docs: fix rsync deployment issue and create deployment script
Problem: rsync with trailing slashes copied directory contents to wrong location Solution: Created automated deployment script with correct patterns Changes: - Created scripts/deploy-security-middleware.sh (automated deployment) - Created docs/DEPLOYMENT_RSYNC_PATTERNS.md (rsync best practices) - Cleaned up incorrectly placed files on production - Documented trailing slash behavior and correct patterns This prevents future deployment issues and provides reliable automation.
This commit is contained in:
TheFlow
parent
0debe26af0
commit
b6c7e96823
2 changed files with 192 additions and 0 deletions
123
docs/DEPLOYMENT_RSYNC_PATTERNS.md
Normal file
123
docs/DEPLOYMENT_RSYNC_PATTERNS.md
Normal file
|
|
@ -0,0 +1,123 @@
|
|||
# Rsync Deployment Patterns for Tractatus
|
||||
|
||||
## Issue Discovered: 2025-10-14
|
||||
|
||||
During Phase 0 security deployment, files were deployed to incorrect locations due to rsync trailing slash behavior.
|
||||
|
||||
### Problem: Trailing Slash Behavior
|
||||
|
||||
**Incorrect command** (deployed contents to wrong location):
|
||||
```bash
|
||||
rsync -avz src/middleware/ src/routes/ user@host:/var/www/tractatus/
|
||||
```
|
||||
|
||||
**What happened:**
|
||||
- `src/middleware/` with trailing slash = "copy contents of middleware/"
|
||||
- Files ended up in `/var/www/tractatus/` root instead of `/var/www/tractatus/src/middleware/`
|
||||
- All middleware and route files were dumped into root directory
|
||||
|
||||
### Correct Patterns
|
||||
|
||||
#### Pattern 1: Deploy directory contents to matching destination structure
|
||||
```bash
|
||||
# Deploy middleware files to remote middleware directory
|
||||
rsync -avz src/middleware/ user@host:/var/www/tractatus/src/middleware/
|
||||
|
||||
# Deploy routes files to remote routes directory
|
||||
rsync -avz src/routes/ user@host:/var/www/tractatus/src/routes/
|
||||
```
|
||||
|
||||
**Key:** Trailing slash on both source AND destination = copy contents into destination directory
|
||||
|
||||
#### Pattern 2: Deploy entire directory tree
|
||||
```bash
|
||||
# Deploy entire src/ directory preserving structure
|
||||
rsync -avz src/ user@host:/var/www/tractatus/src/
|
||||
```
|
||||
|
||||
**Key:** Trailing slash on source, matching destination = preserve structure
|
||||
|
||||
#### Pattern 3: Deploy specific files
|
||||
```bash
|
||||
# Deploy individual files
|
||||
rsync -avz src/server.js src/utils/security-logger.js \
|
||||
user@host:/var/www/tractatus/src/
|
||||
```
|
||||
|
||||
**Key:** No trailing slash on files
|
||||
|
||||
### Rsync Trailing Slash Rules
|
||||
|
||||
| Source | Destination | Result |
|
||||
|--------|-------------|---------|
|
||||
| `dir/` | `/dest/` | Copies **contents** of dir into /dest/ |
|
||||
| `dir` | `/dest/` | Creates `/dest/dir/` with contents |
|
||||
| `dir/` | `/dest/dir/` | Copies contents into existing /dest/dir/ |
|
||||
| `file.js` | `/dest/` | Copies file.js into /dest/ |
|
||||
|
||||
### Recommended Approach
|
||||
|
||||
Use the automated deployment script:
|
||||
```bash
|
||||
./scripts/deploy-security-middleware.sh
|
||||
```
|
||||
|
||||
This script uses correct patterns and handles:
|
||||
- ✅ Directory structure preservation
|
||||
- ✅ File permissions (D755 for dirs, F644 for files)
|
||||
- ✅ Service restart
|
||||
- ✅ Status verification
|
||||
|
||||
### Manual Deployment (if needed)
|
||||
|
||||
```bash
|
||||
# 1. Deploy middleware
|
||||
rsync -avz --chmod=D755,F644 -e "ssh -i ~/.ssh/tractatus_deploy" \
|
||||
src/middleware/ \
|
||||
ubuntu@vps-93a693da.vps.ovh.net:/var/www/tractatus/src/middleware/
|
||||
|
||||
# 2. Deploy routes
|
||||
rsync -avz --chmod=D755,F644 -e "ssh -i ~/.ssh/tractatus_deploy" \
|
||||
src/routes/ \
|
||||
ubuntu@vps-93a693da.vps.ovh.net:/var/www/tractatus/src/routes/
|
||||
|
||||
# 3. Deploy server and utils
|
||||
rsync -avz --chmod=D755,F644 -e "ssh -i ~/.ssh/tractatus_deploy" \
|
||||
src/server.js src/utils/security-logger.js \
|
||||
ubuntu@vps-93a693da.vps.ovh.net:/var/www/tractatus/src/
|
||||
|
||||
# 4. Restart service
|
||||
ssh -i ~/.ssh/tractatus_deploy ubuntu@vps-93a693da.vps.ovh.net \
|
||||
"sudo systemctl restart tractatus"
|
||||
```
|
||||
|
||||
### Cleanup After Incorrect Deployment
|
||||
|
||||
If files end up in the wrong location:
|
||||
|
||||
```bash
|
||||
# SSH to server
|
||||
ssh -i ~/.ssh/tractatus_deploy ubuntu@vps-93a693da.vps.ovh.net
|
||||
|
||||
# Remove incorrectly placed files from root
|
||||
cd /var/www/tractatus
|
||||
rm -f *.routes.js *.middleware.js index.js
|
||||
|
||||
# Verify correct locations
|
||||
ls src/middleware/*.js
|
||||
ls src/routes/*.js
|
||||
|
||||
# Re-deploy using correct pattern
|
||||
```
|
||||
|
||||
### Prevention
|
||||
|
||||
1. **Always** use the deployment script when possible
|
||||
2. **Test** rsync commands with `--dry-run` first
|
||||
3. **Verify** destination paths include full directory structure
|
||||
4. **Remember** trailing slash = "contents", no slash = "directory itself"
|
||||
|
||||
---
|
||||
|
||||
**Last Updated:** 2025-10-14
|
||||
**Issue Resolved:** Files cleaned up and correct deployment script created
|
||||
69
scripts/deploy-security-middleware.sh
Executable file
69
scripts/deploy-security-middleware.sh
Executable file
|
|
@ -0,0 +1,69 @@
|
|||
#!/bin/bash
|
||||
|
||||
###############################################################################
|
||||
# Tractatus Security Middleware Deployment Script
|
||||
# Deploys security middleware and routes to production with correct structure
|
||||
###############################################################################
|
||||
|
||||
set -e # Exit on error
|
||||
|
||||
# Configuration
|
||||
REMOTE_USER="ubuntu"
|
||||
REMOTE_HOST="vps-93a693da.vps.ovh.net"
|
||||
SSH_KEY="$HOME/.ssh/tractatus_deploy"
|
||||
REMOTE_PATH="/var/www/tractatus"
|
||||
LOCAL_PATH="/home/theflow/projects/tractatus"
|
||||
|
||||
echo "========================================="
|
||||
echo "Tractatus Security Deployment"
|
||||
echo "========================================="
|
||||
echo ""
|
||||
|
||||
# Verify we're in the correct directory
|
||||
if [ ! -f "package.json" ] || [ ! -d "src/middleware" ]; then
|
||||
echo "❌ Error: Must run from tractatus project root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "📋 Deploying files to production..."
|
||||
echo ""
|
||||
|
||||
# Deploy security middleware
|
||||
echo "1. Deploying security middleware..."
|
||||
rsync -avz --chmod=D755,F644 -e "ssh -i $SSH_KEY" \
|
||||
src/middleware/ \
|
||||
${REMOTE_USER}@${REMOTE_HOST}:${REMOTE_PATH}/src/middleware/
|
||||
|
||||
# Deploy routes
|
||||
echo "2. Deploying routes..."
|
||||
rsync -avz --chmod=D755,F644 -e "ssh -i $SSH_KEY" \
|
||||
src/routes/ \
|
||||
${REMOTE_USER}@${REMOTE_HOST}:${REMOTE_PATH}/src/routes/
|
||||
|
||||
# Deploy server.js and utils
|
||||
echo "3. Deploying server.js and utilities..."
|
||||
rsync -avz --chmod=D755,F644 -e "ssh -i $SSH_KEY" \
|
||||
src/server.js \
|
||||
src/utils/security-logger.js \
|
||||
${REMOTE_USER}@${REMOTE_HOST}:${REMOTE_PATH}/src/
|
||||
|
||||
# Verify deployment
|
||||
echo ""
|
||||
echo "✅ Files deployed successfully"
|
||||
echo ""
|
||||
|
||||
# Restart service
|
||||
echo "🔄 Restarting Tractatus service..."
|
||||
ssh -i $SSH_KEY ${REMOTE_USER}@${REMOTE_HOST} "sudo systemctl restart tractatus"
|
||||
|
||||
sleep 3
|
||||
|
||||
# Check status
|
||||
echo ""
|
||||
echo "📊 Service status:"
|
||||
ssh -i $SSH_KEY ${REMOTE_USER}@${REMOTE_HOST} "sudo systemctl status tractatus --no-pager -l | head -15"
|
||||
|
||||
echo ""
|
||||
echo "========================================="
|
||||
echo "✨ Deployment complete!"
|
||||
echo "========================================="
|
||||
Loading…
Add table
Reference in a new issue