From babfbc1add68020d01edb824f46fb377740b86c8 Mon Sep 17 00:00:00 2001 From: nearxos Date: Wed, 18 Feb 2026 08:19:25 +0200 Subject: [PATCH] Deploy from Git: clone/pull on server instead of rsync Co-authored-by: Cursor --- deploy/deploy.sh | 71 ++++++++++++++++++++++++------------------------ 1 file changed, 36 insertions(+), 35 deletions(-) diff --git a/deploy/deploy.sh b/deploy/deploy.sh index d91d2af..3d3954f 100755 --- a/deploy/deploy.sh +++ b/deploy/deploy.sh @@ -1,46 +1,47 @@ #!/bin/bash -# Deploy Portal Auth Dashboard to root@10.110.60.210 +# Deploy Portal Auth Dashboard to root@10.110.60.210 from Git +# Repo: http://10.20.30.250:3000/nearxos/portal-auth-dashboard set -e TARGET="root@10.110.60.210" APP_DIR="/opt/portal-auth-dashboard" -SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -PROJECT_DIR="$(dirname "$SCRIPT_DIR")" +# Set GIT_REPO_URL with credentials if clone/pull needs auth, e.g.: +# export GIT_REPO_URL="http://nearxos:YOUR_TOKEN@10.20.30.250:3000/nearxos/portal-auth-dashboard.git" +GIT_REPO_URL="${GIT_REPO_URL:-http://10.20.30.250:3000/nearxos/portal-auth-dashboard.git}" -echo "=== Syncing files to $TARGET:$APP_DIR ===" -ssh "$TARGET" "mkdir -p $APP_DIR" -rsync -av \ - --exclude '.env' \ - --exclude '__pycache__' \ - --exclude '*.pyc' \ - --exclude '.git' \ - --exclude 'venv' \ - "$PROJECT_DIR/app.py" \ - "$PROJECT_DIR/config.py" \ - "$PROJECT_DIR/db.py" \ - "$PROJECT_DIR/auth_helpers.py" \ - "$PROJECT_DIR/requirements.txt" \ - "$PROJECT_DIR/templates/" \ - "$PROJECT_DIR/static/" \ - "$PROJECT_DIR/deploy/" \ - "$TARGET:$APP_DIR/" +echo "=== Deploying from Git: ${GIT_REPO_URL%%@*}@... ===" -echo "=== Setting up Python venv and dependencies ===" -ssh "$TARGET" "cd $APP_DIR && python3 -m venv venv && ./venv/bin/pip install -r requirements.txt" +# Escape single quotes for use inside single-quoted ssh string +GIT_REPO_URL_SAFE=$(echo "$GIT_REPO_URL" | sed "s/'/'\\\\''/g") -echo "=== Ensuring .env exists (skip if already configured) ===" -ssh "$TARGET" "if [ ! -f $APP_DIR/.env ]; then cp $APP_DIR/deploy/.env.server $APP_DIR/.env 2>/dev/null || echo 'DB_AUTH_HOST=127.0.0.1 -DB_AUTH_PORT=5432 -DB_AUTH_NAME=portal_auth -DB_AUTH_USER=portal_user -DB_AUTH_PASSWORD= -SECRET_KEY=change-me' > $APP_DIR/.env; fi" +ssh "$TARGET" "set -e + APP_DIR='$APP_DIR' + GIT_REPO_URL='$GIT_REPO_URL_SAFE' -echo "=== Installing systemd unit ===" -ssh "$TARGET" "cp $APP_DIR/deploy/portal-auth-dashboard.service /etc/systemd/system/ && systemctl daemon-reload && systemctl enable portal-auth-dashboard && systemctl restart portal-auth-dashboard" - -echo "=== Status ===" -ssh "$TARGET" "systemctl status portal-auth-dashboard --no-pager" + if [ ! -d \"\$APP_DIR\" ]; then + echo '=== First-time clone ===' + git clone \"\$GIT_REPO_URL\" \"\$APP_DIR\" + cd \"\$APP_DIR\" + python3 -m venv venv + ./venv/bin/pip install -r requirements.txt + if [ ! -f .env ]; then + [ -f deploy/.env.server ] && cp deploy/.env.server .env || true + grep -q 'REPLACE_WITH' .env 2>/dev/null && echo 'Edit .env on server: DB_AUTH_PASSWORD and SECRET_KEY' || true + fi + cp deploy/portal-auth-dashboard.service /etc/systemd/system/ + systemctl daemon-reload + systemctl enable portal-auth-dashboard + systemctl restart portal-auth-dashboard + else + echo '=== Updating from Git ===' + cd \"\$APP_DIR\" + git fetch origin + git reset --hard origin/main + ./venv/bin/pip install -q -r requirements.txt + systemctl restart portal-auth-dashboard + fi + echo '=== Status ===' + systemctl status portal-auth-dashboard --no-pager" echo "" echo "Done. Dashboard: http://10.110.60.210:5000" -echo "Edit $APP_DIR/.env on the server to set DB_AUTH_PASSWORD and SECRET_KEY, then: systemctl restart portal-auth-dashboard" +echo "To set DB credentials on first deploy: ssh $TARGET 'nano $APP_DIR/.env' then systemctl restart portal-auth-dashboard"