WIP proxy #3
@@ -5,7 +5,7 @@ set -euo pipefail
|
||||
# CONFIGURACIÓN BÁSICA – EDITA ESTO
|
||||
###############################################
|
||||
# TODO: pon aquí la URL real de tu repo (sin credenciales)
|
||||
REPO_URL_DEFAULT="https://github.com/igferne/Beyond-Diagnosis.git"
|
||||
REPO_URL_DEFAULT="ssh://git@git.beyondcx.org:2424/susana/BeyondCXAnalytics-Demo.git"
|
||||
INSTALL_BASE="/opt/beyondcx"
|
||||
|
||||
###############################################
|
||||
@@ -37,7 +37,13 @@ if [ -z "$DOMAIN" ]; then
|
||||
echo "El dominio no puede estar vacío."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
SUBDOMAIN=${DOMAIN%%.*}
|
||||
if [[ $DOMAIN == $SUBDOMAIN ]]; then
|
||||
DOMAIN=$DOMAIN".analytics.beyondcx.org"
|
||||
fi
|
||||
echo "el dominio es $DOMAIN y el subdominio $SUBDOMAIN"
|
||||
|
||||
INSTALL_DIR=$INSTALL_BASE"/"$SUBDOMAIN
|
||||
read -rp "Email para Let's Encrypt (avisos de renovación): " EMAIL
|
||||
if [ -z "$EMAIL" ]; then
|
||||
@@ -66,6 +72,8 @@ echo
|
||||
read -rp "¿El repositorio es PRIVADO en GitHub y necesitas token? [s/N]: " IS_PRIVATE
|
||||
IS_PRIVATE=${IS_PRIVATE:-N}
|
||||
|
||||
GIT_CLONE_URL="$REPO_URL"
|
||||
|
||||
echo
|
||||
echo "Resumen de configuración:"
|
||||
echo " Dominio: $DOMAIN"
|
||||
@@ -74,13 +82,6 @@ echo " Usuario API: $API_USER"
|
||||
echo " Repo (visible): $REPO_URL"
|
||||
echo " Path del despliegue: $INSTALL_DIR"
|
||||
|
||||
if [[ "$IS_PRIVATE" =~ ^[sS]$ ]]; then
|
||||
echo " Repo privado: Sí (se usará un PAT sólo para el clon inicial)"
|
||||
else
|
||||
echo " Repo privado: No"
|
||||
fi
|
||||
echo
|
||||
|
||||
read -rp "¿Continuar con la instalación? [s/N]: " CONFIRM
|
||||
CONFIRM=${CONFIRM:-N}
|
||||
if [[ ! "$CONFIRM" =~ ^[sS]$ ]]; then
|
||||
@@ -134,107 +135,16 @@ fi
|
||||
if ! grep -q "DDD" docker-compose.yml; then
|
||||
echo "⚠ No encuentro DDD en docker-compose.yml. Revisa el archivo a mano."
|
||||
else
|
||||
sed -i "s/DDD/\"$DOMAIN\"/" docker-compose.yml
|
||||
sed -i "s/DDD/$DOMAIN/" docker-compose.yml
|
||||
fi
|
||||
|
||||
|
||||
|
||||
# Aseguramos que nginx exponga también 443
|
||||
#if grep -q 'ports:' docker-compose.yml && grep -q 'nginx:' docker-compose.yml; then
|
||||
# if ! grep -q '443:443' docker-compose.yml; then
|
||||
# sed -i '/- "80:80"/a\ - "443:443"' docker-compose.yml || true
|
||||
# fi
|
||||
#fi
|
||||
#
|
||||
## Aseguramos que montamos /etc/letsencrypt dentro del contenedor de nginx
|
||||
#if ! grep -q '/etc/letsencrypt:/etc/letsencrypt:ro' docker-compose.yml; then
|
||||
# sed -i '/nginx:/,/networks:/{
|
||||
# /volumes:/a\ - /etc/letsencrypt:/etc/letsencrypt:ro
|
||||
# }' docker-compose.yml || true
|
||||
#fi
|
||||
#
|
||||
###############################################
|
||||
# 5. OBTENER CERTIFICADO LET'S ENCRYPT
|
||||
###############################################
|
||||
#step "Obteniendo certificado SSL de Let’s Encrypt para $DOMAIN"
|
||||
#
|
||||
#if [ -f "/etc/letsencrypt/live/$DOMAIN/fullchain.pem" ]; then
|
||||
# echo "Certificado ya existe, saltando paso de emisión."
|
||||
#else
|
||||
# # Asegurarnos de que no hay nada escuchando en 80/443
|
||||
# systemctl stop nginx || true
|
||||
#
|
||||
# certbot certonly \
|
||||
# --standalone \
|
||||
# --non-interactive \
|
||||
# --agree-tos \
|
||||
# -m "$EMAIL" \
|
||||
# -d "$DOMAIN"
|
||||
#
|
||||
# echo "Certificado emitido en /etc/letsencrypt/live/$DOMAIN/"
|
||||
#fi
|
||||
#
|
||||
################################################
|
||||
## 6. CONFIGURAR NGINX DENTRO DEL REPO
|
||||
################################################
|
||||
#step "Generando configuración nginx con SSL"
|
||||
#
|
||||
#mkdir -p nginx/conf.d
|
||||
#
|
||||
#cat > nginx/conf.d/beyond.conf <<EOF
|
||||
#server {
|
||||
# listen 80;
|
||||
# server_name $DOMAIN;
|
||||
# return 301 https://\$host\$request_uri;
|
||||
# client_max_body_size 1024M;
|
||||
#}
|
||||
#
|
||||
#server {
|
||||
# listen 443 ssl;
|
||||
# server_name $DOMAIN;
|
||||
#
|
||||
# client_max_body_size 1024M;
|
||||
#
|
||||
# ssl_certificate /etc/letsencrypt/live/$DOMAIN/fullchain.pem;
|
||||
# ssl_certificate_key /etc/letsencrypt/live/$DOMAIN/privkey.pem;
|
||||
# ssl_protocols TLSv1.2 TLSv1.3;
|
||||
# ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
#
|
||||
# # FRONTEND (React)
|
||||
# location / {
|
||||
# proxy_pass http://frontend:4173/;
|
||||
# proxy_http_version 1.1;
|
||||
# proxy_set_header Host \$host;
|
||||
# proxy_set_header X-Real-IP \$remote_addr;
|
||||
# proxy_set_header Upgrade \$http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
# }
|
||||
#
|
||||
# # BACKEND (FastAPI)
|
||||
# location /api/ {
|
||||
# proxy_pass http://backend:8000/;
|
||||
# proxy_http_version 1.1;
|
||||
# proxy_set_header Host \$host;
|
||||
# proxy_set_header X-Real-IP \$remote_addr;
|
||||
# proxy_set_header Upgrade \$http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
#
|
||||
# proxy_connect_timeout 60s;
|
||||
# proxy_send_timeout 600s;
|
||||
# proxy_read_timeout 600s;
|
||||
# send_timeout 600s;
|
||||
# }
|
||||
#}
|
||||
#EOF
|
||||
#
|
||||
###############################################
|
||||
# 7. BUILD Y ARRANQUE DE CONTENEDORES
|
||||
###############################################
|
||||
step "Construyendo imágenes Docker y arrancando contenedores"
|
||||
|
||||
docker compose build
|
||||
docker compose up -d
|
||||
|
||||
gg
|
||||
###############################################
|
||||
# 8. FIN
|
||||
###############################################
|
||||
|
||||
Reference in New Issue
Block a user