# Deploy WhatsApp Inbox dari Gitea (Ubuntu) Dokumen ini untuk deploy `whatsapp-inbox-platform` ke Ubuntu production dengan asumsi: - PostgreSQL sudah terinstall - Nginx sudah terinstall - Gitea berjalan di port `3001` - App domain: `app.zappcare.id` - Port `3000` tidak dipakai (dalam panduan ini dipakai `3002`) Source code proyek sudah ada di Git: - `https://git.iptek.co/wirabasalamah/whatsapp-inbox-platform.git` ## 0) Persiapan dasar Login sebagai user sudo di server: ```bash ssh user@YOUR_SERVER_IP ``` Update sistem & install dependency dasar: ```bash sudo apt update && sudo apt upgrade -y sudo apt install -y curl ca-certificates git nginx postgresql postgresql-contrib curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - sudo apt install -y nodejs node -v npm -v ``` ## 1) Buat user & direktori aplikasi ```bash sudo useradd --system --home /var/www/whatsapp-inbox --shell /usr/sbin/nologin whatsapp-inbox || true sudo mkdir -p /var/www/whatsapp-inbox sudo chown -R whatsapp-inbox:whatsapp-inbox /var/www/whatsapp-inbox ``` ## 2) Buat DB PostgreSQL ```bash sudo -u postgres psql ``` ```sql CREATE USER whatsapp_inbox WITH PASSWORD 'YOUR_DB_PASSWORD'; CREATE DATABASE whatsapp_inbox OWNER whatsapp_inbox; \q ``` ## 3) Clone source dari Gitea ```bash sudo -u whatsapp-inbox git clone https://git.iptek.co/wirabasalamah/whatsapp-inbox-platform.git /var/www/whatsapp-inbox cd /var/www/whatsapp-inbox git checkout main git remote -v ``` Catatan: - jika prompt autentikasi muncul, gunakan token/credential Gitea Anda (username: `wira` atau email, token lebih aman daripada password). - jangan simpan password Git di file lain di repo. ## 4) Install dependency ```bash cd /var/www/whatsapp-inbox sudo -u whatsapp-inbox npm ci ``` ## 5) Setup environment `.env` ```bash sudo -u whatsapp-inbox cp .env.example .env sudo -u whatsapp-inbox nano .env ``` Minimal konfigurasi: ```env NODE_ENV=production HOST=127.0.0.1 PORT=3002 DATABASE_URL="postgresql://whatsapp_inbox:YOUR_DB_PASSWORD@127.0.0.1:5432/whatsapp_inbox?schema=public" AUTH_SECRET="ganti_secret_acak_minimal_32_karakter" APP_URL="https://app.zappcare.id" NEXT_PUBLIC_APP_URL="https://app.zappcare.id" OPS_BASE_URL="https://app.zappcare.id" WHATSAPP_WEBHOOK_VERIFY_TOKEN="ganti_verify_token" WHATSAPP_WEBHOOK_SECRET="ganti_webhook_secret" WHATSAPP_API_TOKEN="ganti_meta_token" WHATSAPP_API_VERSION="v22.0" WHATSAPP_ALLOW_SIMULATED_SEND="false" ``` Tambahkan variabel lain sesuai kebutuhan operasi/retry dari `.env.example`. ## 6) Migrasi & seed ```bash cd /var/www/whatsapp-inbox sudo -u whatsapp-inbox npm run db:deploy sudo -u whatsapp-inbox npm run db:seed ``` ## 7) Uji jalur aplikasi (manual) ```bash cd /var/www/whatsapp-inbox sudo -u whatsapp-inbox npm run start -- --hostname 127.0.0.1 --port 3002 ``` Di terminal lain: ```bash curl -I http://127.0.0.1:3002 curl -s http://127.0.0.1:3002/api/health | cat ``` Tekan `Ctrl+C` setelah semua sehat lalu lanjut ke service/systemd. ## 8) Buat service systemd untuk app Buat `/etc/systemd/system/whatsapp-inbox.service`: ```ini [Unit] Description=WhatsApp Inbox (Next.js) After=network.target