-# Ignore all
-*
-#**/*
-#**
-# Unignore all with extensions
-#!*.*
-# Unignore all dirs
-# !*/
+/usr
+/bin
--- /dev/null
+.SHELL := /bin/bash
+# .ONESHELL:
+
+VPS_HOST ?= dev.nutra.tk
+VPS_USER ?= gg
+
+.PHONY: stage/nginx
+stage/nginx:
+ @echo "Staging files on $(VPS_HOST)..."
+ ssh $(VPS_USER)@$(VPS_HOST) 'rm -rf ~/nginx-staging && mkdir -p ~/nginx-staging'
+ scp -q -r etc/nginx/conf.d/*.conf $(VPS_USER)@$(VPS_HOST):~/nginx-staging/
+ scp -q scripts/deploy.sh $(VPS_USER)@$(VPS_HOST):~/nginx-staging/
+
+.PHONY: diff/nginx
+diff/nginx:
+ @echo "Checking diff against $(VPS_HOST)..."
+ ssh -t $(VPS_USER)@$(VPS_HOST) "bash ~/nginx-staging/deploy.sh diff"
+
+.PHONY: deploy/nginx
+deploy/nginx:
+ @echo "Deploying checked-in nginx config to $(VPS_HOST)..."
+ ssh -t $(VPS_USER)@$(VPS_HOST) "bash ~/nginx-staging/deploy.sh"
server_name api-dev.nutra.tk api.dev.nutra.tk;
#listen 80;
listen 443 ssl;
+ listen 443 quic;
+ listen [::]:443 quic;
http2 on;
+ http3 on;
+ add_header Alt-Svc 'h3=":443"; ma=86400' always;
# HSTS
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
server_name store.nutra.tk;
#listen 80;
listen 443 ssl;
+ listen 443 quic;
+ listen [::]:443 quic;
http2 on;
+ http3 on;
+ add_header Alt-Svc 'h3=":443"; ma=86400' always;
location / {
proxy_pass http://localhost:8000;
}
server_name store-api.nutra.tk store-admin-8b56411b.nutra.tk;
#listen 80;
listen 443 ssl;
+ listen 443 quic;
+ listen [::]:443 quic;
http2 on;
+ http3 on;
+ add_header Alt-Svc 'h3=":443"; ma=86400' always;
location / {
proxy_pass http://localhost:9000;
}
http3 on;
# Advertise HTTP/3 availability
- add_header Alt-Svc 'h3=":443"; ma=86400';
+ add_header Alt-Svc 'h3=":443"; ma=86400' always;
client_max_body_size 50m;
#ssl_stapling on;
#ssl_stapling_verify on;
-# # React app (base URL)
-# location / {
-# #return 302 https://$host/api$request_uri;
-# root /var/www/app;
-# index index.html;
-# #try_files $uri $uri/ /index.html =404;
-# }
+ # React app (base URL)
+ location / {
+ #return 302 https://$host/api$request_uri;
+ root /var/www/app;
+ index index.html;
+ #try_files $uri $uri/ /index.html =404;
+ }
# # Blog / Sphinx
# location /blog {
# Listen on 443 with matrix / synapse
server {
listen 443 ssl;
+ listen 443 quic;
http2 on;
+ http3 on;
+ add_header Alt-Svc 'h3=":443"; ma=86400' always;
server_name matrix.nutra.tk chat.nutra.tk;
location / {
--- /dev/null
+#!/bin/bash
+set -e
+
+# Staging directory expected to be populated by the caller (Makefile)
+STAGING_DIR=~/nginx-staging
+CONF_DIR=/etc/nginx/conf.d
+
+echo "Detected changes (diff):"
+# Diff existing vs staging. "|| true" prevents exit on diff found.
+sudo diff -u -r --color=always "$CONF_DIR/" "$STAGING_DIR/" || true
+echo ""
+
+if [ "$1" = "diff" ]; then
+ # echo "Diff check complete."
+ # rm -rf "$STAGING_DIR"
+ exit 0
+fi
+
+# Create timestamped backup
+BACKUP_DIR=~/nginx_backup_$(date +%s)
+echo "Creating backup at $BACKUP_DIR..."
+mkdir -p "$BACKUP_DIR"
+
+# Backup existing configs if they exist
+if sudo ls "$CONF_DIR"/*.conf >/dev/null 2>&1; then
+ sudo cp "$CONF_DIR"/*.conf "$BACKUP_DIR/"
+fi
+
+echo "Installing new configurations..."
+sudo mv "$STAGING_DIR"/*.conf "$CONF_DIR/"
+sudo rm -rf "$STAGING_DIR"
+
+echo "Verifying configuration..."
+if sudo nginx -t; then
+ echo "Configuration is valid. Reloading Nginx..."
+ sudo nginx -s reload
+ echo "✓ Deployment successful."
+else
+ echo "✗ Configuration failed validation! Rolling back..."
+ sudo cp "$BACKUP_DIR"/*.conf "$CONF_DIR/"
+ echo "Rollback complete. Verifying rollback..."
+ sudo nginx -t
+ exit 1
+fi
projects / nutratech / vps-root.git / commitdiff