Installation of exchanger-web / DONE
Prepare dependencies
apt install -y nano sudo curl wget
apt update
apt upgrade -y1. Install Docker and Docker Compose
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh2. Create runner user and add it to sudoers
sudo adduser --disabled-password --gecos "" runner
sudo usermod -aG sudo runner3. Create docker group and add user to it
sudo usermod -aG docker runner4. Switch to a 'runner' user
sudo su runnernewgrp docker5. Create docker network
docker network create --subnet 10.1.0.0/24 exchanger-net6. Docker login
Create a Personal Access Token in GitLab
Make sure to tick the
read_registrypermission scopeCreate a reminder to update the PAT after expiration date, as once it expires you lose access for updates. https://git.boxexchanger.net/-/profile/personal_access_tokens
Login to docker read_registry
docker login rg.boxexchanger.net # Username: your_gitlab_username # Password: your_gitlab_pat
7. Create required folders
mkdir -p /home/runner/web_server
mkdir -p /home/runner/web_server/config
mkdir -p /home/runner/web_server/public
cd /home/runner/web_server8. Place basic nginx config server_names_hash_bucket_size.conf
nano /home/runner/web_server/server_names_hash_bucket_size.confwith content:
server_names_hash_bucket_size 64;9. Place basic nginx config nginx_default.conf
nano /home/runner/web_server/nginx_default.conf with content:
server {
listen 80 default_server;
server_name _;
return 500;
}10. Place Nginx nginx_admin.conf config
nano /home/runner/web_server/nginx_admin.confmap $http_upgrade $connection_upgrade {
default upgrade;
"" close;
}
server {
listen 80;
server_name admin.domain.name;
location / {
proxy_pass http://exchanger-admin-web:80;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
location /service/ {
proxy_pass http://nginx-api:3000/service/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
location /ws/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://nginx-api:3000/ws/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_redirect off;
}
access_log off;
error_log /var/log/nginx-admin-error.log error;
sendfile off;
client_max_body_size 100m;
}11. Place Nginx nginx_web.conf config
nano /home/runner/web_server/nginx_web.confmap $http_upgrade $connection_upgrade {
default upgrade;
"" close;
}
server {
listen 80;
server_name domain.name;
return 301 https://www.domain.name$request_uri;
}
server {
listen 80;
server_name www.domain.name;
location / {
proxy_pass http://exchanger-client-web:80;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
location /service/ {
proxy_pass http://nginx-api:3000/service/;
proxy_http_version 1.1;
add_header CF-IPCountry $http_cf_ipcountry always;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
location /ref/ {
proxy_pass http://nginx-api:3000/service/ref/;
proxy_http_version 1.1;
add_header CF-IPCountry $http_cf_ipcountry always;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
location /ws/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://nginx-api:3000/ws/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_redirect off;
}
access_log off;
error_log /var/log/nginx-error.log error;
sendfile off;
client_max_body_size 100m;
}12. Create your docker-compose.yml
nano /home/runner/web_server/docker-compose.ymlBelow example of docker compose file where you must change $VCS_NAMESPACE to your git group path for example bx4/project-name
default branch :box :master if you have your own changes in your own branch please change :box to your container build tag
version: '3'
services:
nginx-web:
image: nginx
container_name: nginx-web
restart: unless-stopped
ports:
- "80:80"
- "443:443"
networks:
exchanger-net:
ipv4_address: 10.1.0.250
volumes:
- ./server_names_hash_bucket_size.conf:/etc/nginx/conf.d/server_names_hash_bucket_size.conf:ro
- ./nginx_default.conf:/etc/nginx/conf.d/default.conf:ro
- ./nginx_web.conf:/etc/nginx/conf.d/web.conf:ro
- ./nginx_admin.conf:/etc/nginx/conf.d/admin.conf:ro
exchanger-admin-web:
image: rg.boxexchanger.net/$VCS_NAMESPACE/exchanger-admin-web:master
container_name: exchanger-admin-web
restart: unless-stopped
networks:
exchanger-net:
ipv4_address: 10.1.0.5
exchanger-client-web:
image: rg.boxexchanger.net/$VCS_NAMESPACE/exchanger-client-web:box
container_name: exchanger-client-web
restart: unless-stopped
networks:
exchanger-net:
ipv4_address: 10.1.0.4
networks:
exchanger-net:
external: true13. Start WEB server
docker compose up -dServer Side Render: \
Attention! This mod is not recommended for use; it creates a load on the server to build the project for each client, which greatly increases the delay in loading the site
To enable SSR mode add variable SSR = 1 in your account https://licence.boxexchanger.net/licenses/ then run pipeline for build project and fetch build on your server.
