Updated README with steps to fix current issue
All checks were successful
Deploy / deploy (push) Successful in 53s
All checks were successful
Deploy / deploy (push) Successful in 53s
SWAOS
This commit is contained in:
188
README.md
188
README.md
@@ -1,43 +1,147 @@
|
||||
Here is dummy ai explanation for you my friend
|
||||
### QUICK EXPLANATION
|
||||
|
||||
## Stack
|
||||
* Backend: Node + Fastify + Prisma (Postgres)
|
||||
* Frontend: React + Vite
|
||||
* Scheduler: separate worker container (cron tasks)
|
||||
* Reverse proxy (prod)
|
||||
* Default: Nginx (skymoneybudget.com.conf)
|
||||
* Alternative: Caddy (Caddyfile.prod)
|
||||
* API is under /api path
|
||||
* Web is static from /var/www/skymoney/dist
|
||||
* HTTPS + HSTS already configured in the prod config
|
||||
### Required env vars (production)
|
||||
* DATABASE_URL
|
||||
* JWT_SECRET (32+ chars)
|
||||
* COOKIE_SECRET (32+ chars)
|
||||
* CORS_ORIGIN (set to https://skymoneybudget.com)
|
||||
* Optional: COOKIE_DOMAIN=skymoneybudget.com
|
||||
* Cookies + Security
|
||||
* HttpOnly + Secure in prod
|
||||
* CSRF protection required for non‑GET
|
||||
### Other Features
|
||||
* /auth/logout requires CSRF now
|
||||
* Mutation endpoints rate‑limited
|
||||
* Cron jobs
|
||||
* rollover worker (6 AM user time)
|
||||
* auto‑payment worker (9 AM user time)
|
||||
* Jobs run every 15 minutes and only process users whose local time has reached the threshold
|
||||
* DB / Prisma
|
||||
* Postgres required
|
||||
* Prisma migrations must be applied before running
|
||||
* The app blocks default secrets in prod
|
||||
* Build + deploy
|
||||
* web/ builds to web/dist
|
||||
* API runs on port 8080 internally (exposed as 8081 in compose)
|
||||
* Nginx proxies /api to 127.0.0.1:8081
|
||||
* Logs
|
||||
* Prod logs are limited (PII reduced)
|
||||
* Key logging: job success/failure counts
|
||||
* Backups
|
||||
* Scripts exist: backup.sh, restore.sh
|
||||
* Restore requires admin DB privileges (created DB)
|
||||
* Optional but recommended to test once (tested, backup worked restore failed)
|
||||
In order for the system to properly function with all background workers, the deployment needs to be transferred to docker compose. This file explains the proccess. I do not have access to the VPS so I figured I would create a guide.
|
||||
|
||||
- The reason the session is not working currently is because the API runs within docker compose and all the workers can not function (auth for example).
|
||||
|
||||
|
||||
# Deploy via Docker (Gitea Actions)
|
||||
|
||||
This document lists the changes needed to switch your deployment to **Docker Compose** so all services (api, web, scheduler, postgres, etc.) start automatically on deploy.
|
||||
|
||||
---
|
||||
|
||||
## 1) Replace the deploy workflow steps
|
||||
|
||||
Update `.gitea/workflows/deploy.yml` so it:
|
||||
|
||||
- Pulls the repo on the VPS (or uses the runner workspace)
|
||||
- Builds and starts containers with Docker Compose
|
||||
- Runs migrations inside the running API container
|
||||
- Reloads Nginx (or Caddy)
|
||||
|
||||
**Recommended deploy.yml (Docker-based):**
|
||||
|
||||
```yaml
|
||||
name: Deploy
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
|
||||
jobs:
|
||||
deploy:
|
||||
runs-on: vps-host
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Deploy with Docker Compose
|
||||
run: |
|
||||
# Adjust to your deployment directory
|
||||
APP_DIR=/opt/skymoney
|
||||
mkdir -p $APP_DIR
|
||||
|
||||
# Sync repo contents to server folder
|
||||
rsync -a --delete ./ $APP_DIR/
|
||||
|
||||
cd $APP_DIR
|
||||
|
||||
# Build + start all services
|
||||
docker compose up -d --build
|
||||
|
||||
# Run Prisma migrations inside API container
|
||||
docker compose exec -T api npx prisma migrate deploy
|
||||
|
||||
- name: Reload Nginx
|
||||
run: sudo systemctl reload nginx
|
||||
```
|
||||
|
||||
> If you use Caddy instead of Nginx, replace the reload step accordingly.
|
||||
|
||||
---
|
||||
|
||||
## 2) Ensure docker-compose.yml is production-safe
|
||||
|
||||
Double‑check these:
|
||||
|
||||
- The API service exposes the correct port
|
||||
- The web service is either served by Nginx (static build) or a container
|
||||
- Scheduler/worker services are included
|
||||
|
||||
Example pattern:
|
||||
|
||||
```yaml
|
||||
services:
|
||||
api:
|
||||
build: ./api
|
||||
env_file:
|
||||
- ./.env
|
||||
ports:
|
||||
- "8080:8080"
|
||||
|
||||
scheduler:
|
||||
build: ./api
|
||||
command: node dist/worker/rollover.js
|
||||
env_file:
|
||||
- ./.env
|
||||
|
||||
web:
|
||||
build: ./web
|
||||
# or copy build output to nginx
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## 3) Update Nginx upstream
|
||||
|
||||
Make sure your proxy matches the API port:
|
||||
|
||||
```
|
||||
location /api/ {
|
||||
proxy_pass http://127.0.0.1:8080/;
|
||||
}
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## 4) Add Docker/Compose to VPS if missing
|
||||
|
||||
```bash
|
||||
sudo apt update
|
||||
sudo apt install -y docker.io docker-compose-plugin
|
||||
sudo systemctl enable --now docker
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## 5) Update environment files
|
||||
|
||||
Your `.env` should exist at `/opt/skymoney/.env` and contain:
|
||||
|
||||
- DATABASE_URL
|
||||
- JWT_SECRET (>=32 chars)
|
||||
- COOKIE_SECRET (>=32 chars)
|
||||
- CORS_ORIGIN
|
||||
- NODE_ENV=production
|
||||
|
||||
---
|
||||
|
||||
## 6) Verify after deploy
|
||||
|
||||
```bash
|
||||
docker compose ps
|
||||
curl -i http://127.0.0.1:8080/health
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Optional: logs
|
||||
|
||||
```bash
|
||||
docker compose logs -f api
|
||||
docker compose logs -f scheduler
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
If you want, I can also adapt the deploy workflow to use **docker compose pull** + **docker compose up** without rebuilding every time, or split API/web deploys.
|
||||
|
||||
Reference in New Issue
Block a user