#!/bin/bash # ============================================================================= # NETGESCON - SETUP PRODUZIONE MASTER SERVER # ============================================================================= # Script per configurare l'ambiente di produzione su NETGESCON-MASTER # Questo script prepara /var/www/netgescon/ con la struttura corretta # # Creato: 19/07/2025 # Uso: sudo ./setup-production-master.sh # ============================================================================= # Configurazione colori RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # Configurazione PROD_BASE="/var/www/netgescon" BACKUP_DIR="/var/backups/netgescon" LOG_FILE="/var/log/netgescon-setup.log" NGINX_SITE="netgescon.it" # Funzione di logging log() { local level=$1 shift local message="$*" echo "[$(date '+%Y-%m-%d %H:%M:%S')] [$level] $message" | tee -a "$LOG_FILE" } # Funzione di stampa colorata print_status() { local color=$1 local message=$2 echo -e "${color}$message${NC}" log "INFO" "$message" } # Controllo permessi root check_root() { if [ "$EUID" -ne 0 ]; then print_status "$RED" "❌ Questo script deve essere eseguito come root (sudo)" exit 1 fi } # Backup ambiente esistente backup_existing() { print_status "$YELLOW" "πŸ”„ Backup ambiente esistente..." if [ -d "$PROD_BASE" ]; then local backup_name="netgescon-backup-$(date +%Y%m%d-%H%M%S)" mkdir -p "$BACKUP_DIR" print_status "$BLUE" " Backup in corso: $PROD_BASE β†’ $BACKUP_DIR/$backup_name" cp -r "$PROD_BASE" "$BACKUP_DIR/$backup_name" if [ $? -eq 0 ]; then print_status "$GREEN" "βœ… Backup completato" log "SUCCESS" "Backup salvato in $BACKUP_DIR/$backup_name" else print_status "$RED" "❌ Errore durante backup" exit 1 fi else print_status "$BLUE" " Nessun ambiente esistente da fare backup" fi } # Creazione struttura produzione create_production_structure() { print_status "$YELLOW" "πŸ—οΈ Creazione struttura produzione..." # Rimuovi ambiente esistente se presente if [ -d "$PROD_BASE" ]; then rm -rf "$PROD_BASE" fi # Crea struttura base mkdir -p "$PROD_BASE"/{netgescon-laravel,docs,scripts,backups,logs} mkdir -p "$PROD_BASE"/netgescon-laravel/{storage,bootstrap/cache} # Imposta permessi corretti chown -R www-data:www-data "$PROD_BASE" chmod -R 755 "$PROD_BASE" chmod -R 775 "$PROD_BASE"/netgescon-laravel/storage chmod -R 775 "$PROD_BASE"/netgescon-laravel/bootstrap/cache print_status "$GREEN" "βœ… Struttura produzione creata" # Mostra struttura print_status "$BLUE" "πŸ“‚ Struttura creata:" tree "$PROD_BASE" -L 2 2>/dev/null || find "$PROD_BASE" -type d | head -10 } # Configurazione NGINX setup_nginx() { print_status "$YELLOW" "🌐 Configurazione NGINX..." # Backup configurazione esistente if [ -f "/etc/nginx/sites-available/$NGINX_SITE" ]; then cp "/etc/nginx/sites-available/$NGINX_SITE" "/etc/nginx/sites-available/$NGINX_SITE.backup.$(date +%Y%m%d)" fi # Crea configurazione NGINX cat > "/etc/nginx/sites-available/$NGINX_SITE" << EOF # NetGescon Production Configuration server { listen 80; listen [::]:80; server_name www.netgescon.it netgescon.it; root $PROD_BASE/netgescon-laravel/public; index index.php index.html; # Security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy "no-referrer-when-downgrade" always; add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always; # Laravel rewrite rules location / { try_files \$uri \$uri/ /index.php?\$query_string; } # PHP processing location ~ \.php$ { fastcgi_pass unix:/var/run/php/php8.1-fpm.sock; fastcgi_param SCRIPT_FILENAME \$realpath_root\$fastcgi_script_name; include fastcgi_params; fastcgi_hide_header X-Powered-By; } # Static files with caching location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg)$ { expires 1y; add_header Cache-Control "public, immutable"; try_files \$uri =404; } # Security location ~ /\.(?!well-known).* { deny all; } # Logs access_log /var/log/nginx/netgescon-access.log; error_log /var/log/nginx/netgescon-error.log; } # Redirect netgescon.it to www.netgescon.it server { listen 80; listen [::]:80; server_name netgescon.it; return 301 http://www.netgescon.it\$request_uri; } EOF # Attiva sito ln -sf "/etc/nginx/sites-available/$NGINX_SITE" "/etc/nginx/sites-enabled/" # Test configurazione nginx -t if [ $? -eq 0 ]; then print_status "$GREEN" "βœ… Configurazione NGINX valida" systemctl reload nginx print_status "$GREEN" "βœ… NGINX ricaricato" else print_status "$RED" "❌ Errore configurazione NGINX" exit 1 fi } # Setup database setup_database() { print_status "$YELLOW" "πŸ—„οΈ Setup database..." # Crea database se non esiste mysql -e "CREATE DATABASE IF NOT EXISTS netgescon_prod CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" # Crea utente se non esiste mysql -e "CREATE USER IF NOT EXISTS 'netgescon_prod'@'localhost' IDENTIFIED BY 'NetGescon2025!Prod';" mysql -e "GRANT ALL PRIVILEGES ON netgescon_prod.