Init Gitea

2025-10-06 21:31:13 +09:00
commit c879b8de12
60 changed files with 41314 additions and 0 deletions
--- a/etc/Readme.txt
+++ b/etc/Readme.txt
@@ -0,0 +1,20 @@
+* How to CICD to servers by git
+
+** Create empty git repo on each server
+mkdir -p ~/cicd/sisai-world-cicd.git
+cd ~/cicd/sisai-world-cicd.git
+git init --bare
+
+** Copy svr_git_hooks_post-receive to ~/cicd/sisai-world-cicd.git/hooks/ on server
+** Edit to fit server env and rename to post-receive
+** chmod +x post-receive
+
+** Edit and test code locally
+
+** run deploy_XX.sh
+
+**(Option)the first time may have to copy and edit .env file on servers
+
+* Start node.js: 
+pm2 start app.js --name sisai
+
--- a/etc/deploy_37.sh
+++ b/etc/deploy_37.sh
@@ -0,0 +1,28 @@
+# Define the path you want to deploy
+DEPLOY_PATH="/Users/dqj/HDD/amiProProjects/amiprorepo/sisai-world"
+
+# Create a temporary directory
+TEMP_DIR=$(mktemp -d)
+
+# Copy the specific path to the temporary directory
+cp -r $DEPLOY_PATH/* $TEMP_DIR
+
+# Navigate to the temporary directory
+cd $TEMP_DIR
+
+# Initialize a new Git repository
+git init
+
+# Add all files to the repository
+git add .
+
+# Commit the changes
+git commit -m "Deploy sisai world"
+
+# Add remote server repository
+git remote add server ssh://centos@133.242.134.37/~/cicd/sisai-world-cicd.git
+
+# Push the code to the remote server
+git push --force server main
+
+rm -rf $TEMP_DIR
--- a/etc/deploy_cluster.sh
+++ b/etc/deploy_cluster.sh
@@ -0,0 +1,30 @@
+# Define the path you want to deploy
+DEPLOY_PATH="/Users/dqj/HDD/amiProProjects/amiprorepo/sisai-world"
+
+# Create a temporary directory
+TEMP_DIR=$(mktemp -d)
+
+# Copy the specific path to the temporary directory
+cp -r $DEPLOY_PATH/* $TEMP_DIR
+
+# Navigate to the temporary directory
+cd $TEMP_DIR
+
+# Initialize a new Git repository
+git init
+
+# Add all files to the repository
+git add .
+
+# Commit the changes
+git commit -m "Deploy sisai world"
+
+# Add remote server repository
+git remote add server1 ssh://centos@153.127.28.185/~/cicd/sisai-world-cicd.git
+git remote add server2 ssh://centos@133.242.149.212/~/cicd/sisai-world-cicd.git
+
+# Push the code to the remote server
+git push --force server1 main
+git push --force server2 main
+
+rm -rf $TEMP_DIR
--- a/etc/nginx.conf
+++ b/etc/nginx.conf
@@ -0,0 +1,388 @@
+# For more information on configuration, see:
+#   * Official English Documentation: http://nginx.org/en/docs/
+#   * Official Russian Documentation: http://nginx.org/ru/docs/
+
+user nginx;
+worker_processes auto;
+error_log /var/log/nginx/error.log notice;
+pid /run/nginx.pid;
+
+# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
+include /usr/share/nginx/modules/*.conf;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile            on;
+    tcp_nopush          on;
+    keepalive_timeout   65;
+    types_hash_max_size 4096;
+
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+    # Load modular configuration files from the /etc/nginx/conf.d directory.
+    # See http://nginx.org/en/docs/ngx_core_module.html#include
+    # for more information.
+    include /etc/nginx/conf.d/*.conf;
+
+    upstream sisai_nodejs {
+        ip_hash;
+        server 153.127.28.185:6066 weight=3;
+        server 133.242.149.212:6066 weight=2;
+    }
+
+    upstream nodejs {
+	ip_hash;
+        server 153.127.28.185:8060 weight=3;
+        server 133.242.149.212:8060 weight=2;
+    }
+	
+    server {
+        server_name  test.sisai.world;
+        root         /usr/share/nginx/html;
+
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        error_page 404 /404.html;
+        location = /404.html {
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+        }
+  	
+	proxy_buffering off;
+
+        location / {
+            allow all;
+
+		add_header Access-Control-Allow-Origin "*";
+	        add_header Access-Control-Allow-Methods "POST, GET, OPTIONS";
+        	add_header Access-Control-Allow-Headers "Origin, Authorization, Accept";
+        	add_header Access-Control-Allow-Credentials true;
+
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        	proxy_set_header Host $http_host;
+        	proxy_redirect off;
+        	proxy_hide_header 'Access-Control-Allow-Origin';
+
+                proxy_cookie_path ~*^/.* /;
+                proxy_pass          http://localhost:8066/;
+        } 
+ 
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/sisai.world/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/sisai.world/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}  
+  
+  server {
+        server_name  sisai.world;
+        root         /usr/share/nginx/html;
+
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        error_page 404 /404.html;
+        location = /404.html {
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+        }
+
+	proxy_buffering off;
+
+        location / {
+                allow all;
+
+                add_header Access-Control-Allow-Origin "*";
+                add_header Access-Control-Allow-Methods "POST, GET, OPTIONS";
+                add_header Access-Control-Allow-Headers "Origin, Authorization, Accept";
+                add_header Access-Control-Allow-Credentials true;
+
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header Host $http_host;
+                proxy_redirect off;
+                proxy_hide_header 'Access-Control-Allow-Origin';
+
+                proxy_cookie_path ~*^/.* /;
+                proxy_pass     http://sisai_nodejs;  #   http://localhost:8060/;
+        }   
+  
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/sisai.world/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/sisai.world/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+
+  server {
+        server_name  fido2.amipro.me;
+        root         /usr/share/nginx/html;
+
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        error_page 404 /404.html;
