14 KiB
14 KiB
🚀 LuckyChit Deployment Guide for Proxmox LXC
Complete step-by-step guide to deploy your LuckyChit application on Proxmox LXC container.
📋 Table of Contents
- Create LXC Container
- Initial Setup
- Install Prerequisites
- Deploy Backend (Node.js API)
- Deploy Frontend (Flutter Web)
- Configure Nginx
- Setup Process Manager (PM2)
- Configure Firewall
- Enable SSL (Optional)
- Monitoring & Maintenance
1. Create LXC Container
On Proxmox Host:
# Create Ubuntu 22.04 LXC container
pct create 100 local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst \
--hostname luckychit \
--memory 2048 \
--swap 512 \
--cores 2 \
--net0 name=eth0,bridge=vmbr0,ip=dhcp \
--storage local-lvm \
--rootfs local-lvm:8 \
--unprivileged 1 \
--features nesting=1
# Start the container
pct start 100
# Enter the container
pct enter 100
Note: Adjust container ID (100), memory, and network settings based on your environment.
2. Initial Setup
Update System
apt update && apt upgrade -y
apt install -y curl wget git nano ufw
Create Application User
# Create a user for running the application
adduser --disabled-password --gecos "" luckychit
usermod -aG sudo luckychit
# Switch to the new user
su - luckychit
3. Install Prerequisites
Install Node.js (v20 LTS)
# Install Node.js via NodeSource
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt install -y nodejs
# Verify installation
node --version # Should show v20.x.x
npm --version
Install PostgreSQL
# Install PostgreSQL
sudo apt install -y postgresql postgresql-contrib
# Start and enable PostgreSQL
sudo systemctl start postgresql
sudo systemctl enable postgresql
# Verify PostgreSQL is running
sudo systemctl status postgresql
Configure PostgreSQL
# Switch to postgres user
sudo -u postgres psql
# In PostgreSQL prompt, run:
CREATE DATABASE luckychit;
CREATE USER luckychit WITH PASSWORD 'your_secure_password_here';
GRANT ALL PRIVILEGES ON DATABASE luckychit TO luckychit;
\q
Install Nginx
sudo apt install -y nginx
sudo systemctl start nginx
sudo systemctl enable nginx
Install PM2 (Process Manager)
sudo npm install -g pm2
Install Flutter (for building web app)
# Install Flutter dependencies
sudo apt install -y clang cmake ninja-build pkg-config libgtk-3-dev
# Download Flutter
cd /opt
sudo git clone https://github.com/flutter/flutter.git -b stable
sudo chown -R luckychit:luckychit /opt/flutter
# Add Flutter to PATH
echo 'export PATH="$PATH:/opt/flutter/bin"' >> ~/.bashrc
source ~/.bashrc
# Verify Flutter installation
flutter doctor
# Enable Flutter web
flutter config --enable-web
4. Deploy Backend (Node.js API)
Clone or Upload Your Project
# Create application directory
mkdir -p /home/luckychit/apps
cd /home/luckychit/apps
# Option 1: Clone from Git
git clone <your-repo-url> chitfund
cd chitfund/backend
# Option 2: Upload via SCP (from your local machine)
# scp -r C:\Users\sunde\workspace\chitfund luckychit@<container-ip>:/home/luckychit/apps/
Configure Backend
cd /home/luckychit/apps/chitfund/backend
# Copy environment file
cp env.example .env
# Edit .env file with production settings
nano .env
Edit .env file:
# Server Configuration
NODE_ENV=production
PORT=3000
# Database Configuration
DB_HOST=localhost
DB_PORT=5432
DB_NAME=luckychit
DB_USER=luckychit
DB_PASSWORD=your_secure_password_here
DATABASE_URL=postgresql://luckychit:your_secure_password_here@localhost:5432/luckychit
