exp

updated music service for https
added music servoce http
2025-07-29 01:05:47 +01:00 · 2025-07-09 14:36:23 +01:00 · 2025-07-09 14:31:28 +01:00 · 2025-06-30 22:50:54 +01:00 · 2025-06-30 22:50:38 +01:00 · 2025-06-30 22:50:30 +01:00
9 changed files with 197 additions and 101 deletions
--- a/deploy.sh
+++ b/deploy.sh
@@ -1,96 +0,0 @@
 #!/bin/bash
 # ==============================================================================
 # NGINX CONFIG DEPLOYMENT SCRIPT
 #
 # This script securely copies NGINX configuration files to a remote server
 # using an SSH key for authentication.
 #
 # INSTRUCTIONS:
 # 1. Edit the `REMOTE_USER` and `REMOTE_HOST` variables below.
 # 2. Place this script in the same directory as your `nginx.conf` file
 #    and your `sites-available` folder.
 # 3. Make the script executable with: chmod +x <script_name>.sh
 # 4. Run the script with: ./<script_name>.sh
 # ==============================================================================
 # --- Configuration ---
 # PLEASE EDIT THESE TWO VARIABLES with your server details.
 REMOTE_USER="ubuntu"      # Example: ubuntu, ec2-user, root
 REMOTE_HOST="3.9.182.122"  # Example: 192.168.1.100 or my-server.com
 # --- File & Path Definitions ---
 # Path to your private SSH key.
 # The '~' symbol represents your home directory.
 KEY_FILE="~/repos/azeem-macbookair.pem"
 # Source files and directory.
 # These are expected to be in the same directory as this script.
 # Note: I've corrected the spelling of 'sites-available' for you.
 SOURCE_NGINX_CONF="nginx.conf"
 SOURCE_SITES_DIR="sites-available"
 # Destination paths on the remote server.
 DEST_NGINX_PATH="/etc/nginx/"
 DEST_SITES_PATH="/etc/nginx/sites-available/"
 # --- Script Logic ---
 echo "🚀 Starting NGINX configuration deployment to $REMOTE_HOST..."
 echo "--------------------------------------------------------"
 # Expand the tilde (~) in the key file path to an absolute path.
 # This is necessary because scp might not expand '~' correctly otherwise.
 EVAL_KEY_FILE=$(eval echo "$KEY_FILE")
 # --- Pre-flight Checks ---
 # Check 1: Ensure the SSH key file exists.
 if [ ! -f "$EVAL_KEY_FILE" ]; then
    echo "❌ ERROR: SSH key not found at $EVAL_KEY_FILE"
    echo "Please ensure the path in the KEY_FILE variable is correct."
    exit 1
 fi
 # Check 2: Ensure the main nginx.conf file exists.
 if [ ! -f "$SOURCE_NGINX_CONF" ]; then
    echo "❌ ERROR: Source file '$SOURCE_NGINX_CONF' not found in this directory."
    exit 1
 fi
 # Check 3: Ensure the sites-available directory exists.
 if [ ! -d "$SOURCE_SITES_DIR" ]; then
    echo "❌ ERROR: Source directory '$SOURCE_SITES_DIR' not found."
    echo "Note: The script expects this directory to be named 'sites-available'."
    exit 1
 fi
 # --- File Transfer Operations ---
 # Step 1: Transfer the main nginx.conf file.
 echo "- Transferring '$SOURCE_NGINX_CONF' to $DEST_NGINX_PATH..."
 scp -i "$EVAL_KEY_FILE" "$SOURCE_NGINX_CONF" "${REMOTE_USER}@${REMOTE_HOST}:${DEST_NGINX_PATH}"
 # Check if the last command (scp) was successful.
 if [ $? -ne 0 ]; then
    echo "❌ ERROR: Failed to transfer '$SOURCE_NGINX_CONF'. Aborting."
    exit 1
 fi
 echo "  ✅ Success."
 echo
 # Step 2: Transfer the contents of the sites-available directory.
 # The '-r' flag is for recursive copy (required for directories).
 # The '/*' at the end of the source path copies the *contents* of the directory.
 echo "- Transferring all files from '$SOURCE_SITES_DIR/' to $DEST_SITES_PATH..."
