Closed easoncxz closed 3 years ago
I just did a bunch of stuff manually.
On my DNS provider:
twitanalysis.easoncxz.com
;On my Vultr box over SSH:
acme.sh
to issue a non-wildcard SSL certificate for the domain twitanalysis.easoncxz.com
;acme.sh --install-cert
command);/etc/nginx/conf.d/twitanalysis.easoncxz.com.conf
to those SSL key+cert and reverse proxy to http://localhost:5000
;http://localhost:5000
as usual.And now things appear to be working:
Notice that the domain name is a live one, and the little SSL lock icon is showing no errors.
Follow this wiki:
I've written an almost-one-click deploy script, which is intended to be run from a controlling machine, usually local-dev, but also potentially a Github Actions runner container:
The next step is to come up with some slightly more polished way of keeping the server running, with some command that is ideally like systemctl reload nginx
: one-click, and pre-daemonised.
About SSH deploys from Github Actions:
About managing long-running processes using systemd:
Several critical commits:
New episode at:
There are a few necessary steps:
This ticket can wait for a bit, since it's heavy-handed Ops work, possibly involving tonnes of new tools I've never touched, and will need lots of time. Things like Ansible or Terraform may be of use.
Helpful guides
Points of care