# JWT Configuration (CHANGE THIS!)
JWT_SECRET=your-super-secure-random-jwt-secret-minimum-32-characters-long
JWT_EXPIRES_IN=24h
# CORS Configuration (Update with your domain)
ALLOWED_ORIGINS=https://yourdomain.com,http://yourdomain.com
# Rate Limiting
RATE_LIMIT_WINDOW_MS=900000
RATE_LIMIT_MAX_REQUESTS=100
# Logging
LOG_LEVEL=info
Install Dependencies and Initialize Database
# Install Node.js dependencies
npm install --production
# Test database connection
node test-db-connection.js
# Initialize database
node create-db.js
Test Backend
# Start backend temporarily
npm start
# In another terminal, test the health endpoint
curl http://localhost:3000/health
# If working, stop it (Ctrl+C) - we'll use PM2 next
5. Deploy Frontend (Flutter Web)
Build Flutter Web App
cd /home/luckychit/apps/chitfund/luckychit
# Get dependencies
flutter pub get
# Update API endpoint in your Flutter app
# Edit lib/core/constants/api_constants.dart or similar file
nano lib/core/network/api_client.dart
# Build for web
flutter build web --release
# The built files will be in build/web/
Note: Make sure to update the API base URL in your Flutter app to point to your server's domain or IP before building.
Deploy Web Files
# Create web directory
sudo mkdir -p /var/www/luckychit
# Copy built files
sudo cp -r build/web/* /var/www/luckychit/
# Set permissions
sudo chown -R www-data:www-data /var/www/luckychit
6. Configure Nginx
Create Nginx Configuration
sudo nano /etc/nginx/sites-available/luckychit
Add this configuration:
# Backend API Server
server {
listen 80;
server_name api.yourdomain.com; # Or use your IP
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
# API reverse proxy
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Timeouts
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
# Health check endpoint
location /health {
proxy_pass http://localhost:3000/health;
access_log off;
}
}
# Frontend Web App
server {
listen 80;
server_name yourdomain.com www.yourdomain.com; # Or use your IP
root /var/www/luckychit;
index index.html;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
# Gzip compression
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css text/xml text/javascript
application/x-javascript application/xml+rss
application/javascript application/json;
# Flutter web app routing
location / {
try_files $uri $uri/ /index.html;
}
# Cache static assets
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 1y;
add_header Cache-Control "public, immutable";
}
# Don't cache index.html
location = /index.html {
add_header Cache-Control "no-cache, no-store, must-revalidate";
}
}
Enable Site and Test
# Enable the site
sudo ln -s /etc/nginx/sites-available/luckychit /etc/nginx/sites-enabled/
# Remove default site
sudo rm /etc/nginx/sites-enabled/default
# Test Nginx configuration
sudo nginx -t
# Reload Nginx
sudo systemctl reload nginx
7. Setup Process Manager (PM2)
Create PM2 Ecosystem File
cd /home/luckychit/apps/chitfund/backend
nano ecosystem.config.js
Add this configuration:
module.exports = {
apps: [{
name: 'luckychit-api',
script: 'src/server.js',
cwd: '/home/luckychit/apps/chitfund/backend',
instances: 2, // Use 2 instances for load balancing
exec_mode: 'cluster',
env: {
NODE_ENV: 'production',
},
error_file: '/home/luckychit/logs/api-error.log',
out_file: '/home/luckychit/logs/api-out.log',
log_file: '/home/luckychit/logs/api-combined.log',
time: true,
autorestart: true,
max_memory_restart: '500M',
watch: false,
}]
};
Create Log Directory
mkdir -p /home/luckychit/logs
Start Application with PM2
cd /home/luckychit/apps/chitfund/backend
# Start application
pm2 start ecosystem.config.js
# Check status
pm2 status
# View logs
pm2 logs luckychit-api
# Setup PM2 to start on system boot
pm2 startup systemd -u luckychit --hp /home/luckychit
# Run the command it outputs
# Save PM2 configuration
pm2 save
PM2 Useful Commands
# Status
pm2 status
# Logs
pm2 logs
pm2 logs luckychit-api --lines 100
# Restart
pm2 restart luckychit-api
# Stop
pm2 stop luckychit-api
# Monitor
pm2 monit
# Reload (zero-downtime restart)
pm2 reload luckychit-api
8. Configure Firewall
# Enable UFW
sudo ufw enable
# Allow SSH (IMPORTANT!)
sudo ufw allow 22/tcp
# Allow HTTP and HTTPS
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
# Check status
sudo ufw status
# Enable firewall
sudo ufw enable
9. Enable SSL (Optional but Recommended)
Using Let's Encrypt (Free SSL)
# Install Certbot
sudo apt install -y certbot python3-certbot-nginx
# Get SSL certificate (replace with your domain)
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com -d api.yourdomain.com
# Test auto-renewal
sudo certbot renew --dry-run
The Certbot will automatically update your Nginx configuration to use HTTPS.
