From 77a4d14c1e8e4592f48d9802db5bb18f157b4f55 Mon Sep 17 00:00:00 2001 From: Mohamed Marrouchi Date: Fri, 6 Dec 2024 13:33:35 +0000 Subject: [PATCH] GITBOOK-100: Ikbel's Dec 5 changes --- .../how-can-i-deploy-my-hexabot-project.md | 101 +++++++++++++++--- 1 file changed, 86 insertions(+), 15 deletions(-) diff --git a/docs/faq/how-can-i-deploy-my-hexabot-project.md b/docs/faq/how-can-i-deploy-my-hexabot-project.md index 2857730e..42172a34 100644 --- a/docs/faq/how-can-i-deploy-my-hexabot-project.md +++ b/docs/faq/how-can-i-deploy-my-hexabot-project.md @@ -4,29 +4,34 @@ This documentation explains how to deploy your Hexabot project using two different methods: -1. [**Using Nginx as a service and Certbot for SSL.**](how-can-i-deploy-my-hexabot-project.md#using-nginx-as-a-service-and-certbot-for-ssl) -2. [**Using Dockerized Nginx and Certbot services.**](how-can-i-deploy-my-hexabot-project.md#using-dockerized-nginx-and-certbot-services) +1. [**Method 1: Using Nginx as a service and Certbot for SSL**](how-can-i-deploy-my-hexabot-project.md#using-nginx-as-a-service-and-certbot-for-ssl) +2. [**Method 2: Using Dockerized Nginx and Certbot services**](how-can-i-deploy-my-hexabot-project.md#using-dockerized-nginx-and-certbot-services) ### Pre-requisites -Make sure you have access to a server running a Linux distribution with SSH enabled. The following documentation is based on an Ubuntu distribution, so you may need to adapt the steps according to your specific operating system. +Before starting, ensure you have the following: -*** +#### **Step 1: Server Requirements** -### **Using Nginx as a service and Certbot for SSL** +* A server running a Linux distribution with SSH enabled. +* These instructions are based on Ubuntu, so adapt as needed for other distributions. -#### Step 1: Install Docker +#### Step 2: Install Required Software + +* #### Install Docker {% content-ref url="../developer-guide/setting-up-docker-for-development-and-production.md" %} [setting-up-docker-for-development-and-production.md](../developer-guide/setting-up-docker-for-development-and-production.md) {% endcontent-ref %} -#### Step 2: Install NPM +* #### Install NPM {% content-ref url="../developer-guide/setup-node.js-with-nvm.md" %} [setup-node.js-with-nvm.md](../developer-guide/setup-node.js-with-nvm.md) {% endcontent-ref %} +*** + #### Step 3: Setup Hexabot project 1. Install the Hexabot CLI: @@ -61,7 +66,7 @@ This command will copy the `.env.example` file to `.env` in the `./docker` direc 4. Update your `.env` file for production, especially the following ones: -
Variable NameExample ValueEnv variable description
NODE_ENVprodEnvironment Mode
APP_DOMAINmychatbot.aiApplication Domain Name
API_ORIGINhttps://mychatbot.ai/apiThe api endpoint will be used to communicate with the backend
FRONTEND_ORIGINhttps://mychatbot.aiThe origins that will be accepted by the API
JWT_SECRET346998ba1f171f107433Secret to encrypt jwt token
SESSION_SECRET27feaf70d2c78892bf49Secret to encrypt session token
HTTPS_ENABLEDtrueHttps setting
INVITATION_JWT_SECRET51c8ea00d82eb10ee226Secret to encrypt invitation token
PASSWORD_RESET_JWT_SECRET5ee97916017176d1ca6cSecret to encrypt reset password token
CONFIRM_ACCOUNT_SECRET80f74dce70e5385bf80bSecret to encrypt confirm account token
MONGO_USERmy_mongo_usernameMongodb username
MONGO_PASSWORDmy_mongo_passwordMongodb password
AUTH_TOKENc97643c1c1e5e9dc5745Secret to encrypt NLU token
NEXT_PUBLIC_API_ORIGINhttps://mychatbot.ai/apiNextjs api endpoint
+
Variable NameExample ValueEnv variable description
NODE_ENVprodEnvironment Mode
APP_DOMAINmychatbot.aiApplication Domain Name
API_ORIGINhttps://mychatbot.ai/apiThe api endpoint will be used to communicate with the backend
FRONTEND_ORIGINhttps://mychatbot.aiThe origins that will be accepted by the API
JWT_SECRET346998ba1f171f107433Secret to encrypt jwt token
SESSION_SECRET27feaf70d2c78892bf49Secret to encrypt session token
HTTPS_ENABLEDtrueHttps setting
INVITATION_JWT_SECRET51c8ea00d82eb10ee226Secret to encrypt invitation token
PASSWORD_RESET_JWT_SECRET5ee97916017176d1ca6cSecret to encrypt reset password token
CONFIRM_ACCOUNT_SECRET80f74dce70e5385bf80bSecret to encrypt confirm account token
MONGO_USERmy_mongo_usernameMongodb username
MONGO_PASSWORDmy_mongo_passwordMongodb password
AUTH_TOKENc97643c1c1e5e9dc5745Secret to encrypt NLU token
