Created
March 26, 2026 13:46
-
-
Save AIWintermuteAI/ddbd8fefd349a76d01b36758c2dfa325 to your computer and use it in GitHub Desktop.
Scripts for Namecheap Hosting Migration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -euo pipefail | |
| # Pull latest code and re-apply required runtime permissions. | |
| APP_DIR="${1:-$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)}" | |
| WEB_USER="www-data" | |
| WEB_GROUP="www-data" | |
| if [[ "$EUID" -ne 0 ]]; then | |
| echo "Run with sudo: sudo bash deploy/oci/deploy_update.sh [app_dir]" | |
| exit 1 | |
| fi | |
| if [[ ! -d "$APP_DIR/.git" ]]; then | |
| echo "Error: $APP_DIR is not a git repository" | |
| exit 1 | |
| fi | |
| echo "[1/4] Pull latest code" | |
| git -C "$APP_DIR" fetch --all --prune | |
| git -C "$APP_DIR" pull --ff-only | |
| echo "[2/4] Restore executable bits for deployment scripts" | |
| chmod +x "$APP_DIR/deploy/oci/setup_server.sh" || true | |
| chmod +x "$APP_DIR/deploy/oci/deploy_update.sh" || true | |
| echo "[3/4] Ensure runtime writable paths" | |
| mkdir -p "$APP_DIR/ncsitebuilder/tmp" | |
| mkdir -p "$APP_DIR/ncsitebuilder/src/forms" | |
| chown -R "$WEB_USER":"$WEB_GROUP" "$APP_DIR/ncsitebuilder/tmp" "$APP_DIR/ncsitebuilder/src/forms" | |
| chmod -R 750 "$APP_DIR/ncsitebuilder/tmp" "$APP_DIR/ncsitebuilder/src/forms" | |
| echo "[4/4] Reload services" | |
| systemctl reload apache2 | |
| systemctl reload php*-fpm || true | |
| echo "Deploy update complete." |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -euo pipefail | |
| # Usage: | |
| # sudo bash deploy/oci/setup_server.sh <domain-or-_> <github_repo_ssh_url> [app_dir] | |
| # Example: | |
| # sudo bash deploy/oci/setup_server.sh example.com git@github.com:USER/REPO.git /var/www/public_html | |
| # Notes: | |
| # - Use "_" as domain if DNS is not ready yet. | |
| # - Run as root (or with sudo). | |
| DOMAIN="${1:-_}" | |
| REPO_URL="${2:-}" | |
| APP_DIR="${3:-/var/www/public_html}" | |
| WEB_USER="www-data" | |
| if [[ -z "$REPO_URL" ]]; then | |
| echo "Error: GitHub SSH repository URL is required." | |
| echo "Usage: sudo bash $0 <domain-or-_> <github_repo_ssh_url> [app_dir]" | |
| exit 1 | |
| fi | |
| if [[ "$EUID" -ne 0 ]]; then | |
| echo "Error: run this script as root (sudo)." | |
| exit 1 | |
| fi | |
| echo "[1/10] System update" | |
| apt-get update -y | |
| DEBIAN_FRONTEND=noninteractive apt-get upgrade -y | |
| echo "[2/10] Install core packages" | |
| DEBIAN_FRONTEND=noninteractive apt-get install -y \ | |
| apache2 \ | |
| git \ | |
| ufw \ | |
| unzip \ | |
| ca-certificates \ | |
| software-properties-common \ | |
| unattended-upgrades \ | |
| certbot \ | |
| python3-certbot-apache \ | |
| php \ | |
| php-cli \ | |
| php-fpm \ | |
| php-curl \ | |
| php-mbstring \ | |
| php-xml \ | |
| php-zip \ | |
| php-gd \ | |
| php-intl | |
| echo "[3/10] Enable Apache modules" | |
| a2enmod rewrite headers proxy_fcgi setenvif expires ssl | |
| PHP_VERSION="$(php -r 'echo PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')" | |
| PHP_FPM_CONF="php${PHP_VERSION}-fpm" | |
| echo "[4/10] Enable PHP-FPM integration (${PHP_FPM_CONF})" | |
| a2enconf "$PHP_FPM_CONF" | |
| systemctl enable "php${PHP_VERSION}-fpm" | |
| systemctl restart "php${PHP_VERSION}-fpm" | |
| echo "[5/10] Configure firewall" | |
| ufw allow OpenSSH || true | |
| ufw allow 'Apache Full' || true | |
| ufw --force enable | |
| echo "[6/10] Prepare application directory: ${APP_DIR}" | |
| mkdir -p "$APP_DIR" | |
| if [[ ! -d "$APP_DIR/.git" ]]; then | |
| git clone "$REPO_URL" "$APP_DIR" | |
| else | |
| echo "Git repository already exists in ${APP_DIR}; skipping clone" | |
| fi | |
| echo "[7/10] Set baseline ownership and permissions" | |
| chown -R root:"$WEB_USER" "$APP_DIR" | |
| find "$APP_DIR" -type d -exec chmod 755 {} \; | |
| find "$APP_DIR" -type f -exec chmod 644 {} \; | |
| if [[ -f "$APP_DIR/deploy/oci/deploy_update.sh" ]]; then | |
| chmod +x "$APP_DIR/deploy/oci/deploy_update.sh" | |
| fi | |
| # Writable runtime paths required by this app | |
| mkdir -p "$APP_DIR/ncsitebuilder/tmp" | |
| mkdir -p "$APP_DIR/ncsitebuilder/src/forms" | |
| chown -R "$WEB_USER":"$WEB_USER" "$APP_DIR/ncsitebuilder/tmp" "$APP_DIR/ncsitebuilder/src/forms" | |
| chmod -R 750 "$APP_DIR/ncsitebuilder/tmp" "$APP_DIR/ncsitebuilder/src/forms" | |
| echo "[8/10] Install Apache site config" | |
| if [[ ! -f "$APP_DIR/deploy/oci/apache-site.conf" ]]; then | |
| echo "Error: missing $APP_DIR/deploy/oci/apache-site.conf" | |
| exit 1 | |
| fi | |
| SITE_CONF="/etc/apache2/sites-available/site.conf" | |
| cp "$APP_DIR/deploy/oci/apache-site.conf" "$SITE_CONF" | |
| # Replace placeholders in site config | |
| sed -i "s|__APP_DIR__|$APP_DIR|g" "$SITE_CONF" | |
| if [[ "$DOMAIN" == "_" ]]; then | |
| sed -i "s|__SERVER_NAME__|_|g" "$SITE_CONF" | |
| else | |
| sed -i "s|__SERVER_NAME__|$DOMAIN|g" "$SITE_CONF" | |
| fi | |
| a2dissite 000-default.conf || true | |
| a2ensite site.conf | |
| apache2ctl configtest | |
| systemctl enable apache2 | |
| systemctl restart apache2 | |
| echo "[9/10] Optional HTTPS with Let's Encrypt" | |
| if [[ "$DOMAIN" != "_" ]]; then | |
| certbot --apache -d "$DOMAIN" --non-interactive --agree-tos -m "admin@$DOMAIN" --redirect || true | |
| else | |
| echo "Skipped certbot because domain is '_'" | |
| fi | |
| echo "[10/10] Final checks" | |
| php -v | head -n 1 | |
| apache2ctl -S | head -n 20 | |
| echo "Done." | |
| echo "Next deploys: cd $APP_DIR && sudo bash deploy/oci/deploy_update.sh" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment