monacousa-portal/deploy.sh

#!/bin/bash
# Monaco USA Portal - Production Deployment Script
# For Debian/Ubuntu Linux servers
#
# Usage: ./deploy.sh [command]
# Commands:
#   setup     - First-time setup (install Docker, configure firewall)
#   deploy    - Build and start all services
#   update    - Pull latest changes and rebuild portal
#   logs      - View logs
#   status    - Check service status
#   backup    - Backup database
#   restore   - Restore database from backup

set -e

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

# Configuration
COMPOSE_FILE="docker-compose.nginx.yml"
PROJECT_NAME="monacousa"

log_info() {
    echo -e "${GREEN}[INFO]${NC} $1"
}

log_warn() {
    echo -e "${YELLOW}[WARN]${NC} $1"
}

log_error() {
    echo -e "${RED}[ERROR]${NC} $1"
}

# Check if running as root
check_root() {
    if [ "$EUID" -ne 0 ]; then
        log_error "Please run as root (sudo ./deploy.sh)"
        exit 1
    fi
}

# Install Docker and Docker Compose on Debian
install_docker() {
    log_info "Installing Docker..."

    # Remove old versions
    apt-get remove -y docker docker-engine docker.io containerd runc 2>/dev/null || true

    # Install dependencies
    apt-get update
    apt-get install -y \
        apt-transport-https \
        ca-certificates \
        curl \
        gnupg \
        lsb-release

    # Add Docker's official GPG key
    install -m 0755 -d /etc/apt/keyrings
    curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
    chmod a+r /etc/apt/keyrings/docker.gpg

    # Add repository
    echo \
        "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
        $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
        tee /etc/apt/sources.list.d/docker.list > /dev/null

    # Install Docker
    apt-get update
    apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

    # Start and enable Docker
    systemctl start docker
    systemctl enable docker

    log_info "Docker installed successfully"
}

# Configure firewall
configure_firewall() {
    log_info "Configuring firewall..."

    # Install ufw if not present
    apt-get install -y ufw

    # Allow SSH, HTTP, HTTPS
    ufw allow ssh
    ufw allow http
    ufw allow https

    # Enable firewall
    ufw --force enable

    log_info "Firewall configured (SSH, HTTP, HTTPS allowed)"
}

# First-time setup
setup() {
    check_root
    log_info "Starting first-time setup..."

    # Update system
    apt-get update && apt-get upgrade -y

    # Install Docker
    install_docker

    # Configure firewall
    configure_firewall

    # Install useful tools
    apt-get install -y htop nano git apache2-utils

    # Check for .env file
    if [ ! -f .env ]; then
        log_warn ".env file not found!"
        log_info "Copy .env.production.example to .env and configure it:"
        echo "  cp .env.production.example .env"
        echo "  nano .env"
    fi

    log_info "Setup complete! Next steps:"
    echo "  1. Configure .env file: nano .env"
    echo "  2. Deploy: ./deploy.sh deploy"
}

# Generate secrets helper
generate_secrets() {
    log_info "Generating secrets..."
    echo ""
    echo "JWT_SECRET=$(openssl rand -base64 32)"
    echo "POSTGRES_PASSWORD=$(openssl rand -base64 32)"
    echo "SECRET_KEY_BASE=$(openssl rand -base64 64)"
    echo ""
    log_info "Copy these values to your .env file"
}

# Deploy/start services
deploy() {
    log_info "Deploying Monaco USA Portal..."

    # Check for .env file
    if [ ! -f .env ]; then
        log_error ".env file not found! Copy .env.production.example to .env first."
        exit 1
    fi

    # Build and start
    docker compose -f $COMPOSE_FILE -p $PROJECT_NAME build --no-cache portal
    docker compose -f $COMPOSE_FILE -p $PROJECT_NAME up -d

    log_info "Deployment complete!"
    log_info "Waiting for services to be healthy..."
    sleep 10

    # Show status
    docker compose -f $COMPOSE_FILE -p $PROJECT_NAME ps

    log_info "Portal should be available at https://\$(grep DOMAIN .env | cut -d '=' -f2)"
}

# Update and rebuild
update() {
    log_info "Updating Monaco USA Portal..."

    # Pull latest code (if git repo)
    if [ -d .git ]; then
        git pull origin main
    fi

    # Rebuild only the portal service
    docker compose -f $COMPOSE_FILE -p $PROJECT_NAME build --no-cache portal

    # Restart portal with zero downtime
    docker compose -f $COMPOSE_FILE -p $PROJECT_NAME up -d --no-deps portal

    log_info "Update complete!"
}

# View logs
logs() {
    local service=${1:-""}
    if [ -z "$service" ]; then
        docker compose -f $COMPOSE_FILE -p $PROJECT_NAME logs -f --tail=100
    else
        docker compose -f $COMPOSE_FILE -p $PROJECT_NAME logs -f --tail=100 $service
    fi
}