NEXT_PUBLIC_API_ORIGINhttps://mychatbot.ai/apiNextjs api endpoint
Note that you can also adjust the default token expirations durations as needed. @@ -69,7 +74,9 @@ Note that you can also adjust the default token expirations durations as needed. To be able to send email you will need to configure SMTP. Learn how to configure SMTP environment variables by following our detailed [SMTP setup guide](../developer-guide/smtp-configuration-and-emails.md)[.](../developer-guide/smtp-configuration-and-emails.md) {% endhint %} -5. Run your Hexabot project in production mode: +### **Method 1 : Using Nginx as a service and Certbot for SSL** + +#### Step 1: Run your Hexabot project in production mode: ```bash hexabot start @@ -79,7 +86,7 @@ hexabot start --services nlu,ollama,influxdb Note that this command will start all the services (api, frontend, mongodb, ...) as Docker containers. -#### Step 4: Install Nginx +#### Step 2: Install Nginx Deploying an Hexabot project on production requires you to setup a HTTP Web Server like Apache2, HAProxy or Nginx to secure communications using SSL, establish access per domain name, and a lot of other capabilities such as rate limiting for example to help protect against abuse and prevent server overload. In this guide, we will walk you through a typical HTTP Web Server setup using Nginx and Certbot for SSL certificate generation. @@ -115,7 +122,7 @@ sudo systemctl status nginx *** -#### Step 5: Configure Nginx +#### Step 3: Configure Nginx 1. Replace Nginx server configuration with the following : **/etc/nginx/sites-available/default**. @@ -168,7 +175,7 @@ server { } ``` -#### Step6: Generate SSL certificate using Certbot +#### Step 4: Generate SSL certificate using Certbot 1. Install Certbot: @@ -194,7 +201,7 @@ sudo crontab -e 0 12 * * * certbot renew --quiet ``` -**Step 7: Reload Nginx with new configuration** +**Step 5: Reload Nginx with new configuration** 1. Test configuration syntax: @@ -214,6 +221,70 @@ sudo systemctl reload nginx Access your domain using HTTPS (eg. https://mychatbot.ai) to check if you have successfully deployed your Hexabot project using Nginx! 🚀🎉. Feel free to ask for support from the community on our Discord channel. -## **Using Dockerized Nginx and Certbot services** : +## **Method 2: Using Dockerized Nginx and Certbot services** : -The second deployment method, where everything is Dockerized, is still WIP. +This guide will help you set up Nginx with SSL using Docker and Certbot for your Hexabot project. + +#### Step 1: Copy Required Files for Dockerized Nginx and Certbot + +To use the Dockerized version of Nginx and Certbot: + +1. Download the following files from the Hexabot GitHub repository: + * docker/nginx + * docker/docker-compose.nginx.yml + * docker/docker-compose.nginx.prod.yml + * docker/init-letsencrypt.sh +2. Copy these files under the `my-chatbot/docker` directory of your project. + +#### Step 2: Initialize SSL with Certbot + +1. Navigate to the `my-chatbot/docker` directory: + +```sh +cd my-chatbot/docker +``` + +2. **Optional**: If you'd like to test your setup without hitting request limits for SSL certificates, set the staging variable to 1 in the `init-letsencrypt.sh` script before running it: + +```sh +staging=1 +``` + +After confirming the setup, set the `staging` variable back to `0` to request live certificates. + +3. Run the `init-letsencrypt.sh` script: + +Make sure to set the `APP_DOMAIN` variable to your application domain name in the`.env` file. It's recommended also to use a valid email address so make sure to set the `SSL_EMAIL` variable as well. + +```sh +APP_DOMAIN=mychatbot.ai +SSL_EMAIL=hello@hexabot.ai +``` + +You can test the DNS configuration by running one of these commands: + +```sh +nslookup mychatbot.ai +``` + +Or + +```sh +dig mychatbot.ai +``` + +Make the `init-letsencrypt.sh` script executable by granting it execute permissions. + +```sh +chmod +x init-letsencrypt.sh +``` + +Now you will be able to run the script + +```sh +./init-letsencrypt.sh +``` + +#### Step 3: Verify Deployment + +Once the script completes, run `docker ps` verify that your Nginx and Certbot docker containers are up and running. Access your Hexabot instance via the domain you specified (e.g., `https://mychatbot.ai`) to check if SSL certificates have been generated and are properly installed.