diff --git a/deploy-hostinger.sh b/deploy-hostinger.sh new file mode 100644 index 0000000..cc88be3 --- /dev/null +++ b/deploy-hostinger.sh @@ -0,0 +1,156 @@ +#!/bin/bash + +# LittleShop Hostinger Deployment Script +# admin.thebankofdebbie.giize.com + +set -e + +echo "๐Ÿš€ LittleShop Deployment to Hostinger VPS" +echo "=========================================" + +# Configuration +REMOTE_HOST="srv1002428.hstgr.cloud" +REMOTE_USER="sysadmin" +REMOTE_PORT="2255" +SSH_KEY="/home/sysadmin/.claude/Knowledge/Infrastructure/vps_hardening_key" +REGISTRY="localhost:5000" +IMAGE_NAME="littleshop" +IMAGE_TAG="latest" + +echo "๐Ÿ“ฆ Building Docker image locally..." +docker build -t ${IMAGE_NAME}:${IMAGE_TAG} . + +echo "๐Ÿท๏ธ Tagging image for registry..." +docker tag ${IMAGE_NAME}:${IMAGE_TAG} ${REGISTRY}/${IMAGE_NAME}:${IMAGE_TAG} + +echo "๐Ÿ“ค Creating deployment package..." +# Save the Docker image +docker save ${IMAGE_NAME}:${IMAGE_TAG} | gzip > littleshop-docker.tar.gz + +# Create deployment archive +tar czf littleshop-deployment.tar.gz \ + littleshop-docker.tar.gz \ + docker-compose.hostinger.yml \ + Dockerfile + +echo "๐Ÿ”‘ Connecting to Hostinger VPS..." +# Use sshpass if key is not available +if [ -f "$SSH_KEY" ]; then + SSH_CMD="ssh -p ${REMOTE_PORT} -i ${SSH_KEY} ${REMOTE_USER}@${REMOTE_HOST}" + SCP_CMD="scp -P ${REMOTE_PORT} -i ${SSH_KEY}" +else + echo "Using password authentication (SSH key not found)" + SSH_CMD="sshpass -p 'Phenom12#.' ssh -p ${REMOTE_PORT} ${REMOTE_USER}@${REMOTE_HOST}" + SCP_CMD="sshpass -p 'Phenom12#.' scp -P ${REMOTE_PORT}" +fi + +echo "๐Ÿ“ Creating deployment directory on server..." +$SSH_CMD "mkdir -p /opt/littleshop" + +echo "โฌ†๏ธ Uploading deployment package..." +$SCP_CMD littleshop-deployment.tar.gz ${REMOTE_USER}@${REMOTE_HOST}:/opt/littleshop/ + +echo "๐Ÿ”ง Deploying on server..." +$SSH_CMD << 'REMOTE_SCRIPT' +cd /opt/littleshop + +# Extract deployment package +echo "๐Ÿ“ฆ Extracting deployment package..." +tar xzf littleshop-deployment.tar.gz + +# Load Docker image +echo "๐Ÿณ Loading Docker image..." +docker load < littleshop-docker.tar.gz + +# Login to local registry +echo "๐Ÿ” Logging in to Docker registry..." +docker login localhost:5000 -u admin -p Thefa1r1esd1d1t + +# Tag and push to local registry +echo "๐Ÿ“ค Pushing to local registry..." +docker tag littleshop:latest localhost:5000/littleshop:latest +docker push localhost:5000/littleshop:latest + +# Create data directories +echo "๐Ÿ“ Creating data directories..." +mkdir -p /opt/littleshop/data +mkdir -p /opt/littleshop/uploads +mkdir -p /opt/littleshop/logs +chmod 755 /opt/littleshop/data +chmod 755 /opt/littleshop/uploads +chmod 755 /opt/littleshop/logs + +# Stop existing container if running +echo "๐Ÿ›‘ Stopping existing container..." +docker stop littleshop-admin 2>/dev/null || true +docker rm littleshop-admin 2>/dev/null || true + +# Deploy with docker-compose +echo "๐Ÿš€ Starting LittleShop..." +docker-compose -f docker-compose.hostinger.yml up -d + +# Wait for container to be healthy +echo "โณ Waiting for container to be healthy..." +for i in {1..30}; do + if docker inspect --format='{{.State.Health.Status}}' littleshop-admin 2>/dev/null | grep -q healthy; then + echo "โœ… Container is healthy!" + break + fi + echo -n "." + sleep 2 +done + +# Configure BunkerWeb +echo "๐Ÿ”’ Configuring BunkerWeb reverse proxy..." +# Check if BunkerWeb configuration exists +if [ -f /opt/bunkerweb/configs/admin.thebankofdebbie.giize.com.conf ]; then + echo "BunkerWeb configuration already exists" +else + cat > /opt/bunkerweb/configs/admin.thebankofdebbie.giize.com.conf << 'EOF' +server { + server_name admin.thebankofdebbie.giize.com; + + location / { + proxy_pass http://littleshop-admin:5000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # WebSocket support for SignalR + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + # Timeouts + proxy_connect_timeout 60s; + proxy_send_timeout 60s; + proxy_read_timeout 60s; + } +} +EOF +fi + +# Reload BunkerWeb +docker exec bunkerweb nginx -s reload 2>/dev/null || true + +# Show status +echo "๐Ÿ“Š Deployment Status:" +docker ps | grep littleshop-admin + +echo "๐ŸŒ Testing connectivity..." +curl -s -o /dev/null -w "%{http_code}" http://localhost:5100/api/catalog/products || echo "Local test failed" + +REMOTE_SCRIPT + +echo "๐Ÿงน Cleaning up local files..." +rm -f littleshop-docker.tar.gz littleshop-deployment.tar.gz + +echo "โœ… Deployment complete!" +echo "======================================" +echo "Admin Panel: https://admin.thebankofdebbie.giize.com" +echo "API Docs: https://admin.thebankofdebbie.giize.com/swagger" +echo "Default login: admin / Thefa1r1esd1d1t" +echo "" +echo "SilverPay API: https://pay.thebankofdebbie.giize.com" +echo "======================================" \ No newline at end of file diff --git a/docker-compose.hostinger.yml b/docker-compose.hostinger.yml index 045a147..3a098b2 100644 --- a/docker-compose.hostinger.yml +++ b/docker-compose.hostinger.yml @@ -1,123 +1,71 @@ version: '3.8' services: - # LittleShop Main Application littleshop: - build: . - image: littleshop:latest - container_name: littleshop + image: localhost:5000/littleshop:latest + container_name: littleshop-admin restart: unless-stopped - environment: - - ASPNETCORE_ENVIRONMENT=Hostinger - - ASPNETCORE_URLS=http://+:8080 - # BTCPay Configuration - pointing to Hostinger BTCPay - - BTCPayServer__BaseUrl=https://thebankofdebbie.giize.com - - BTCPayServer__ApiKey=${BTCPAY_API_KEY:-994589c8b514531f867dd24c83a02b6381a5f4a2} - - BTCPayServer__StoreId=${BTCPAY_STORE_ID:-AoxXjM9NJT6P9C1MErkaawXaSchz8sFPYdQ9FyhmQz33} - - BTCPayServer__WebhookSecret=${BTCPAY_WEBHOOK_SECRET} - # Database - - ConnectionStrings__DefaultConnection=Data Source=/app/data/littleshop.db - # JWT - - Jwt__Key=${JWT_SECRET_KEY:-YourSuperSecretKeyThatIsAtLeast32CharactersLong!} - volumes: - - littleshop_data:/app/data - - littleshop_uploads:/app/wwwroot/uploads - - littleshop_logs:/app/logs ports: - - "8080:8080" - networks: - - littleshop-network - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8080/health"] - interval: 30s - timeout: 10s - retries: 3 - start_period: 60s - - # TeleBot Telegram Bot - telebot: - build: - context: . - dockerfile: TeleBot/TeleBot/Dockerfile - container_name: littleshop-telebot - restart: unless-stopped + - "127.0.0.1:5100:5000" # Local only, BunkerWeb will proxy environment: - - DOTNET_ENVIRONMENT=Production - - TZ=UTC - # Telegram Bot Configuration - - Telegram__BotToken=${TELEGRAM_BOT_TOKEN} - - Telegram__AdminChatId=${TELEGRAM_ADMIN_CHAT_ID} - - Telegram__UseWebhook=false - # LittleShop API Configuration - pointing to local container - - LittleShop__ApiUrl=http://littleshop:8080 - - LittleShop__Username=${LITTLESHOP_USERNAME:-admin} - - LittleShop__Password=${LITTLESHOP_PASSWORD:-admin} - - LittleShop__UseTor=false - - LittleShop__BrandName=${BRAND_NAME:-Little Shop} - # Privacy Settings - - Privacy__Mode=strict - - Privacy__DataRetentionHours=24 - - Privacy__SessionTimeoutMinutes=30 - - Privacy__EnableAnalytics=false - - Privacy__EphemeralByDefault=true - - Privacy__EnableTor=false - # Database Configuration - - Database__ConnectionString=Filename=/app/data/telebot.db;Password=; - - Database__EncryptionKey=${DATABASE_ENCRYPTION_KEY:-CHANGE_THIS_KEY_IN_PRODUCTION} - # Features - - Features__EnableQRCodes=true - - Features__EnablePGPEncryption=true - - Features__EnableDisappearingMessages=true - # Redis (optional) - - Redis__Enabled=${REDIS_ENABLED:-false} - - Redis__ConnectionString=redis:6379 - # Hangfire (optional) - - Hangfire__Enabled=${HANGFIRE_ENABLED:-false} + - ASPNETCORE_ENVIRONMENT=Production + - ASPNETCORE_URLS=http://+:5000 + - ConnectionStrings__DefaultConnection=Data Source=/app/data/littleshop-production.db + + # JWT Configuration - Production Secret + - Jwt__Key=ff34ur340uifoisdjf03uur283hr238n9978sdfgb82rn8dh_LittleShop2025 + - Jwt__Issuer=LittleShop-Production + - Jwt__Audience=LittleShop-Production + - Jwt__ExpiryInHours=24 + + # SilverPay Configuration (pay.thebankofdebbie.giize.com) + - SilverPay__BaseUrl=http://silverpay-api:8001 # Internal Docker network + - SilverPay__PublicUrl=https://pay.thebankofdebbie.giize.com + - SilverPay__ApiKey=7703aa7a62fa4b40a87e9cfd867f5407147515c0986116ea54fc00c0a0bc30d8 + - SilverPay__WebhookSecret=Thefa1r1esd1d1twebhooks2024 + - SilverPay__DefaultWebhookUrl=https://admin.thebankofdebbie.giize.com/api/orders/payments/webhook + - SilverPay__AllowUnsignedWebhooks=false + + # Admin Credentials (for initial setup) + - AdminUser__Username=admin + - AdminUser__Password=Thefa1r1esd1d1t + + # Royal Mail Settings (if needed) + - RoyalMail__ClientId= + - RoyalMail__ClientSecret= + + # WebPush Notifications + - WebPush__VapidPublicKey=BMc6fFJZ8oIQKQzcl3kMnP9tTsjrm3oI_VxLt3lAGYUMWGInzDKn7jqclEoZzjvXy1QXGFb3dIun8mVBwh-QuS4 + - WebPush__VapidPrivateKey=dYuuagbz2CzCnPDFUpO_qkGLBgnN3MEFZQnjXNkc1MY + - WebPush__Subject=mailto:admin@thebankofdebbie.giize.com + volumes: - - telebot_data:/app/data - - telebot_logs:/app/logs + - /opt/littleshop/data:/app/data + - /opt/littleshop/uploads:/app/wwwroot/uploads + - /opt/littleshop/logs:/app/logs networks: - - littleshop-network - depends_on: - - littleshop - - redis + - bridge # Use default bridge to communicate with other containers healthcheck: - test: ["CMD", "pgrep", "-f", "dotnet.*TeleBot"] + test: ["CMD", "curl", "-f", "http://localhost:5000/api/catalog/products"] interval: 30s timeout: 10s retries: 3 start_period: 60s - - # Redis Cache (Optional) - redis: - image: redis:7-alpine - container_name: littleshop-redis - restart: unless-stopped - command: redis-server --requirepass ${REDIS_PASSWORD:-RedisPassword123} - volumes: - - redis_data:/data - networks: - - littleshop-network - healthcheck: - test: ["CMD", "redis-cli", "--raw", "incr", "ping"] - interval: 30s - timeout: 3s - retries: 5 - -volumes: - littleshop_data: - driver: local - littleshop_uploads: - driver: local - littleshop_logs: - driver: local - telebot_data: - driver: local - telebot_logs: - driver: local - redis_data: - driver: local + logging: + driver: "json-file" + options: + max-size: "10m" + max-file: "3" + labels: + # BunkerWeb labels for reverse proxy + - "bunkerweb.AUTOCONF=yes" + - "bunkerweb.SERVER_NAME=admin.thebankofdebbie.giize.com" + - "bunkerweb.USE_REVERSE_PROXY=yes" + - "bunkerweb.REVERSE_PROXY_URL=/" + - "bunkerweb.REVERSE_PROXY_HOST=http://littleshop-admin:5000" + - "bunkerweb.AUTO_LETS_ENCRYPT=yes" + - "bunkerweb.USE_MODSECURITY=yes" networks: - littleshop-network: - driver: bridge \ No newline at end of file + bridge: + external: true \ No newline at end of file