deepkoluguri
/
chitfund
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
chitfund/PROXMOX_DEPLOYMENT_GUIDE.md

712 lines
14 KiB
Markdown
Raw Blame History

# 🚀 LuckyChit Deployment Guide for Proxmox LXC
Complete step-by-step guide to deploy your LuckyChit application on Proxmox LXC container.
## 📋 Table of Contents
1. [Create LXC Container](#1-create-lxc-container)
2. [Initial Setup](#2-initial-setup)
3. [Install Prerequisites](#3-install-prerequisites)
4. [Deploy Backend (Node.js API)](#4-deploy-backend-nodejs-api)
5. [Deploy Frontend (Flutter Web)](#5-deploy-frontend-flutter-web)
6. [Configure Nginx](#6-configure-nginx)
7. [Setup Process Manager (PM2)](#7-setup-process-manager-pm2)
8. [Configure Firewall](#8-configure-firewall)
9. [Enable SSL (Optional)](#9-enable-ssl-optional)
10. [Monitoring & Maintenance](#10-monitoring--maintenance)
---
## 1. Create LXC Container
### On Proxmox Host:
```bash
# Create Ubuntu 22.04 LXC container
pct create 100 local:vztmpl/ubuntu-22.04-standard_22.04-1_amd64.tar.zst \
--hostname luckychit \
--memory 2048 \
--swap 512 \
--cores 2 \
--net0 name=eth0,bridge=vmbr0,ip=dhcp \
--storage local-lvm \
--rootfs local-lvm:8 \
--unprivileged 1 \
--features nesting=1
# Start the container
pct start 100
# Enter the container
pct enter 100
```
**Note:** Adjust container ID (100), memory, and network settings based on your environment.
---
## 2. Initial Setup
### Update System
```bash
apt update && apt upgrade -y
apt install -y curl wget git nano ufw
```
### Create Application User
```bash
# Create a user for running the application
adduser --disabled-password --gecos "" luckychit
usermod -aG sudo luckychit
# Switch to the new user
su - luckychit
```
---
## 3. Install Prerequisites
### Install Node.js (v20 LTS)
```bash
# Install Node.js via NodeSource
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt install -y nodejs
# Verify installation
node --version # Should show v20.x.x
npm --version
```
### Install PostgreSQL
```bash
# Install PostgreSQL
sudo apt install -y postgresql postgresql-contrib
# Start and enable PostgreSQL
sudo systemctl start postgresql
sudo systemctl enable postgresql
# Verify PostgreSQL is running
sudo systemctl status postgresql
```
### Configure PostgreSQL
```bash
# Switch to postgres user
sudo -u postgres psql
# In PostgreSQL prompt, run:
CREATE DATABASE luckychit;
CREATE USER luckychit WITH PASSWORD 'your_secure_password_here';
GRANT ALL PRIVILEGES ON DATABASE luckychit TO luckychit;
\q
```
### Install Nginx
```bash
sudo apt install -y nginx
sudo systemctl start nginx
sudo systemctl enable nginx
```
### Install PM2 (Process Manager)
```bash
sudo npm install -g pm2
```
### Install Flutter (for building web app)
```bash
# Install Flutter dependencies
sudo apt install -y clang cmake ninja-build pkg-config libgtk-3-dev
# Download Flutter
cd /opt
sudo git clone https://github.com/flutter/flutter.git -b stable
sudo chown -R luckychit:luckychit /opt/flutter
# Add Flutter to PATH
echo 'export PATH="$PATH:/opt/flutter/bin"' >> ~/.bashrc
source ~/.bashrc
# Verify Flutter installation
flutter doctor
# Enable Flutter web
flutter config --enable-web
```
---
## 4. Deploy Backend (Node.js API)
### Clone or Upload Your Project
```bash
# Create application directory
mkdir -p /home/luckychit/apps
cd /home/luckychit/apps
# Option 1: Clone from Git
git clone <your-repo-url> chitfund
cd chitfund/backend
# Option 2: Upload via SCP (from your local machine)
# scp -r C:\Users\sunde\workspace\chitfund luckychit@<container-ip>:/home/luckychit/apps/
```
### Configure Backend
```bash
cd /home/luckychit/apps/chitfund/backend
# Copy environment file
cp env.example .env
# Edit .env file with production settings
nano .env
```
**Edit `.env` file:**
```env
# Server Configuration
NODE_ENV=production
PORT=3000
# Database Configuration
DB_HOST=localhost
DB_PORT=5432
DB_NAME=luckychit
DB_USER=luckychit
DB_PASSWORD=your_secure_password_here
DATABASE_URL=postgresql://luckychit:your_secure_password_here@localhost:5432/luckychit
