kyle/vip-coordinator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Backup: 2025-06-08 00:29 - User and admin online ready for dockerhub

Browse Source 
[Restore from backup: vip-coordinator-backup-2025-06-08-00-29-user and admin online ready for dockerhub]
This commit is contained in:
kyle
2025-06-08 00:29:00 +02:00
parent 035f76fdd3
commit 36cb8e8886
33 changed files with 3676 additions and 3527 deletions
Download Patch File Download Diff File Expand all files Collapse all files

366
DEPLOYMENT.md
View File

@@ -1,266 +1,232 @@
# 🚀 VIP Coordinator - Docker Hub Deployment Guide
Deploy the VIP Coordinator application on any system with Docker in just a few steps!
## 📋 Quick Start
## 📋 Prerequisites
### Prerequisites
- Docker and Docker Compose installed
- Google Cloud Console account (for OAuth setup)
- **Docker** and **Docker Compose** installed on your system
- **Domain name** (optional, can run on localhost for testing)
- **Google Cloud Console** account for OAuth setup
## 🚀 Quick Start (5 Minutes)
### 1. Download Deployment Files
Create a new directory and download these files:
### 1. Download and Configure
```bash
mkdir vip-coordinator
# Pull the project
git clone <your-dockerhub-repo-url>
cd vip-coordinator
# Download the deployment files
curl -O https://raw.githubusercontent.com/your-repo/vip-coordinator/main/docker-compose.yml
curl -O https://raw.githubusercontent.com/your-repo/vip-coordinator/main/.env.example
# Copy environment template
cp .env.example .env.prod
# Edit with your configuration
nano .env.prod
```
### 2. Configure Environment
### 2. Required Configuration
Edit `.env.prod` with your values:
```bash
# Copy the environment template
cp .env.example .env
# Database Configuration
DB_PASSWORD=your-secure-database-password
# Edit the configuration (use your preferred editor)
nano .env
# Domain Configuration (update with your domains)
DOMAIN=your-domain.com
VITE_API_URL=https://api.your-domain.com/api
# Google OAuth Configuration (from Google Cloud Console)
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secret
GOOGLE_REDIRECT_URI=https://api.your-domain.com/auth/google/callback
# Frontend URL
FRONTEND_URL=https://your-domain.com
# Admin Configuration
ADMIN_PASSWORD=your-secure-admin-password
```
**Required Changes in `.env`:**
- `DB_PASSWORD`: Change to a secure password
- `ADMIN_PASSWORD`: Change to a secure password
- `GOOGLE_CLIENT_ID`: Your Google OAuth Client ID
- `GOOGLE_CLIENT_SECRET`: Your Google OAuth Client Secret
### 3. Google OAuth Setup
**For Production Deployment:**
- `DOMAIN`: Your domain name (e.g., `mycompany.com`)
- `VITE_API_URL`: Your API URL (e.g., `https://api.mycompany.com`)
- `GOOGLE_REDIRECT_URI`: Your callback URL (e.g., `https://api.mycompany.com/auth/google/callback`)
- `FRONTEND_URL`: Your frontend URL (e.g., `https://mycompany.com`)
1. **Create Google Cloud Project**:
- Go to [Google Cloud Console](https://console.cloud.google.com/)
- Create a new project
### 3. Set Up Google OAuth
2. **Enable Google+ API**:
- Navigate to "APIs & Services" > "Library"
- Search for "Google+ API" and enable it
1. Go to [Google Cloud Console](https://console.cloud.google.com/)
2. Create a new project or select existing one
3. Enable the Google+ API
4. Go to "Credentials" → "Create Credentials" → "OAuth 2.0 Client IDs"
5. Set application type to "Web application"
6. Add authorized redirect URIs:
- For localhost: `http://localhost:3000/auth/google/callback`
- For production: `https://api.your-domain.com/auth/google/callback`
7. Copy the Client ID and Client Secret to your `.env` file
3. **Create OAuth Credentials**:
- Go to "APIs & Services" > "Credentials"
- Click "Create Credentials" > "OAuth 2.0 Client IDs"
- Application type: "Web application"
- Authorized redirect URIs: `https://api.your-domain.com/auth/google/callback`
### 4. Deploy the Application
### 4. Deploy
```bash
# Pull the latest images from Docker Hub
docker-compose pull
# Start the application
docker-compose up -d
docker-compose -f docker-compose.prod.yml up -d
# Check status
docker-compose ps
docker-compose -f docker-compose.prod.yml ps
# View logs
docker-compose -f docker-compose.prod.yml logs -f
```
