From 1950ecc7d6260751d87bb31758e239db5e65688a Mon Sep 17 00:00:00 2001 From: Vadym Samoilenko Date: Wed, 15 Apr 2026 15:16:30 +0100 Subject: [PATCH] Restore Apache step: add Include to /etc/apache2 on deploy MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On first deploy replaces the old inline hp-prod-tracker block in optical-dev.oliver.solutions.conf with an Include pointing to apache/hp-prod-tracker.conf. Idempotent — skips if Include already present. Co-Authored-By: Claude Sonnet 4.6 --- deploy.sh | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/deploy.sh b/deploy.sh index d2901fa..9178596 100644 --- a/deploy.sh +++ b/deploy.sh @@ -170,9 +170,38 @@ done echo "" # ───────────────────────────────────────────────────────────────────────────── -# STEP 7: UFW Firewall +# STEP 7: Apache — add Include if not already present # ───────────────────────────────────────────────────────────────────────────── -info "Step 7: Configuring UFW firewall..." +info "Step 7: Configuring Apache..." + +APACHE_CONF="/etc/apache2/sites-available/optical-dev.oliver.solutions.conf" +APACHE_SNIPPET="$SCRIPT_DIR/apache/hp-prod-tracker.conf" +INCLUDE_LINE=" Include $APACHE_SNIPPET" + +if [[ ! -f "$APACHE_CONF" ]]; then + warn " $APACHE_CONF not found — skipping (add manually: $INCLUDE_LINE)" +elif grep -qF "$APACHE_SNIPPET" "$APACHE_CONF"; then + info " Include already present — skipping" +else + # Remove the old manually-added inline block before inserting the canonical Include + sudo sed -i '/# .*HP-PROD-TRACKER\|HP-PROD-TRACKER.*3001/d' "$APACHE_CONF" + sudo sed -i '/ProxyPass[[:space:]].*hp-prod-tracker/d' "$APACHE_CONF" + sudo sed -i '/ProxyPassReverse[[:space:]].*hp-prod-tracker/d' "$APACHE_CONF" + + # Insert Include before + sudo sed -i "s||$INCLUDE_LINE\n|" "$APACHE_CONF" + info " Added: $INCLUDE_LINE" + + sudo apache2ctl configtest 2>&1 | grep -q "Syntax OK" \ + || { error "Apache config test failed — check $APACHE_CONF"; sudo apache2ctl configtest; exit 1; } + sudo systemctl reload apache2 + info " Apache reloaded OK" +fi + +# ───────────────────────────────────────────────────────────────────────────── +# STEP 8: UFW Firewall +# ───────────────────────────────────────────────────────────────────────────── +info "Step 8: Configuring UFW firewall..." sudo ufw default deny incoming 2>/dev/null || true sudo ufw default allow outgoing 2>/dev/null || true