 scp -i "$EVAL_KEY_FILE" -r "${SOURCE_SITES_DIR}/"* "${REMOTE_USER}@${REMOTE_HOST}:${DEST_SITES_PATH}"
 if [ $? -ne 0 ]; then
    echo "❌ ERROR: Failed to transfer contents of '$SOURCE_SITES_DIR'. Aborting."
    exit 1
 fi
 echo "  ✅ Success."
 echo
 # --- Completion ---
 echo "--------------------------------------------------------"
 echo "🎉 Deployment complete! All files transferred successfully."
--- a/http_archive/homarr-http
+++ b/http_archive/homarr-http
@@ -0,0 +1,15 @@
 # HTTP-only NGINX config for home.aaf.systems (no SSL)
 server {
    listen 80;
    server_name home.aaf.systems;
    location / {
        proxy_pass http://100.93.165.98:7575;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
 }
--- a/sites-available/affine
+++ b/sites-available/affine
@@ -0,0 +1,33 @@
 # Block 1: Redirects all HTTP traffic to HTTPS
 server {
    listen 80;
    server_name notes.aaf.systems;
    # This redirect is managed by Certbot's --redirect flag, 
    # but we include it for completeness.
    return 301 https://$host$request_uri;
 }
 # Block 2: Handles the secure HTTPS traffic
 server {
    listen 443 ssl http2;
    server_name notes.aaf.systems;
    # --- This is the location block that was missing ---
    location / {
        proxy_pass http://100.93.165.98:3010;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    # --- End of location block ---
    # SSL settings managed by Certbot
    ssl_certificate /etc/letsencrypt/live/git.aaf.systems/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/git.aaf.systems/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
 }
--- a/sites-available/exp
+++ b/sites-available/exp
@@ -0,0 +1,28 @@
 # Block 1: Redirects all HTTP traffic to HTTPS
 server {
    listen 80;
    server_name exp.aaf.systems;
    return 301 https://$host$request_uri;
 }
 # Block 2: Handles the secure HTTPS traffic
 server {
    listen 443 ssl http2;
    server_name exp.aaf.systems;
    location / {
        proxy_pass http://100.93.165.98:8080;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    # SSL settings managed by Certbot
    ssl_certificate /etc/letsencrypt/live/exp.aaf.systems/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/exp.aaf.systems/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 }
--- a/sites-available/gitea
+++ b/sites-available/gitea
@@ -1,19 +1,17 @@
 # Block 1: Redirects all HTTP traffic to HTTPS
 server {
    listen 80;
    server_name git.aaf.systems;
    # Redirect all HTTP traffic to HTTPS
    return 301 https://$host$request_uri;
 }
 # Block 2: Handles the secure HTTPS traffic
 server {
    listen 443 ssl http2;
    server_name git.aaf.systems;
    # SSL Certificates (managed by Certbot)
    ssl_certificate /etc/letsencrypt/live/git.aaf.systems/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/git.aaf.systems/privkey.pem;
    location / {
        # IMPORTANT: Replace with the correct Tailscale IP for your Gitea server
        proxy_pass http://100.93.165.98:3000;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -22,4 +20,10 @@ server {
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    # SSL settings managed by Certbot
    ssl_certificate /etc/letsencrypt/live/git.aaf.systems/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/git.aaf.systems/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 }
--- a/sites-available/homarr
+++ b/sites-available/homarr
@@ -0,0 +1,28 @@
 # Block 1: Redirects all HTTP traffic to HTTPS
 server {
    listen 80;
    server_name home.aaf.systems;
    return 301 https://$host$request_uri;
 }
 # Block 2: Handles the secure HTTPS traffic
 server {
    listen 443 ssl http2;
    server_name home.aaf.systems;
    location / {
        proxy_pass http://100.93.165.98:7575;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    # SSL settings managed by Certbot
