Skip to content


Latest commit

98aa35d · May 31, 2021


72 lines (49 loc) · 2.82 KB

File metadata and controls

72 lines (49 loc) · 2.82 KB


Deployment scripts for g0v rumors project


We provides 2 versions of docker-compose.yml:

  • docker-compose.sample.yml: Minimal setup to get all Cofacts service running on a single computer.
  • docker-compose.production.yml: The actual setup (with secrets redacted) that is running on . The differences are:
    • nginx is added as a reverse-proxy and serves https certificates.
    • line-bot-zh will be connected to AWS Cloudwatch logs, so you may need to setup AWS credential accordingly.

Before moving to next step, you are expected to create your own docker-compose.yml using the above mentioned file as reference.

Explanation of each environment variables are in .env.sample of the corresponding repository.


  1. docker & docker-compose
  2. git

Deploy steps

  1. su to appropriate user (for instance, docker)
  2. Clone this repo on production server
  3. Make a duplicate of env-files.sample directory and rename to env-files
  4. Make necessary changes to docker-compose.yml and files in volumes/
  5. docker-compose up -d

If you want ot run the whole Cofacts on the laptop, you may find this note useful:

Updating any image

After image change:

docker-compose pull <name>
docker-compose up --no-deps -d <name>

After changings file in volumes/:

docker-compose restart <name>

where <name> can be nginx, site, api and db.

Crontab setup

crontab -e and add:

0 0 1 * * docker run --rm -v /var/www/cofacts:/var/www/cofacts -v /etc/letsencrypt:/etc/letsencrypt -v /etc/ssl/certs:/etc/ssl/certs -v /var/log:/var/log certbot/certbot certonly --webroot -w /var/www/cofacts -d -m <your@email> --agree-tos --non-interactive >> /var/log/cron.log 2>&1
5 0 1 * * docker run --rm -v /var/www/cofacts:/var/www/cofacts -v /etc/letsencrypt:/etc/letsencrypt -v /etc/ssl/certs:/etc/ssl/certs -v /var/log:/var/log certbot/certbot certonly --webroot -w /var/www/cofacts -d -m <your@email> --agree-tos --non-interactive >> /var/log/cron.log 2>&1
0 1 1 * * cd /home/docker/rumors-deploy; /usr/local/bin/docker-compose restart nginx >> /var/log/cron.log 2>&1
5 0 * * * cd /home/docker/rumors-deploy; /usr/local/bin/docker-compose exec -T api node build/scripts/cleanupUrls.js >> /var/log/cron.log 2>&1

Optional mongodb backup

0 0 * * * docker run -it --rm -v <key-file-for-gcs>:/home/db-backup/key.json \
  --env GCP_PROJECT_ID=<project-id> \
  --env GCS_BUCKET=<bucket> \
  --env MONGOURI=mongodb+srv://<username>:<password>@<host>/<db> \

To see cofacts/mongodb-gsutil.