1. Preparing the environment
After installing the server, you need to connect to it via SSH and configure the environment
Install server packages (nano git curl)
apt update
apt upgrade -y
apt-get install -y curl git nano wget sudoInstall Nginx:
apt-get install -y nginxInstall NodeJS:
Installing NodeJs / DONE2. Download the software to the server
Create an SSH key
Documentation from github.com Creating a new SSH key
Linux tutorial
ssh-keygen -t rsa -b 4096> Enter x3
eval "$(ssh-agent -s)"ssh-add ~/.ssh/id_rsaGet your key:
cat ~/.ssh/id_rsa.pubCopy the result and install this key in your git.boxexchanger.net account
Access to source code / DONECloning repositories
cd /var/www/git clone [email protected]:bx4/NAME_SPACE/exchanger-client-web.gitgit clone [email protected]:bx4/NAME_SPACE/exchanger-admin-web.git3. Building the admin panel
cd /var/www/exchanger-admin-web/npm inpm run configureConfigure the configuration:
nano .envADMIN_BASE_URL="https://admin.domain.name"
EXCHANGE_URL="https://www.domain.name"
PROXY_REST_API="http://localhost:3010/"Building the project:
npm run generate4. Building a web panel
cd /var/www/exchanger-client-web/npm inpm run configureConfigure the configuration: (if you encounter difficulties, please contact technical support [email protected])
nano config/app.jsonBuilding the project:
npm run generate5. Apply Nginx configuration
nano /etc/nginx/sites-enabled/domain.com.confmap $http_upgrade $connection_upgrade {
default upgrade;
"" close;
}
server {
listen 80;
server_name domain.com; return 301 https://www.domain.com$request_uri;
}
server {
listen 80;
server_name www.domain.com;
root "/var/www/exchanger-client-web";
gzip on;
gzip_comp_level 9;
gzip_disable "msie6";
gzip_types application/javascript text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
index index.html;
charset utf-8;
add_header "X-Frame-Options" "SAMEORIGIN";
add_header "X-XSS-Protection" "1; mode=block";
add_header "X-Content-Type-Options" "nosniff";
location / {
root /var/www/exchanger-client-web/dist/client;
rewrite ^([^.]*[^/])$ $1/ permanent;
try_files $uri $uri/ /200.html;
# expires 7d;
}
access_log off;
error_log /var/www/exchanger-client-web/nginx-error.log error;
sendfile off;
client_max_body_size 100m;
location /service/ {
proxy_pass http://127.0.0.1:3010/;
proxy_http_version 1.1;
add_header CF-IPCountry $http_cf_ipcountry always;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
location /ref/ {
proxy_pass http://nginx-api:3010/ref/;
proxy_http_version 1.1;
add_header CF-IPCountry $http_cf_ipcountry always;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
location /service/fs {
alias /var/www/exchanger-api/public;
}
location /tg/ {
proxy_pass http://127.0.0.1:3003/;
proxy_http_version 1.1;
add_header CF-IPCountry $http_cf_ipcountry always;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
#location /service/fs {
# alias /var/www/exchanger-api/public;
#}
location /ws/ {
proxy_http_version 1.1;
add_header CF-IPCountry $http_cf_ipcountry always;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://127.0.0.1:3011/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_redirect off;
}
}
server {
listen 80;
server_name admin.domain.com;
root "/var/www/exchanger-admin-web";
gzip on;
gzip_comp_level 9;
gzip_disable "msie6";
gzip_types application/javascript text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
index index.html index.htm index.php;
charset utf-8;
add_header "X-Frame-Options" "DENY";
add_header "X-XSS-Protection" "1; mode=block";
add_header "X-Content-Type-Options" "nosniff";
location / {
root /var/www/exchanger-admin-web/dist/admin;
try_files $uri $uri/ /index.html;
}
access_log off;
error_log /var/www/exchanger-admin-web/nginx-error.log error;
sendfile off;
client_max_body_size 100m;
location /service/ {
proxy_pass http://127.0.0.1:3010/;
proxy_http_version 1.1;
add_header CF-IPCountry $http_cf_ipcountry always;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
}
location /service/fs {
alias /var/www/exchanger-api/public;
}
}Testing the nginx configuration:
nginx -t Applying the changes:
service nginx restartLast updated