Use systemd restart in deploy.sh + avoid log permission issues

2025-12-17 12:57:36 +01:00
parent dd8ce18e93
commit 815f08dac0
3 changed files with 57 additions and 46 deletions
--- a/deploy.sh
+++ b/deploy.sh
@ -146,21 +146,28 @@ if ! $FRONTEND_ONLY; then
        python -c "from app.database import init_db; import asyncio; asyncio.run(init_db())"
        echo "  ✓ DB migrations applied"

-        # Restart backend process (production typically runs without --reload)
-        BACKEND_PID=$(pgrep -f 'uvicorn app.main:app' | awk 'NR==1{print; exit}')
-        
-        if [ -n "$BACKEND_PID" ]; then
-            echo "  Restarting backend (PID: $BACKEND_PID)..."
-            kill "$BACKEND_PID" 2>/dev/null || true
-            sleep 1
-            nohup uvicorn app.main:app --host 0.0.0.0 --port 8000 > backend.log 2>&1 &
+        # Restart backend via systemd when available (preferred). Fallback to nohup only if the unit is missing.
+        if systemctl list-unit-files 2>/dev/null | grep -q '^pounce-backend\\.service'; then
+            echo "  Restarting backend via systemd..."
+            echo "user" | sudo -S systemctl restart pounce-backend
            sleep 2
-            echo "  ✓ Backend restarted"
+            if systemctl is-active --quiet pounce-backend; then
+                echo "  ✓ Backend restarted (systemd)"
+            else
+                echo "  ⚠ Backend restart failed (systemd). Check: journalctl -u pounce-backend -n 80"
+            fi
        else
-            echo "  ⚠ Backend not running, starting..."
-            nohup uvicorn app.main:app --host 0.0.0.0 --port 8000 > backend.log 2>&1 &
+            BACKEND_PID=$(pgrep -f 'uvicorn app.main:app' | awk 'NR==1{print; exit}')
+            if [ -n "$BACKEND_PID" ]; then
+                echo "  Restarting backend (PID: $BACKEND_PID)..."
+                kill "$BACKEND_PID" 2>/dev/null || true
+                sleep 1
+            else
+                echo "  ⚠ Backend not running, starting..."
+            fi
+            nohup uvicorn app.main:app --host 0.0.0.0 --port 8000 > /tmp/pounce-backend-nohup.log 2>&1 &
            sleep 2
-            echo "  ✓ Backend started"
+            echo "  ✓ Backend started (nohup fallback)"
        fi
 BACKEND_EOF
 else
@ -205,37 +212,41 @@ if ! $BACKEND_ONLY; then
            cp -r public .next/standalone/public
            echo "  ✓ Public files copied to standalone"