# Check status
status() {
    log_info "Service Status:"
    docker compose -f $COMPOSE_FILE -p $PROJECT_NAME ps
    echo ""
    log_info "Resource Usage:"
    docker stats --no-stream $(docker compose -f $COMPOSE_FILE -p $PROJECT_NAME ps -q)
}

# Backup database
backup() {
    local backup_file="backup_$(date +%Y%m%d_%H%M%S).sql"
    log_info "Backing up database to $backup_file..."

    docker compose -f $COMPOSE_FILE -p $PROJECT_NAME exec -T db \
        pg_dump -U postgres postgres > "$backup_file"

    # Compress
    gzip "$backup_file"

    log_info "Backup complete: ${backup_file}.gz"
}

# Restore database
restore() {
    local backup_file=$1
    if [ -z "$backup_file" ]; then
        log_error "Usage: ./deploy.sh restore <backup_file.sql.gz>"
        exit 1
    fi

    log_warn "This will overwrite the current database!"
    read -p "Are you sure? (y/N) " -n 1 -r
    echo
    if [[ ! $REPLY =~ ^[Yy]$ ]]; then
        exit 1
    fi

    log_info "Restoring database from $backup_file..."

    # Decompress if needed
    if [[ "$backup_file" == *.gz ]]; then
        gunzip -c "$backup_file" | docker compose -f $COMPOSE_FILE -p $PROJECT_NAME exec -T db \
            psql -U postgres postgres
    else
        cat "$backup_file" | docker compose -f $COMPOSE_FILE -p $PROJECT_NAME exec -T db \
            psql -U postgres postgres
    fi

    log_info "Restore complete!"
}

# Stop all services
stop() {
    log_info "Stopping all services..."
    docker compose -f $COMPOSE_FILE -p $PROJECT_NAME down
    log_info "All services stopped"
}

# Restart all services
restart() {
    log_info "Restarting all services..."
    docker compose -f $COMPOSE_FILE -p $PROJECT_NAME restart
    log_info "All services restarted"
}

# Clean up unused Docker resources
cleanup() {
    log_info "Cleaning up unused Docker resources..."
    docker system prune -af --volumes
    log_info "Cleanup complete"
}

# Show help
help() {
    echo "Monaco USA Portal - Deployment Script"
    echo ""
    echo "Usage: ./deploy.sh [command]"
    echo ""
    echo "Commands:"
    echo "  setup           First-time server setup (install Docker, firewall)"
    echo "  generate-secrets Generate random secrets for .env"
    echo "  deploy          Build and start all services"
    echo "  update          Pull latest code and rebuild portal"
    echo "  stop            Stop all services"
    echo "  restart         Restart all services"
    echo "  status          Show service status and resource usage"
    echo "  logs [service]  View logs (optionally for specific service)"
    echo "  backup          Backup database to file"
    echo "  restore <file>  Restore database from backup"
    echo "  cleanup         Remove unused Docker resources"
    echo "  help            Show this help message"
    echo ""
    echo "Examples:"
    echo "  sudo ./deploy.sh setup        # First-time setup"
    echo "  ./deploy.sh deploy            # Deploy the portal"
    echo "  ./deploy.sh logs portal       # View portal logs"
    echo "  ./deploy.sh backup            # Backup database"
}

# Main command handler
case "${1:-help}" in
    setup)
        setup
        ;;
    generate-secrets)
        generate_secrets
        ;;
    deploy)
        deploy
        ;;
    update)
        update
        ;;
    stop)
        stop
        ;;
    restart)
        restart
        ;;
    status)
        status
        ;;
    logs)
        logs $2
        ;;
    backup)
        backup
        ;;
    restore)
        restore $2
        ;;
    cleanup)
        cleanup
        ;;
    help|--help|-h)
        help
        ;;
    *)
        log_error "Unknown command: $1"
        help
        exit 1
        ;;
esac
Initial production deployment setup - Production docker-compose with nginx support - Nginx configuration for portal.monacousa.org - Deployment script with backup/restore - Gitea CI/CD workflow - Fix CountryFlag reactivity for dropdown flags Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-25 02:19:49 +01:00			`#!/bin/bash`
			`# Monaco USA Portal - Production Deployment Script`
			`# For Debian/Ubuntu Linux servers`
			`#`
			`# Usage: ./deploy.sh [command]`
			`# Commands:`
			`# setup - First-time setup (install Docker, configure firewall)`
			`# deploy - Build and start all services`
			`# update - Pull latest changes and rebuild portal`
			`# logs - View logs`
			`# status - Check service status`
			`# backup - Backup database`
			`# restore - Restore database from backup`

