update script

README.md

@@ -1,13 +1,13 @@
 # How to deploy LumeCMS in a VPS
 
 1. Get a VPS from [Hetzner](https://www.hetzner.com/),
-   [Digital Ocean](https://www.digitalocean.com/), etc.
+   [Digital Ocean](https://www.digitalocean.com/), or similar service.
    - This script was tested only on Ubuntu 20.04.
 2. Create an `A` record in the DNS settings of your domain to the server IP. For
    example, `cms.example.com`.
 3. Log in from SSH and run:
    ```sh
-   curl https://raw.githubusercontent.com/lumeland/cms-deploy/main/install-caddy.sh > install.sh && sh install.sh
+   curl https://raw.githubusercontent.com/lumeland/cms-deploy/main/install.sh > install.sh && sh install.sh
    ```
 4. After updating and installing some packages, the script will ask you for some
    info:
@@ -16,12 +16,13 @@
    - The **domain** for the CMS: `cms.example.com`.
    - An **username**. It's used to login in the CMS. By default is `admin`.
    - A **password**. Used for the login.
-   - On generating the public/private rsa key pair, leave the passphrase empty.
+   - When generating the public/private rsa key pair, leave the passphrase
+     empty.
    - During the process, it will ask you to add a deploy key.
      - Go to the GitHub respository / Settings / Deploy keys / Add deploy key.
      - Paste the key printed in the terminal.
      - Make sure to check "Allow write access".
      - Once the key is added, press Enter in the terminal to continue.
 
-5. When the script is finished, wait a few seconds before openiing the domain in
-   your browser. You should see your site and be able to edit the pages.
+5. When the script is finished you should see your site and be able to edit the
+   pages.

install.sh

@@ -1,21 +1,22 @@
 #!/usr/bin/env bash
 
 # Install packages
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | tee /etc/apt/sources.list.d/caddy-stable.list
 apt update
-apt install unzip # Required to install Deno
-apt install snapd -y
-snap install core
-snap install --classic certbot
+apt install caddy unzip git
 curl -fsSL https://deno.land/install.sh | sh
 
 # Ask for required variables
 read -p "The SSH URL of the repository: " repo
-read -p "The directory to clone [www]: " dir
 read -p "Your email: " email
 read -p "The domain: " domain
 read -p "Username [admin]: " user
 read -p "Password: " pass
 
+user="${user:-admin}"
+dir="$(pwd)/www"
+
 # Create a SSH key
 ssh-keygen -t rsa -b 4096 -C "${email}" -f ~/.ssh/id_rsa
 
@@ -27,38 +28,50 @@ echo "---"
 read added
 
 # Setup git repository
-dir="$(pwd)/${dir:-www}"
 git clone "${repo}" "${dir}"
-echo "/_serve_lumecms.ts" > ~/.gitignore
+
+cat > ~/.gitignore << EOF
+_cms.lume.ts
+_cms.serve.ts
+EOF
+
 git config --global user.email "${email}"
 git config --global user.name LumeCMS
 git config --global core.excludesfile '~/.gitignore'
 
-# SSL certificate
-certbot certonly --agree-tos --standalone -m "${email}" -d "${domain}"
-
-# Create the _serve_lumecms.ts file
-cat > ${dir}/_serve_lumecms.ts << EOF
+# Create the _cms.lume.ts file to merge Lume and LumeCMS
+cat > ${dir}/_cms.lume.ts << EOF
 import site from "./_config.ts";
 import cms from "./_cms.ts";
-import { adapter } from "lume/cms.ts";
+import adapter from "lume/cms/adapters/lume.ts";
 
+cms.options.auth = undefined;
 site.options.location = new URL("https://${domain}");
-cms.options.auth = { method: "basic", users: { ${user:-admin}: "${pass}" }};
 
-const app = await adapter({ site, cms });
+export default await adapter({ site, cms });
+EOF
 
-Deno.serve({
-  port: 443,
-  handler: app.fetch,
-  cert: Deno.readTextFileSync("/etc/letsencrypt/live/${domain}/fullchain.pem"),
-  key: Deno.readTextFileSync("/etc/letsencrypt/live/${domain}/privkey.pem"),
+# Create the _cms.serve.ts file to serve LumeCMS
+cat > ${dir}/_cms.serve.ts << EOF
+import serve from "lume/cms/server/proxy.ts";
+
+export default serve({
+  serve: "_cms.lume.ts",
+  git: true,
+  auth: {
+    method: "basic",
+    users: {
+      "${user}": "${pass}"
+    }
+  },
+  env: {
+    LUME_LOGS: "error",
+  }
 });
-
 EOF
 
 # Create the Deno service
-cat > /etc/systemd/system/lumecms.service << EOF
+cat > "/etc/systemd/system/lumecms.service" << EOF
 [Unit]
 Description=LumeCMS
 Documentation=http://lume.land
@@ -67,7 +80,7 @@ After=network-online.target
 
 [Service]
 Type=simple
-ExecStart=${HOME}/.deno/bin/deno run -A _serve_lumecms.ts
+ExecStart=${HOME}/.deno/bin/deno serve -A _cms.serve.ts
 WorkingDirectory=${dir}
 User=root
 Restart=always
@@ -79,5 +92,48 @@ WantedBy=multi-user.target
 EOF
 
 # Setup the service
-systemctl enable lumecms
-systemctl start lumecms
+systemctl enable "lumecms.service"
+systemctl start "lumecms.service"
+
+# Create Caddyfile
+cat > /etc/caddy/Caddyfile << EOF
+${domain} {
+  reverse_proxy :8000
+}
+EOF
+
+caddy fmt /etc/caddy/Caddyfile --overwrite
+systemctl restart caddy
+systemctl enable caddy
+
+# Setup firewall
+ufw allow ssh
+ufw allow 80
+ufw allow 443
+ufw enable
+
+systemctl enable ufw
+
+# Restart the process if the CPU usage is above 95%
+# https://github.com/denoland/deno/issues/23033
+script_path="$(pwd)/cron_cpu.sh"
+
+cat > ${script_path} << EOF
+#!/usr/bin/env bash
+
+CPU_USAGE_THRESHOLD=99
+CPU_USAGE=\$(top -bn1 | grep 'Cpu(s)' | sed 's/.*, *\\([0-9.]*\\)%* id.*/\\1/' | awk '{printf "%.0f", 100 - \$1}')
+
+if [ "\$CPU_USAGE" -gt "\$CPU_USAGE_THRESHOLD" ]; then
+  systemctl restart lumecms
+  systemctl restart caddy
+fi
+EOF
+
+chmod +x "${script_path}"
+
+# Setup the cron job to run the script
+crontab -l > /tmp/mycron
+echo "*/5 * * * * ${script_path}" >> /tmp/mycron
+crontab /tmp/mycron
+rm /tmp/mycron