ct/bmc_hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Production deployment setup complete

Browse Source
This commit is contained in:
Christian 2025-12-17 16:47:35 +01:00
parent 84485bd294
commit fda8319e8e
6 changed files with 1004 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
.env.prod.example
View File

@ -1,24 +1,33 @@
# =====================================================
# PRODUCTION ENVIRONMENT - BMC Hub
# =====================================================
# Kopier denne fil til .env på production serveren
# OG ÆNDR ALLE PASSWORDS OG SECRETS!
# =====================================================
# RELEASE VERSION
# =====================================================
# Tag fra Gitea (f.eks. v1.0.0, v1.2.3)
RELEASE_VERSION=v1.0.0
# =====================================================
# GITEA AUTHENTICATION
# =====================================================
# Personal Access Token fra https://g.bmcnetworks.dk/user/settings/applications
GITHUB_TOKEN=your_gitea_token_here
GITHUB_REPO=ct/bmc_hub
# ===================================================== # =====================================================
# POSTGRESQL DATABASE - Production # POSTGRESQL DATABASE - Production
# ===================================================== # =====================================================
DATABASE_URL=postgresql://bmc_hub:CHANGEME_STRONG_PASSWORD@postgres:5432/bmc_hub DATABASE_URL=postgresql://bmc_hub_prod:CHANGE_THIS_PASSWORD@postgres:5432/bmc_hub_prod
# Database credentials (bruges af docker-compose) # Database credentials (bruges af docker-compose/podman-compose)
POSTGRES_USER=bmc_hub POSTGRES_USER=bmc_hub_prod
POSTGRES_PASSWORD=CHANGEME_STRONG_PASSWORD POSTGRES_PASSWORD=CHANGE_THIS_PASSWORD_TO_STRONG_PASSWORD
POSTGRES_DB=bmc_hub POSTGRES_DB=bmc_hub_prod
POSTGRES_PORT=5432 POSTGRES_PORT=5432
# =====================================================
# GITHUB DEPLOYMENT - Production Version Control
# =====================================================
# Git tag eller branch at deploye (f.eks. "v1.0.0", "v1.2.3")
# VIGTIGT: Brug ALTID tags til production (ikke "latest" eller "main")
RELEASE_VERSION=v1.0.0
# GitHub repository (format: owner/repo eller path på Gitea)
GITHUB_REPO=ct/bmc_hub
# GitHub/Gitea Personal Access Token (skal have læseadgang til repo) # GitHub/Gitea Personal Access Token (skal have læseadgang til repo)
# Opret token på: https://g.bmcnetworks.dk/user/settings/applications # Opret token på: https://g.bmcnetworks.dk/user/settings/applications
GITHUB_TOKEN=your_gitea_token_here GITHUB_TOKEN=your_gitea_token_here

418
DEPLOYMENT_CHECKLIST.md Normal file
View File

@ -0,0 +1,418 @@
# 🚀 BMC Hub - Production Deployment Checklist
## ✅ Pre-Deployment (På din Mac)
### 1. Test Lokalt
- [ ] Alle ændringer committed til Git
- [ ] Lokale tests kørt og består
- [ ] `docker-compose up` virker lokalt
- [ ] Health endpoint returnerer OK: `curl http://localhost:8001/health`
### 2. Opret Gitea Release
```bash
cd /Users/christianthomas/DEV/bmc_hub_dev
# Se nuværende tags
git tag -l
# Commit alle ændringer
git add .
git status
git commit -m "Release v1.0.0: Initial production release"
# Push til Gitea
git push origin main
# Tag release (semantic versioning: major.minor.patch)
git tag v1.0.0
git push origin v1.0.0
# Verificer på Gitea
open https://g.bmcnetworks.dk/ct/bmc_hub/releases
```
### 3. Verificer Release på Gitea
- [ ] Tag synligt på https://g.bmcnetworks.dk/ct/bmc_hub/tags
- [ ] Kan downloade archive: https://g.bmcnetworks.dk/ct/bmc_hub/archive/v1.0.0.tar.gz
- [ ] Raw files tilgængelige via API
## 🔧 Production Server Setup (Første Gang)
### 1. Forbered Server
```bash
# SSH til server
ssh user@your-server.com
# Installer Podman (hvis ikke installeret)
sudo apt update
sudo apt install -y podman podman-compose
# Eller på RHEL/CentOS
sudo dnf install -y podman podman-compose
# Verificer installation
podman --version
podman-compose --version
```
### 2. Opret Gitea Personal Access Token
- [ ] Gå til https://g.bmcnetworks.dk/user/settings/applications
- [ ] Klik "Generate New Token"
- [ ] Token navn: `BMC Hub Production`
- [ ] Scopes: ✅ `repo` (read)
- [ ] Gem token sikkert (vises kun én gang!)