### 5. Access the Application
### 5. Access Your Application
- **Local Development**: http://localhost
- **Production**: https://your-domain.com
- **Frontend**: http://your-domain.com (or http://localhost if running locally)
- **Backend API**: http://api.your-domain.com (or http://localhost:3000)
- **API Documentation**: http://api.your-domain.com/api-docs.html
## 🔧 Configuration Options
### 6. First Login
- Visit your frontend URL
- Click "Continue with Google"
- The first user becomes the system administrator
- Subsequent users need admin approval
## 🔧 Configuration Details
### Environment Variables
| Variable | Description | Required | Default |
|----------|-------------|----------|---------|
| `DB_PASSWORD` | PostgreSQL database password | ✅ | - |
| `ADMIN_PASSWORD` | Admin interface password | ✅ | - |
| `GOOGLE_CLIENT_ID` | Google OAuth Client ID | ✅ | - |
| `GOOGLE_CLIENT_SECRET` | Google OAuth Client Secret | ✅ | - |
| `GOOGLE_REDIRECT_URI` | OAuth callback URL | ✅ | - |
| `FRONTEND_URL` | Frontend application URL | ✅ | - |
| `VITE_API_URL` | Backend API URL | ✅ | - |
| `DOMAIN` | Your domain name | ❌ | localhost |
| `AVIATIONSTACK_API_KEY` | Flight data API key | ❌ | - |
| `PORT` | Backend port | ❌ | 3000 |
| Variable | Required | Description | Example |
|----------|----------|-------------|---------|
| `DB_PASSWORD` | ✅ | PostgreSQL database password | `SecurePass123!` |
| `DOMAIN` | ✅ | Your main domain | `example.com` |
| `VITE_API_URL` | ✅ | API endpoint URL | `https://api.example.com/api` |
| `GOOGLE_CLIENT_ID` | ✅ | Google OAuth client ID | `123456789-abc.apps.googleusercontent.com` |
| `GOOGLE_CLIENT_SECRET` | ✅ | Google OAuth client secret | `GOCSPX-abcdef123456` |
| `GOOGLE_REDIRECT_URI` | ✅ | OAuth redirect URI | `https://api.example.com/auth/google/callback` |
| `FRONTEND_URL` | ✅ | Frontend URL | `https://example.com` |
| `ADMIN_PASSWORD` | ✅ | Admin panel password | `AdminPass123!` |
### Ports
### Optional Configuration
- **Frontend**: Port 80 (HTTP)
- **Backend**: Port 3000 (API)
- **Database**: Internal only (PostgreSQL)
- **Redis**: Internal only (Cache)
- **AviationStack API Key**: Configure via admin interface for flight tracking
- **Custom Ports**: Modify docker-compose.prod.yml if needed
## 🌐 Production Deployment
## 🏗️ Architecture
### With Reverse Proxy (Recommended)
### Services
- **Frontend**: React app served by Nginx (Port 80)
- **Backend**: Node.js API server (Port 3000)
- **Database**: PostgreSQL with automatic schema setup
- **Redis**: Caching and real-time updates
For production, use a reverse proxy like Nginx or Traefik:
### Security Features
- JWT tokens with automatic key rotation (24-hour cycle)
- Non-root containers for enhanced security
- Health checks for all services
- Secure headers and CORS configuration
```nginx
# Nginx configuration example
server {
listen 80;
server_name your-domain.com;
return 301 https://$server_name$request_uri;
}
## 🔐 Security Best Practices
server {
listen 443 ssl;
server_name your-domain.com;
# SSL configuration
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
location / {
proxy_pass http://localhost:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
### Required Changes
1. **Change default passwords**: Update `DB_PASSWORD` and `ADMIN_PASSWORD`
2. **Use HTTPS**: Configure SSL/TLS certificates for production
3. **Secure domains**: Use your own domains, not the examples
4. **Google OAuth**: Create your own OAuth credentials
server {
listen 443 ssl;
server_name api.your-domain.com;
# SSL configuration
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
```
### Recommended
- Use strong, unique passwords (20+ characters)
- Enable firewall rules for your server
- Regular security updates for the host system
- Monitor logs for suspicious activity
### SSL/HTTPS Setup
1. Obtain SSL certificates (Let's Encrypt recommended)
2. Configure your reverse proxy for HTTPS
3. Update your `.env` file with HTTPS URLs
4. Update Google OAuth redirect URIs to use HTTPS
## 🔍 Troubleshooting
## 🚨 Troubleshooting
### Common Issues
**1. OAuth Login Fails**
- Check Google OAuth configuration
- Verify redirect URIs match exactly
- Ensure HTTPS is used in production