			`set -e`

			`# Colors for output`
			`RED='\033[0;31m'`
			`GREEN='\033[0;32m'`
			`YELLOW='\033[1;33m'`
			`NC='\033[0m' # No Color`

			`# Configuration`
			`COMPOSE_FILE="docker-compose.nginx.yml"`
			`PROJECT_NAME="monacousa"`

			`log_info() {`
			`echo -e "${GREEN}[INFO]${NC} $1"`
			`}`

			`log_warn() {`
			`echo -e "${YELLOW}[WARN]${NC} $1"`
			`}`

			`log_error() {`
			`echo -e "${RED}[ERROR]${NC} $1"`
			`}`

			`# Check if running as root`
			`check_root() {`
			`if [ "$EUID" -ne 0 ]; then`
			`log_error "Please run as root (sudo ./deploy.sh)"`
			`exit 1`
			`fi`
			`}`

			`# Install Docker and Docker Compose on Debian`
			`install_docker() {`
			`log_info "Installing Docker..."`

			`# Remove old versions`
			`apt-get remove -y docker docker-engine docker.io containerd runc 2>/dev/null \|\| true`

			`# Install dependencies`
			`apt-get update`
			`apt-get install -y \`
			`apt-transport-https \`
			`ca-certificates \`
			`curl \`
			`gnupg \`
			`lsb-release`

			`# Add Docker's official GPG key`
			`install -m 0755 -d /etc/apt/keyrings`
			`curl -fsSL https://download.docker.com/linux/debian/gpg \| gpg --dearmor -o /etc/apt/keyrings/docker.gpg`
			`chmod a+r /etc/apt/keyrings/docker.gpg`

			`# Add repository`
			`echo \`
			`"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \`
			`$(. /etc/os-release && echo "$VERSION_CODENAME") stable" \| \`
			`tee /etc/apt/sources.list.d/docker.list > /dev/null`

			`# Install Docker`
			`apt-get update`
			`apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin`

			`# Start and enable Docker`
			`systemctl start docker`
			`systemctl enable docker`

			`log_info "Docker installed successfully"`
			`}`

			`# Configure firewall`
			`configure_firewall() {`
			`log_info "Configuring firewall..."`

			`# Install ufw if not present`
			`apt-get install -y ufw`

			`# Allow SSH, HTTP, HTTPS`
			`ufw allow ssh`
			`ufw allow http`
			`ufw allow https`

			`# Enable firewall`
			`ufw --force enable`

			`log_info "Firewall configured (SSH, HTTP, HTTPS allowed)"`
			`}`

			`# First-time setup`
			`setup() {`
			`check_root`
			`log_info "Starting first-time setup..."`

			`# Update system`
			`apt-get update && apt-get upgrade -y`

			`# Install Docker`
			`install_docker`

			`# Configure firewall`
			`configure_firewall`

			`# Install useful tools`
			`apt-get install -y htop nano git apache2-utils`

			`# Check for .env file`
			`if [ ! -f .env ]; then`
			`log_warn ".env file not found!"`
			`log_info "Copy .env.production.example to .env and configure it:"`
			`echo " cp .env.production.example .env"`
			`echo " nano .env"`
			`fi`

			`log_info "Setup complete! Next steps:"`
			`echo " 1. Configure .env file: nano .env"`
			`echo " 2. Deploy: ./deploy.sh deploy"`
			`}`

			`# Generate secrets helper`
			`generate_secrets() {`
			`log_info "Generating secrets..."`
			`echo ""`
			`echo "JWT_SECRET=$(openssl rand -base64 32)"`
			`echo "POSTGRES_PASSWORD=$(openssl rand -base64 32)"`
			`echo "SECRET_KEY_BASE=$(openssl rand -base64 64)"`
			`echo ""`
			`log_info "Copy these values to your .env file"`
			`}`

			`# Deploy/start services`
			`deploy() {`
			`log_info "Deploying Monaco USA Portal..."`

			`# Check for .env file`
			`if [ ! -f .env ]; then`
			`log_error ".env file not found! Copy .env.production.example to .env first."`
			`exit 1`
			`fi`

			`# Build and start`
			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME build --no-cache portal`
			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME up -d`

			`log_info "Deployment complete!"`
			`log_info "Waiting for services to be healthy..."`
			`sleep 10`

			`# Show status`
			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME ps`

			`log_info "Portal should be available at https://\$(grep DOMAIN .env \| cut -d '=' -f2)"`
			`}`

			`# Update and rebuild`
			`update() {`
			`log_info "Updating Monaco USA Portal..."`

			`# Pull latest code (if git repo)`
			`if [ -d .git ]; then`
			`git pull origin main`
			`fi`

