#!/bin/bash ####################################################### # TurboTrades Server Setup Script # Automated setup for production server 178.63.127.19 ####################################################### set -e # Exit on error # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color # Configuration SERVER_IP="178.63.127.19" DEPLOY_PATH="/var/www/turbotrades" APP_NAME="turbotrades" NODE_VERSION="20" # Functions print_status() { echo -e "${BLUE}[INFO]${NC} $1" } print_success() { echo -e "${GREEN}[SUCCESS]${NC} $1" } print_warning() { echo -e "${YELLOW}[WARNING]${NC} $1" } print_error() { echo -e "${RED}[ERROR]${NC} $1" } # Check if running as root check_root() { if [[ $EUID -ne 0 ]]; then print_warning "This script should be run as root. Some commands may require sudo." read -p "Continue anyway? (y/n) " -n 1 -r echo if [[ ! $REPLY =~ ^[Yy]$ ]]; then exit 1 fi fi } # Update system update_system() { print_status "Updating system packages..." apt update && apt upgrade -y print_success "System updated" } # Install Node.js install_nodejs() { print_status "Installing Node.js ${NODE_VERSION}..." if command -v node &> /dev/null; then NODE_CURRENT=$(node -v) print_warning "Node.js is already installed: $NODE_CURRENT" read -p "Reinstall/Update? (y/n) " -n 1 -r echo if [[ ! $REPLY =~ ^[Yy]$ ]]; then return fi fi curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash - apt-get install -y nodejs print_success "Node.js installed: $(node -v)" print_success "NPM installed: $(npm -v)" } # Install MongoDB install_mongodb() { print_status "Installing MongoDB..." if command -v mongod &> /dev/null; then print_warning "MongoDB is already installed" read -p "Reinstall? (y/n) " -n 1 -r echo if [[ ! $REPLY =~ ^[Yy]$ ]]; then return fi fi # Import MongoDB public key curl -fsSL https://www.mongodb.org/static/pgp/server-7.0.asc | \ gpg --dearmor -o /usr/share/keyrings/mongodb-server-7.0.gpg # Add MongoDB repository echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg ] https://repo.mongodb.org/apt/ubuntu $(lsb_release -cs)/mongodb-org/7.0 multiverse" | \ tee /etc/apt/sources.list.d/mongodb-org-7.0.list # Install MongoDB apt update apt install -y mongodb-org # Start and enable MongoDB systemctl start mongod systemctl enable mongod print_success "MongoDB installed and started" } # Install PM2 install_pm2() { print_status "Installing PM2..." if command -v pm2 &> /dev/null; then print_warning "PM2 is already installed: $(pm2 -v)" read -p "Reinstall? (y/n) " -n 1 -r echo if [[ ! $REPLY =~ ^[Yy]$ ]]; then return fi fi npm install -g pm2 # Setup PM2 startup script pm2 startup systemd -u $SUDO_USER --hp /home/$SUDO_USER print_success "PM2 installed: $(pm2 -v)" } # Install Nginx install_nginx() { print_status "Installing Nginx..." if command -v nginx &> /dev/null; then print_warning "Nginx is already installed" read -p "Continue anyway? (y/n) " -n 1 -r echo if [[ ! $REPLY =~ ^[Yy]$ ]]; then return fi fi apt install -y nginx systemctl start nginx systemctl enable nginx print_success "Nginx installed and started" } # Install Git install_git() { print_status "Installing Git..." if command -v git &> /dev/null; then print_success "Git is already installed: $(git --version)" return fi apt install -y git print_success "Git installed: $(git --version)" } # Create deployment directory create_deploy_directory() { print_status "Creating deployment directory: ${DEPLOY_PATH}" mkdir -p ${DEPLOY_PATH} # Set ownership to current user if [ -n "$SUDO_USER" ]; then chown -R $SUDO_USER:$SUDO_USER ${DEPLOY_PATH} fi print_success "Deployment directory created" } # Setup firewall setup_firewall() { print_status "Configuring firewall..." if ! command -v ufw &> /dev/null; then apt install -y ufw fi # Allow SSH, HTTP, HTTPS ufw allow 22/tcp ufw allow 80/tcp ufw allow 443/tcp # Enable firewall ufw --force enable print_success "Firewall configured" ufw status } # Generate SSH deploy key generate_deploy_key() { print_status "Generating SSH deploy key..." SSH_DIR="/home/$SUDO_USER/.ssh" DEPLOY_KEY="$SSH_DIR/turbotrades_deploy_key" if [ -f "$DEPLOY_KEY" ]; then print_warning "Deploy key already exists at $DEPLOY_KEY" read -p "Generate new key? (y/n) " -n 1 -r echo if [[ ! $REPLY =~ ^[Yy]$ ]]; then return fi fi mkdir -p $SSH_DIR ssh-keygen -t ed25519 -C "deploy@turbotrades" -f $DEPLOY_KEY -N "" chown -R $SUDO_USER:$SUDO_USER $SSH_DIR chmod 700 $SSH_DIR chmod 600 $DEPLOY_KEY chmod 644 $DEPLOY_KEY.pub print_success "Deploy key generated!" echo "" print_status "=== PUBLIC KEY (Add to GitHub Deploy Keys) ===" cat $DEPLOY_KEY.pub echo "" print_status "=== PRIVATE KEY (Add to GitHub Secrets as SSH_PRIVATE_KEY) ===" cat $DEPLOY_KEY echo "" print_warning "Save these keys