Sosyabot Docs

English

Türkçe

English

Türkçe

Appearance

nginx

nginx fronts every Sosyabot component with TLS. Three vhosts, one HTTPS cert per host (Let's Encrypt via Certbot is the default).

The three vhosts 

app.sosyabot.com       →  127.0.0.1:${PORT:-4200}        (backend; serves frontend bundle)
sosyabot.com           →  127.0.0.1:${LANDING_PORT:-4201} (landing site)
docs.sosyabot.com      →  127.0.0.1:${DOCS_PORT:-4202}   (docs site)

Example vhost (docs)

nginx
server {
    server_name docs.sosyabot.com;

    location / {
        proxy_pass http://127.0.0.1:4202;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    listen 443 ssl;                                    # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/docs.sosyabot.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/docs.sosyabot.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

server {
    if ($host = docs.sosyabot.com) {
        return 301 https://$host$request_uri;
    }
    server_name docs.sosyabot.com;
    listen 80;
    return 404;
}

The app and landing vhosts follow the same pattern with a different upstream port.

Certbot

bash
sudo certbot --nginx -d app.sosyabot.com
sudo certbot --nginx -d sosyabot.com -d www.sosyabot.com
sudo certbot --nginx -d docs.sosyabot.com

Certbot writes the listen 443 ssl block, the if redirect block, and the certificate paths shown above. Renewal is on the system cron / systemd timer that Certbot installs.

Static-serve alternative for docs

The docs site is fully static after ./service.sh build. For a higher-throughput / lower-process-count deployment, point nginx directly at the dist directory and skip the Node vitepress preview process:

nginx
server {
    server_name docs.sosyabot.com;

    root /ssd/data/project/sosyabot/docs/content/.vitepress/dist;
    index index.html;

    location / {
        try_files $uri $uri.html $uri/ =404;
    }

    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/docs.sosyabot.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/docs.sosyabot.com/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
}

If you take this path, drop the docs entry from COMPONENTS in service.sh so it isn't booted at ./service.sh start. The default ships with the preview process for parity with the landing component.

Logs 

/var/log/nginx/access.log
/var/log/nginx/error.log

Per-vhost logging can be split via access_log and error_log directives inside each server block.

service.sh

ENV Reference

Backups