diff --git a/deploy/install.sh b/deploy/install.sh index 176dbd1..8a2441a 100644 --- a/deploy/install.sh +++ b/deploy/install.sh @@ -82,6 +82,15 @@ DOMAIN_PUBLIC="${DOMAIN_PUBLIC:-deepdrft.com}" read -rp " App subdomain [app.${DOMAIN_PUBLIC}]: " DOMAIN_APP DOMAIN_APP="${DOMAIN_APP:-app.${DOMAIN_PUBLIC}}" +read -rp " DeepDrftPublic port [5000]: " PORT_PUBLIC +PORT_PUBLIC="${PORT_PUBLIC:-5000}" + +read -rp " DeepDrftManager port [5001]: " PORT_MANAGER +PORT_MANAGER="${PORT_MANAGER:-5001}" + +read -rp " DeepDrftAPI port [5002]: " PORT_API +PORT_API="${PORT_API:-5002}" + CERTBOT_EMAIL="" while [[ -z "${CERTBOT_EMAIL}" ]]; do read -rp " Email for certbot TLS cert (required): " CERTBOT_EMAIL @@ -103,6 +112,9 @@ printf " │ %-22s %-37s│\n" "DB_AUTH" "${DB_AUTH}" printf " │ %-22s %-37s│\n" "DOMAIN_PUBLIC" "${DOMAIN_PUBLIC}" printf " │ %-22s %-37s│\n" "DOMAIN_APP" "${DOMAIN_APP}" printf " │ %-22s %-37s│\n" "CERTBOT_EMAIL" "${CERTBOT_EMAIL}" +printf " │ %-22s %-37s│\n" "PORT_PUBLIC" "${PORT_PUBLIC}" +printf " │ %-22s %-37s│\n" "PORT_MANAGER" "${PORT_MANAGER}" +printf " │ %-22s %-37s│\n" "PORT_API" "${PORT_API}" printf " │ %-22s %-37s│\n" "OPT_DIR" "${OPT_DIR}" echo " └──────────────────────────────────────────────────────────────┘" echo @@ -204,6 +216,10 @@ cp "${SCRIPT_DIR}/systemd/deepdrftpublic.service" "${APP_HOME}/.config/systemd/ cp "${SCRIPT_DIR}/systemd/deepdrftmanager.service" "${APP_HOME}/.config/systemd/user/" cp "${SCRIPT_DIR}/systemd/deepdrftapi.service" "${APP_HOME}/.config/systemd/user/" +sed -i "s|__PORT_PUBLIC__|${PORT_PUBLIC}|g" "${APP_HOME}/.config/systemd/user/deepdrftpublic.service" +sed -i "s|__PORT_MANAGER__|${PORT_MANAGER}|g" "${APP_HOME}/.config/systemd/user/deepdrftmanager.service" +sed -i "s|__PORT_API__|${PORT_API}|g" "${APP_HOME}/.config/systemd/user/deepdrftapi.service" + chown -R "${APP_USER}:${APP_USER}" "${APP_HOME}/.config/systemd" # daemon-reload and enable. XDG_RUNTIME_DIR must be set explicitly — PAM may not @@ -237,6 +253,7 @@ else DB_AUTH="${DB_AUTH}" \ DOMAIN_PUBLIC="${DOMAIN_PUBLIC}" \ DOMAIN_APP="${DOMAIN_APP}" \ + PORT_API="${PORT_API}" \ bash "${SCRIPT_DIR}/setup-step10-creds.sh" fi @@ -371,10 +388,12 @@ step 9 "nginx" # Templates use __DOMAIN_PUBLIC__ and __DOMAIN_APP__ so the files in the tarball # don't contain real hostnames — substitution happens at install time. sed -e "s|__DOMAIN_PUBLIC__|${DOMAIN_PUBLIC}|g" \ + -e "s|__PORT_PUBLIC__|${PORT_PUBLIC}|g" \ "${SCRIPT_DIR}/nginx/deepdrft-public.conf" \ > "/etc/nginx/sites-available/${DOMAIN_PUBLIC}.conf" sed -e "s|__DOMAIN_APP__|${DOMAIN_APP}|g" \ + -e "s|__PORT_MANAGER__|${PORT_MANAGER}|g" \ "${SCRIPT_DIR}/nginx/deepdrft-manager.conf" \ > "/etc/nginx/sites-available/${DOMAIN_APP}.conf" diff --git a/deploy/nginx/deepdrft-manager.conf b/deploy/nginx/deepdrft-manager.conf index 4274623..02e7bfe 100644 --- a/deploy/nginx/deepdrft-manager.conf +++ b/deploy/nginx/deepdrft-manager.conf @@ -4,7 +4,7 @@ server { server_name __DOMAIN_APP__; location / { - proxy_pass http://localhost:5001; + proxy_pass http://localhost:__PORT_MANAGER__; proxy_http_version 1.1; proxy_set_header Host $host; diff --git a/deploy/nginx/deepdrft-public.conf