At this point I have built and deployed quite a few projects; be it for myself or others, and the classic nginx wiring step was beginning to feel more and more like a hassle.
I'm also a Factorio player, which means that when something is repetitive and boring, I look for ways to automate it, or at least reduce the process's friction as much as I can; and the aforementioned bothersomeness of nginx and deployments resulted in the writing of Tetreid.
Tetreid is a systemd service, running as its own user; it has limited read/write access to some nginx sub folders, and holds data about the sites it manages, like their root domain (I currently mostly use subdomains of the one you're probably reading this on), a source repo URL (private github repos with fine grained tokens atm, I'd like to transition to a personally hosted git infra though eventually), hosting params (IP/port) which at the moment are mostly on LAN with a dedicated port for each project but made to be usable between decoupled servers. There are also other options like a couple of flags that change the deployment pipelines (e.g.: "persistentData" makes Tetreid create a "shared" folder with specialized subfolders depending on what should be stored (db ? images ? raw files ?).
Then there are more general data like build / install commands (defaulting for npm rn) and finally some project-specific paths, like the .env (if not in root), ecosystem file for Process Manager 2 or other optionals.
All this is used for quickly setting up the projects, running the certbot (Let's Encrypt!) for domain certifications when needed, and then for general project management: start, stop, restart, deploy, logs, metrics etc...
The service mainly manages the projects via Process Manager 2, which lets me gather metrics and quickly act on the processes without having had to plan the low level implementation directly, which is convenient. It is kind of annoying regarding env variables changes and restart but hey, one problem for 30 conveniences, I'll take it gladly.
Site creation is recipe-based, which is basically a default config template choice that modifies how the project is handled by Tetreid:
- Static sites are built in a nginx-accessible folder, so direct serving
- Dynamic ones are managed by PM2, and have options for persistent data (survives deployments) for things like configs, DB or images (these are attributed a nginx-accessible folder too to avoid Node overhead).
The service exposes endpoints for wiring a frontend to it, these are token-protected and Tetreid has an optional whitelisted IPs list (may be overkill but better safe than sorry with this kind of system). So I did the wiring to my admin panel and I now have a clean, centralized view of my running projects: the resources they consume, their logs, deployment history and actual deploy/rollback actions. And it feels great to know how the data behaves and move behind the curtains when using it !