Deployment Guide - UQ-eLIPSE/think-chat-learn GitHub Wiki
Create zone
triton --act-as=elipse instance create --name=tcl-<tag_number> --network=zones webproject s1-standard
Enable MongoDB
webprojctl enable mongodb
Check the following packages are installed (Already installed on webproject image)
-
Node 12.x(If not, then installnusingnpm i -g nand thenn 12)
Create application directory
mkdir /var/www/server && chown www-data:www-data /var/www/server
Create deployboy user for service
adduser --disabled-password --no-create-home --ingroup sysadmin --gecos "" deployboy
Create Systemd service
-
Create
/etc/systemd/system/tcl.service(See below Files → Systemd Service) -
systemctl enable tcl
Manta setup (used for storing images)
-
https://github.com/UQ-eLIPSE/think-chat-learn/wiki/Manta-Setup
-
Copy Manta private key to /var/www/tcl_id.rsa on server
Nginx configuration
-
Create
/etc/nginx/conf.d/upstream-backend-8080.conf(See below Files → Nginx upstream configuration) -
Create
/etc/nginx/frameworks-enabled/tcl.conf(See below Files → Nginx TCL configuration ) -
nginx -t -
service nginx restart -
service tcl restart
TCL deployment script is run locally. The script builds locally, then built files are copied to the desired server.
Pre-requisites (deployment server/zone)
-
Zone has been set up using the steps in the previous section
-
Pre-requisites (local machine)
-
Docker is installed
-
server.envandcommon.envare correctly configured and can be found in/science/stor/TCL/envsin Manta. Make sure the URL is set correctly.
Steps
-
Clone think-chat-learn repository to local machine and checkout develop
-
Set appropriate values in
server.envandcommon.envneeded for deployment -
From project root, run deploy script
-
./deploy.sh -hfor script help
Usage:
USER=root ZONE=<zone_name>.zones.eait.uq.edu.au KEYFILE=~/.ssh/id_rsa ./deploy.sh
Note: KEYFILE not required if ssh agent is configured appropriately. If no ssh key is available, password will have to be entered interactively for user USER.
On the zone, run the following: sudo systemctl daemon-reload && sudo systemctl restart tcl
Systemd File:
[Unit]
Description=Think.Chat.Learn Systemd service
# Run after mongo as the node process won't run otherwise
After=mongod.service
[Service]
Type=simple
# A suitable person/user
User=deployboy
# Replace with the actual directory
WorkingDirectory=/var/www/server/server/
ExecStart=/usr/bin/node main.js
# Theoretically keeps trying indefinitely
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
Upstream File
upstream backend {
server localhost:8080;
}
TCL conf file:
# Place in /etc/nginx/frameworks-enabled/
location /ping {
access_log off;
return 200 'pong';
}
location /client {
root /var/www/server/;
add_header X-urii "$uri" always;
add_header X-Frame-Options "INVALID" always;
index index.html index.htm index.php index.jsp index.aspx;
try_files $uri $uri/ =404;
}
location /admin {
root /var/www/server/;
add_header X-urii "$uri" always;
index index.html index.htm index.php index.jsp index.aspx;
add_header X-Frame-Options "INVALID" always;
try_files $uri $uri/ =404;
}
location /intermediate {
root /var/www/server/;
add_header X-urii "$uri" always;
index index.html index.htm index.php index.jsp index.aspx;
add_header X-Frame-Options "INVALID" always;
try_files $uri $uri/ =404;
}
# Identifier for node application
location /lti.php {
# rewrite ^ https://$host/api/user/login redirect;
add_header X-Frame-Options https://staging-blackboard.elearning.uq.edu.au;
add_header X-Frame-Options "INVALID" always;
proxy_pass http://localhost:8080/user/login;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto "https";
}
location / {
try_files $uri $uri/ @backend;
}
location @backend {
proxy_pass http://backend;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Following is necessary for Websocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 120s;
client_max_body_size 0;
add_header X-Frame-Options "INVALID" always;
}