b/deploy/nginx/deepdrft-public.conf index f4622a3..a0fdaaa 100644 --- a/deploy/nginx/deepdrft-public.conf +++ b/deploy/nginx/deepdrft-public.conf @@ -4,7 +4,7 @@ server { server_name __DOMAIN_PUBLIC__; location / { - proxy_pass http://localhost:5000; + proxy_pass http://localhost:__PORT_PUBLIC__; proxy_http_version 1.1; proxy_set_header Host $host; diff --git a/deploy/setup-step10-creds.sh b/deploy/setup-step10-creds.sh index 1b79d2b..e51086c 100644 --- a/deploy/setup-step10-creds.sh +++ b/deploy/setup-step10-creds.sh @@ -213,7 +213,7 @@ fi # ── 5. api-public.json — no prompts, static localhost URL ──────────────────── if need_cred "api-public"; then write_cred "api-public" \ - '{"Api":{"ContentApiUrl":"http://localhost:5002"}}' + "{\"Api\":{\"ContentApiUrl\":\"http://localhost:${PORT_API:-5002}\"}}" else echo "[setup-step10-creds] api-public.json already exists, skipping" fi @@ -226,7 +226,7 @@ if need_cred "api-manager"; then read -rp " Enter the API key: " API_KEY fi write_cred "api-manager" \ - "{\"Api\":{\"ContentApiUrl\":\"http://localhost:5002\",\"ContentApiKey\":\"$(json_escape "${API_KEY}")\"}}" + "{\"Api\":{\"ContentApiUrl\":\"http://localhost:${PORT_API:-5002}\",\"ContentApiKey\":\"$(json_escape "${API_KEY}")\"}}" unset API_KEY else echo "[setup-step10-creds] api-manager.json already exists, skipping" diff --git a/deploy/systemd/deepdrftapi.service b/deploy/systemd/deepdrftapi.service index 199c0cd..30d64ed 100644 --- a/deploy/systemd/deepdrftapi.service +++ b/deploy/systemd/deepdrftapi.service @@ -13,7 +13,7 @@ ExecStart=%h/api/deepdrft/bin/DeepDrftAPI # Non-secret config — hardcoded; no plaintext file needed. Environment=ASPNETCORE_ENVIRONMENT=Production -Environment=ASPNETCORE_URLS=http://localhost:5002 +Environment=ASPNETCORE_URLS=http://localhost:__PORT_API__ # Secrets — loaded at startup into $CREDENTIALS_DIRECTORY/. # Files live at %h/.config/credentials/ (deepdrft:deepdrft 600). diff --git a/deploy/systemd/deepdrftmanager.service b/deploy/systemd/deepdrftmanager.service index 0a7ea87..1707141 100644 --- a/deploy/systemd/deepdrftmanager.service +++ b/deploy/systemd/deepdrftmanager.service @@ -13,7 +13,7 @@ ExecStart=%h/manager/bin/DeepDrftManager # Non-secret config — hardcoded; no plaintext file needed. Environment=ASPNETCORE_ENVIRONMENT=Production -Environment=ASPNETCORE_URLS=http://localhost:5001 +Environment=ASPNETCORE_URLS=http://localhost:__PORT_MANAGER__ # Secrets — loaded at startup into $CREDENTIALS_DIRECTORY/. # File lives at %h/.config/credentials/ (deepdrft:deepdrft 600). diff --git a/deploy/systemd/deepdrftpublic.service b/deploy/systemd/deepdrftpublic.service index df9d42d..4b14d79 100644 --- a/deploy/systemd/deepdrftpublic.service +++ b/deploy/systemd/deepdrftpublic.service @@ -13,7 +13,7 @@ ExecStart=%h/public/bin/DeepDrftPublic # Non-secret config — hardcoded; no plaintext file needed. Environment=ASPNETCORE_ENVIRONMENT=Production -Environment=ASPNETCORE_URLS=http://localhost:5000 +Environment=ASPNETCORE_URLS=http://localhost:__PORT_PUBLIC__ # Secrets — loaded at startup into $CREDENTIALS_DIRECTORY/. # File lives at %h/.config/credentials/ (deepdrft:deepdrft 600).