* TO 'netgescon_prod'@'localhost';" mysql -e "FLUSH PRIVILEGES;" print_status "$GREEN" "βœ… Database setup completato" # Salva credenziali cat > "$PROD_BASE/.env.database" << EOF # Database Produzione NetGescon DB_CONNECTION=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_DATABASE=netgescon_prod DB_USERNAME=netgescon_prod DB_PASSWORD=NetGescon2025!Prod EOF chown www-data:www-data "$PROD_BASE/.env.database" chmod 600 "$PROD_BASE/.env.database" print_status "$BLUE" " Credenziali salvate in: $PROD_BASE/.env.database" } # Setup script operativi setup_scripts() { print_status "$YELLOW" "βš™οΈ Setup script operativi..." # Script di deploy cat > "$PROD_BASE/scripts/deploy.sh" << 'EOF' #!/bin/bash # Deploy script NetGescon echo "πŸš€ Deploy NetGescon in corso..." cd /var/www/netgescon/netgescon-laravel # Backup database mysqldump netgescon_prod > /var/www/netgescon/backups/db-backup-$(date +%Y%m%d-%H%M%S).sql # Update composer dependencies composer install --no-dev --optimize-autoloader # Run migrations php artisan migrate --force # Clear caches php artisan config:cache php artisan route:cache php artisan view:cache # Set permissions chown -R www-data:www-data storage bootstrap/cache chmod -R 775 storage bootstrap/cache echo "βœ… Deploy completato" EOF # Script di backup cat > "$PROD_BASE/scripts/backup.sh" << 'EOF' #!/bin/bash # Backup script NetGescon BACKUP_DIR="/var/www/netgescon/backups" DATE=$(date +%Y%m%d-%H%M%S) echo "πŸ’Ύ Backup NetGescon in corso..." # Database backup mysqldump netgescon_prod > "$BACKUP_DIR/database-$DATE.sql" # Files backup tar -czf "$BACKUP_DIR/files-$DATE.tar.gz" -C /var/www/netgescon netgescon-laravel # Clean old backups (keep last 7 days) find "$BACKUP_DIR" -name "*.sql" -mtime +7 -delete find "$BACKUP_DIR" -name "*.tar.gz" -mtime +7 -delete echo "βœ… Backup completato: $DATE" EOF # Rendi eseguibili chmod +x "$PROD_BASE/scripts"/*.sh chown -R www-data:www-data "$PROD_BASE/scripts" print_status "$GREEN" "βœ… Script operativi configurati" } # Setup SSL (preparazione per Let's Encrypt) prepare_ssl() { print_status "$YELLOW" "πŸ”’ Preparazione SSL..." # Installa certbot se non presente if ! command -v certbot &> /dev/null; then apt update apt install -y certbot python3-certbot-nginx fi print_status "$BLUE" " Certbot installato" print_status "$YELLOW" " Per attivare SSL eseguire:" print_status "$BLUE" " sudo certbot --nginx -d www.netgescon.it -d netgescon.it" print_status "$GREEN" "βœ… SSL preparato (attivazione manuale)" } # Riepilogo finale show_summary() { print_status "$BLUE" "==========================================" print_status "$BLUE" "RIEPILOGO SETUP PRODUZIONE NETGESCON" print_status "$BLUE" "==========================================" echo "" print_status "$GREEN" "βœ… COMPLETATO CON SUCCESSO" echo "" print_status "$YELLOW" "πŸ“‚ STRUTTURA PRODUZIONE:" echo " $PROD_BASE/" echo " β”œβ”€β”€ netgescon-laravel/ # App Laravel (WEB)" echo " β”œβ”€β”€ docs/ # Documentazione (PRIVATA)" echo " β”œβ”€β”€ scripts/ # Script operativi" echo " β”œβ”€β”€ backups/ # Backup automatici" echo " └── logs/ # Log applicazione" echo "" print_status "$YELLOW" "🌐 DOMINI CONFIGURATI:" echo " www.netgescon.it β†’ $PROD_BASE/netgescon-laravel/public" echo " netgescon.it β†’ redirect to www.netgescon.it" echo "" print_status "$YELLOW" "πŸ—„οΈ DATABASE:" echo " Database: netgescon_prod" echo " User: netgescon_prod" echo " Credenziali: $PROD_BASE/.env.database" echo "" print_status "$YELLOW" "πŸ“‹ PROSSIMI PASSI:" echo " 1. Sync codice Laravel da sviluppo" echo " 2. Configurare .env per produzione" echo " 3. Eseguire migrazioni database" echo " 4. Attivare SSL con certbot" echo " 5. Test completo funzionalitΓ " echo "" print_status "$BLUE" "🎯 AMBIENTE PRODUZIONE PRONTO!" } # Main execution main() { print_status "$BLUE" "πŸš€ AVVIO SETUP PRODUZIONE NETGESCON" echo "" check_root backup_existing create_production_structure setup_nginx setup_database setup_scripts prepare_ssl show_summary log "SUCCESS" "Setup produzione completato con successo" } # Esegui se chiamato direttamente if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then main "$@" fi