securely!" } # Create .env template create_env_template() { print_status "Creating .env template..." ENV_FILE="${DEPLOY_PATH}/.env.example" cat > $ENV_FILE << 'EOF' # Server Configuration NODE_ENV=production PORT=3000 HOST=0.0.0.0 # Database MONGODB_URI=mongodb://localhost:27017/turbotrades # Session Secret (Generate a secure random string) SESSION_SECRET=change-this-to-a-random-string # Steam API STEAM_API_KEY=your-steam-api-key-here STEAM_RETURN_URL=http://178.63.127.19:3000/auth/steam/return # JWT Secret (Generate a secure random string) JWT_SECRET=change-this-to-a-random-string JWT_ACCESS_EXPIRY=15m JWT_REFRESH_EXPIRY=7d # CORS CORS_ORIGIN=http://178.63.127.19 # Redis (if using) REDIS_URL=redis://localhost:6379 # Admin Steam IDs (comma-separated) ADMIN_STEAM_IDS=76561198000000000 # Bot Configuration STEAM_BOT_USERNAME=your-bot-username STEAM_BOT_PASSWORD=your-bot-password STEAM_BOT_SHARED_SECRET=your-bot-shared-secret STEAM_BOT_IDENTITY_SECRET=your-bot-identity-secret # CSGOFloat API (optional) CSGOFLOAT_API_KEY=your-csgofloat-api-key # Pricing API (optional) PRICING_API_KEY=your-pricing-api-key EOF print_success ".env template created at $ENV_FILE" print_warning "Remember to create ${DEPLOY_PATH}/.env with actual values!" } # Create Nginx configuration create_nginx_config() { print_status "Creating Nginx configuration..." NGINX_CONFIG="/etc/nginx/sites-available/turbotrades" cat > $NGINX_CONFIG << 'EOF' server { listen 80; server_name 178.63.127.19; client_max_body_size 10M; # Frontend (Vite build) location / { root /var/www/turbotrades/frontend/dist; try_files $uri $uri/ /index.html; # Cache static assets location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { expires 1y; add_header Cache-Control "public, immutable"; } } # Backend API location /api { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_cache_bypass $http_upgrade; proxy_read_timeout 300s; proxy_connect_timeout 75s; } # WebSocket support location /ws { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } # Auth routes location /auth { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # Security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Content-Type-Options "nosniff" always; add_header X-XSS-Protection "1; mode=block" always; } EOF # Enable the site ln -sf $NGINX_CONFIG /etc/nginx/sites-enabled/turbotrades # Test Nginx configuration nginx -t # Restart Nginx systemctl restart nginx print_success "Nginx configuration created and enabled" } # Create logs directory create_logs_directory() { print_status "Creating logs directory..." LOG_DIR="${DEPLOY_PATH}/logs" mkdir -p $LOG_DIR if [ -n "$SUDO_USER" ]; then chown -R $SUDO_USER:$SUDO_USER $LOG_DIR fi print_success "Logs directory created at $LOG_DIR" } # Print next steps print_next_steps() { echo "" echo "==========================================" print_success "Server setup complete!" echo "==========================================" echo "" print_status "Next steps:" echo "" echo "1. Add the deploy key to Gitea:" echo " - Go to: https://git.turbotrades.dev/iDefineHD/TurboTrades/settings/keys" echo " - Add the PUBLIC key shown above" echo "" echo "2. Add Repository Secrets:" echo " - Go to: https://git.turbotrades.dev/iDefineHD/TurboTrades/settings" echo " - Add these secrets:" echo " - SERVER_HOST: ${SERVER_IP}" echo " - SERVER_USER: $(whoami)" echo " - SERVER_PORT: 22" echo " - SSH_PRIVATE_KEY: (the private key shown above)" echo " - DEPLOY_PATH: ${DEPLOY_PATH}" echo "" echo "3. Clone your repository:" echo " cd ${DEPLOY_PATH}" echo " git clone https://git.turbotrades.dev/iDefineHD/TurboTrades.git ." echo "" echo "4. Create .env file:" echo " cp ${DEPLOY_PATH}/.env.example ${DEPLOY_PATH}/.env" echo " nano ${DEPLOY_PATH}/.env" echo " (Fill in your actual configuration)" echo "" echo "5. Install dependencies and build:" echo " cd ${DEPLOY_PATH}" echo " npm ci --production" echo " cd frontend && npm ci && npm run build && cd .." echo "" echo "6. Start the application:" echo " pm2 start ecosystem.config.js --env production" echo " pm2 save" echo "" echo "7. Visit your application:" echo " http://${SERVER_IP}" echo "" print_success "Setup complete! 🎉" } # Main script main() { echo "==========================================" echo " TurboTrades Server Setup" echo " Server: ${SERVER_IP}" echo "==========================================" echo "" check_root print_status "Starting server setup..." echo "" # Run all setup functions update_system install_nodejs install_mongodb install_pm2 install_nginx install_git create_deploy_directory setup_firewall generate_deploy_key create_env_template create_nginx_config create_logs_directory # Print next steps print_next_steps } # Run main function main