org-parking/deploy/DEPLOY.md

Deployment Guide for parking.rocketscale.it

Prerequisites

• org-stack running on rocky@rocketscale.it
• Git repository on git.rocketscale.it

Step 1: Push to Git

# On development machine
cd /mnt/code/boilerplate/org-parking
git init
git add .
git commit -m "Initial commit: Parking Manager"
git remote add origin git@git.rocketscale.it:rocky/parking-manager.git
git push -u origin main

Step 2: Clone on Server

# SSH to server
ssh rocky@rocketscale.it

# Clone into org-stack
cd ~/org-stack
git clone git@git.rocketscale.it:rocky/parking-manager.git parking

Step 3: Add to .env

Add to ~/org-stack/.env:

# Parking Manager
PARKING_SECRET_KEY=your-random-secret-key-here

Generate a secret key:

python3 -c "import secrets; print(secrets.token_hex(32))"

Step 4: Add to compose.yml

Add the parking service to ~/org-stack/compose.yml:

  # ===========================================================================
  # Parking Manager - Parking Spot Management
  # ===========================================================================
  parking:
    build: ./parking
    container_name: parking
    restart: unless-stopped
    volumes:
      - parking_data:/app/data
    environment:
      - SECRET_KEY=${PARKING_SECRET_KEY}
      - DATABASE_PATH=/app/data/parking.db
      - AUTHELIA_ENABLED=true
      - ALLOWED_ORIGINS=https://parking.rocketscale.it
      - SMTP_HOST=${SMTP_HOST:-}
      - SMTP_PORT=${SMTP_PORT:-587}
      - SMTP_USER=${SMTP_USER:-}
      - SMTP_PASSWORD=${SMTP_PASSWORD:-}
      - SMTP_FROM=${SMTP_FROM:-}
    networks:
      - org-network
    depends_on:
      - authelia

Add to volumes section:

  parking_data:       # Parking SQLite database

Add parking to Caddy's depends_on list.

Step 5: Add to Caddyfile

Add to ~/org-stack/Caddyfile:

# Parking Manager - Protected by Authelia
parking.rocketscale.it {
    import auth
    reverse_proxy parking:8000
}

Step 6: Create LLDAP Groups

In lldap (https://ldap.rocketscale.it):

1. Create group: parking_admins (follows lldap naming convention)
2. Create group: managers (reusable across apps)
3. Add yourself to parking_admins

Step 7: Deploy

cd ~/org-stack

# Build and start parking service
docker compose build parking
docker compose up -d parking

# Reload Caddy to pick up new domain
docker compose exec caddy caddy reload --config /etc/caddy/Caddyfile

# Check logs
docker compose logs -f parking

Step 8: Verify

1. Go to https://parking.rocketscale.it
2. You should be redirected to Authelia for login
3. After login, you should see the parking app
4. Your user should be auto-created with admin role (if in parking-admins group)

Troubleshooting

401 Unauthorized

• Check Authelia headers are being passed
• Check docker compose logs authelia

User has wrong role

• Verify LLDAP group membership
• Roles sync on each login

Database errors

• Check volume mount: docker compose exec parking ls -la /app/data
• Check permissions: docker compose exec parking id