### 3. Download Deployment Files
```bash
# Opret deployment directory
sudo mkdir -p /opt/bmc_hub
sudo chown $USER:$USER /opt/bmc_hub
cd /opt/bmc_hub
# Download deployment script
curl -H "Authorization: token YOUR_GITEA_TOKEN" \
https://g.bmcnetworks.dk/api/v1/repos/ct/bmc_hub/raw/scripts/deploy_production.sh?ref=v1.0.0 \
-o setup.sh
chmod +x setup.sh
# Download .env template
curl -H "Authorization: token YOUR_GITEA_TOKEN" \
https://g.bmcnetworks.dk/api/v1/repos/ct/bmc_hub/raw/.env.prod.example?ref=v1.0.0 \
-o .env.example
```
### 4. Konfigurer Environment
```bash
# Kopier template
cp .env.example .env
# Rediger .env
nano .env
```
**KRITISKE ÆNDRINGER:**
```bash
# 1. Version
RELEASE_VERSION=v1.0.0
# 2. Gitea Token
GITHUB_TOKEN=glpat-xxxxxxxxxxxxxxxxxxxx # Din token fra trin 2
# 3. Database Passwords (generer stærke passwords)
POSTGRES_PASSWORD=$(openssl rand -base64 32)
DATABASE_URL=postgresql://bmc_hub_prod:${POSTGRES_PASSWORD}@postgres:5432/bmc_hub_prod
# 4. Secret Key (generer random)
SECRET_KEY=$(python3 -c "import secrets; print(secrets.token_urlsafe(32))")
# 5. CORS Origins (production domain)
CORS_ORIGINS=https://hub.bmcnetworks.dk
# 6. e-conomic Credentials (hvis relevant)
ECONOMIC_APP_SECRET_TOKEN=xxxxx
ECONOMIC_AGREEMENT_GRANT_TOKEN=xxxxx
# 7. vTiger Credentials (hvis relevant)
VTIGER_API_KEY=xxxxx
# 8. BEHOLD SAFETY SWITCHES!
ECONOMIC_READ_ONLY=true
ECONOMIC_DRY_RUN=true
TIMETRACKING_VTIGER_READ_ONLY=true
TIMETRACKING_ECONOMIC_READ_ONLY=true
```
### 5. Kør Deployment
```bash
# Download alle filer fra Gitea
./setup.sh
# Verificer downloaded files
ls -la
# Skal se: docker-compose.yml, Dockerfile, requirements.txt, migrations/
# Build og start
podman-compose up -d --build
# Følg logs
podman-compose logs -f
```
### 6. Verificer Deployment
```bash
# Check container status
podman ps
# Expected output:
# CONTAINER ID IMAGE STATUS PORTS
# xxxxxxxxxxxx bmc-hub:v1.0.0 Up 2 minutes 0.0.0.0:8000->8000/tcp
# xxxxxxxxxxxx postgres:16-alpine Up 2 minutes 0.0.0.0:5432->5432/tcp
# Test health endpoint
curl http://localhost:8000/health
# Expected:
# {"status":"healthy","database":"connected","version":"v1.0.0"}
# Test API
curl http://localhost:8000/api/v1/system/health
# Check database
podman exec -it bmc-hub-postgres-prod psql -U bmc_hub_prod -d bmc_hub_prod
# Liste tabeller
\dt
# Check sample data
SELECT * FROM customers LIMIT 5;
\q
```
### 7. Setup Reverse Proxy (SSL/HTTPS)
**Med Nginx:**
```nginx
server {
listen 443 ssl http2;
server_name hub.bmcnetworks.dk;
ssl_certificate /etc/ssl/certs/bmcnetworks.crt;
ssl_certificate_key /etc/ssl/private/bmcnetworks.key;
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
```
**Med Traefik** (labels i docker-compose.yml):
```yaml
labels:
- "traefik.enable=true"
- "traefik.http.routers.bmc-hub.rule=Host(`hub.bmcnetworks.dk`)"
- "traefik.http.routers.bmc-hub.entrypoints=websecure"
- "traefik.http.routers.bmc-hub.tls.certresolver=letsencrypt"
```
### 8. Setup Backups
```bash
# Opret backup script
sudo nano /opt/bmc_hub/backup.sh
```
```bash
#!/bin/bash
BACKUP_DIR="/opt/backups/bmc_hub"
DATE=$(date +%Y%m%d_%H%M%S)
mkdir -p $BACKUP_DIR
