Aimpress/PDF-accessibility-saas
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
PDF-accessibility-saas/deploy.sh

226 lines
8.2 KiB
Bash
Executable file
Raw Blame History

#!/usr/bin/env bash
#
# deploy.sh — Idempotent deployment script for PDF Accessibility Checker
#
# Usage:
# cd /opt/pdf-accessibility && ./deploy.sh
#
# Architecture:
# - Apache (host) serves frontend + api.php from /var/www/html/pdf-accessibility
# - Docker Compose runs: PostgreSQL
# - PDF processing via Google Cloud Run (synchronous HTTP call from api.php)
#
set -euo pipefail
# ── Configuration ─────────────────────────────────────────────────
REPO_DIR="$(cd "$(dirname "$0")" && pwd)"
WEB_DIR="/var/www/html/pdf-accessibility"
COMPOSE_FILE="docker-compose.prod.yml"
ENV_FILE="${REPO_DIR}/.env"
MIN_PHP_VERSION="8.0"
# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'
log() { echo -e "${GREEN}[DEPLOY]${NC} $*"; }
warn() { echo -e "${YELLOW}[WARN]${NC} $*"; }
err() { echo -e "${RED}[ERROR]${NC} $*"; }
# ── Preflight Checks ─────────────────────────────────────────────
log "Starting deployment from ${REPO_DIR}"
# Check Docker
if ! command -v docker &>/dev/null; then
err "Docker is not installed. Install it first:"
err " curl -fsSL https://get.docker.com | sh"
err " sudo usermod -aG docker \$USER"
exit 1
fi
# Check Docker Compose (v2 plugin)
if ! docker compose version &>/dev/null; then
err "Docker Compose v2 is not available. Install it:"
err " sudo apt-get install docker-compose-plugin"
exit 1
fi
# Check PHP
if ! command -v php &>/dev/null; then
warn "PHP is not installed. api.php requires PHP ${MIN_PHP_VERSION}+ with extensions:"
warn " sudo apt-get install php8.2 php8.2-pgsql php8.2-curl php8.2-mbstring"
else
PHP_VER=$(php -r 'echo PHP_MAJOR_VERSION . "." . PHP_MINOR_VERSION;')
log "PHP version: ${PHP_VER}"
# Check required extensions
MISSING_EXT=""
php -m | grep -qi pgsql || MISSING_EXT="${MISSING_EXT} php-pgsql"
php -m | grep -qi curl || MISSING_EXT="${MISSING_EXT} php-curl"
php -m | grep -qi openssl || MISSING_EXT="${MISSING_EXT} php-openssl"
if [ -n "${MISSING_EXT}" ]; then
warn "Missing PHP extensions:${MISSING_EXT}"
warn "Install with: sudo apt-get install${MISSING_EXT}"
fi
fi
# ── Pull Latest Code ─────────────────────────────────────────────
log "Pulling latest code..."
cd "${REPO_DIR}"
if [ -d .git ]; then
git config core.fileMode false
# Run git as the repo owner (not root) so SSH keys work
REPO_OWNER=$(stat -c '%U' "${REPO_DIR}/.git")
if [ "$(id -u)" = "0" ] && [ "${REPO_OWNER}" != "root" ]; then
sudo -u "${REPO_OWNER}" git -C "${REPO_DIR}" fetch --all
sudo -u "${REPO_OWNER}" git -C "${REPO_DIR}" reset --hard origin/$(git rev-parse --abbrev-ref HEAD)
else
git fetch --all
git reset --hard origin/$(git rev-parse --abbrev-ref HEAD)
fi
log "Code updated to $(git log --oneline -1)"
else
warn "Not a git repo — using existing files"
fi
# ── Environment File ─────────────────────────────────────────────
if [ ! -f "${ENV_FILE}" ]; then
log "Creating .env from .env.example (first run)..."
cp "${REPO_DIR}/.env.example" "${ENV_FILE}"
# Override Docker hostnames with localhost for host-side PHP
sed -i 's/^DB_HOST=postgres/DB_HOST=127.0.0.1/' "${ENV_FILE}"
sed -i 's/^DEV_MODE=true/DEV_MODE=false/' "${ENV_FILE}"
warn "Review and update ${ENV_FILE} with production values:"
warn " - DB_PASSWORD (change from default!)"
warn " - ANTHROPIC_API_KEY"
warn " - GOOGLE_API_KEY"
warn " - CLOUD_RUN_URL"
warn " - GCP_SA_KEY_PATH (copy pdf-api-invoker-key.json to server)"
warn " - AZURE_* settings"
else
log "Using existing .env file"
fi
# ── Build Docker Containers ──────────────────────────────────────
log "Building Docker containers (using cache)..."
docker compose -f "${COMPOSE_FILE}" build
log "Starting/restarting Docker services..."
docker compose -f "${COMPOSE_FILE}" up -d --remove-orphans
# Wait for PostgreSQL to be ready
log "Waiting for PostgreSQL to be healthy..."
RETRIES=30
until docker compose -f "${COMPOSE_FILE}" exec -T postgres pg_isready -U pdf_checker &>/dev/null || [ $RETRIES -eq 0 ]; do
sleep 1
RETRIES=$((RETRIES - 1))
done
if [ $RETRIES -eq 0 ]; then
err "PostgreSQL failed to start. Check logs:"
err " docker compose -f ${COMPOSE_FILE} logs postgres"
exit 1
fi
log "PostgreSQL is ready"
# Database init.sql runs automatically on first compose up via
# /docker-entrypoint-initdb.d/init.sql — no migration tool needed.
# For future migrations, add numbered SQL files to db/ and apply:
if [ -d "${REPO_DIR}/db/migrations" ]; then
for migration in "${REPO_DIR}"/db/migrations/*.sql; do
[ -f "$migration" ] || continue
MIGRATION_NAME=$(basename "$migration")
log "Applying migration: ${MIGRATION_NAME}"
docker compose -f "${COMPOSE_FILE}" exec -T postgres \
psql -U pdf_checker -d pdf_checker -f "/dev/stdin" < "$migration" 2>/dev/null || \
warn "Migration ${MIGRATION_NAME} may have already been applied"
done
fi
# ── Deploy Frontend Files ─────────────────────────────────────────
log "Deploying frontend to ${WEB_DIR}..."
# Create web directory if it doesn't exist
sudo mkdir -p "${WEB_DIR}"
# Clean old frontend files (but preserve uploads, results, .env, logs)
log "Cleaning old frontend files..."
sudo rm -f "${WEB_DIR}/index.html" "${WEB_DIR}/history.html"
sudo rm -rf "${WEB_DIR}/css" "${WEB_DIR}/js"
sudo rm -f "${WEB_DIR}/api.php" "${WEB_DIR}/auth.php"
# Copy frontend files
sudo cp "${REPO_DIR}/index.html" "${WEB_DIR}/"
sudo cp "${REPO_DIR}/history.html" "${WEB_DIR}/"
sudo cp -r "${REPO_DIR}/css" "${WEB_DIR}/"
sudo cp -r "${REPO_DIR}/js" "${WEB_DIR}/"
# Copy PHP backend files
sudo cp "${REPO_DIR}/api.php" "${WEB_DIR}/"
sudo cp "${REPO_DIR}/auth.php" "${WEB_DIR}/"
# Copy Python scripts (needed if api.php fallback exec() is used)
sudo cp "${REPO_DIR}/enterprise_pdf_checker.py" "${WEB_DIR}/"
sudo cp "${REPO_DIR}/pdf_remediation.py" "${WEB_DIR}/"
sudo cp "${REPO_DIR}/logger_config.py" "${WEB_DIR}/"
sudo cp "${REPO_DIR}/retry_helper.py" "${WEB_DIR}/"
# Copy .env for PHP (if not already there)
if [ ! -f "${WEB_DIR}/.env" ]; then
sudo cp "${ENV_FILE}" "${WEB_DIR}/.env"
log "Copied .env to web directory"
else
# Update .env in web dir from repo .env
sudo cp "${ENV_FILE}" "${WEB_DIR}/.env"
fi
# Create runtime directories
sudo mkdir -p "${WEB_DIR}/uploads" "${WEB_DIR}/results" "${WEB_DIR}/logs" "${WEB_DIR}/rate_limits"
# Set ownership for Apache
sudo chown -R www-data:www-data "${WEB_DIR}"
sudo chmod -R 755 "${WEB_DIR}"
sudo chmod -R 775 "${WEB_DIR}/uploads" "${WEB_DIR}/results" "${WEB_DIR}/logs" "${WEB_DIR}/rate_limits"
# ── Verify ────────────────────────────────────────────────────────
log ""
log "============================================="
log " Deployment complete!"
log "============================================="
log ""
log "Services status:"
docker compose -f "${COMPOSE_FILE}" ps --format "table {{.Name}}\t{{.Status}}\t{{.Ports}}"
log ""
log "Frontend: ${WEB_DIR}"
log "Docker: PostgreSQL (127.0.0.1:1221)"
log "Cloud Run: ${CLOUD_RUN_URL:-$(grep '^CLOUD_RUN_URL=' "${ENV_FILE}" 2>/dev/null | cut -d= -f2 || echo 'not set')}"
log ""
# Quick health check
if docker compose -f "${COMPOSE_FILE}" exec -T postgres pg_isready -U pdf_checker &>/dev/null; then
log "PostgreSQL: OK"
fi
log ""
log "Reloading Apache..."
sudo systemctl reload apache2 && log "Apache reloaded" || warn "Apache reload failed — run: sudo systemctl reload apache2"
log ""
log "Next steps (if first deploy):"
log " 1. Ensure pdf-api-invoker-key.json is at the GCP_SA_KEY_PATH location"
log " 2. Review ${WEB_DIR}/.env (especially CLOUD_RUN_URL and API keys)"
log ""
Reference in a new issue View git blame Copy permalink