# 🚀 LuckyChit Deployment Guide for Proxmox LXC Complete step-by-step guide to deploy your LuckyChit application on Proxmox LXC container. ## 📋 Table of Contents 1. [Create LXC Container](#1-create-lxc-container) 2. [Initial Setup](#2-initial-setup) 3. [Install Prerequisites](#3-install-prerequisites) 4. [Deploy Backend (Node.js API)](#4-deploy-backend-nodejs-api) 5. [Deploy Frontend (Flutter Web)](#5-deploy-frontend-flutter-web) 6. [Configure Nginx](#6-configure-nginx) 7. [Setup Process Manager (PM2)](#7-setup-process-manager-pm2) 8. [Configure Firewall](#8-configure-firewall) 9. [Enable SSL (Optional)](#9-enable-ssl-optional) 10. [Monitoring & Maintenance](#10-monitoring--maintenance) --- ## 1. Create LXC Container ### On Proxmox Host: ```bash # Create Ubuntu 22.04 LXC container pct create 100 local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst \ --hostname luckychit \ --memory 2048 \ --swap 512 \ --cores 2 \ --net0 name=eth0,bridge=vmbr0,ip=dhcp \ --storage local-lvm \ --rootfs local-lvm:8 \ --unprivileged 1 \ --features nesting=1 # Start the container pct start 100 # Enter the container pct enter 100 ``` **Note:** Adjust container ID (100), memory, and network settings based on your environment. --- ## 2. Initial Setup ### Update System ```bash apt update && apt upgrade -y apt install -y curl wget git nano ufw ``` ### Create Application User ```bash # Create a user for running the application adduser --disabled-password --gecos "" luckychit usermod -aG sudo luckychit # Switch to the new user su - luckychit ``` --- ## 3. Install Prerequisites ### Install Node.js (v20 LTS) ```bash # Install Node.js via NodeSource curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - sudo apt install -y nodejs # Verify installation node --version # Should show v20.x.x npm --version ``` ### Install PostgreSQL ```bash # Install PostgreSQL sudo apt install -y postgresql postgresql-contrib # Start and enable PostgreSQL sudo systemctl start postgresql sudo systemctl enable postgresql # Verify PostgreSQL is running sudo systemctl status postgresql ``` ### Configure PostgreSQL ```bash # Switch to postgres user sudo -u postgres psql # In PostgreSQL prompt, run: CREATE DATABASE luckychit; CREATE USER luckychit WITH PASSWORD 'your_secure_password_here'; GRANT ALL PRIVILEGES ON DATABASE luckychit TO luckychit; \q ``` ### Install Nginx ```bash sudo apt install -y nginx sudo systemctl start nginx sudo systemctl enable nginx ``` ### Install PM2 (Process Manager) ```bash sudo npm install -g pm2 ``` ### Install Flutter (for building web app) ```bash # Install Flutter dependencies sudo apt install -y clang cmake ninja-build pkg-config libgtk-3-dev # Download Flutter cd /opt sudo git clone https://github.com/flutter/flutter.git -b stable sudo chown -R luckychit:luckychit /opt/flutter # Add Flutter to PATH echo 'export PATH="$PATH:/opt/flutter/bin"' >> ~/.bashrc source ~/.bashrc # Verify Flutter installation flutter doctor # Enable Flutter web flutter config --enable-web ``` --- ## 4. Deploy Backend (Node.js API) ### Clone or Upload Your Project ```bash # Create application directory mkdir -p /home/luckychit/apps cd /home/luckychit/apps # Option 1: Clone from Git git clone chitfund cd chitfund/backend # Option 2: Upload via SCP (from your local machine) # scp -r C:\Users\sunde\workspace\chitfund luckychit@:/home/luckychit/apps/ ``` ### Configure Backend ```bash cd /home/luckychit/apps/chitfund/backend # Copy environment file cp env.example .env # Edit .env file with production settings nano .env ``` **Edit `.env` file:** ```env # Server Configuration NODE_ENV=production PORT=3000 # Database Configuration DB_HOST=localhost DB_PORT=5432 DB_NAME=luckychit DB_USER=luckychit DB_PASSWORD=your_secure_password_here DATABASE_URL=postgresql://luckychit:your_secure_password_here@localhost:5432/luckychit # JWT Configuration (CHANGE THIS!) JWT_SECRET=your-super-secure-random-jwt-secret-minimum-32-characters-long JWT_EXPIRES_IN=24h # CORS Configuration (Update with your domain) ALLOWED_ORIGINS=https://yourdomain.com,http://yourdomain.com # Rate Limiting RATE_LIMIT_WINDOW_MS=900000 RATE_LIMIT_MAX_REQUESTS=100 # Logging LOG_LEVEL=info ``` ### Install Dependencies and Initialize Database ```bash # Install Node.js dependencies npm install --production # Test database connection node test-db-connection.js # Initialize database node create-db.js ``` ### Test Backend ```bash # Start backend temporarily npm start # In another terminal, test the health endpoint curl http://localhost:3000/health # If working, stop it (Ctrl+C) - we'll use PM2 next ``` --- ## 5. Deploy Frontend (Flutter Web) ### Build Flutter Web App ```bash cd /home/luckychit/apps/chitfund/luckychit # Get dependencies flutter pub get # Update API endpoint in your Flutter app # Edit lib/core/constants/api_constants.dart or similar file nano lib/core/network/api_client.dart # Build for web flutter build web --release # The built files will be in build/web/ ``` **Note:** Make sure to update the API base URL in your Flutter app to point to your server's domain or IP before building. ### Deploy Web Files ```bash # Create web directory sudo mkdir -p /var/www/luckychit # Copy built files sudo cp -r build/web/* /var/www/luckychit/ # Set permissions sudo chown -R www-data:www-data /var/www/luckychit ``` --- ## 6. Configure Nginx ### Create Nginx Configuration ```bash sudo nano /etc/nginx/sites-available/luckychit ``` **Add this configuration:** ```nginx # Backend API Server server { listen 80; server_name api.yourdomain.com; # Or use your IP # Security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; # API reverse proxy location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # Timeouts proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; } # Health check endpoint location /health { proxy_pass http://localhost:3000/health; access_log off; } } # Frontend Web App server { listen 80; server_name yourdomain.com www.yourdomain.com; # Or use your IP root /var/www/luckychit; index index.html; # Security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; # Gzip compression gzip on; gzip_vary on; gzip_min_length 1024; gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss application/javascript application/json; # Flutter web app routing location / { try_files $uri $uri/ /index.html; } # Cache static assets location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { expires 1y; add_header Cache-Control "public, immutable"; } # Don't cache index.html location = /index.html { add_header Cache-Control "no-cache, no-store, must-revalidate"; } } ``` ### Enable Site and Test ```bash # Enable the site sudo ln -s /etc/nginx/sites-available/luckychit /etc/nginx/sites-enabled/ # Remove default site sudo rm /etc/nginx/sites-enabled/default # Test Nginx configuration sudo nginx -t # Reload Nginx sudo systemctl reload nginx ``` --- ## 7. Setup Process Manager (PM2) ### Create PM2 Ecosystem File ```bash cd /home/luckychit/apps/chitfund/backend nano ecosystem.config.js ``` **Add this configuration:** ```javascript module.exports = { apps: [{ name: 'luckychit-api', script: 'src/server.js', cwd: '/home/luckychit/apps/chitfund/backend', instances: 2, // Use 2 instances for load balancing exec_mode: 'cluster', env: { NODE_ENV: 'production', }, error_file: '/home/luckychit/logs/api-error.log', out_file: '/home/luckychit/logs/api-out.log', log_file: '/home/luckychit/logs/api-combined.log', time: true, autorestart: true, max_memory_restart: '500M', watch: false, }] }; ``` ### Create Log Directory ```bash mkdir -p /home/luckychit/logs ``` ### Start Application with PM2 ```bash cd /home/luckychit/apps/chitfund/backend # Start application pm2 start ecosystem.config.js # Check status pm2 status # View logs pm2 logs luckychit-api # Setup PM2 to start on system boot pm2 startup systemd -u luckychit --hp /home/luckychit # Run the command it outputs # Save PM2 configuration pm2 save ``` ### PM2 Useful Commands ```bash # Status pm2 status # Logs pm2 logs pm2 logs luckychit-api --lines 100 # Restart pm2 restart luckychit-api # Stop pm2 stop luckychit-api # Monitor pm2 monit # Reload (zero-downtime restart) pm2 reload luckychit-api ``` --- ## 8. Configure Firewall ```bash # Enable UFW sudo ufw enable # Allow SSH (IMPORTANT!) sudo ufw allow 22/tcp # Allow HTTP and HTTPS sudo ufw allow 80/tcp sudo ufw allow 443/tcp # Check status sudo ufw status # Enable firewall sudo ufw enable ``` --- ## 9. Enable SSL (Optional but Recommended) ### Using Let's Encrypt (Free SSL) ```bash # Install Certbot sudo apt install -y