-            # Gracefully restart Next.js
-            NEXT_PID=$(pgrep -af 'node \\.next/standalone/server\\.js|next start|next-server|next-serv' | awk 'NR==1{print $1; exit}')
-            
-            if [ -n "$NEXT_PID" ]; then
-                echo "  Restarting Next.js (PID: $NEXT_PID)..."
-                kill $NEXT_PID 2>/dev/null
+            # Restart frontend via systemd when available (preferred). Fallback to nohup only if the unit is missing.
+            if systemctl list-unit-files 2>/dev/null | grep -q '^pounce-frontend\\.service'; then
+                echo "  Restarting frontend via systemd..."
+                echo "user" | sudo -S systemctl restart pounce-frontend
+                sleep 2
+                if systemctl is-active --quiet pounce-frontend; then
+                    echo "  ✓ Frontend restarted (systemd)"
+                else
+                    echo "  ⚠ Frontend restart failed (systemd). Check: journalctl -u pounce-frontend -n 80"
+                fi
+            else
+                # Legacy nohup fallback
+                NEXT_PID=$(pgrep -af 'node \\.next/standalone/server\\.js|next start|next-server|next-serv' | awk 'NR==1{print $1; exit}')
+                if [ -n "$NEXT_PID" ]; then
+                    echo "  Restarting Next.js (PID: $NEXT_PID)..."
+                    kill $NEXT_PID 2>/dev/null
+                    sleep 1
+                fi
+                lsof -ti:3000 2>/dev/null | xargs -r kill -9 2>/dev/null || true
                sleep 1
-            fi
-
-            # Ensure port is free (avoid EADDRINUSE)
-            lsof -ti:3000 2>/dev/null | xargs -r kill -9 2>/dev/null || true
-            sleep 1
-            
-            # Start new instance with internal backend URL
-            if [ -f ".next/standalone/server.js" ]; then
-                echo "  Starting Next.js (standalone)..."
-                nohup env NODE_ENV=production HOSTNAME=0.0.0.0 PORT=3000 BACKEND_URL=http://127.0.0.1:8000 node .next/standalone/server.js > frontend.log 2>&1 &
-            else
-                echo "  Starting Next.js (npm start)..."
-                nohup env NODE_ENV=production BACKEND_URL=http://127.0.0.1:8000 npm run start > frontend.log 2>&1 &
-            fi
-            sleep 2
-            
-            # Verify
-            NEW_PID=$(pgrep -af 'node \\.next/standalone/server\\.js|next start|next-server|next-serv' | awk 'NR==1{print $1; exit}')
-            if [ -n "$NEW_PID" ]; then
-                echo "  ✓ Frontend running (PID: $NEW_PID)"
-            else
-                echo "  ⚠ Frontend may not have started correctly"
-                echo "  Last 80 lines of frontend.log:"
-                tail -n 80 frontend.log || true
+                if [ -f ".next/standalone/server.js" ]; then
+                    echo "  Starting Next.js (standalone)..."
+                    nohup env NODE_ENV=production HOSTNAME=0.0.0.0 PORT=3000 BACKEND_URL=http://127.0.0.1:8000 node .next/standalone/server.js > /tmp/pounce-frontend-nohup.log 2>&1 &
+                else
+                    echo "  Starting Next.js (npm start)..."
+                    nohup env NODE_ENV=production BACKEND_URL=http://127.0.0.1:8000 npm run start > /tmp/pounce-frontend-nohup.log 2>&1 &
+                fi
+                sleep 2
+                NEW_PID=$(pgrep -af 'node \\.next/standalone/server\\.js|next start|next-server|next-serv' | awk 'NR==1{print $1; exit}')
+                if [ -n "$NEW_PID" ]; then
+                    echo "  ✓ Frontend running (nohup fallback, PID: $NEW_PID)"
+                else
+                    echo "  ⚠ Frontend may not have started correctly"
+                    tail -n 80 /tmp/pounce-frontend-nohup.log || true
+                fi
            fi
        else
            echo "  ✗ Build failed, keeping old version"
--- a/systemd/pounce-backend.service
+++ b/systemd/pounce-backend.service
@ -12,8 +12,8 @@ Environment="PATH=/home/user/pounce/backend/venv/bin:/usr/local/bin:/usr/bin:/bi
 ExecStart=/home/user/pounce/backend/venv/bin/uvicorn app.main:app --host 0.0.0.0 --port 8000
 Restart=always
 RestartSec=5
-StandardOutput=append:/home/user/pounce/backend/backend.log
-StandardError=append:/home/user/pounce/backend/backend.log
+StandardOutput=journal
+StandardError=journal

 # Hardening
 NoNewPrivileges=true
--- a/systemd/pounce-frontend.service
+++ b/systemd/pounce-frontend.service
@ -15,8 +15,8 @@ Environment="BACKEND_URL=http://127.0.0.1:8000"
 ExecStart=/usr/bin/node /home/user/pounce/frontend/.next/standalone/server.js
 Restart=always
 RestartSec=5
-StandardOutput=append:/home/user/pounce/frontend/frontend.log
-StandardError=append:/home/user/pounce/frontend/frontend.log
+StandardOutput=journal
+StandardError=journal

 # Hardening
 NoNewPrivileges=true