# Deploy Your Own Hugin API ## Setup Let’s head over to the repository and download a latest release: Unzip the directory to a directory such as `~/Projects` then use the terminal to navigate to the directory of hugin-api-``. ## Installation First install Ansible locally. ### Mac using brew package manager: * `brew install ansible` * `brew install esolitos/ipa/sshpass` ### Ubuntu/Debian ``` sudo apt update sudo apt install software-properties-common python3-jmespath sudo add-apt-repository --yes --update ppa:ansible/ansible sudo apt install ansible sudo apt install sshpass ``` ### Windows using WSL Since Ansible can not run natively on Windows we need to use the subsystem for Linux in Windows. Please check out this tutorial on how to get it started: ## Verify Then we need to run the following to verify that our installation was successful: `ansible --version` ## Configuration So now that we have Ansible up and running on our OS we will start looking into what kind of configuration we need to do in order for us to provision our VPS with Hugin API. If you have never heard what provisioning are it simply means “providing” or making something available. What Ansible does is to setup Infrastructure as Code (IaC) that we define what we need to install and what needs to be configured in code and thus we do not need to manually set this up and do this everytime we make a change or add something new. It does everything for us in one command when running it. This can be a huge time and energy saver. If something would have happen of a server or infrastructure we could just spin up a new environment very easily. So let’s start by going into the ansible directory and open up the `prod.inventory` file (you can of course use your favorite text editor instead of Vim): ``` [vps] ``` Now we see a block of \[vps] and under it are the domain name followed by the `letsencrypt_email`, `domain_name` on the same row. This is all the hosts we are going to use. In this case we are just going to provision to one VPS. You could put the IP address there instead of `api.hugin.chat` and it would work perfectly fine. If we would like to provision to two or multiple VPS we could just copy the first one and change the ip/hostname and Ansible would pick them all up and setup everything on those VPS as well. So change `api.hugin.chat` to your ip/hostname and the `letencrypt_email` and the `domain_name`. Please bare in mind that fix the DNS settings first for this domain name and point to the VPS IP address a couple of hours before running this otherwise the certificate would not go through if it can not find that the DNS points to that domain name. Also update `exporter_version` to the latest release over at So now save the file and we will start looking at `provision_vps.yml` file. In this file we have some things we need to change in order for be able to run the playbook. First we need to set a hugin\_node\_server of where to pick up the data for the Hugin API application. It could be your own or just leave the value there if you would like. Then we need to uncomment the line “base” currently in the screenshot on line 30 so we do a configuration of the SSH public key on the VPS as well as disabling the default login with username/password so we will only use our private key to login to the VPS. ### Ansible Vault Before we start with the provisioning we need to generate one vault file: * `ansible-vault create ./group_vars/vps.yml` Now enter a password for the file itself when prompted and then it will automatically open up Vi/Vim and we enter the following: ```yml ansible_user: ansible_password: vault_vps_user: ansible vault_vps_password: vault_postgres_db_user: vault_postgres_db_password: vault_postgres_db_name: ``` Then save and exit: * `:wq` Then we need to use that password we set for the file itself and save that in a file on our host system. Do that by: * `vim ~/hugin.cache.pwd` Then add that same password inside this file and we will use this file to run the playbook. Then save and exit: * `:wq` Now we need to permanently add our SSH key. Open up our bash rc file (depending on OS you might have a different file name for this in your home directory). Open up \~/.bashrc or \~/.bash\_profile and add this: ``` eval $(ssh-agent) ssh-add ~/.ssh/id_hugin_cache ``` Then run to update: * `source ~/.bashrc` Or: * `source ~/.bash_profile` Open up **provision\_vps.yml** remove the comment for "base". We are not using that in the pipeline but for manual deploy this is needed. So now we can start provisioning by running our shell script: * `sudo chmod +x ansible.sh` * `./ansible.sh` If we add multiple VPS instances in our inventory, we need to copy our public key to new one manually otherwise we will not be able to connect to it later. It will give us a permission denied error. So copy the public key by running: * `ssh-copy-id -i ~/.ssh/id_hugin_cache.pub root@new-vps` ## Common issues #### NGINX configuration breaks **Problem:** If you made some change in NGINX configuration and it breaks during setup, the next time it will not always be able to update it so it works again.\ **Solution:** SSH into the machine and change the configuration manually and restart the NGINX server. Check the logs with `journalctl -xe` if you don't find the issue right away.