -e "${YELLOW} - ALLOWED_HOSTS (server IP/domain)${NC}" echo -e "${YELLOW} - ADMIN_ALLOWED_IPS${NC}" echo "" echo -e "${YELLOW}Press Enter to continue (you can update these later)...${NC}" read fi # Create necessary directories mkdir -p logs media staticfiles # Step 3: Setup Database echo -e "${GREEN}[3/8] Setting up Database...${NC}" echo -e "${YELLOW}Make sure PostgreSQL is running and database is created${NC}" echo -e "${YELLOW}Run these commands if needed:${NC}" echo " sudo -u postgres psql" echo " CREATE DATABASE gnx_db;" echo " CREATE USER gnx_user WITH PASSWORD 'your_password';" echo " GRANT ALL PRIVILEGES ON DATABASE gnx_db TO gnx_user;" echo "" echo -e "${YELLOW}Press Enter to continue after database is ready...${NC}" read # Run migrations echo -e "${BLUE}Running database migrations...${NC}" python manage.py migrate --noinput # Collect static files echo -e "${BLUE}Collecting static files...${NC}" python manage.py collectstatic --noinput # Step 4: Setup Frontend echo -e "${GREEN}[4/8] Setting up Frontend...${NC}" cd "$FRONTEND_DIR" # Install Node.js dependencies if [ ! -d "node_modules" ]; then echo -e "${BLUE}Installing Node.js dependencies...${NC}" npm install fi # Create .env.production if it doesn't exist if [ ! -f ".env.production" ]; then echo -e "${BLUE}Creating .env.production file...${NC}" cat > .env.production << EOF NEXT_PUBLIC_SITE_URL=https://gnxsoft.com NEXT_PUBLIC_API_URL= PORT=1087 NODE_ENV=production NEXT_TELEMETRY_DISABLED=1 EOF echo -e "${GREEN}✓ Created .env.production${NC}" else # Update PORT if it exists but is different if ! grep -q "^PORT=1087" .env.production; then echo -e "${BLUE}Updating PORT in .env.production...${NC}" if grep -q "^PORT=" .env.production; then sed -i "s|^PORT=.*|PORT=1087|" .env.production else echo "PORT=1087" >> .env.production fi echo -e "${GREEN}✓ Updated PORT in .env.production${NC}" fi # Ensure NODE_ENV is set to production if ! grep -q "^NODE_ENV=production" .env.production; then if grep -q "^NODE_ENV=" .env.production; then sed -i "s|^NODE_ENV=.*|NODE_ENV=production|" .env.production else echo "NODE_ENV=production" >> .env.production fi fi fi # Build frontend echo -e "${BLUE}Building frontend for production...${NC}" NODE_ENV=production PORT=1087 npm run build # Step 5: Install PM2 echo -e "${GREEN}[5/8] Installing PM2...${NC}" if ! command -v pm2 &> /dev/null; then echo -e "${BLUE}Installing PM2 globally...${NC}" sudo npm install -g pm2 pm2 startup systemd -u $USER --hp $HOME echo -e "${YELLOW}Please run the command shown above to enable PM2 on boot${NC}" else echo -e "${GREEN}PM2 is already installed${NC}" fi # Step 6: Configure Firewall echo -e "${GREEN}[6/8] Configuring Firewall...${NC}" if command -v ufw &> /dev/null; then echo -e "${BLUE}Configuring UFW firewall...${NC}" sudo ufw allow 80/tcp comment 'HTTP' sudo ufw allow 443/tcp comment 'HTTPS' sudo ufw deny 1086/tcp comment 'Backend - Internal Only' sudo ufw deny 1087/tcp comment 'Frontend - Internal Only' sudo ufw deny 5433/tcp comment 'PostgreSQL - Internal Only' echo -e "${YELLOW}Firewall rules configured. Enable with: sudo ufw enable${NC}" else echo -e "${YELLOW}UFW not found. Please configure firewall manually${NC}" fi # Step 7: Setup Nginx echo -e "${GREEN}[7/8] Setting up Nginx...${NC}" if command -v nginx &> /dev/null; then echo -e "${BLUE}Copying nginx configuration...${NC}" sudo cp "$SCRIPT_DIR/nginx-gnxsoft.conf" /etc/nginx/sites-available/gnxsoft # Update paths in nginx config sudo sed -i "s|/home/gnx/Desktop/GNX-WEB|$SCRIPT_DIR|g" /etc/nginx/sites-available/gnxsoft # Update INTERNAL_API_KEY in nginx config echo -e "${BLUE}Updating nginx configuration with INTERNAL_API_KEY...${NC}" update_nginx_config "/etc/nginx/sites-available/gnxsoft" "$INTERNAL_API_KEY" echo -e "${GREEN}✓ Updated nginx config with INTERNAL_API_KEY${NC}" # Enable site if [ ! -L /etc/nginx/sites-enabled/gnxsoft ]; then sudo ln -s /etc/nginx/sites-available/gnxsoft /etc/nginx/sites-enabled/ fi # Remove default nginx site if it exists if [ -L /etc/nginx/sites-enabled/default ]; then sudo rm /etc/nginx/sites-enabled/default fi # Test nginx configuration echo -e "${BLUE}Testing nginx configuration...${NC}" if sudo nginx -t; then echo -e "${GREEN}✓ Nginx configuration is valid${NC}" else echo -e "${RED}✗ Nginx configuration has errors${NC}" echo -e "${YELLOW}Please check the configuration manually${NC}" fi echo -e "${YELLOW}Nginx configured. Reload with: sudo systemctl reload nginx${NC}" else echo -e "${RED}Nginx not found. Please install nginx first${NC}" fi # Step 8: Start Services echo -e "${GREEN}[8/8] Starting Services...${NC}" if [ -f "$SCRIPT_DIR/start-services.sh" ]; then bash "$SCRIPT_DIR/start-services.sh" else echo -e "${RED}Error: start-services.sh not found${NC}" exit 1 fi echo "" echo -e "${GREEN}==========================================" echo "Deployment Complete!" echo "==========================================${NC}" echo "" echo -e "${BLUE}Generated Keys (saved to backEnd/.env and nginx config):${NC}" echo -e "${GREEN}✓ SECRET_KEY: ${SECRET_KEY:0:20}...${NC}" echo -e "${GREEN}✓ INTERNAL_API_KEY: ${INTERNAL_API_KEY:0:20}...${NC}" echo "" echo -e "${BLUE}Next Steps:${NC}" echo "1. Update backEnd/.env with remaining configuration:" echo " - DATABASE_URL (database credentials)" echo " - Email settings (SMTP configuration)" echo " - ALLOWED_HOSTS (your domain and server IP)" echo " - ADMIN_ALLOWED_IPS (your admin IP address)" echo "2. Create PostgreSQL database and user (if not done)" echo "3. Run: sudo systemctl reload nginx" echo "4. Run: sudo ufw enable (to enable firewall)" echo "5. Check services: pm2 status" echo "6. View logs: pm2 logs" echo "" echo -e "${BLUE}Service URLs:${NC}" echo " Backend: http://127.0.0.1:1086" echo " Frontend: http://127.0.0.1:1087" echo " Public: https://gnxsoft.com (via nginx)" echo "" echo -e "${GREEN}Note: Keys have been automatically generated and configured!${NC}" echo ""