Installation of exchanger-web / DONE

Prepare dependencies

apt install -y nano sudo curl wget
apt update
apt upgrade -y

1. Install Docker and Docker Compose

curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

2. Create runner user and add it to sudoers

sudo adduser --disabled-password --gecos "" runner
sudo usermod -aG sudo runner

3. Create docker group and add user to it

sudo usermod -aG docker runner

4. Switch to a 'runner' user

sudo su runner

newgrp docker

5. Create docker network

docker network create --subnet 10.1.0.0/24 exchanger-net

6. Docker login

Create a Personal Access Token in GitLab
Make sure to tick the read_registry permission scope
Create a reminder to update the PAT after expiration date, as once it expires you lose access for updates. https://git.boxexchanger.net/-/profile/personal_access_tokens

docker login rg.boxexchanger.net

# Username: your_gitlab_username
# Password: your_gitlab_pat

7. Create required folders

mkdir -p /home/runner/web_server
mkdir -p /home/runner/web_server/config
mkdir -p /home/runner/web_server/public
cd /home/runner/web_server

8. Place basic nginx config server_names_hash_bucket_size.conf

nano /home/runner/web_server/server_names_hash_bucket_size.conf

with content:

server_names_hash_bucket_size 64;

9. Place basic nginx config nginx_default.conf

nano /home/runner/web_server/nginx_default.conf

with content:

server {
    listen 80 default_server;
    server_name _;
    return 500;
}

10. Place Nginx nginx_admin.conf config

If you are using separate server for web and api change proxy_pass http://nginx-api:3000/service/ to http://ip.your.api.serveri:3000/service/ and expose port 3000 from your api server

nano /home/runner/web_server/nginx_admin.conf

map $http_upgrade $connection_upgrade {
    default upgrade;
    ""      close;
}

server {
    listen 80;
    server_name admin.domain.name;

    location / {
        proxy_pass http://exchanger-admin-web:80;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
    }
    
    location /service/ {
        proxy_pass http://nginx-api:3000/service/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
    }
    location /ws/ {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_pass http://nginx-api:3000/ws/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_redirect    off;
    }
    
    access_log off;
    error_log  /var/log/nginx-admin-error.log error;
    sendfile off;
    client_max_body_size 100m;
}

11. Place Nginx nginx_web.conf config

nano /home/runner/web_server/nginx_web.conf

map $http_upgrade $connection_upgrade {
    default upgrade;
    ""      close;
}
server {
    listen 80;
    server_name domain.name;
    return 301 https://www.domain.name$request_uri;
}

server {
    listen 80;
    server_name www.domain.name;
    location / {
        proxy_pass http://exchanger-client-web:80;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
    }
    location /service/ {
        proxy_pass http://nginx-api:3000/service/;
        proxy_http_version 1.1;
        add_header CF-IPCountry $http_cf_ipcountry always;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
    }
    location /ref/ {
        proxy_pass http://nginx-api:3000/service/ref/;
        proxy_http_version 1.1;
        add_header CF-IPCountry $http_cf_ipcountry always;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
    }
    location /ws/ {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_pass http://nginx-api:3000/ws/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_redirect    off;
    }
        
    access_log off;
    error_log  /var/log/nginx-error.log error;
    sendfile off;
    client_max_body_size 100m;
}

12. Create your docker-compose.yml

nano /home/runner/web_server/docker-compose.yml

Below example of docker compose file where you must change $VCS_NAMESPACE to your git group path for example bx4/project-name default branch :box :master if you have your own changes in your own branch please change :box to your container build tag

version: '3'
services:
  nginx-web:
    image: nginx
    container_name: nginx-web
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    networks:
      exchanger-net:
        ipv4_address: 10.1.0.250
    volumes:
      - ./server_names_hash_bucket_size.conf:/etc/nginx/conf.d/server_names_hash_bucket_size.conf:ro
      - ./nginx_default.conf:/etc/nginx/conf.d/default.conf:ro
      - ./nginx_web.conf:/etc/nginx/conf.d/web.conf:ro
      - ./nginx_admin.conf:/etc/nginx/conf.d/admin.conf:ro
  exchanger-admin-web:
    image: rg.boxexchanger.net/$VCS_NAMESPACE/exchanger-admin-web:master
    container_name: exchanger-admin-web
    restart: unless-stopped
    networks:
      exchanger-net:
        ipv4_address: 10.1.0.5
  exchanger-client-web:
    image: rg.boxexchanger.net/$VCS_NAMESPACE/exchanger-client-web:box
    container_name: exchanger-client-web
    restart: unless-stopped
    networks:
      exchanger-net:
        ipv4_address: 10.1.0.4
networks:
    exchanger-net:
        external: true

13. Start WEB server

docker compose up -d

All web configuration and request for build project you find in your personal account on our website https://licence.boxexchanger.net/licenses/

Server Side Render: \

Attention! This mod is not recommended for use; it creates a load on the server to build the project for each client, which greatly increases the delay in loading the site

To enable SSR mode add variable SSR = 1 in your account https://licence.boxexchanger.net/licenses/ then run pipeline for build project and fetch build on your server.

