47 lines
1.3 KiB
Markdown
47 lines
1.3 KiB
Markdown
# Deploying mediator
|
|
|
|
Target: Ubuntu 22.04 VPS, nginx in front, app in `/opt/mediator`.
|
|
|
|
The app runs as an unprivileged `mediator` system user, listens only on
|
|
`127.0.0.1:8080`, and nginx proxies the public domain to it. Polls live in
|
|
`/opt/mediator/data/polls.json` — that one file is the whole backup.
|
|
|
|
## One-time setup (on the server)
|
|
|
|
Copy the deploy files over and run the setup script as root:
|
|
|
|
```sh
|
|
scp deploy/mediator.service deploy/mediator.nginx.conf deploy/setup-server.sh himalia:/tmp/
|
|
ssh himalia
|
|
cd /tmp
|
|
sudo ./setup-server.sh <your-ssh-user> <your-domain>
|
|
```
|
|
|
|
The script creates the `mediator` user, installs the systemd unit and nginx
|
|
site, and adds a sudoers rule so your user can `systemctl restart mediator`
|
|
without a password (that keeps deploys to a single password prompt).
|
|
|
|
Then get a certificate:
|
|
|
|
```sh
|
|
sudo certbot --nginx -d <your-domain>
|
|
```
|
|
|
|
## Every deploy (from your machine)
|
|
|
|
```sh
|
|
./deploy/deploy.sh # or: ./deploy/deploy.sh otherhost
|
|
```
|
|
|
|
Cross-compiles a static linux/amd64 binary, streams it to the server over
|
|
one ssh connection (one password prompt), swaps it in atomically, restarts
|
|
the service, and prints `active` on success.
|
|
|
|
## Useful commands on the server
|
|
|
|
```sh
|
|
systemctl status mediator
|
|
journalctl -u mediator -f
|
|
cp /opt/mediator/data/polls.json ~/polls-backup.json # backup
|
|
```
|