138 lines
3.0 KiB
Markdown
138 lines
3.0 KiB
Markdown
# Deployment Guide for parking.rocketscale.it
|
|
|
|
## Prerequisites
|
|
|
|
- org-stack running on rocky@rocketscale.it
|
|
- Git repository on git.rocketscale.it
|
|
|
|
## Step 1: Push to Git
|
|
|
|
```bash
|
|
# On development machine
|
|
cd /mnt/code/boilerplate/org-parking
|
|
git init
|
|
git add .
|
|
git commit -m "Initial commit: Parking Manager"
|
|
git remote add origin git@git.rocketscale.it:rocky/parking-manager.git
|
|
git push -u origin main
|
|
```
|
|
|
|
## Step 2: Clone on Server
|
|
|
|
```bash
|
|
# SSH to server
|
|
ssh rocky@rocketscale.it
|
|
|
|
# Clone into org-stack
|
|
cd ~/org-stack
|
|
git clone git@git.rocketscale.it:rocky/parking-manager.git parking
|
|
```
|
|
|
|
## Step 3: Add to .env
|
|
|
|
Add to `~/org-stack/.env`:
|
|
|
|
```bash
|
|
# Parking Manager
|
|
PARKING_SECRET_KEY=your-random-secret-key-here
|
|
```
|
|
|
|
Generate a secret key:
|
|
```bash
|
|
python3 -c "import secrets; print(secrets.token_hex(32))"
|
|
```
|
|
|
|
## Step 4: Add to compose.yml
|
|
|
|
Add the parking service to `~/org-stack/compose.yml`:
|
|
|
|
```yaml
|
|
# ===========================================================================
|
|
# Parking Manager - Parking Spot Management
|
|
# ===========================================================================
|
|
parking:
|
|
build: ./parking
|
|
container_name: parking
|
|
restart: unless-stopped
|
|
volumes:
|
|
- parking_data:/app/data
|
|
environment:
|
|
- SECRET_KEY=${PARKING_SECRET_KEY}
|
|
- DATABASE_PATH=/app/data/parking.db
|
|
- AUTHELIA_ENABLED=true
|
|
- ALLOWED_ORIGINS=https://parking.rocketscale.it
|
|
- SMTP_HOST=${SMTP_HOST:-}
|
|
- SMTP_PORT=${SMTP_PORT:-587}
|
|
- SMTP_USER=${SMTP_USER:-}
|
|
- SMTP_PASSWORD=${SMTP_PASSWORD:-}
|
|
- SMTP_FROM=${SMTP_FROM:-}
|
|
networks:
|
|
- org-network
|
|
depends_on:
|
|
- authelia
|
|
```
|
|
|
|
Add to volumes section:
|
|
```yaml
|
|
parking_data: # Parking SQLite database
|
|
```
|
|
|
|
Add `parking` to Caddy's depends_on list.
|
|
|
|
## Step 5: Add to Caddyfile
|
|
|
|
Add to `~/org-stack/Caddyfile`:
|
|
|
|
```
|
|
# Parking Manager - Protected by Authelia
|
|
parking.rocketscale.it {
|
|
import auth
|
|
reverse_proxy parking:8000
|
|
}
|
|
```
|
|
|
|
## Step 6: Create LLDAP Groups
|
|
|
|
In lldap (https://ldap.rocketscale.it):
|
|
|
|
1. Create group: `parking_admins` (follows lldap naming convention)
|
|
2. Create group: `managers` (reusable across apps)
|
|
3. Add yourself to `parking_admins`
|
|
|
|
## Step 7: Deploy
|
|
|
|
```bash
|
|
cd ~/org-stack
|
|
|
|
# Build and start parking service
|
|
docker compose build parking
|
|
docker compose up -d parking
|
|
|
|
# Reload Caddy to pick up new domain
|
|
docker compose exec caddy caddy reload --config /etc/caddy/Caddyfile
|
|
|
|
# Check logs
|
|
docker compose logs -f parking
|
|
```
|
|
|
|
## Step 8: Verify
|
|
|
|
1. Go to https://parking.rocketscale.it
|
|
2. You should be redirected to Authelia for login
|
|
3. After login, you should see the parking app
|
|
4. Your user should be auto-created with `admin` role (if in parking-admins group)
|
|
|
|
## Troubleshooting
|
|
|
|
### 401 Unauthorized
|
|
- Check Authelia headers are being passed
|
|
- Check `docker compose logs authelia`
|
|
|
|
### User has wrong role
|
|
- Verify LLDAP group membership
|
|
- Roles sync on each login
|
|
|
|
### Database errors
|
|
- Check volume mount: `docker compose exec parking ls -la /app/data`
|
|
- Check permissions: `docker compose exec parking id`
|