VPS Deployment
Deploy Nexgent on any Linux VPS for maximum control over your infrastructure.
This guide covers manual deployment on Ubuntu/Debian. Adapt commands for other distributions.
Prerequisites
- VPS with Ubuntu 22.04 LTS (or similar)
- Root or sudo access
- Domain name pointed to your server's IP
- Minimum specs: 1 vCPU, 1GB RAM, 10GB SSD
Recommended VPS providers:
- DigitalOcean (opens in a new tab)
- Hetzner (opens in a new tab)
- Vultr (opens in a new tab)
- Linode (opens in a new tab)
Server Setup
Update System
sudo apt update && sudo apt upgrade -yInstall Node.js
# Install Node.js 20 LTS
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt install -y nodejs
# Verify installation
node --version # Should be 20.x
npm --versionInstall pnpm
npm install -g pnpm
pnpm --version # Should be 8.x+Install PostgreSQL
sudo apt install -y postgresql postgresql-contrib
# Start and enable
sudo systemctl start postgresql
sudo systemctl enable postgresql
# Create database and user
sudo -u postgres psql << EOF
CREATE USER nexgent WITH PASSWORD 'your-strong-password';
CREATE DATABASE nexgent OWNER nexgent;
GRANT ALL PRIVILEGES ON DATABASE nexgent TO nexgent;
EOFInstall Redis
sudo apt install -y redis-server
# Configure Redis
sudo sed -i 's/supervised no/supervised systemd/' /etc/redis/redis.conf
# Set password (optional but recommended)
echo "requirepass your-redis-password" | sudo tee -a /etc/redis/redis.conf
# Restart Redis
sudo systemctl restart redis
sudo systemctl enable redis
# Verify
redis-cli -a your-redis-password ping # Should return PONGInstall Nginx
sudo apt install -y nginx
sudo systemctl enable nginxInstall Certbot (SSL)
sudo apt install -y certbot python3-certbot-nginxApplication Setup
Create Application User
sudo useradd -m -s /bin/bash nexgent
sudo usermod -aG sudo nexgentClone Repository
sudo -u nexgent -i
cd ~
git clone https://github.com/Nexgent-ai/nexgent-open-source-trading-engine.git
cd nexgentInstall Dependencies
pnpm installConfigure Environment Variables
Backend:
cd packages/backend
cp env.example .env
nano .env# Database
DATABASE_URL="postgresql://nexgent:your-strong-password@localhost:5432/nexgent?schema=public"
# Redis
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_PASSWORD=your-redis-password
# Server
PORT=4000
NODE_ENV=production
CORS_ORIGIN=https://your-domain.com
# Auth
JWT_SECRET="$(openssl rand -base64 32)"
# External APIs
JUPITER_API_KEY=your-jupiter-api-key
SOLANA_RPC_URL=https://your-rpc-endpoint
# Optional: Trading wallets
# WALLET_1=base58-private-keyFrontend:
cd ../frontend
cp env.example .env.local
nano .env.localNEXTAUTH_URL=https://your-domain.com
NEXTAUTH_SECRET="$(openssl rand -base64 32)"
NEXT_PUBLIC_API_URL=https://api.your-domain.comRun Database Migrations
cd ~/nexgent
pnpm --filter backend db:migrate:deployBuild Application
pnpm buildProcess Management with PM2
Install PM2
sudo npm install -g pm2Create PM2 Configuration
cd ~/nexgent
nano ecosystem.config.jsmodule.exports = {
apps: [
{
name: 'nexgent-backend',
cwd: '/home/nexgent/nexgent/packages/backend',
script: 'dist/index.js',
instances: 1,
exec_mode: 'fork',
env: {
NODE_ENV: 'production',
},
error_file: '/home/nexgent/logs/backend-error.log',
out_file: '/home/nexgent/logs/backend-out.log',
time: true,
},
{
name: 'nexgent-frontend',
cwd: '/home/nexgent/nexgent/packages/frontend',
script: 'node_modules/.bin/next',
args: 'start -p 3000',
instances: 1,
exec_mode: 'fork',
env: {
NODE_ENV: 'production',
},
error_file: '/home/nexgent/logs/frontend-error.log',
out_file: '/home/nexgent/logs/frontend-out.log',
time: true,
},
],
};Create Log Directory
mkdir -p ~/logsStart Application
pm2 start ecosystem.config.js
pm2 saveEnable Auto-Start
# Generate startup script
pm2 startup systemd -u nexgent --hp /home/nexgent
# Run the command it outputs, then:
pm2 savePM2 Commands
pm2 status # Check status
