-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdeploy-secure.sh
More file actions
executable file
·42 lines (34 loc) · 1.28 KB
/
deploy-secure.sh
File metadata and controls
executable file
·42 lines (34 loc) · 1.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#!/bin/bash
# 🛡️ Secure Deployment Script for LLM Router SaaS
echo "🛡️ Deploying LLM Router SaaS with security..."
# Stop current service
pm2 stop llm-router-saas 2>/dev/null || echo "Service not running"
# Use secure configuration
pm2 start ecosystem.secure.config.cjs --env production
# Save PM2 configuration
pm2 save
# Test localhost binding
sleep 3
BASE_URL="${BASE_URL:-http://localhost:3006}"
if curl -s "$BASE_URL/api/health" > /dev/null; then
echo "✅ Service running on ${BASE_URL}"
else
echo "❌ Service not responding on localhost"
exit 1
fi
# Check if external access is blocked (should fail)
if curl -s --connect-timeout 2 http://178.156.181.117:3006/api/health > /dev/null; then
echo "⚠️ WARNING: Service still accessible externally!"
echo " This is expected if Nginx reverse proxy is configured"
else
echo "✅ Direct external access blocked (service on localhost only)"
fi
echo "🎉 Secure deployment completed!"
echo "📋 Next steps:"
echo " 1. Configure Nginx reverse proxy"
echo " 2. Setup SSL certificate"
echo " 3. Enable firewall"
echo " 4. Test HTTPS access"
echo ""
echo "🔑 New Admin Key: 85dea3a443471c55a735551898159d7eb2f29fdc5fbdddd1b38eb513e7b887a6"
echo "⚠️ SAVE THIS KEY SECURELY - it won't be shown again!"