certbot python3-certbot-nginx # Get SSL certificate (replace with your domain) sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com -d api.yourdomain.com # Test auto-renewal sudo certbot renew --dry-run ``` The Certbot will automatically update your Nginx configuration to use HTTPS. --- ## 10. Monitoring & Maintenance ### Check Application Status ```bash # PM2 status pm2 status # Nginx status sudo systemctl status nginx # PostgreSQL status sudo systemctl status postgresql # View backend logs pm2 logs luckychit-api # View Nginx access logs sudo tail -f /var/log/nginx/access.log # View Nginx error logs sudo tail -f /var/log/nginx/error.log ``` ### Database Backup Script ```bash # Create backup directory mkdir -p /home/luckychit/backups # Create backup script nano /home/luckychit/backup-db.sh ``` **Add this content:** ```bash #!/bin/bash BACKUP_DIR="/home/luckychit/backups" DATE=$(date +%Y%m%d_%H%M%S) FILENAME="luckychit_backup_$DATE.sql" pg_dump -U luckychit -h localhost luckychit > "$BACKUP_DIR/$FILENAME" gzip "$BACKUP_DIR/$FILENAME" # Keep only last 7 days of backups find $BACKUP_DIR -name "luckychit_backup_*.sql.gz" -mtime +7 -delete echo "Backup completed: $FILENAME.gz" ``` ```bash # Make it executable chmod +x /home/luckychit/backup-db.sh # Add to crontab for daily backups at 2 AM crontab -e # Add this line: 0 2 * * * /home/luckychit/backup-db.sh ``` ### Update Application ```bash # Navigate to backend cd /home/luckychit/apps/chitfund/backend # Pull latest changes (if using Git) git pull # Install any new dependencies npm install --production # Reload application with zero downtime pm2 reload luckychit-api # For frontend updates cd /home/luckychit/apps/chitfund/luckychit git pull flutter pub get flutter build web --release sudo cp -r build/web/* /var/www/luckychit/ ``` ### Monitor Resources ```bash # View system resources htop # View disk usage df -h # View memory usage free -h # View PM2 monitoring pm2 monit ``` --- ## 📱 Access Your Application After deployment: - **Frontend:** `http://your-server-ip` or `http://yourdomain.com` - **Backend API:** `http://your-server-ip:3000` or `http://api.yourdomain.com` - **Health Check:** `http://your-server-ip/health` --- ## 🔧 Troubleshooting ### Backend Not Starting ```bash # Check logs pm2 logs luckychit-api # Check if port 3000 is in use sudo netstat -tulpn | grep 3000 # Test database connection cd /home/luckychit/apps/chitfund/backend node test-db-connection.js # Check .env file cat .env ``` ### Nginx Errors ```bash # Test configuration sudo nginx -t # Check error logs sudo tail -f /var/log/nginx/error.log # Restart Nginx sudo systemctl restart nginx ``` ### Database Issues ```bash # Check PostgreSQL status sudo systemctl status postgresql # Restart PostgreSQL sudo systemctl restart postgresql # Connect to database psql -U luckychit -d luckychit -h localhost # Check database logs sudo tail -f /var/log/postgresql/postgresql-14-main.log ``` ### Can't Access from Outside ```bash # Check firewall sudo ufw status # Check if services are listening sudo netstat -tulpn | grep :80 sudo netstat -tulpn | grep :3000 # Check Nginx is running sudo systemctl status nginx ``` --- ## 🔐 Security Checklist - ✅ Change default PostgreSQL password - ✅ Use strong JWT secret (32+ characters) - ✅ Enable UFW firewall - ✅ Keep .env file secure (never commit to git) - ✅ Enable SSL/HTTPS with Let's Encrypt - ✅ Regular database backups - ✅ Keep system updated: `sudo apt update && sudo apt upgrade` - ✅ Monitor logs regularly - ✅ Use fail2ban to prevent brute force attacks (optional) --- ## 📚 Additional Resources - [Proxmox LXC Documentation](https://pve.proxmox.com/wiki/Linux_Container) - [PM2 Documentation](https://pm2.keymetrics.io/docs/usage/quick-start/) - [Nginx Documentation](https://nginx.org/en/docs/) - [Flutter Web Deployment](https://docs.flutter.dev/deployment/web) - [PostgreSQL Documentation](https://www.postgresql.org/docs/) --- ## 🆘 Need Help? Common issues: 1. **Port already in use:** Check with `sudo netstat -tulpn | grep ` 2. **Permission denied:** Check file ownership and permissions 3. **Cannot connect to database:** Verify PostgreSQL is running and credentials are correct 4. **404 errors:** Check Nginx configuration and file paths Good luck with your deployment! 🚀