deploy/deploy.sh

#!/bin/bash
# Deploy The Door to VPS
# Run on VPS as root: bash deploy.sh

set -e

echo "=== The Door — Deployment ==="

# 1. Swap
if ! swapon --show | grep -q swap; then
    echo "Adding 2GB swap..."
    fallocate -l 2G /swapfile
    chmod 600 /swapfile
    mkswap /swapfile
    swapon /swapfile
    echo '/swapfile none swap sw 0 0' >> /etc/fstab
fi

# 2. Install nginx + certbot
echo "Installing nginx and certbot..."
apt-get update -qq
apt-get install -y nginx certbot python3-certbot-nginx

# 3. Copy site files
echo "Deploying static files..."
mkdir -p /var/www/the-door
cp index.html /var/www/the-door/

# 4. nginx config
cp deploy/nginx.conf /etc/nginx/sites-available/the-door

# Add rate limit zone to nginx.conf if not present
if ! grep -q "limit_req_zone.*api" /etc/nginx/nginx.conf; then
    sed -i '/http {/a \    limit_req_zone $binary_remote_addr zone=api:10m rate=10r/m;' /etc/nginx/nginx.conf
fi

ln -sf /etc/nginx/sites-available/the-door /etc/nginx/sites-enabled/
rm -f /etc/nginx/sites-enabled/default
nginx -t && systemctl reload nginx

# 5. SSL (requires DNS to be pointed first)
echo ""
echo "=== DNS CHECK ==="
echo "Point alexanderwhitestone.com A record to $(curl -s ifconfig.me)"
echo "Then run: certbot --nginx -d alexanderwhitestone.com -d www.alexanderwhitestone.com"
echo ""

# 6. Firewall
echo "Configuring firewall..."
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
ufw --force enable

echo ""
echo "=== Deployment complete ==="
echo "Static site: /var/www/the-door/"
echo "nginx config: /etc/nginx/sites-available/the-door"
echo "Next: point DNS, then run certbot"
The Door: crisis front door for broken men Single-file HTML frontend (<25KB), crisis system prompt, nginx config, deployment script. Closes #1 #2 #3 #4 #5 2026-03-30 12:46:11 -04:00			`#!/bin/bash`
			`# Deploy The Door to VPS`
			`# Run on VPS as root: bash deploy.sh`

			`set -e`

			`echo "=== The Door — Deployment ==="`

			`# 1. Swap`
			`if ! swapon --show \| grep -q swap; then`
			`echo "Adding 2GB swap..."`
			`fallocate -l 2G /swapfile`
			`chmod 600 /swapfile`
			`mkswap /swapfile`
			`swapon /swapfile`
			`echo '/swapfile none swap sw 0 0' >> /etc/fstab`
			`fi`

			`# 2. Install nginx + certbot`
			`echo "Installing nginx and certbot..."`
			`apt-get update -qq`
			`apt-get install -y nginx certbot python3-certbot-nginx`

			`# 3. Copy site files`
			`echo "Deploying static files..."`
			`mkdir -p /var/www/the-door`
			`cp index.html /var/www/the-door/`

			`# 4. nginx config`
			`cp deploy/nginx.conf /etc/nginx/sites-available/the-door`

			`# Add rate limit zone to nginx.conf if not present`
			`if ! grep -q "limit_req_zone.*api" /etc/nginx/nginx.conf; then`
			`sed -i '/http {/a \ limit_req_zone $binary_remote_addr zone=api:10m rate=10r/m;' /etc/nginx/nginx.conf`
			`fi`

			`ln -sf /etc/nginx/sites-available/the-door /etc/nginx/sites-enabled/`
			`rm -f /etc/nginx/sites-enabled/default`
			`nginx -t && systemctl reload nginx`

			`# 5. SSL (requires DNS to be pointed first)`
			`echo ""`
			`echo "=== DNS CHECK ==="`
			`echo "Point alexanderwhitestone.com A record to $(curl -s ifconfig.me)"`
			`echo "Then run: certbot --nginx -d alexanderwhitestone.com -d www.alexanderwhitestone.com"`
			`echo ""`

			`# 6. Firewall`
			`echo "Configuring firewall..."`
			`ufw allow 22/tcp`
			`ufw allow 80/tcp`
			`ufw allow 443/tcp`
			`ufw --force enable`

			`echo ""`
			`echo "=== Deployment complete ==="`
			`echo "Static site: /var/www/the-door/"`
			`echo "nginx config: /etc/nginx/sites-available/the-door"`
			`echo "Next: point DNS, then run certbot"`