# Backup database
podman exec bmc-hub-postgres-prod pg_dump -U bmc_hub_prod bmc_hub_prod | \
gzip > $BACKUP_DIR/database_$DATE.sql.gz
# Backup uploads og data
tar -czf $BACKUP_DIR/files_$DATE.tar.gz /opt/bmc_hub/uploads /opt/bmc_hub/data
# Behold kun 30 dages backups
find $BACKUP_DIR -type f -mtime +30 -delete
echo "Backup completed: $DATE"
```
```bash
chmod +x /opt/bmc_hub/backup.sh
# Tilføj til crontab (daglig backup kl 02:00)
crontab -e
# Add: 0 2 * * * /opt/bmc_hub/backup.sh >> /opt/bmc_hub/logs/backup.log 2>&1
```
### 9. Setup Monitoring (Optional)
**Uptime Kuma:**
- Add monitor for: `https://hub.bmcnetworks.dk/health`
- Interval: 60 sekunder
- Expected keyword: `"healthy"`
**Prometheus/Grafana:**
- Se `docs/MONITORING.md` (hvis eksisterer)
## 🔄 Opdatering til Ny Version
### På din Mac:
```bash
cd /Users/christianthomas/DEV/bmc_hub_dev
# Lav ændringer...
git add .
git commit -m "Feature: Add new functionality"
git push origin main
# Tag ny version
git tag v1.1.0
git push origin v1.1.0
```
### På Production Server:
```bash
cd /opt/bmc_hub
# Backup først!
./backup.sh
# Opdater RELEASE_VERSION i .env
nano .env
# Ændr: RELEASE_VERSION=v1.1.0
# Download nye filer
./setup.sh
# Rebuild
podman-compose down
podman-compose up -d --build
# Verificer
podman-compose logs -f api
curl http://localhost:8000/health
```
## 🆘 Troubleshooting
### Container Starter Ikke
```bash
# Check logs detaljeret
podman logs bmc-hub-api-prod --tail 100
# Check build logs
podman-compose build --no-cache
# Verificer .env
cat .env | grep -v "PASSWORD\|TOKEN\|SECRET"
```
### Database Connection Fejl
```bash
# Test database connection
podman exec -it bmc-hub-postgres-prod psql -U bmc_hub_prod -d bmc_hub_prod
# Check database logs
podman logs bmc-hub-postgres-prod
# Restart database
podman-compose restart postgres
```
### Gitea Download Fejl
```bash
# Test token manuelt
curl -H "Authorization: token YOUR_TOKEN" \
https://g.bmcnetworks.dk/api/v1/repos/ct/bmc_hub/tags
# Verificer release eksisterer
curl https://g.bmcnetworks.dk/ct/bmc_hub/releases
# Check network
ping g.bmcnetworks.dk
```
### Port Allerede I Brug
```bash
# Find hvad der bruger porten
sudo lsof -i :8000
# Ændr port i .env
nano .env
# API_PORT=8001
# Rebuild
podman-compose down
podman-compose up -d
```
## 🔙 Rollback Procedure
```bash
cd /opt/bmc_hub
# Stop services
podman-compose down
# Restore database backup
gunzip < /opt/backups/bmc_hub/database_YYYYMMDD_HHMMSS.sql.gz | \
podman exec -i bmc-hub-postgres-prod psql -U bmc_hub_prod -d bmc_hub_prod
# Ændr til gammel version i .env
nano .env
# RELEASE_VERSION=v1.0.0
# Rebuild
podman-compose up -d --build
# Verificer
curl http://localhost:8000/health
```
## 📊 Post-Deployment Checks
- [ ] Health endpoint OK: `curl https://hub.bmcnetworks.dk/health`
- [ ] API responding: `curl https://hub.bmcnetworks.dk/api/v1/system/health`
- [ ] Database accessible og data intact
- [ ] Logs ser normale ud (ingen ERROR/CRITICAL)
- [ ] SSL certificate valid
- [ ] Backups kører automatisk
- [ ] Monitoring alerts konfigureret
- [ ] Safety switches aktiveret (READ_ONLY=true)
