CodeStandard/devops/SETUP PRODUCTION.txt

IP сервера: 77.232.136.118 
# ------ SETUP PROD SERVER ---------
# 1. ======== SSH AS ROOT ==========
apt update && apt install docker.io -y
groupadd docker

adduser prod
usermod -aG sudo prod
usermod -aG docker prod
su - prod


# 2. ====== SSH AS PROD USER ==========
mkdir backup portal
cd portal
git clone  https://github.com/IRBorisov/ConceptPortal ./
mkdir secretes


# 3. ====== WINDOWS =========
scp D:\DEV\WORK\Concept-Web\rsconcept\backend\import\pyconcept-1.3.0-cp310-cp310-linux_x86_64.whl prod@77.232.136.118:~/portal/rsconcept/backend/import/pyconcept-1.3.0-cp310-cp310-linux_x86_64.whl

scp -r D:\DEV\WORK\Concept-Web\secrets prod@77.232.136.118:~/portal/secrets


# 4. ======= SSH AS PROD USER =======
cd ~/protal
bash scripts/prod/UpdateProd.sh

# 5. For Initial certbot startup we need to temporarily edit nginx config to prevent it from failing to load them
nano nginx/production.conf
# Remove all HTTPS sections (listen 443)

docker compose -f "docker-compose-prod.yml" up --build -d
docker logs -t portal-router
# Make sure that router logs do not contain errors

# 6. Get cerificates first time
docker compose -f "docker-compose-prod.yml" run --rm  certbot certonly --webroot --webroot-path /var/www/certbot/ --dry-run -d portal.acconcept.ru -d api.portal.acconcept.ru
> email: portal@acconcept.ru
# Should result in "The dry run was successful.

docker compose -f "docker-compose-prod.yml" run --rm  certbot certonly --webroot --webroot-path /var/www/certbot/ -d portal.acconcept.ru
docker compose -f "docker-compose-prod.yml" run --rm  certbot certonly --webroot --webroot-path /var/www/certbot/ -d api.portal.acconcept.ru
# Should result in "Successfully received certificate"

# 7. Setup nginx using certs
git checkout HEAD -- nginx/production.conf
docker compose -f "docker-compose-prod.yml" up --build -d

# 8. Setup Initial data
docker exec -it portal-backend /bin/bash
python manage.py createsuperuser
python manage.py loaddata fixtures/InitialData.json

# OR restore backup from pg_dump
docker exec -i portal-db pg_restore --username=portal-admin --dbname=portal-db --clean < ~/restore/2023-09-18-db.dump
Initial commit 2024-06-07 20:00:25 +03:00			`IP сервера: 77.232.136.118`
			`# ------ SETUP PROD SERVER ---------`
			`# 1. ======== SSH AS ROOT ==========`
			`apt update && apt install docker.io -y`
			`groupadd docker`

			`adduser prod`
			`usermod -aG sudo prod`
			`usermod -aG docker prod`
			`su - prod`


			`# 2. ====== SSH AS PROD USER ==========`
			`mkdir backup portal`
			`cd portal`
			`git clone https://github.com/IRBorisov/ConceptPortal ./`
			`mkdir secretes`


			`# 3. ====== WINDOWS =========`
			`scp D:\DEV\WORK\Concept-Web\rsconcept\backend\import\pyconcept-1.3.0-cp310-cp310-linux_x86_64.whl prod@77.232.136.118:~/portal/rsconcept/backend/import/pyconcept-1.3.0-cp310-cp310-linux_x86_64.whl`

			`scp -r D:\DEV\WORK\Concept-Web\secrets prod@77.232.136.118:~/portal/secrets`


			`# 4. ======= SSH AS PROD USER =======`
			`cd ~/protal`
			`bash scripts/prod/UpdateProd.sh`

			`# 5. For Initial certbot startup we need to temporarily edit nginx config to prevent it from failing to load them`
			`nano nginx/production.conf`
			`# Remove all HTTPS sections (listen 443)`

			`docker compose -f "docker-compose-prod.yml" up --build -d`
			`docker logs -t portal-router`
			`# Make sure that router logs do not contain errors`

			`# 6. Get cerificates first time`
			`docker compose -f "docker-compose-prod.yml" run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ --dry-run -d portal.acconcept.ru -d api.portal.acconcept.ru`
			`> email: portal@acconcept.ru`
			`# Should result in "The dry run was successful.`

			`docker compose -f "docker-compose-prod.yml" run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ -d portal.acconcept.ru`
			`docker compose -f "docker-compose-prod.yml" run --rm certbot certonly --webroot --webroot-path /var/www/certbot/ -d api.portal.acconcept.ru`
			`# Should result in "Successfully received certificate"`

			`# 7. Setup nginx using certs`
			`git checkout HEAD -- nginx/production.conf`
			`docker compose -f "docker-compose-prod.yml" up --build -d`

			`# 8. Setup Initial data`
			`docker exec -it portal-backend /bin/bash`
			`python manage.py createsuperuser`
			`python manage.py loaddata fixtures/InitialData.json`

			`# OR restore backup from pg_dump`
			`docker exec -i portal-db pg_restore --username=portal-admin --dbname=portal-db --clean < ~/restore/2023-09-18-db.dump`