    ssl_certificate /etc/letsencrypt/live/home.aaf.systems/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/home.aaf.systems/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 }
--- a/sites-available/koel
+++ b/sites-available/koel
@@ -0,0 +1,28 @@
 # Block 1: Redirects all HTTP traffic to HTTPS
 server {
    listen 80;
    server_name music.aaf.systems;
    return 301 https://$host$request_uri;
 }
 # Block 2: Handles the secure HTTPS traffic
 server {
    listen 443 ssl http2;
    server_name music.aaf.systems;
    location / {
        proxy_pass http://100.93.165.98:4075;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    # SSL settings managed by Certbot
    ssl_certificate /etc/letsencrypt/live/music.aaf.systems/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/music.aaf.systems/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 }
--- a/sites-available/plane
+++ b/sites-available/plane
@@ -0,0 +1,28 @@
 # Block 1: Redirects all HTTP traffic to HTTPS
 server {
    listen 80;
    server_name projects.aaf.systems;
    return 301 https://$host$request_uri;
 }
 # Block 2: Handles the secure HTTPS traffic
 server {
    listen 443 ssl http2;
    server_name projects.aaf.systems;
    location / {
        proxy_pass http://100.93.165.98:3050;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    # SSL settings managed by Certbot
    ssl_certificate /etc/letsencrypt/live/projects.aaf.systems/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/projects.aaf.systems/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 }
--- a/sites-available/vert
+++ b/sites-available/vert
@@ -0,0 +1,28 @@
 # Block 1: Redirects all HTTP traffic to HTTPS
 server {
    listen 80;
    server_name convert.aaf.systems;
    return 301 https://$host$request_uri;
 }
 # Block 2: Handles the secure HTTPS traffic
 server {
    listen 443 ssl http2;
    server_name convert.aaf.systems;
    location / {
        proxy_pass http://100.93.165.98:3090;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    # SSL settings managed by Certbot
    ssl_certificate /etc/letsencrypt/live/convert.aaf.systems/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/convert.aaf.systems/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 }
Author	SHA1	Message	Date
Azeem Fidahusein	f42200dc42	exp	2025-07-29 01:05:47 +01:00
Azeem Fidahusein	bfb7c80202	updated music service for https	2025-07-09 14:36:23 +01:00
Azeem Fidahusein	c5517ebe05	added music servoce http	2025-07-09 14:31:28 +01:00
Azeem Fidahusein	f986f39ff1	file conversion service	2025-06-30 22:50:54 +01:00
Azeem Fidahusein	7655afa419	project management service	2025-06-30 22:50:38 +01:00
Azeem Fidahusein	079899425a	added homarr http to http as template for inital http set up url	2025-06-30 22:50:30 +01:00
Azeem Fidahusein	cef90d34f8	updaetd homar and moved old http over	2025-06-25 21:37:05 +01:00
Azeem Fidahusein	53eec2deb4	added homarr config	2025-06-25 21:04:26 +01:00
Azeem Fidahusein	c98604352c	updated gitea config	2025-06-25 20:43:25 +01:00
Azeem Fidahusein	a801d596e3	removed deployment scripts	2025-06-25 12:41:56 +01:00
Azeem Fidahusein	68053c8ff0	updated deployed scripts	2025-06-25 08:49:14 +01:00
Azeem Fidahusein	83a12f0423	added python deploy	2025-06-25 08:48:00 +01:00
Azeem Fidahusein	ac367a148a	updated logic with two stage approach	2025-06-24 21:28:58 +01:00
Azeem Fidahusein	74fec08104	logic	2025-06-24 21:20:30 +01:00
Azeem Fidahusein	238d690024	logic	2025-06-24 21:18:46 +01:00
Azeem Fidahusein	59023322f7	updated logic	2025-06-24 21:04:21 +01:00
Azeem Fidahusein	644ec92cc9	logic update	2025-06-24 21:03:49 +01:00
Azeem Fidahusein	8e450a9f25	updated deploy logc	2025-06-24 21:02:20 +01:00
Azeem Fidahusein	38f373afb8	added affine service	2025-06-24 21:00:42 +01:00
Azeem Fidahusein	c6714d2ff6	updated deployment logic	2025-06-24 20:59:57 +01:00
Azeem Fidahusein	948c01638b	updated deployment logic	2025-06-24 20:47:27 +01:00