# JWT Configuration (CHANGE THIS!)
JWT_SECRET=your-super-secure-random-jwt-secret-minimum-32-characters-long
JWT_EXPIRES_IN=24h
# CORS Configuration (Update with your domain)
ALLOWED_ORIGINS=https://yourdomain.com,http://yourdomain.com
# Rate Limiting
RATE_LIMIT_WINDOW_MS=900000
RATE_LIMIT_MAX_REQUESTS=100
# Logging
LOG_LEVEL=info
```
### Install Dependencies and Initialize Database
```bash
# Install Node.js dependencies
npm install --production
# Test database connection
node test-db-connection.js
# Initialize database
node create-db.js
```
### Test Backend
```bash
# Start backend temporarily
npm start
# In another terminal, test the health endpoint
curl http://localhost:3000/health
# If working, stop it (Ctrl+C) - we'll use PM2 next
```
---
## 5. Deploy Frontend (Flutter Web)
### Build Flutter Web App
```bash
cd /home/luckychit/apps/chitfund/luckychit
# Get dependencies
flutter pub get
# Update API endpoint in your Flutter app
# Edit lib/core/constants/api_constants.dart or similar file
nano lib/core/network/api_client.dart
# Build for web
flutter build web --release
# The built files will be in build/web/
```
**Note:** Make sure to update the API base URL in your Flutter app to point to your server's domain or IP before building.
### Deploy Web Files
```bash
# Create web directory
sudo mkdir -p /var/www/luckychit
# Copy built files
sudo cp -r build/web/* /var/www/luckychit/
# Set permissions
sudo chown -R www-data:www-data /var/www/luckychit
```
---
## 6. Configure Nginx
### Create Nginx Configuration
```bash
sudo nano /etc/nginx/sites-available/luckychit
```
**Add this configuration:**
```nginx
# Backend API Server
server {
listen 80;
server_name api.yourdomain.com; # Or use your IP
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
# API reverse proxy
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Timeouts
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
# Health check endpoint
location /health {
proxy_pass http://localhost:3000/health;
access_log off;
}
}
# Frontend Web App
server {
listen 80;
server_name yourdomain.com www.yourdomain.com; # Or use your IP
root /var/www/luckychit;
index index.html;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
# Gzip compression
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css text/xml text/javascript
application/x-javascript application/xml+rss
application/javascript application/json;
# Flutter web app routing
location / {
try_files $uri $uri/ /index.html;
}
# Cache static assets
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 1y;
add_header Cache-Control "public, immutable";
}
# Don't cache index.html
location = /index.html {
add_header Cache-Control "no-cache, no-store, must-revalidate";
}
}
```
### Enable Site and Test
```bash
# Enable the site
sudo ln -s /etc/nginx/sites-available/luckychit /etc/nginx/sites-enabled/
# Remove default site
sudo rm /etc/nginx/sites-enabled/default
# Test Nginx configuration
sudo nginx -t
# Reload Nginx
sudo systemctl reload nginx
```
---
## 7. Setup Process Manager (PM2)
### Create PM2 Ecosystem File
```bash
cd /home/luckychit/apps/chitfund/backend
nano ecosystem.config.js
```
**Add this configuration:**
```javascript
module.exports = {
apps: [{
name: 'luckychit-api',
script: 'src/server.js',
cwd: '/home/luckychit/apps/chitfund/backend',
instances: 2, // Use 2 instances for load balancing
exec_mode: 'cluster',
env: {
NODE_ENV: 'production',
},
error_file: '/home/luckychit/logs/api-error.log',
out_file: '/home/luckychit/logs/api-out.log',
log_file: '/home/luckychit/logs/api-combined.log',
time: true,
autorestart: true,
max_memory_restart: '500M',
watch: false,
}]
};
```
### Create Log Directory
```bash
mkdir -p /home/luckychit/logs
```
### Start Application with PM2
```bash
cd /home/luckychit/apps/chitfund/backend
# Start application
pm2 start ecosystem.config.js
# Check status
pm2 status
# View logs
pm2 logs luckychit-api
# Setup PM2 to start on system boot
pm2 startup systemd -u luckychit --hp /home/luckychit
# Run the command it outputs
# Save PM2 configuration
pm2 save
```
### PM2 Useful Commands
```bash
# Status
pm2 status
# Logs
pm2 logs
pm2 logs luckychit-api --lines 100
# Restart
pm2 restart luckychit-api
# Stop
pm2 stop luckychit-api
# Monitor
pm2 monit
# Reload (zero-downtime restart)
pm2 reload luckychit-api
```
---
## 8. Configure Firewall
```bash
# Enable UFW
sudo ufw enable
# Allow SSH (IMPORTANT!)
sudo ufw allow 22/tcp
# Allow HTTP and HTTPS
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
# Check status
sudo ufw status
# Enable firewall
sudo ufw enable
```
---
## 9. Enable SSL (Optional but Recommended)
### Using Let's Encrypt (Free SSL)
```bash
# Install Certbot
sudo apt install -y certbot python3-certbot-nginx
# Get SSL certificate (replace with your domain)
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com -d api.yourdomain.com
# Test auto-renewal
sudo certbot renew --dry-run
```
The Certbot will automatically update your Nginx configuration to use HTTPS.