10. Monitoring & Maintenance
Check Application Status
# PM2 status
pm2 status
# Nginx status
sudo systemctl status nginx
# PostgreSQL status
sudo systemctl status postgresql
# View backend logs
pm2 logs luckychit-api
# View Nginx access logs
sudo tail -f /var/log/nginx/access.log
# View Nginx error logs
sudo tail -f /var/log/nginx/error.log
Database Backup Script
# Create backup directory
mkdir -p /home/luckychit/backups
# Create backup script
nano /home/luckychit/backup-db.sh
Add this content:
#!/bin/bash
BACKUP_DIR="/home/luckychit/backups"
DATE=$(date +%Y%m%d_%H%M%S)
FILENAME="luckychit_backup_$DATE.sql"
pg_dump -U luckychit -h localhost luckychit > "$BACKUP_DIR/$FILENAME"
gzip "$BACKUP_DIR/$FILENAME"
# Keep only last 7 days of backups
find $BACKUP_DIR -name "luckychit_backup_*.sql.gz" -mtime +7 -delete
echo "Backup completed: $FILENAME.gz"
# Make it executable
chmod +x /home/luckychit/backup-db.sh
# Add to crontab for daily backups at 2 AM
crontab -e
# Add this line:
0 2 * * * /home/luckychit/backup-db.sh
Update Application
# Navigate to backend
cd /home/luckychit/apps/chitfund/backend
# Pull latest changes (if using Git)
git pull
# Install any new dependencies
npm install --production
# Reload application with zero downtime
pm2 reload luckychit-api
# For frontend updates
cd /home/luckychit/apps/chitfund/luckychit
git pull
flutter pub get
flutter build web --release
sudo cp -r build/web/* /var/www/luckychit/
Monitor Resources
# View system resources
htop
# View disk usage
df -h
# View memory usage
free -h
# View PM2 monitoring
pm2 monit
📱 Access Your Application
After deployment:
- Frontend:
http://your-server-iporhttp://yourdomain.com - Backend API:
http://your-server-ip:3000orhttp://api.yourdomain.com - Health Check:
http://your-server-ip/health
🔧 Troubleshooting
Backend Not Starting
# Check logs
pm2 logs luckychit-api
# Check if port 3000 is in use
sudo netstat -tulpn | grep 3000
# Test database connection
cd /home/luckychit/apps/chitfund/backend
node test-db-connection.js
# Check .env file
cat .env
Nginx Errors
# Test configuration
sudo nginx -t
# Check error logs
sudo tail -f /var/log/nginx/error.log
# Restart Nginx
sudo systemctl restart nginx
Database Issues
# Check PostgreSQL status
sudo systemctl status postgresql
# Restart PostgreSQL
sudo systemctl restart postgresql
# Connect to database
psql -U luckychit -d luckychit -h localhost
# Check database logs
sudo tail -f /var/log/postgresql/postgresql-14-main.log
Can't Access from Outside
# Check firewall
sudo ufw status
# Check if services are listening
sudo netstat -tulpn | grep :80
sudo netstat -tulpn | grep :3000
# Check Nginx is running
sudo systemctl status nginx
🔐 Security Checklist
- ✅ Change default PostgreSQL password
- ✅ Use strong JWT secret (32+ characters)
- ✅ Enable UFW firewall
- ✅ Keep .env file secure (never commit to git)
- ✅ Enable SSL/HTTPS with Let's Encrypt
- ✅ Regular database backups
- ✅ Keep system updated:
sudo apt update && sudo apt upgrade - ✅ Monitor logs regularly
- ✅ Use fail2ban to prevent brute force attacks (optional)
📚 Additional Resources
- Proxmox LXC Documentation
- PM2 Documentation
- Nginx Documentation
- Flutter Web Deployment
- PostgreSQL Documentation
🆘 Need Help?
Common issues:
- Port already in use: Check with
sudo netstat -tulpn | grep <port> - Permission denied: Check file ownership and permissions
- Cannot connect to database: Verify PostgreSQL is running and credentials are correct
- 404 errors: Check Nginx configuration and file paths
Good luck with your deployment! 🚀