1. Preparing the environment

After installing the server, you need to connect to it via SSH and configure the environment

Install server packages (nano git curl)

apt update
apt upgrade -y
apt-get install -y curl git nano wget sudo

Install Nginx:

apt-get install -y nginx

Install NodeJS:

Installing NodeJs / DONE

2. Download the software to the server

Create an SSH key

Documentation from github.com Creating a new SSH key

Linux tutorial

ssh-keygen -t rsa -b 4096

> Enter x3

eval "$(ssh-agent -s)"

ssh-add ~/.ssh/id_rsa

Get your key:

cat ~/.ssh/id_rsa.pub

Copy the result and install this key in your git.boxexchanger.net account

Access to source code / DONE

Cloning repositories

cd /var/www/

git clone [email protected]:bx4/NAME_SPACE/exchanger-client-web.git

git clone [email protected]:bx4/NAME_SPACE/exchanger-admin-web.git

3. Building the admin panel

cd /var/www/exchanger-admin-web/

npm i

npm run configure

Configure the configuration:

nano .env

ADMIN_BASE_URL="https://admin.domain.name"
EXCHANGE_URL="https://www.domain.name"
PROXY_REST_API="http://localhost:3010/"

Building the project:

npm run generate

4. Building a web panel

cd /var/www/exchanger-client-web/

npm i

npm run configure

Configure the configuration: (if you encounter difficulties, please contact technical support [email protected])

nano config/app.json

Building the project:

npm run generate

5. Apply Nginx configuration

You need to replace

domain.com domain
admin domain: admin.domain.com
IP address of API server at rent it is available in the personal cabinet of the user if you have API on your server leave it 127.0.0.1.

nano /etc/nginx/sites-enabled/domain.com.conf

/etc/nginx/sites-enabled/domain.conf

map $http_upgrade $connection_upgrade {
    default upgrade;
    ""      close;
}
server {
    listen 80;
    server_name domain.com;    return 301 https://www.domain.com$request_uri;
}
server {
    listen 80;
    server_name www.domain.com;
    root "/var/www/exchanger-client-web";
    gzip on;
    gzip_comp_level 9;
    gzip_disable "msie6";
    gzip_types application/javascript text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    index index.html;
    charset utf-8;

    add_header "X-Frame-Options" "SAMEORIGIN";
    add_header "X-XSS-Protection" "1; mode=block";
    add_header "X-Content-Type-Options" "nosniff";

    location / {
        root /var/www/exchanger-client-web/dist/client;
        rewrite ^([^.]*[^/])$ $1/ permanent;
        try_files $uri $uri/ /200.html;
        # expires 7d;
    }
    access_log off;
    error_log  /var/www/exchanger-client-web/nginx-error.log error;
    sendfile off;
    client_max_body_size 100m;


    location /service/ {
        proxy_pass http://127.0.0.1:3010/;
        proxy_http_version 1.1;
        add_header CF-IPCountry $http_cf_ipcountry always;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
    }
    location /ref/ {
        proxy_pass http://nginx-api:3010/ref/;
        proxy_http_version 1.1;
        add_header CF-IPCountry $http_cf_ipcountry always;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
    }

    location /service/fs {
        alias /var/www/exchanger-api/public;
    }

    location /tg/ {
        proxy_pass http://127.0.0.1:3003/;
        proxy_http_version 1.1;
        add_header CF-IPCountry $http_cf_ipcountry always;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
    }
    #location /service/fs {
    #    alias /var/www/exchanger-api/public;
    #}
    location /ws/ {
        proxy_http_version 1.1;
        add_header CF-IPCountry $http_cf_ipcountry always;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_pass http://127.0.0.1:3011/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_redirect    off;
    }
}


server {
    listen 80;
    server_name admin.domain.com;
    root "/var/www/exchanger-admin-web";
    gzip on;
    gzip_comp_level 9;
    gzip_disable "msie6";
    gzip_types application/javascript text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    index index.html index.htm index.php;
    charset utf-8;

    add_header "X-Frame-Options" "DENY";
    add_header "X-XSS-Protection" "1; mode=block";
    add_header "X-Content-Type-Options" "nosniff";

    location / {
        root /var/www/exchanger-admin-web/dist/admin;
        try_files $uri $uri/ /index.html;
    }

    access_log off;
    error_log  /var/www/exchanger-admin-web/nginx-error.log error;
    sendfile off;
    client_max_body_size 100m;

    location /service/ {
        proxy_pass http://127.0.0.1:3010/;
        proxy_http_version 1.1;
        add_header CF-IPCountry $http_cf_ipcountry always;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_redirect off;
    }

    location /service/fs {
        alias /var/www/exchanger-api/public;
    }
}

Testing the nginx configuration:

nginx -t

Applying the changes:

service nginx restart

PreviousInstalling exchanger-api / DONE NextSetting up the build on CloudFlare Workers / DONE

Last updated 1 year ago