---
## 10. Monitoring & Maintenance
### Check Application Status
```bash
# PM2 status
pm2 status
# Nginx status
sudo systemctl status nginx
# PostgreSQL status
sudo systemctl status postgresql
# View backend logs
pm2 logs luckychit-api
# View Nginx access logs
sudo tail -f /var/log/nginx/access.log
# View Nginx error logs
sudo tail -f /var/log/nginx/error.log
```
### Database Backup Script
```bash
# Create backup directory
mkdir -p /home/luckychit/backups
# Create backup script
nano /home/luckychit/backup-db.sh
```
**Add this content:**
```bash
#!/bin/bash
BACKUP_DIR="/home/luckychit/backups"
DATE=$(date +%Y%m%d_%H%M%S)
FILENAME="luckychit_backup_$DATE.sql"
pg_dump -U luckychit -h localhost luckychit > "$BACKUP_DIR/$FILENAME"
gzip "$BACKUP_DIR/$FILENAME"
# Keep only last 7 days of backups
find $BACKUP_DIR -name "luckychit_backup_*.sql.gz" -mtime +7 -delete
echo "Backup completed: $FILENAME.gz"
```
```bash
# Make it executable
chmod +x /home/luckychit/backup-db.sh
# Add to crontab for daily backups at 2 AM
crontab -e
# Add this line:
0 2 * * * /home/luckychit/backup-db.sh
```
### Update Application
```bash
# Navigate to backend
cd /home/luckychit/apps/chitfund/backend
# Pull latest changes (if using Git)
git pull
# Install any new dependencies
npm install --production
# Reload application with zero downtime
pm2 reload luckychit-api
# For frontend updates
cd /home/luckychit/apps/chitfund/luckychit
git pull
flutter pub get
flutter build web --release
sudo cp -r build/web/* /var/www/luckychit/
```
### Monitor Resources
```bash
# View system resources
htop
# View disk usage
df -h
# View memory usage
free -h
# View PM2 monitoring
pm2 monit
```
---
## 📱 Access Your Application
After deployment:
- **Frontend:** `http://your-server-ip` or `http://yourdomain.com`
- **Backend API:** `http://your-server-ip:3000` or `http://api.yourdomain.com`
- **Health Check:** `http://your-server-ip/health`
---
## 🔧 Troubleshooting
### Backend Not Starting
```bash
# Check logs
pm2 logs luckychit-api
# Check if port 3000 is in use
sudo netstat -tulpn | grep 3000
# Test database connection
cd /home/luckychit/apps/chitfund/backend
node test-db-connection.js
# Check .env file
cat .env
```
### Nginx Errors
```bash
# Test configuration
sudo nginx -t
# Check error logs
sudo tail -f /var/log/nginx/error.log
# Restart Nginx
sudo systemctl restart nginx
```
### Database Issues
```bash
# Check PostgreSQL status
sudo systemctl status postgresql
# Restart PostgreSQL
sudo systemctl restart postgresql
# Connect to database
psql -U luckychit -d luckychit -h localhost
# Check database logs
sudo tail -f /var/log/postgresql/postgresql-14-main.log
```
### Can't Access from Outside
```bash
# Check firewall
sudo ufw status
# Check if services are listening
sudo netstat -tulpn | grep :80
sudo netstat -tulpn | grep :3000
# Check Nginx is running
sudo systemctl status nginx
```
---
## 🔐 Security Checklist
- ✅ Change default PostgreSQL password
- ✅ Use strong JWT secret (32+ characters)
- ✅ Enable UFW firewall
- ✅ Keep .env file secure (never commit to git)
- ✅ Enable SSL/HTTPS with Let's Encrypt
- ✅ Regular database backups
- ✅ Keep system updated: `sudo apt update && sudo apt upgrade`
- ✅ Monitor logs regularly
- ✅ Use fail2ban to prevent brute force attacks (optional)
---
## 📚 Additional Resources
- [Proxmox LXC Documentation](https://pve.proxmox.com/wiki/Linux_Container)
- [PM2 Documentation](https://pm2.keymetrics.io/docs/usage/quick-start/)
- [Nginx Documentation](https://nginx.org/en/docs/)
- [Flutter Web Deployment](https://docs.flutter.dev/deployment/web)
- [PostgreSQL Documentation](https://www.postgresql.org/docs/)
---
## 🆘 Need Help?
Common issues:
1. **Port already in use:** Check with `sudo netstat -tulpn | grep <port>`
2. **Permission denied:** Check file ownership and permissions
3. **Cannot connect to database:** Verify PostgreSQL is running and credentials are correct
4. **404 errors:** Check Nginx configuration and file paths
Good luck with your deployment! 🚀
Reference in New Issue View Git Blame Copy Permalink