			`# Rebuild only the portal service`
			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME build --no-cache portal`

			`# Restart portal with zero downtime`
			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME up -d --no-deps portal`

			`log_info "Update complete!"`
			`}`

			`# View logs`
			`logs() {`
			`local service=${1:-""}`
			`if [ -z "$service" ]; then`
			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME logs -f --tail=100`
			`else`
			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME logs -f --tail=100 $service`
			`fi`
			`}`

			`# Check status`
			`status() {`
			`log_info "Service Status:"`
			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME ps`
			`echo ""`
			`log_info "Resource Usage:"`
			`docker stats --no-stream $(docker compose -f $COMPOSE_FILE -p $PROJECT_NAME ps -q)`
			`}`

			`# Backup database`
			`backup() {`
			`local backup_file="backup_$(date +%Y%m%d_%H%M%S).sql"`
			`log_info "Backing up database to $backup_file..."`

			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME exec -T db \`
			`pg_dump -U postgres postgres > "$backup_file"`

			`# Compress`
			`gzip "$backup_file"`

			`log_info "Backup complete: ${backup_file}.gz"`
			`}`

			`# Restore database`
			`restore() {`
			`local backup_file=$1`
			`if [ -z "$backup_file" ]; then`
			`log_error "Usage: ./deploy.sh restore <backup_file.sql.gz>"`
			`exit 1`
			`fi`

			`log_warn "This will overwrite the current database!"`
			`read -p "Are you sure? (y/N) " -n 1 -r`
			`echo`
			`if [[ ! $REPLY =~ ^[Yy]$ ]]; then`
			`exit 1`
			`fi`

			`log_info "Restoring database from $backup_file..."`

			`# Decompress if needed`
			`if [[ "$backup_file" == *.gz ]]; then`
			`gunzip -c "$backup_file" \| docker compose -f $COMPOSE_FILE -p $PROJECT_NAME exec -T db \`
			`psql -U postgres postgres`
			`else`
			`cat "$backup_file" \| docker compose -f $COMPOSE_FILE -p $PROJECT_NAME exec -T db \`
			`psql -U postgres postgres`
			`fi`

			`log_info "Restore complete!"`
			`}`

			`# Stop all services`
			`stop() {`
			`log_info "Stopping all services..."`
			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME down`
			`log_info "All services stopped"`
			`}`

			`# Restart all services`
			`restart() {`
			`log_info "Restarting all services..."`
			`docker compose -f $COMPOSE_FILE -p $PROJECT_NAME restart`
			`log_info "All services restarted"`
			`}`

			`# Clean up unused Docker resources`
			`cleanup() {`
			`log_info "Cleaning up unused Docker resources..."`
			`docker system prune -af --volumes`
			`log_info "Cleanup complete"`
			`}`

			`# Show help`
			`help() {`
			`echo "Monaco USA Portal - Deployment Script"`
			`echo ""`
			`echo "Usage: ./deploy.sh [command]"`
			`echo ""`
			`echo "Commands:"`
			`echo " setup First-time server setup (install Docker, firewall)"`
			`echo " generate-secrets Generate random secrets for .env"`
			`echo " deploy Build and start all services"`
			`echo " update Pull latest code and rebuild portal"`
			`echo " stop Stop all services"`
			`echo " restart Restart all services"`
			`echo " status Show service status and resource usage"`
			`echo " logs [service] View logs (optionally for specific service)"`
			`echo " backup Backup database to file"`
			`echo " restore <file> Restore database from backup"`
			`echo " cleanup Remove unused Docker resources"`
			`echo " help Show this help message"`
			`echo ""`
			`echo "Examples:"`
			`echo " sudo ./deploy.sh setup # First-time setup"`
			`echo " ./deploy.sh deploy # Deploy the portal"`
			`echo " ./deploy.sh logs portal # View portal logs"`
			`echo " ./deploy.sh backup # Backup database"`
			`}`

			`# Main command handler`
			`case "${1:-help}" in`
			`setup)`
			`setup`
			`;;`
			`generate-secrets)`
			`generate_secrets`
			`;;`
			`deploy)`
			`deploy`
			`;;`
			`update)`
			`update`
			`;;`
			`stop)`
			`stop`
			`;;`
			`restart)`
			`restart`
			`;;`
			`status)`
			`status`
			`;;`
			`logs)`
			`logs $2`
			`;;`
			`backup)`
			`backup`
			`;;`
			`restore)`
			`restore $2`
			`;;`
			`cleanup)`
			`cleanup`
			`;;`
			`help\|--help\|-h)`
			`help`
			`;;`
			`*)`
			`log_error "Unknown command: $1"`
			`help`
			`exit 1`
			`;;`
			`esac`