Deploy ke VPS¶
Kalo lo udah develop agent di laptop, cara migrate ke VPS.
Skenario¶
Lo udah punya code agent di laptop, jalan lokal. Sekarang mau deploy biar: - Jalan 24/7 - Ga butuh laptop nyala - Accessible dari mana aja
Step 1: Audit code¶
Sebelum deploy, pastikan code lo:
agent/
├── main.py
├── SOUL.md
├── requirements.txt
├── .env.example # template, bukan .env asli
├── .gitignore # exclude .env, credentials/, data/
└── README.md
.gitignore:
.env.example:
TELEGRAM_BOT_TOKEN=
OPENAI_API_KEY=
OPENAI_BASE_URL=https://api.openai.com/v1
OPENAI_MODEL=gpt-4o-mini
OWNER_TELEGRAM_ID=
AGENT_NAME=Kai
USER_NAME=
Step 2: Push code ke git¶
cd ~/path/to/agent
git init # kalo belum
git add .
git commit -m "initial commit"
# Push ke GitHub private
gh repo create my-agent --private --source=. --push
⚠️ Verify .env dan credentials/ ga ke-push:
Kalo accidentally ke-commit, hapus dari history:
Step 3: SSH ke VPS¶
Step 4: Clone repo¶
Authentication options:
HTTPS dengan PAT:
⚠️ Token di URL ke-store di config. Bersihin setelah clone:
SSH key:
ssh-keygen -t ed25519 -C "agent-vps"
cat ~/.ssh/id_ed25519.pub
# Copy ke GitHub Settings → SSH Keys
git clone git@github.com:user/my-agent.git agent
Step 5: Setup environment di VPS¶
cd ~/agent
# Copy .env template, isi sesuai value
cp .env.example .env
nano .env # isi values
chmod 600 .env
# Install Python deps
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt
Step 6: Copy SOUL.md kalo perlu¶
Kalo SOUL.md udah di repo, skip. Kalo ga, copy dari laptop:
Atau create di VPS langsung:
Step 7: Setup credentials¶
Credentials JANGAN di repo. Setup manual di VPS:
mkdir -p ~/agent/credentials
chmod 700 ~/agent/credentials
cd ~/agent/credentials
cat > github.env << 'EOF'
GH_TOKEN=ghp_xxx...
GH_USER=username
EOF
chmod 600 github.env
# Repeat untuk wallet.env, twitter.env, dll
Atau transfer dari laptop pakai scp:
# Di laptop:
scp -i ~/.ssh/vps-key.pem ~/agent/credentials/*.env \
ubuntu@<vps-ip>:~/agent/credentials/
⚠️ scp data encrypted in transit, tapi tetep di-store plaintext di disk. Permission 600.
Step 8: Test manual¶
Chat bot, verify respond. Ctrl+C untuk stop.
Step 9: Setup systemd¶
Lihat Systemd Service untuk detail.
Quick version:
sudo tee /etc/systemd/system/agent.service > /dev/null << 'EOF'
[Unit]
Description=Agent Bot
After=network.target
[Service]
Type=simple
User=ubuntu
WorkingDirectory=/home/ubuntu/agent
EnvironmentFile=/home/ubuntu/agent/.env
ExecStart=/home/ubuntu/agent/venv/bin/python main.py
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
EOF
sudo systemctl daemon-reload
sudo systemctl enable agent
sudo systemctl start agent
sudo systemctl status agent
Step 10: Verify¶
# Service running?
sudo systemctl is-active agent # expect "active"
# Log clean?
sudo journalctl -u agent -n 20 --no-pager
# Bot respond?
# Chat di Telegram → confirm respond
Step 11: Setup backup¶
Backup data eksternal (data di VPS bisa hilang anytime):
Option 1: Backup ke S3¶
# Install AWS CLI
sudo apt install -y awscli
aws configure # masukin access key
# Script backup
cat > ~/agent/backup.sh << 'EOF'
#!/bin/bash
cd ~/agent
DATE=$(date +%Y%m%d-%H%M%S)
tar -czf /tmp/agent-$DATE.tar.gz data/ credentials/
aws s3 cp /tmp/agent-$DATE.tar.gz s3://my-backups/agent-$DATE.tar.gz
rm /tmp/agent-$DATE.tar.gz
EOF
chmod +x ~/agent/backup.sh
# Cron tiap hari jam 3 pagi
(crontab -l 2>/dev/null; echo "0 3 * * * /home/ubuntu/agent/backup.sh >> /home/ubuntu/agent/backup.log 2>&1") | crontab -
Option 2: Backup ke GitHub private¶
⚠️ JANGAN backup credential ke GitHub. Cuma data non-sensitive (memory.json yang udah di-sanitize, dll).
