nik/nginx-conf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor deploy script to improve static file handling and backup processes

Browse Source
This commit is contained in:
Nik Afiq 2026-01-24 19:55:07 +09:00
parent 4bc352b373
commit 17cfb85874
1 changed files with 47 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
deploy-nginx.sh
View File

@ -12,10 +12,10 @@ SITES_ENABLED="$NGINX_ETC/sites-enabled"
SNIPPETS="$NGINX_ETC/snippets" SNIPPETS="$NGINX_ETC/snippets"
CONFD="$NGINX_ETC/conf.d" CONFD="$NGINX_ETC/conf.d"
# Where to deploy static files from ./http and ./robots.txt # Static file deploy targets (match your current layout)
WEB_ROOT="${WEB_ROOT:-/var/www/nginx-conf}" WEB_HTML="/var/www/html"
WEB_ERRORS="/var/www/errors"
# Which sites to ensure are enabled (symlinked)
ENABLE_SITES=( ENABLE_SITES=(
"default" "default"
"nik4nao.home.arpa" "nik4nao.home.arpa"
@ -23,7 +23,6 @@ ENABLE_SITES=(
"prv-api.nik4nao.xyz" "prv-api.nik4nao.xyz"
) )
# Backup location
BACKUP_BASE="/var/backups/nginx-conf-deploy" BACKUP_BASE="/var/backups/nginx-conf-deploy"
# --------------------------- # ---------------------------
@ -33,14 +32,11 @@ usage() {
cat <<'EOF' cat <<'EOF'
Usage: Usage:
sudo ./deploy-nginx.sh [--dry-run] sudo ./deploy-nginx.sh [--dry-run]
Options:
--dry-run Show actions, do not write/reload.
Env:
WEB_ROOT=/some/path Override static deploy directory (default: /var/www/nginx-conf)
EOF EOF
} }
log() { echo "==> $*"; }
need_root() { need_root() {
if [[ "${EUID}" -ne 0 ]]; then if [[ "${EUID}" -ne 0 ]]; then
echo "ERROR: run as root (use sudo)." >&2 echo "ERROR: run as root (use sudo)." >&2
@ -48,8 +44,6 @@ need_root() {
fi fi
} }
log() { echo "==> $*"; }
DRY_RUN=0 DRY_RUN=0
if [[ "${1:-}" == "--dry-run" ]]; then if [[ "${1:-}" == "--dry-run" ]]; then
DRY_RUN=1 DRY_RUN=1
@ -90,20 +84,6 @@ copy_file() {
fi fi
} }
sync_dir() {
local src="$1"
local dst="$2"
if [[ ! -d "$src" ]]; then
echo "ERROR: missing source dir: $src" >&2
exit 1
fi
if (( DRY_RUN )); then
log "[dry-run] rsync -a --delete $src/ -> $dst/"
else
rsync -a --delete "${src}/" "${dst}/"
fi
}
make_symlink() { make_symlink() {
local target="$1" local target="$1"
local linkpath="$2" local linkpath="$2"
@ -114,6 +94,25 @@ make_symlink() {
fi fi
} }
sync_selected_http_files() {
# Copy only the files you actually use, into the two target dirs
local src_dir="$REPO_DIR/http"
# /var/www/html
for f in index.html index.nginx-debian.html nik4nao-xyz-landing.html; do
if [[ -f "$src_dir/$f" ]]; then
copy_file "$src_dir/$f" "$WEB_HTML/$f"
fi
done
# /var/www/errors
for f in 404.html 50x.html; do
if [[ -f "$src_dir/$f" ]]; then
copy_file "$src_dir/$f" "$WEB_ERRORS/$f"
fi
done
}
backup_paths=() backup_paths=()
add_backup_path() { add_backup_path() {
@ -125,7 +124,8 @@ add_backup_path() {
do_backup() { do_backup() {
mkdir_p "$backup_dir" mkdir_p "$backup_dir"
# Backup only what we touch (and their symlinks)
# nginx files we touch
add_backup_path "$NGINX_ETC/nginx.conf" add_backup_path "$NGINX_ETC/nginx.conf"
add_backup_path "$CONFD/upstreams.conf" add_backup_path "$CONFD/upstreams.conf"
add_backup_path "$SNIPPETS/proxy-common.conf" add_backup_path "$SNIPPETS/proxy-common.conf"
@ -134,14 +134,21 @@ do_backup() {
add_backup_path "$SITES_ENABLED/$s" add_backup_path "$SITES_ENABLED/$s"
done done
# static files we touch (only the known ones)
for f in index.html index.nginx-debian.html nik4nao-xyz-landing.html robots.txt; do
add_backup_path "$WEB_HTML/$f"
done
for f in 404.html 50x.html; do
add_backup_path "$WEB_ERRORS/$f"
done
if (( DRY_RUN )); then if (( DRY_RUN )); then
log "[dry-run] tar -czf $backup_tar -P ${backup_paths[*]}" log "[dry-run] tar -czf $backup_tar -P ${backup_paths[*]:-}"
return return
fi fi
if ((${#backup_paths[@]} == 0)); then if ((${#backup_paths[@]} == 0)); then
log "No existing paths found to backup (first deploy?)." log "No existing paths found to backup (first deploy?)."
