chore: Generate nginx config using chatwoot installation scripts (#1687)

Co-authored-by: iriseden <iriseden@localhost.localdomain>
Co-authored-by: iriseden <ad.chabod@iriseden.eu>
pull/1797/head
Sojan Jose 3 years ago committed by GitHub
parent e9fb43c61e
commit 5daf970a87
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -0,0 +1,47 @@
server {
listen 80;
listen [::]:80;
server_name chatwoot.domain.com www.chatwoot.domain.com;
access_log /var/log/nginx/chatwoot_access_80.log;
error_log /var/log/nginx/chatwoot_error_80.log;
return 301 https://chatwoot.domain.com/;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name chatwoot.domain.com www.chatwoot.domain.com;
underscores_in_headers on;
access_log /var/log/nginx/chatwoot_access_443.log;
error_log /var/log/nginx/chatwoot_error_443.log;
location / {
proxy_pass_header Authorization;
proxy_pass http://127.0.0.1:3000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl on; # Optional
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection “”;
proxy_buffering off;
client_max_body_size 0;
proxy_read_timeout 36000s;
proxy_redirect off;
}
ssl_certificate /etc/letsencrypt/live/chatwoot.domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/chatwoot.domain.com/privkey.pem; # managed by Certbot
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_dhparam /etc/ssl/dhparam;
}

@ -2,7 +2,8 @@
# Description: Chatwoot installation script
# OS: Ubuntu 20.04 LTS / Ubuntu 20.10
# Script Version: 0.2
# Script Version: 0.5
# Run this script as root
apt update && apt upgrade -y
apt install -y curl
@ -17,14 +18,14 @@ apt install -y \
libssl-dev libyaml-dev libreadline-dev gnupg2 nginx redis-server \
redis-tools postgresql postgresql-contrib certbot \
python3-certbot-nginx nodejs yarn patch ruby-dev zlib1g-dev liblzma-dev \
libgmp-dev libncurses5-dev libffi-dev libgdbm6 libgdbm-dev
libgmp-dev libncurses5-dev libffi-dev libgdbm6 libgdbm-dev nginx-full
adduser --disabled-login --gecos "" chatwoot
sudo -i -u chatwoot bash << EOF
gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
gpg2 --keyserver hkp://pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
curl -sSL https://get.rvm.io | bash -s stable
EOF
addgroup chatwoot rvm
pg_pass=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 15 ; echo '')
sudo -i -u postgres psql << EOF
@ -32,6 +33,12 @@ sudo -i -u postgres psql << EOF
CREATE USER chatwoot CREATEDB;
ALTER USER chatwoot PASSWORD :'pass';
ALTER ROLE chatwoot SUPERUSER;
UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1';
DROP DATABASE template1;
CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING = 'UNICODE';
UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1';
\c template1
VACUUM FREEZE;
EOF
systemctl enable redis-server.service
@ -49,9 +56,9 @@ rvm use 2.7.2 --default
git clone https://github.com/chatwoot/chatwoot.git
cd chatwoot
if [[ -z "$1" ]]; then
git checkout master;
git checkout master;
else
git checkout $1;
git checkout $1;
fi
bundle
yarn
@ -76,8 +83,27 @@ cp /home/chatwoot/chatwoot/deployment/chatwoot.target /etc/systemd/system/chatwo
systemctl enable chatwoot.target
systemctl start chatwoot.target
read -p 'Would you like to configure Webserver and SSL (yes or no): ' configure_webserver
if [ $configure_webserver != "yes" ]
then
echo "Woot! Woot!! Chatwoot server installation is complete"
echo "The server will be accessible at http://<server-ip>:3000"
echo "To configure a domain and SSL certificate, follow the guide at https://www.chatwoot.com/docs/deployment/deploy-chatwoot-in-linux-vm"
# TODO: Auto-configure Nginx with SSL certificate
else
read -p 'What is your domain name server (chatwoot.domain.com for example) : ' domain_name
curl https://ssl-config.mozilla.org/ffdhe4096.txt >> /etc/ssl/dhparam
wget https://raw.githubusercontent.com/chatwoot/chatwoot/develop/deployment/nginx_chatwoot.conf
cp nginx_chatwoot.conf /etc/nginx/sites-available/nginx_chatwoot.conf
certbot certonly --nginx -d $domain_name
sed -i "s/chatwoot.domain.com/$domain_name/g" /etc/nginx/sites-available/nginx_chatwoot.conf
ln -s /etc/nginx/sites-available/nginx_chatwoot.conf /etc/nginx/sites-enabled/nginx_chatwoot.conf
systemctl restart nginx
sudo -i -u chatwoot << EOF
cd chatwoot
sed -i "s/http:\/\/0.0.0.0:3000/https:\/\/$domain_name/g" .env
EOF
systemctl restart chatwoot.target
echo "Woot! Woot!! Chatwoot server installation is complete"
echo "The server will be accessible at https://$domain_name"
fi

Loading…
Cancel
Save