**2. Database Connection Issues**
- Check if PostgreSQL container is healthy: `docker-compose ps`
- Verify database password in `.env`
**3. Frontend Can't Reach Backend**
- Verify `VITE_API_URL` in `.env` matches your backend URL
- Check if backend is accessible: `curl http://localhost:3000/health`
**4. Permission Denied Errors**
- Ensure Docker has proper permissions
- Check file ownership and permissions
### Viewing Logs
**OAuth Not Working**:
```bash
# View all logs
docker-compose logs
# Check Google OAuth configuration
docker-compose -f docker-compose.prod.yml logs backend | grep -i oauth
# View specific service logs
docker-compose logs backend
docker-compose logs frontend
docker-compose logs db
# Verify redirect URI matches exactly in Google Console
```
# Follow logs in real-time
docker-compose logs -f backend
**Database Connection Error**:
```bash
# Check database status
docker-compose -f docker-compose.prod.yml ps db
# View database logs
docker-compose -f docker-compose.prod.yml logs db
```
**Frontend Can't Connect to Backend**:
```bash
# Verify backend is running
curl http://localhost:3000/api/health
# Check CORS configuration
docker-compose -f docker-compose.prod.yml logs backend | grep -i cors
```
### Health Checks
```bash
# Check container status
docker-compose ps
# Check all service health
docker-compose -f docker-compose.prod.yml ps
# Check backend health
curl http://localhost:3000/health
# Test API health endpoint
curl http://localhost:3000/api/health
# Check frontend
# Test frontend
curl http://localhost/
```
## 🔄 Updates
To update to the latest version:
```bash
# Pull latest images
docker-compose pull
# Restart with new images
docker-compose up -d
```
## 🛑 Stopping the Application
```bash
# Stop all services
docker-compose down
# Stop and remove volumes (⚠️ This will delete all data)
docker-compose down -v
```
## 📊 Monitoring
### Container Health
All containers include health checks:
- **Backend**: API endpoint health check
- **Database**: PostgreSQL connection check
- **Redis**: Redis ping check
- **Frontend**: Nginx status check
### Logs
Logs are automatically rotated and can be viewed using Docker commands.
```bash
# View all logs
docker-compose -f docker-compose.prod.yml logs
## 🔐 Security Considerations
# Follow specific service logs
docker-compose -f docker-compose.prod.yml logs -f backend
docker-compose -f docker-compose.prod.yml logs -f frontend
docker-compose -f docker-compose.prod.yml logs -f db
```
1. **Change default passwords** in `.env`
2. **Use HTTPS** in production
3. **Secure your server** with firewall rules
4. **Regular backups** of database volumes
5. **Keep Docker images updated**
## 🔄 Updates and Maintenance
## 📞 Support
### Updating the Application
If you encounter issues:
```bash
# Pull latest changes
git pull origin main
1. Check the troubleshooting section above
2. Review container logs
3. Verify your configuration
4. Check GitHub issues for known problems
# Rebuild and restart
docker-compose -f docker-compose.prod.yml down
docker-compose -f docker-compose.prod.yml up -d --build
```
## 🎉 Success!
### Backup Database
Once deployed, you'll have a fully functional VIP Coordinator system with:
- ✅ Google OAuth authentication
- ✅ Mobile-friendly interface
- ✅ Real-time scheduling
- ✅ User management
- ✅ Automatic backups
- ✅ Health monitoring
```bash
# Create database backup
docker-compose -f docker-compose.prod.yml exec db pg_dump -U postgres vip_coordinator > backup.sql
The first user to log in will automatically become the system administrator.
# Restore from backup
docker-compose -f docker-compose.prod.yml exec -T db psql -U postgres vip_coordinator < backup.sql
```
## 📚 Additional Resources
- **API Documentation**: Available at `/api-docs.html` when running
- **User Roles**: Administrator, Coordinator, Driver
- **Flight Tracking**: Configure AviationStack API key in admin panel
- **Support**: Check GitHub issues for common problems
## 🆘 Getting Help
1. Check this deployment guide
2. Review the troubleshooting section
3. Check Docker container logs
4. Verify environment configuration
5. Test with health check endpoints
---
**VIP Coordinator** - Streamlined VIP logistics management with modern containerized deployment.