From: Shane Date: Sun, 11 Jan 2026 00:32:53 +0000 (+0000) Subject: more config edits :] X-Git-Url: https://git.nutra.tk/v2?a=commitdiff_plain;h=3f5328d1b451ec0893d187b5971e935aa1540ca3;p=nutratech%2Fvps-root.git more config edits :] --- diff --git a/.env b/.env index 64ff8ba..cc0a371 100644 --- a/.env +++ b/.env @@ -1,2 +1,4 @@ VPS_HOST=dev.nutra.tk VPS_USER=gg +export SUDO_USER=gg + diff --git a/Makefile b/Makefile index b9fc6ee..039af56 100644 --- a/Makefile +++ b/Makefile @@ -6,39 +6,95 @@ ifneq (,$(wildcard ./.env)) export endif +.PHONY: _help +_help: + @printf "\nUsage: make , valid commands:\n\n" + @awk 'BEGIN {FS = ":.*?##H "}; \ + /##H/ && !/@awk.*?##H/ { \ + target=$$1; doc=$$2; \ + category="General"; \ + if (doc ~ /^@/) { \ + category=substr(doc, 2, index(doc, " ")-2); \ + doc=substr(doc, index(doc, " ")+1); \ + } \ + if (length(target) > max) max = length(target); \ + targets[NR] = target; docs[NR] = doc; cats[NR] = category; \ + } \ + END { \ + last_cat = ""; \ + for (i = 1; i <= NR; i++) { \ + if (cats[i] != "") { \ + if (cats[i] != last_cat) { \ + printf "\n\033[1;36m%s Commands:\033[0m\n", cats[i]; \ + last_cat = cats[i]; \ + } \ + printf " \033[1;34m%-*s\033[0m %s\n", max, targets[i], docs[i]; \ + } \ + } \ + print ""; \ + }' $(MAKEFILE_LIST) + + VPS_HOST ?= dev.nutra.tk VPS_USER ?= gg +VPS := $(VPS_USER)@$(VPS_HOST) + .PHONY: stage/nginx -stage/nginx: +stage/nginx: ##H @Remote Stage files on the remote VPS @echo "Staging files on $(VPS_HOST)..." - ssh $(VPS_USER)@$(VPS_HOST) 'rm -rf ~/nginx-staging && mkdir -p ~/nginx-staging' - scp -q -r etc/nginx/conf.d/*.conf $(VPS_USER)@$(VPS_HOST):~/nginx-staging/ - scp -q scripts/deploy.sh $(VPS_USER)@$(VPS_HOST):~/nginx-staging/ + ssh $(VPS) 'rm -rf ~/.nginx-staging && mkdir -p ~/.nginx-staging' + scp -q -r etc/nginx/conf.d/*.conf $(VPS):~/.nginx-staging/ + scp -q scripts/deploy.sh $(VPS):~/.nginx-staging/ .PHONY: diff/nginx -diff/nginx: +diff/nginx: ##H @Remote Show diff between local and remote @echo "Checking diff against $(VPS_HOST)..." - ssh -t $(VPS_USER)@$(VPS_HOST) "bash ~/nginx-staging/deploy.sh diff" + ssh -t $(VPS) "bash ~/.nginx-staging/deploy.sh diff" .PHONY: deploy/nginx -deploy/nginx: +deploy/nginx: ##H @Remote Deploy staged files to remote @echo "Deploying checked-in nginx config to $(VPS_HOST)..." - ssh -t $(VPS_USER)@$(VPS_HOST) "bash ~/nginx-staging/deploy.sh" + ssh -t $(VPS) "bash ~/.nginx-staging/deploy.sh" .PHONY: stage/local -stage/local: +stage/local: ##H @Local Stage files locally (supports SUDO_USER) +ifdef SUDO_USER + @echo "Staging files locally for user $(SUDO_USER)..." + rm -rf /tmp/nginx-staging && mkdir -p /tmp/nginx-staging + cp -r etc/nginx/conf.d/*.conf /tmp/nginx-staging/ + # Only copy secrets.conf if it is decrypted (not binary) + @if grep -qI . etc/nginx/conf.d/secrets.conf; then \ + echo "secrets.conf is decrypted, including it."; \ + else \ + echo "secrets.conf is ENCRYPTED, skipping."; \ + rm -f /tmp/nginx-staging/secrets.conf; \ + fi + cp scripts/deploy.sh /tmp/nginx-staging/ + chmod -R a+rX /tmp/nginx-staging +else @echo "Staging files locally..." - rm -rf ~/nginx-staging && mkdir -p ~/nginx-staging - cp -r etc/nginx/conf.d/*.conf ~/nginx-staging/ - cp scripts/deploy.sh ~/nginx-staging/ + rm -rf ~/.nginx-staging && mkdir -p ~/.nginx-staging + cp -r etc/nginx/conf.d/*.conf ~/.nginx-staging/ + cp scripts/deploy.sh ~/.nginx-staging/ +endif .PHONY: diff/local -diff/local: stage/local +diff/local: stage/local ##H @Local Show diff locally (supports SUDO_USER) +ifdef SUDO_USER + @echo "Checking diff locally as $(SUDO_USER)..." + su -P $(SUDO_USER) -c "bash /tmp/nginx-staging/deploy.sh diff" +else @echo "Checking diff locally..." - bash ~/nginx-staging/deploy.sh diff + bash ~/.nginx-staging/deploy.sh diff +endif .PHONY: deploy/local -deploy/local: stage/local +deploy/local: stage/local ##H @Local Deploy files locally (supports SUDO_USER) +ifdef SUDO_USER + @echo "Deploying locally as $(SUDO_USER)..." + su -P $(SUDO_USER) -c "bash /tmp/nginx-staging/deploy.sh" +else @echo "Deploying locally..." - bash ~/nginx-staging/deploy.sh + bash ~/.nginx-staging/deploy.sh +endif diff --git a/dns-records.csv b/dns-records.csv deleted file mode 100644 index b9ed3b4..0000000 --- a/dns-records.csv +++ /dev/null @@ -1,17 +0,0 @@ -Name,Type,TTL,Target -,A,3600,216.218.216.163 -API,A,3600,216.218.216.163 -API-DEV,A,3600,216.218.228.93 -API.DEV,A,3600,216.218.228.93 -CHAT,A,3600,216.218.228.93 -DEV,A,3600,216.218.228.93 -GIT,A,3600,216.218.228.93 -MATRIX,A,3600,216.218.228.93 -S3,A,3600,216.218.228.93 -S3-ADMIN,A,3600,216.218.228.93 -STORE,A,3600,216.218.228.93 -STORE-ADMIN-8B56411B,A,3600,216.218.228.93 -STORE-API,A,3600,216.218.228.93 -WWW,A,3600,216.218.216.163 -WWW.DEV,A,3600,216.218.228.93 -,TXT,3600,google-site-verification=kxGS8ZR9OjzDU8gXJoXOYZ5CdVSpfZkgEHxdsQIOwf0 diff --git a/scripts/deploy.sh b/scripts/deploy.sh index 3128121..ee7fd55 100755 --- a/scripts/deploy.sh +++ b/scripts/deploy.sh @@ -2,12 +2,13 @@ set -e # Staging directory expected to be populated by the caller (Makefile) -STAGING_DIR=~/nginx-staging +# We default to the directory containing this script. +STAGING_DIR=$(dirname "$(realpath "$0")") CONF_DIR=/etc/nginx/conf.d echo "Detected changes (diff):" # Diff existing vs staging. "|| true" prevents exit on diff found. -sudo diff -u -r --color=always "$CONF_DIR/" "$STAGING_DIR/" || true +diff -u -r --color=always "$CONF_DIR/" "$STAGING_DIR/" || true echo "" if [ "$1" = "diff" ]; then @@ -31,6 +32,12 @@ sudo mv "$STAGING_DIR"/*.conf "$CONF_DIR/" sudo rm -rf "$STAGING_DIR" echo "Verifying configuration..." +if [ -n "$DEBUG" ]; then + echo "Debug mode enabled: running nginx -T" + sudo nginx -t -c /etc/nginx/nginx.conf || true + sudo nginx -T -c /etc/nginx/nginx.conf +fi + if sudo nginx -t; then echo "Configuration is valid. Reloading Nginx..." sudo nginx -s reload diff --git a/scripts/dns-records.csv b/scripts/dns-records.csv index 7da5614..b9ed3b4 100644 --- a/scripts/dns-records.csv +++ b/scripts/dns-records.csv @@ -1,5 +1,5 @@ Name,Type,TTL,Target -@,A,3600,216.218.216.163 +,A,3600,216.218.216.163 API,A,3600,216.218.216.163 API-DEV,A,3600,216.218.228.93 API.DEV,A,3600,216.218.228.93 @@ -14,4 +14,4 @@ STORE-ADMIN-8B56411B,A,3600,216.218.228.93 STORE-API,A,3600,216.218.228.93 WWW,A,3600,216.218.216.163 WWW.DEV,A,3600,216.218.228.93 -@,TXT,3600,google-site-verification=kxGS8ZR9OjzDU8gXJoXOYZ5CdVSpfZkgEHxdsQIOwf0 +,TXT,3600,google-site-verification=kxGS8ZR9OjzDU8gXJoXOYZ5CdVSpfZkgEHxdsQIOwf0