+        location = /404.html {
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+        }
+	
+	location /.well-known {
+		alias /usr/share/nginx/html/sample-site/.well-known;
+    	}
+
+        location / {
+                allow all;
+
+		    add_header Access-Control-Allow-Origin "*";
+	        add_header Access-Control-Allow-Methods "POST, GET, OPTIONS";
+        	add_header Access-Control-Allow-Headers "Origin, Authorization, Accept";
+        	add_header Access-Control-Allow-Credentials true;
+
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        	proxy_set_header Host $http_host;
+        	proxy_redirect off;
+        	proxy_hide_header 'Access-Control-Allow-Origin';
+
+                proxy_cookie_path ~*^/.* /;
+                proxy_pass     http://nodejs;  #   http://localhost:8060/;
+        }    
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/fido2.amipro.me/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/fido2.amipro.me/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}
+
+    server {
+        server_name  sample.amipro.me;
+        root         /usr/share/nginx/html/sample-site;
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        error_page 404 /404.html;
+        location = /404.html {
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+        }
+    
+	location / {
+                allow all;
+		index login.html;
+	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/fido2.amipro.me/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/fido2.amipro.me/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+
+    server {
+        server_name  portal.amipro.me;
+        root         /usr/share/nginx/html;
+
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        error_page 404 /404.html;
+        location = /404.html {
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+        }
+
+        location / {
+            allow all;
+
+		    add_header Access-Control-Allow-Origin "*";
+	        add_header Access-Control-Allow-Methods "POST, GET, OPTIONS";
+        	add_header Access-Control-Allow-Headers "Origin, Authorization, Accept";
+        	add_header Access-Control-Allow-Credentials true;
+
+		    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        	proxy_set_header Host $http_host;
+        	proxy_redirect off;
+        	proxy_hide_header 'Access-Control-Allow-Origin';
+
+                proxy_cookie_path ~*^/.* /;
+                proxy_pass          http://localhost:8065/;
+        }
+
+    
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/fido2.amipro.me/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/fido2.amipro.me/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+
+    server {
+        server_name  test.amipro.me;
+        root         /usr/share/nginx/html/sample-site; #/usr/share/nginx/html; #/home/centos/test_sites;
+
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        error_page 404 /404.html;
+        location = /404.html {
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+        }
+
+    	location /.well-known {
+        	alias /usr/share/nginx/html/sample-site/.well-known;
+        }
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/fido2.amipro.me/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/fido2.amipro.me/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+    
+}
+
+
+
+# Settings for a TLS enabled server.
+#
+#    server {
+#        listen       443 ssl http2;
+#        listen       [::]:443 ssl http2;
+#        server_name  _;
+#        root         /usr/share/nginx/html;
+#
+#        ssl_certificate "/etc/pki/nginx/server.crt";
+#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
+#        ssl_session_cache shared:SSL:1m;
+#        ssl_session_timeout  10m;
+#        ssl_ciphers PROFILE=SYSTEM;
+#        ssl_prefer_server_ciphers on;
+#
+#        # Load configuration files for the default server block.
+#        include /etc/nginx/default.d/*.conf;
+#
+#        error_page 404 /404.html;
+#        location = /404.html {
+#        }
+#
+#        error_page 500 502 503 504 /50x.html;
+#        location = /50x.html {
+#        }
+#    }
+
+    server {
+    if ($host = fido2.amipro.me) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    server_name  fido2.amipro.me;
+    listen 80;
+    return 404; # managed by Certbot
+    }
+
+    server {
+    if ($host = test.amipro.me) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    #if ($host = test.amipro.me) {
+    #    return 301 https://$host$request_uri;
+    #} # managed by Certbot
+
+
+    server_name  test.amipro.me;
+    listen 80;
+    #return 404; # managed by Certbot
+    
+
+}
+
+
+    server {
+    if ($host = portal.amipro.me) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+        server_name  portal.amipro.me;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
+
+    server {
+    if ($host = sample.amipro.me) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+        server_name  sample.amipro.me;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
+	
+    server {
+    if ($host = sisai.world) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+        server_name  sisai.world;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}  
+  
+  server {
+    if ($host = sisai.world) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+        server_name  sisai.world;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}}
+
--- a/etc/svr_git_hooks_post-receive
+++ b/etc/svr_git_hooks_post-receive
@@ -0,0 +1,15 @@
+# Git hooks in server's ~/your-app.git/hooks/post-receive
+#!/bin/bash
+
+TARGET_DIR=~/sisai-world
+GIT_DIR=~/cicd/sisai-world-cicd.git
+BRANCH=main
+
+# Checkout the code to the target directory
+git --work-tree=$TARGET_DIR --git-dir=$GIT_DIR checkout -f $BRANCH
+
+# Navigate to the target directory
+cd $TARGET_DIR
+
+# Our code support hot reload, refer 'Hot reload support' in process.js
+