postgresql.service [Service] Type=simple User=whatsapp-inbox Group=whatsapp-inbox WorkingDirectory=/var/www/whatsapp-inbox EnvironmentFile=/var/www/whatsapp-inbox/.env ExecStart=/usr/bin/npm run start -- --hostname 127.0.0.1 --port 3002 Restart=always RestartSec=5 LimitNOFILE=65535 [Install] WantedBy=multi-user.target ``` Enable: ```bash sudo systemctl daemon-reload sudo systemctl enable --now whatsapp-inbox sudo systemctl status whatsapp-inbox ``` ## 9) Buat service retry worker Buat `/etc/systemd/system/whatsapp-inbox-retry.service`: ```ini [Unit] Description=WhatsApp Inbox Campaign Retry Daemon After=network.target whatsapp-inbox.service [Service] Type=simple User=whatsapp-inbox Group=whatsapp-inbox WorkingDirectory=/var/www/whatsapp-inbox EnvironmentFile=/var/www/whatsapp-inbox/.env ExecStart=/usr/bin/npm run job:campaign-retry:daemon Restart=always RestartSec=5 [Install] WantedBy=multi-user.target ``` Enable: ```bash sudo systemctl daemon-reload sudo systemctl enable --now whatsapp-inbox-retry sudo systemctl status whatsapp-inbox-retry ``` ## 10) Konfigurasi Nginx + HTTPS ke app.zappcare.id Buat `/etc/nginx/sites-available/app.zappcare.id`: ```nginx server { listen 80; server_name app.zappcare.id; location /.well-known/acme-challenge/ { root /var/www/html; } location / { return 301 https://$host$request_uri; } } server { listen 443 ssl http2; server_name app.zappcare.id; client_max_body_size 20m; proxy_buffering off; ssl_certificate /etc/letsencrypt/live/app.zappcare.id/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/app.zappcare.id/privkey.pem; location / { proxy_pass http://127.0.0.1:3002; proxy_http_version 1.1; proxy_set_header Connection ""; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 120s; proxy_send_timeout 120s; } } ``` Aktifkan dan reload: ```bash sudo ln -s /etc/nginx/sites-available/app.zappcare.id /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl reload nginx ``` Install certbot dan issue SSL: ```bash sudo apt install -y certbot python3-certbot-nginx sudo certbot --nginx -d app.zappcare.id ``` ## 11) Validasi akhir ```bash curl -I https://app.zappcare.id curl -s https://app.zappcare.id/api/health | cat APP_URL=https://app.zappcare.id NEXT_PUBLIC_APP_URL=https://app.zappcare.id OPS_BASE_URL=https://app.zappcare.id npm run ops:readiness APP_URL=https://app.zappcare.id NEXT_PUBLIC_APP_URL=https://app.zappcare.id OPS_BASE_URL=https://app.zappcare.id npm run ops:smoke ``` ## 12) Update dan rollback ringan Update: ```bash cd /var/www/whatsapp-inbox git pull origin main sudo -u whatsapp-inbox npm ci sudo -u whatsapp-inbox npm run db:deploy sudo -u whatsapp-inbox npm run ci:verify sudo systemctl restart whatsapp-inbox sudo systemctl restart whatsapp-inbox-retry ``` Rollback cepat (jika perlu): ```bash cd /var/www/whatsapp-inbox git log --oneline -n 5 git checkout sudo systemctl restart whatsapp-inbox ``` ## 13) Catatan produksi - App service berjalan di `127.0.0.1:3002` (internal), Nginx mengekspose ke `https://app.zappcare.id`. - Tidak menyimpan secrets di git. - Gunakan `npm run ops:readiness` secara berkala setelah deploy/reboot.