cd ~/agent
mkdir -p backup-repo
cd backup-repo
git init
git remote add origin git@github.com:user/agent-backup.git
# Symlink data (bukan credentials):
ln -s ~/agent/data/memory.json memory.json
ln -s ~/agent/SOUL.md SOUL.md
# Cron daily push
cat > ~/agent/git-backup.sh << 'EOF'
#!/bin/bash
cd ~/agent/backup-repo
git add -A
git commit -m "auto-backup $(date +%Y%m%d-%H%M%S)" || true
git push origin main 2>&1
EOF
chmod +x ~/agent/git-backup.sh
(crontab -l 2>/dev/null; echo "0 3 * * * /home/ubuntu/agent/git-backup.sh >> /home/ubuntu/agent/backup.log 2>&1") | crontab -
Step 12: Setup monitoring¶
UptimeRobot (free 50 monitors)¶
- Sign up https://uptimerobot.com
- Add new monitor
- Type: Heartbeat (kalo lo expose health endpoint)
- Atau: HTTP(s) (kalo ada endpoint check)
Untuk Telegram bot tanpa HTTP endpoint, lebih bagus pakai cron heartbeat:
# Setup heartbeat URL di UptimeRobot, dapet URL kayak:
# https://heartbeat.uptimerobot.com/m123456-abc
cat > ~/agent/heartbeat.sh << 'EOF'
#!/bin/bash
if systemctl is-active --quiet agent; then
curl -s https://heartbeat.uptimerobot.com/m123456-abc > /dev/null
fi
EOF
chmod +x ~/agent/heartbeat.sh
# Cron tiap 5 menit
(crontab -l 2>/dev/null; echo "*/5 * * * * /home/ubuntu/agent/heartbeat.sh") | crontab -
Kalo agent down, heartbeat ga ngirim → UptimeRobot kirim alert ke email lo.
Telegram alert kalo crash¶
cat > ~/agent/check.sh << 'EOF'
#!/bin/bash
if ! systemctl is-active --quiet agent; then
curl -s -X POST "https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/sendMessage" \
-d chat_id=${OWNER_TELEGRAM_ID} \
-d text="🚨 Agent service is DOWN. Time: $(date)"
fi
EOF
chmod +x ~/agent/check.sh
source ~/agent/.env
# Cron tiap 5 menit
(crontab -l 2>/dev/null; echo "*/5 * * * * source /home/ubuntu/agent/.env && /home/ubuntu/agent/check.sh") | crontab -
Step 13: Update flow¶
Kalo lo update code di laptop:
# Di laptop:
cd ~/path/to/agent
# edit, test
git add .
git commit -m "feature X"
git push
# Di VPS:
ssh -i ~/.ssh/vps-key.pem ubuntu@<vps-ip>
cd ~/agent
git pull
source venv/bin/activate
pip install -r requirements.txt # kalo ada dep baru
sudo systemctl restart agent
sudo systemctl status agent
Atau bikin update script:
cat > ~/agent/update.sh << 'EOF'
#!/bin/bash
set -e
cd /home/ubuntu/agent
git pull
source venv/bin/activate
pip install -r requirements.txt --quiet
sudo systemctl restart agent
sleep 2
sudo systemctl status agent --no-pager
EOF
chmod +x ~/agent/update.sh
# Run:
./update.sh
Rollback strategy¶
Kalo update bikin bot crash:
cd ~/agent
git log --oneline -5 # liat commit recent
git checkout <previous-commit-hash>
sudo systemctl restart agent
Atau revert + push:
Multi-environment¶
Kalo lo punya dev + prod:
Dev VPS (testing):
- Branch dev
- Bot token bot-test
Prod VPS (real):
- Branch main
- Bot token bot-real
Update flow:
# Dev VPS:
git checkout dev
git pull
sudo systemctl restart agent
# Setelah test OK, merge ke main
git checkout main
git merge dev
git push
# Prod VPS:
git pull
sudo systemctl restart agent
Production checklist¶
Sebelum lo bilang "deployed":
- Bot respond di Telegram
- systemd service active dan enabled
- Log ga ada error
- SSH access pakai key (bukan password)
- Firewall enabled (port 22 only)
- .env permission 600
- credentials/ permission 700
- Backup cron jalan
- Monitoring (UptimeRobot atau custom) aktif
- Disk usage < 70%
- Memory usage < 70%
- Reboot test: VPS reboot, bot auto-start
Common pitfalls¶
"Bot working di laptop, error di VPS"¶
Kemungkinan: dependency version mismatch.
Fix: pin version di requirements.txt:
".env ga ke-load di systemd"¶
systemd butuh EnvironmentFile= di service file. Pastikan path absolute:
Bukan ~/agent/.env.
"Permission denied saat run"¶
# Cek owner
ls -la ~/agent/main.py
# Kalo bukan ubuntu, fix:
sudo chown -R ubuntu:ubuntu ~/agent
chmod 755 ~/agent/main.py
"ImportError di systemd, tapi OK manual"¶
Manual run pakai user shell, ada PYTHONPATH. systemd ga inherit.
Fix: pakai venv python di ExecStart:
Bukan python main.py (system python).