# still create empty backup dir for consistency
return return
fi fi
@ -154,12 +161,12 @@ restore_backup() {
log "[dry-run] restore from $backup_tar" log "[dry-run] restore from $backup_tar"
return return
fi fi
if [[ ! -f "$backup_tar" ]]; then if [[ -f "$backup_tar" ]]; then
log "Restoring from backup..."
tar -xzf "$backup_tar" -P
else
log "No backup tar found to restore: $backup_tar" log "No backup tar found to restore: $backup_tar"
return
fi fi
log "Restoring from backup..."
tar -xzf "$backup_tar" -P
} }
nginx_test() { nginx_test() {
@ -182,18 +189,15 @@ nginx_reload() {
# Deploy # Deploy
# --------------------------- # ---------------------------
log "Repo: $REPO_DIR" log "Repo: $REPO_DIR"
log "Deploying to: $NGINX_ETC"
log "Static WEB_ROOT: $WEB_ROOT"
do_backup do_backup
# Ensure target dirs exist mkdir_p "$SITES_AVAIL" "$SITES_ENABLED" "$SNIPPETS" "$CONFD" "$WEB_HTML" "$WEB_ERRORS"
mkdir_p "$SITES_AVAIL" "$SITES_ENABLED" "$SNIPPETS" "$CONFD" "$WEB_ROOT"
# Copy core config/snippets # Copy core config/snippets
copy_file "$REPO_DIR/nginx.conf" "$NGINX_ETC/nginx.conf" copy_file "$REPO_DIR/nginx.conf" "$NGINX_ETC/nginx.conf"
copy_file "$REPO_DIR/upstreams.conf" "$CONFD/upstreams.conf" copy_file "$REPO_DIR/upstreams.conf" "$CONFD/upstreams.conf"
copy_file "$REPO_DIR/proxy-common.conf" "$SNIPPETS/proxy-common.conf" copy_file "$REPO_DIR/proxy-common.conf" "$SNIPPETS/proxy-common.conf"
# Copy site configs (repo *.conf -> /etc/nginx/sites-available/<name>) # Copy site configs (repo *.conf -> /etc/nginx/sites-available/<name>)
copy_file "$REPO_DIR/default.conf" "$SITES_AVAIL/default" copy_file "$REPO_DIR/default.conf" "$SITES_AVAIL/default"
@ -201,15 +205,15 @@ copy_file "$REPO_DIR/nik4nao.home.arpa.conf" "$SITES_AVAIL/nik4nao.home.arpa"
copy_file "$REPO_DIR/nik4nao.xyz.conf" "$SITES_AVAIL/nik4nao.xyz" copy_file "$REPO_DIR/nik4nao.xyz.conf" "$SITES_AVAIL/nik4nao.xyz"
copy_file "$REPO_DIR/prv-api.nik4nao.xyz.conf" "$SITES_AVAIL/prv-api.nik4nao.xyz" copy_file "$REPO_DIR/prv-api.nik4nao.xyz.conf" "$SITES_AVAIL/prv-api.nik4nao.xyz"
# Enable sites (symlinks) # Enable sites
for s in "${ENABLE_SITES[@]}"; do for s in "${ENABLE_SITES[@]}"; do
make_symlink "$SITES_AVAIL/$s" "$SITES_ENABLED/$s" make_symlink "$SITES_AVAIL/$s" "$SITES_ENABLED/$s"
done done
# Deploy static content # Static files
sync_dir "$REPO_DIR/http" "$WEB_ROOT" sync_selected_http_files
if [[ -f "$REPO_DIR/robots.txt" ]]; then if [[ -f "$REPO_DIR/robots.txt" ]]; then
copy_file "$REPO_DIR/robots.txt" "$WEB_ROOT/robots.txt" copy_file "$REPO_DIR/robots.txt" "$WEB_HTML/robots.txt"
fi fi
# Test + reload (rollback on failure) # Test + reload (rollback on failure)