diff --git a/deploy.sh b/deploy.sh new file mode 100755 index 0000000..5edf8a0 --- /dev/null +++ b/deploy.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash +set -euo pipefail + +VPS="ordinarthur@10.10.0.13" +APP_DIR="/var/www/html/rebours" + +echo "πŸš€ Deploying rebours..." + +# 1. Sync source code +rsync -avz --delete \ + --exclude node_modules \ + --exclude .env \ + --exclude dist \ + --exclude .git \ + ./ "$VPS:$APP_DIR/" + +# 2. Install deps, migrate, build, restart +ssh "$VPS" "cd $APP_DIR && \ + pnpm install --frozen-lockfile && \ + pnpm prisma migrate deploy && \ + pnpm build && \ + sudo systemctl restart rebours" + +echo "βœ… Live β†’ https://rebours.studio" diff --git a/deploy/rebours.service b/deploy/rebours.service new file mode 100644 index 0000000..fa22042 --- /dev/null +++ b/deploy/rebours.service @@ -0,0 +1,17 @@ +[Unit] +Description=Rebours Fastify Server +After=network.target + +[Service] +Type=simple +User=ordinarthur +WorkingDirectory=/var/www/html/rebours +EnvironmentFile=/var/www/html/rebours/.env +Environment=NODE_ENV=production +Environment=PORT=3001 +ExecStart=/usr/bin/node server.mjs +Restart=on-failure +RestartSec=5 + +[Install] +WantedBy=multi-user.target diff --git a/deploy/setup.sh b/deploy/setup.sh new file mode 100755 index 0000000..9facf37 --- /dev/null +++ b/deploy/setup.sh @@ -0,0 +1,65 @@ +#!/usr/bin/env bash +set -euo pipefail + +# First-time VPS setup for rebours +# Run: bash deploy/setup.sh + +VPS="ordinarthur@10.10.0.13" +APP_DIR="/var/www/html/rebours" + +echo "πŸ”§ Setting up rebours on $VPS..." + +# 1. Sync project files +rsync -avz --delete \ + --exclude node_modules \ + --exclude .env \ + --exclude dist \ + --exclude .git \ + ./ "$VPS:$APP_DIR/" + +# 2. Setup on server +ssh "$VPS" << 'REMOTE' + set -euo pipefail + + # Node.js 22 + pnpm (skip if already installed) + if ! command -v node &>/dev/null; then + curl -fsSL https://deb.nodesource.com/setup_22.x | sudo -E bash - + sudo apt-get install -y nodejs + fi + if ! command -v pnpm &>/dev/null; then + sudo corepack enable + sudo corepack prepare pnpm@latest --activate + fi + + # nginx config + sudo cp /var/www/html/rebours/nginx.conf /etc/nginx/sites-available/rebours + sudo ln -sf /etc/nginx/sites-available/rebours /etc/nginx/sites-enabled/rebours + sudo nginx -t && sudo systemctl reload nginx + + # systemd service + sudo cp /var/www/html/rebours/deploy/rebours.service /etc/systemd/system/rebours.service + sudo systemctl daemon-reload + sudo systemctl enable rebours + + # permissions + sudo chown -R ordinarthur:www-data /var/www/html/rebours + + echo "βœ… VPS ready" +REMOTE + +echo "" +echo "πŸ“ Next steps:" +echo " 1. Create .env on the VPS:" +echo " ssh $VPS 'nano $APP_DIR/.env'" +echo "" +echo " DATABASE_URL=postgresql://user:pass@host:5432/rebours" +echo " STRIPE_SECRET_KEY=sk_live_..." +echo " STRIPE_WEBHOOK_SECRET=whsec_..." +echo " DOMAIN=https://rebours.studio" +echo " ADMIN_EMAIL=..." +echo " ADMIN_PASSWORD=..." +echo " COOKIE_SECRET=..." +echo "" +echo " 2. Deploy: bash deploy.sh" +echo "" +echo " 3. NPM: forward rebours.studio β†’ 10.10.0.13:80" diff --git a/nginx.conf b/nginx.conf index b4d737d..631d60c 100644 --- a/nginx.conf +++ b/nginx.conf @@ -5,33 +5,59 @@ server { root /var/www/html/rebours/dist; index index.html; - # HTML : jamais cachΓ© - location ~* \.html$ { - add_header Cache-Control "no-store"; + # ── API proxy β†’ Fastify ────────────────────────────────────────────────── + location /api/ { + proxy_pass http://127.0.0.1:3001; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; } - # Fichiers Astro avec hash dans _astro/ : cache long immutable - location ~* ^/_astro/ { + # ── SEO (dynamique depuis DB) ──────────────────────────────────────────── + location = /robots.txt { + proxy_pass http://127.0.0.1:3001; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + } + + location = /sitemap.xml { + proxy_pass http://127.0.0.1:3001; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + } + + # ── Admin proxy β†’ Fastify (AdminJS) ────────────────────────────────────── + location /admin { + proxy_pass http://127.0.0.1:3001; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + # ── Cache : Astro hashed β†’ immutable ───────────────────────────────────── + location /_astro/ { add_header Cache-Control "public, max-age=31536000, immutable"; } - # CSS / JS sans hash (style.css, main.js) : revalidation Γ  chaque visite + # ── Cache : CSS/JS sans hash β†’ revalidation ───────────────────────────── location ~* \.(css|js)$ { add_header Cache-Control "no-cache"; } - # Assets (images, fonts) : cache 7 jours + # ── Cache : assets β†’ 7 jours ──────────────────────────────────────────── location ~* \.(jpg|jpeg|png|gif|webp|svg|woff2|woff|ttf|ico)$ { add_header Cache-Control "public, max-age=604800"; } + # ── HTML : jamais cachΓ© ────────────────────────────────────────────────── + location ~* \.html$ { + add_header Cache-Control "no-store"; + } + + # ── SPA fallback ───────────────────────────────────────────────────────── location / { try_files $uri $uri/ $uri.html /index.html; } - - location /api/ { - proxy_pass http://127.0.0.1:3000; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - } }