deploy: add bootstrap.sh + Caddyfile + systemd unit + demo pool
One-shot deploy for fresh Ubuntu 24.04 root SSH: curl -fsSL https://gitea.ahkhan.me/apps/quiz/raw/branch/master/deploy/bootstrap.sh | bash bootstrap.sh: idempotent stage-by-stage installer for Caddy, Python venv, quiz system user, repo clone to /opt/quiz, env-var prompts, systemd unit, Caddyfile, and a healthz check. Reattaches /dev/tty so curl|bash can read the admin password interactively. quiz.service: uvicorn under the quiz system user (no shell, no SSH), ProtectSystem=full, ProtectHome=true, PrivateTmp=true, NoNewPrivileges=true. Caddyfile.tpl: reverse_proxy 127.0.0.1:8001 with auto Let's Encrypt; DOMAIN substituted at install time. examples/pool_example.json: generic demo pool, schema reference only. README rewritten around the deploy flow + class-day lifecycle.
This commit is contained in:
ameer
21
deploy/quiz.service
Normal file
21
deploy/quiz.service
Normal file
@@ -0,0 +1,21 @@
|
||||
[Unit]
|
||||
Description=Live in-lecture quiz portal (uvicorn)
|
||||
After=network-online.target
|
||||
Wants=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=quiz
|
||||
Group=quiz
|
||||
WorkingDirectory=/opt/quiz
|
||||
EnvironmentFile=/opt/quiz/.env
|
||||
ExecStart=/opt/quiz/.venv/bin/uvicorn app.main:app --host 127.0.0.1 --port 8001 --no-access-log
|
||||
Restart=on-failure
|
||||
RestartSec=2
|
||||
ProtectSystem=full
|
||||
ProtectHome=true
|
||||
PrivateTmp=true
|
||||
NoNewPrivileges=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Reference in New Issue
Block a user