Skip to content

Instantly share code, notes, and snippets.

@jayzz55
Forked from julianrubisch/deploy_script.sh
Created February 13, 2022 13:49
Show Gist options
  • Save jayzz55/12936c6d1ed1a19390f8f9cf8cc8da5a to your computer and use it in GitHub Desktop.
Save jayzz55/12936c6d1ed1a19390f8f9cf8cc8da5a to your computer and use it in GitHub Desktop.
Hatchbox phoenix configuration
# Phoenix
if grep -q '^ "phoenix"' mix.lock; then
source $HOME/.asdf/asdf.sh
source $HOME/.asdf/completions/asdf.bash
export $(cat $RELEASE_DIR/../../.rbenv-vars | xargs)
echo '
-----> Detected Phoenix app.'
mix local.rebar --force
mix local.hex --force
echo '
-----> Compiling mix packages'
mix deps.get --only prod
MIX_ENV=prod mix compile
echo '
-----> Compiling assets'
npm install --prefix ./assets
npm run deploy --prefix ./assets
MIX_ENV=prod mix phx.digest
echo '
-----> Migrating database'
MIX_ENV=prod mix ecto.create
MIX_ENV=prod mix ecto.migrate
echo '
-----> Stopping Phoenix server'
lsof -t -i tcp:3000 | xargs kill -KILL
echo '
-----> Starting Phoenix server'
MIX_ENV=prod mix phx.server &
fi
# Redirect to https
server {
listen 80;
listen [::]:80;
server_name %{domains};
include /etc/nginx/snippets/letsencrypt.conf;
location / {
return 301 https://$host$request_uri;
}
}
## Optional, redirect non-www domains to www
#server {
# listen 443 ssl http2;
# listen [::]:443 ssl http2;
#
# server_name touchscreen.co.at;
#
# ssl_certificate /etc/nginx/ssl/touch-backend/fullchain.pem;
# ssl_certificate_key /etc/nginx/ssl/touch-backend/key.pem;
# ssl_trusted_certificate /etc/nginx/ssl/touch-backend/fullchain.pem;
#
# include /etc/nginx/snippets/ssl.conf;
#
# location / {
# return 301 https://www.$host$request_uri;
# }
#}
# %{upstream}
upstream phoenixapp {
server localhost:3000;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name %{domains};
root %{root};
#%{server_config}
ssl_certificate /etc/nginx/ssl/touch-backend/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/touch-backend/key.pem;
ssl_trusted_certificate /etc/nginx/ssl/touch-backend/fullchain.pem;
include /etc/nginx/snippets/ssl.conf;
include /etc/nginx/snippets/letsencrypt.conf;
# Allow uploads up to 100MB in size
client_max_body_size 100m;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
location ~ /.well-known {
root /var/www/html;
allow all;
}
# taken from https://elixirforum.com/t/phoenix-websocket-behind-proxy/5444/5
location /socket {
allow all;
# a hack to enforce capitalized response header
#more_clear_headers 'Connection';
#more_clear_headers 'connection';
#more_set_input_headers 'Connection';
#more_clear_input_headers 'Connection';
#more_set_headers 'Connection: Upgrade';
#add_header Connection "Upgrade" always;
proxy_set_header Proxy "";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Cluster-Client-Ip $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
# allow remote connections
proxy_set_header Origin '';
proxy_pass http://phoenixapp;
}
location / {
allow all;
client_max_body_size 50M;
proxy_set_header Proxy "";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Cluster-Client-Ip $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
# allow remote connections
proxy_set_header Origin '';
proxy_pass http://phoenixapp;
# asset delivery using NGINX
location ~* ^.+\.(css|cur|gif|gz|ico|jpg|jpeg|js|png|svg|woff|woff2)$ {
root /home/deploy/touch-backend/current/priv/static;
etag off;
expires max;
add_header Cache-Control public;
}
}
#location ~ ^/(assets|packs)/ {
# expires max;
# gzip_static on;
#}
error_page 404 500 502 503 504 = /error.html;
location = /error.html {
root /var/www/html/hatchbox;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment