feat: initial project setup
This commit is contained in:
48
vps/deploy.sh
Normal file
48
vps/deploy.sh
Normal file
@@ -0,0 +1,48 @@
|
||||
#!/bin/bash
|
||||
# Script de despliegue manual para el VPS
|
||||
# Ejecutar como: bash vps/deploy.sh
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
echo "=== Despliegue manual de carlospalanca.es ==="
|
||||
|
||||
# 1. Instalar dependencias
|
||||
echo "[1/4] Instalando dependencias..."
|
||||
sudo apt-get update -q
|
||||
sudo apt-get install -y -q nginx certbot python3-certbot-nginx docker.io docker-compose-plugin
|
||||
|
||||
# 2. Crear usuario deploy (si no existe)
|
||||
if ! id "deploy" &>/dev/null; then
|
||||
echo "[2/4] Creando usuario deploy..."
|
||||
sudo useradd -m -s /bin/bash deploy
|
||||
sudo mkdir -p /home/deploy/.ssh
|
||||
echo "IMPORTANTE: Añade tu clave pública a /home/deploy/.ssh/authorized_keys"
|
||||
else
|
||||
echo "[2/4] Usuario deploy ya existe."
|
||||
fi
|
||||
|
||||
# 3. Crear directorio web
|
||||
echo "[3/4] Creando directorio web..."
|
||||
sudo mkdir -p /var/www/carlospalanca.es
|
||||
sudo chown deploy:deploy /var/www/carlospalanca.es
|
||||
|
||||
# 4. Configurar nginx
|
||||
echo "[4/4] Configurando nginx..."
|
||||
sudo cp vps/nginx/carlospalanca.conf /etc/nginx/sites-available/carlospalanca.es
|
||||
sudo ln -sf /etc/nginx/sites-available/carlospalanca.es /etc/nginx/sites-enabled/
|
||||
sudo nginx -t
|
||||
sudo systemctl enable nginx
|
||||
sudo systemctl reload nginx
|
||||
|
||||
echo ""
|
||||
echo "=== Setup completado ==="
|
||||
echo "Próximos pasos:"
|
||||
echo "1. Apunta los DNS de carlospalanca.es y ai.carlospalanca.es a esta IP"
|
||||
echo "2. Ejecuta: sudo certbot --nginx -d carlospalanca.es -d www.carlospalanca.es -d ai.carlospalanca.es"
|
||||
echo "3. Copia vps/docker-compose.openwebui.yml a /opt/openwebui/"
|
||||
echo "4. Crea /opt/openwebui/.env con tus API keys"
|
||||
echo "5. Ejecuta: cd /opt/openwebui && docker compose -f docker-compose.openwebui.yml up -d"
|
||||
echo "6. Añade los GitHub Secrets en el repositorio:"
|
||||
echo " - VPS_SSH_PRIVATE_KEY"
|
||||
echo " - VPS_HOST (IP del VPS)"
|
||||
echo " - VPS_USER (deploy)"
|
||||
40
vps/docker-compose.openwebui.yml
Normal file
40
vps/docker-compose.openwebui.yml
Normal file
@@ -0,0 +1,40 @@
|
||||
services:
|
||||
openwebui:
|
||||
image: ghcr.io/open-webui/open-webui:main
|
||||
container_name: openwebui
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
- "127.0.0.1:3000:8080" # Solo localhost — nginx proxifica con TLS
|
||||
volumes:
|
||||
- openwebui_data:/app/backend/data
|
||||
environment:
|
||||
- WEBUI_SECRET_KEY=${WEBUI_SECRET_KEY}
|
||||
- WEBUI_AUTH=true
|
||||
- DEFAULT_MODELS=${DEFAULT_MODEL:-gpt-4o}
|
||||
# Usa solo lo que necesites:
|
||||
- OPENAI_API_KEY=${OPENAI_API_KEY}
|
||||
- ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
|
||||
# Descomenta si usas Ollama para modelos locales:
|
||||
# - OLLAMA_BASE_URL=http://ollama:11434
|
||||
# depends_on:
|
||||
# - ollama
|
||||
|
||||
# Descomenta si quieres modelos locales con Ollama
|
||||
# ollama:
|
||||
# image: ollama/ollama:latest
|
||||
# container_name: ollama
|
||||
# restart: unless-stopped
|
||||
# volumes:
|
||||
# - ollama_data:/root/.ollama
|
||||
# # GPU (requiere nvidia-container-toolkit):
|
||||
# # deploy:
|
||||
# # resources:
|
||||
# # reservations:
|
||||
# # devices:
|
||||
# # - driver: nvidia
|
||||
# # count: all
|
||||
# # capabilities: [gpu]
|
||||
|
||||
volumes:
|
||||
openwebui_data:
|
||||
# ollama_data:
|
||||
66
vps/nginx/carlospalanca.conf
Normal file
66
vps/nginx/carlospalanca.conf
Normal file
@@ -0,0 +1,66 @@
|
||||
# Redirect HTTP to HTTPS
|
||||
server {
|
||||
listen 80;
|
||||
server_name carlospalanca.es www.carlospalanca.es;
|
||||
return 301 https://carlospalanca.es$request_uri;
|
||||
}
|
||||
|
||||
# Website
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name carlospalanca.es www.carlospalanca.es;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/carlospalanca.es/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/carlospalanca.es/privkey.pem;
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
|
||||
root /var/www/carlospalanca.es;
|
||||
index index.html;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ $uri.html =404;
|
||||
}
|
||||
|
||||
gzip on;
|
||||
gzip_types text/plain text/css application/json application/javascript text/xml application/xml;
|
||||
gzip_min_length 1000;
|
||||
|
||||
# Cache static assets
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|svg|ico|woff|woff2)$ {
|
||||
expires 1y;
|
||||
add_header Cache-Control "public, immutable";
|
||||
}
|
||||
}
|
||||
|
||||
# OpenWebUI
|
||||
server {
|
||||
listen 80;
|
||||
server_name ai.carlospalanca.es;
|
||||
return 301 https://ai.carlospalanca.es$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name ai.carlospalanca.es;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/ai.carlospalanca.es/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/ai.carlospalanca.es/privkey.pem;
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
|
||||
client_max_body_size 50M;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:3000;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_read_timeout 300s;
|
||||
proxy_send_timeout 300s;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user