The Door — Deployment Guide

The crisis front door infrastructure.

VPS Details

Host: alexanderwhitestone.com
Domain: alexanderwhitestone.com
RAM: 1.9GB (with 2GB swap)
OS: Ubuntu/Debian

Quick Deploy

Option 1: Ansible (recommended)

cd deploy
ansible-playbook -i inventory.ini playbook.yml

Or from repo root:

make deploy

Option 2: Bash script (SSH into VPS)

ssh root@alexanderwhitestone.com
cd /opt/the-door
bash deploy/deploy.sh

Option 3: Fast site update only

make push

What Gets Provisioned

Swap — 2GB swap file (RAM is tight at 1.9GB)
nginx — Static files + reverse proxy /api/* → localhost:8644
SSL — Let's Encrypt via certbot (requires DNS pointed first)
Firewall — UFW allows 22, 80, 443 only
Site files — index.html, manifest.json, sw.js, etc.

Architecture

Browser → nginx (SSL, port 443)
           ├── /var/www/the-door (static HTML)
           └── /api/* → localhost:8644 (Hermes Gateway)

SSL Setup

SSL requires DNS to be pointed first:

# Check if DNS resolves
dig +short alexanderwhitestone.com @8.8.8.8

# If it points to alexanderwhitestone.com on the target VPS, run:
certbot --nginx -d alexanderwhitestone.com -d www.alexanderwhitestone.com

Health Check

make check
# or
ssh root@alexanderwhitestone.com "bash /opt/the-door/deploy/deploy.sh --check"

Files

playbook.yml — Ansible playbook (full VPS provisioning)
inventory.ini — VPS host configuration
ansible.cfg — Ansible settings
deploy.sh — Bash deploy script (alternative to Ansible)
nginx.conf — nginx site config
rate-limit.conf — Rate limiting zone definition

1.8 KiB Raw Blame History

The Door — Deployment Guide

VPS Details

Quick Deploy

Option 1: Ansible (recommended)

Option 2: Bash script (SSH into VPS)

Option 3: Fast site update only

What Gets Provisioned

Architecture

SSL Setup

Health Check

Files

1.8 KiB

Raw Blame History