pm2 logs # View logs
pm2 logs --lines 50 # Last 50 lines
pm2 restart all # Restart all
pm2 reload all # Zero-downtime reload
pm2 stop all # Stop allNginx Configuration
Create Nginx Config
sudo nano /etc/nginx/sites-available/nexgent# Frontend
server {
listen 80;
server_name your-domain.com;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
}
}
# Backend API
server {
listen 80;
server_name api.your-domain.com;
location / {
proxy_pass http://127.0.0.1:4000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
# WebSocket support
proxy_read_timeout 86400;
}
}Enable Site
sudo ln -s /etc/nginx/sites-available/nexgent /etc/nginx/sites-enabled/
sudo nginx -t # Test config
sudo systemctl reload nginxConfigure SSL with Certbot
sudo certbot --nginx -d your-domain.com -d api.your-domain.comCertbot will:
- Obtain SSL certificates
- Update Nginx config for HTTPS
- Set up auto-renewal
Verify SSL Renewal
sudo certbot renew --dry-runFirewall Configuration
# Install UFW if not present
sudo apt install -y ufw
# Configure firewall
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow 'Nginx Full'
# Enable firewall
sudo ufw enable
sudo ufw statusSecurity Hardening
SSH Security
sudo nano /etc/ssh/sshd_configPermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yessudo systemctl restart sshdFail2Ban
sudo apt install -y fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2banAutomatic Updates
sudo apt install -y unattended-upgrades
sudo dpkg-reconfigure -plow unattended-upgradesDatabase Backups
Create Backup Script
sudo nano /home/nexgent/backup.sh#!/bin/bash
BACKUP_DIR="/home/nexgent/backups"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
BACKUP_FILE="$BACKUP_DIR/nexgent_$TIMESTAMP.sql.gz"
mkdir -p $BACKUP_DIR
# Backup database
PGPASSWORD="your-strong-password" pg_dump -h localhost -U nexgent nexgent | gzip > $BACKUP_FILE
# Keep only last 7 days
find $BACKUP_DIR -name "*.sql.gz" -mtime +7 -delete
echo "Backup completed: $BACKUP_FILE"chmod +x /home/nexgent/backup.shSchedule Daily Backups
crontab -eAdd:
0 3 * * * /home/nexgent/backup.sh >> /home/nexgent/logs/backup.log 2>&1Monitoring
System Monitoring
# Install htop for real-time monitoring
sudo apt install -y htop
# Check disk usage
df -h
# Check memory
free -m
# Check running processes
htopApplication Monitoring
# PM2 monitoring
pm2 monit
# PM2 web dashboard
pm2 plus # Requires PM2 account (free tier available)Health Check Script
nano /home/nexgent/healthcheck.sh#!/bin/bash
BACKEND_URL="http://localhost:4000/api/v1/health"
FRONTEND_URL="http://localhost:3000"
# Check backend
if curl -s "$BACKEND_URL" | grep -q "ok"; then
echo "Backend: OK"
else
echo "Backend: FAILED"
pm2 restart nexgent-backend
fi
# Check frontend
if curl -s -o /dev/null -w "%{http_code}" "$FRONTEND_URL" | grep -q "200"; then
echo "Frontend: OK"
else
echo "Frontend: FAILED"
pm2 restart nexgent-frontend
fichmod +x /home/nexgent/healthcheck.shSchedule every 5 minutes:
crontab -e*/5 * * * * /home/nexgent/healthcheck.sh >> /home/nexgent/logs/healthcheck.log 2>&1Updating
See Upgrading for detailed update instructions.
Quick update:
cd ~/nexgent
git pull origin main
pnpm install
pnpm build
pnpm --filter backend db:migrate:deploy
pm2 reload allTroubleshooting
Application Won't Start
# Check PM2 logs
pm2 logs nexgent-backend --lines 100
pm2 logs nexgent-frontend --lines 100
# Check system logs
journalctl -u nginx -fDatabase Connection Issues
# Check PostgreSQL status
sudo systemctl status postgresql
# Check connection
psql -h localhost -U nexgent -d nexgentRedis Connection Issues
# Check Redis status
sudo systemctl status redis
# Test connection
redis-cli -a your-redis-password pingNginx Issues
# Check config syntax
sudo nginx -t
# Check logs
sudo tail -f /var/log/nginx/error.logSSL Certificate Issues
# Check certificate status
sudo certbot certificates
# Renew manually
sudo certbot renew