- [ ] DNS pointing til ny server (hvis relevant)
- [ ] Firewall rules konfigureret
## 🎯 Security Checklist
- [ ] Alle passwords ændret fra defaults
- [ ] SECRET_KEY er random og unik
- [ ] CORS_ORIGINS sat til production domain
- [ ] SSL/HTTPS aktiveret
- [ ] Firewall kun åbner 80/443 (ikke 8000 direkte)
- [ ] Database port IKKE exposed eksternt (kun internt network)
- [ ] .env fil har korrekte permissions (600)
- [ ] Gitea token har minimal scope (kun read)
- [ ] Safety switches aktiveret i .env
- [ ] Backups krypteret (hvis sensitive data)
## 📝 Dokumentation
- [ ] [PRODUCTION_DEPLOYMENT.md](PRODUCTION_DEPLOYMENT.md) - Detaljeret guide
- [ ] [PRODUCTION_QUICK_START.md](PRODUCTION_QUICK_START.md) - Hurtig reference
- [ ] [README.md](README.md) - Project overview
## 📞 Support
Ved problemer:
- Email: ct@bmcnetworks.dk
- Gitea Issues: https://g.bmcnetworks.dk/ct/bmc_hub/issues
---
**Version:** 1.0
**Sidst opdateret:** 2025-12-17

317
PRODUCTION_DEPLOYMENT.md Normal file
View File

@ -0,0 +1,317 @@
# BMC Hub - Production Deployment Guide
## 📋 Forudsætninger
- Linux server med **Podman** eller **Docker** installeret
- Adgang til Gitea repository: `https://g.bmcnetworks.dk/ct/bmc_hub`
- Gitea Personal Access Token med læseadgang
## 🚀 Deployment Trin-for-Trin
### 1. Opret Gitea Personal Access Token
1. Gå til https://g.bmcnetworks.dk/user/settings/applications
2. Klik "Generate New Token"
3. Giv tokenet et navn: "BMC Hub Production"
4. Vælg scopes: `repo` (read)
5. Gem tokenet sikkert - det vises kun én gang
### 2. Tag en Release i Gitea
Fra din lokale udviklings-mac:
```bash
cd /Users/christianthomas/DEV/bmc_hub_dev
# Commit alle ændringer
git add .
git commit -m "Prepare for production v1.0.0"
# Tag release
git tag v1.0.0
git push origin main
git push origin v1.0.0
```
### 3. Forbered Production Server
```bash
# SSH til production server
ssh user@your-production-server.com
# Opret deployment directory
mkdir -p /opt/bmc_hub
cd /opt/bmc_hub
# Download kun nødvendige filer fra Gitea
curl -H "Authorization: token YOUR_GITEA_TOKEN" \
https://g.bmcnetworks.dk/api/v1/repos/ct/bmc_hub/raw/docker-compose.prod.yml?ref=v1.0.0 \
-o docker-compose.yml
curl -H "Authorization: token YOUR_GITEA_TOKEN" \
https://g.bmcnetworks.dk/api/v1/repos/ct/bmc_hub/raw/Dockerfile?ref=v1.0.0 \
-o Dockerfile
curl -H "Authorization: token YOUR_GITEA_TOKEN" \
https://g.bmcnetworks.dk/api/v1/repos/ct/bmc_hub/raw/.env.prod.example?ref=v1.0.0 \
-o .env.example
# Opret migrations directory
mkdir -p migrations
# Download alle migrations (init.sql og andre)
curl -H "Authorization: token YOUR_GITEA_TOKEN" \
https://g.bmcnetworks.dk/api/v1/repos/ct/bmc_hub/raw/migrations/init.sql?ref=v1.0.0 \
-o migrations/init.sql
# Download requirements.txt (til Dockerfile)
curl -H "Authorization: token YOUR_GITEA_TOKEN" \
https://g.bmcnetworks.dk/api/v1/repos/ct/bmc_hub/raw/requirements.txt?ref=v1.0.0 \
-o requirements.txt
```
### 4. Konfigurer Environment Variables
```bash
# Kopier template
cp .env.example .env
# Rediger .env med production værdier
nano .env
```
**VIGTIGE ÆNDRINGER I .env:**
```bash
# Release version (matcher git tag)
RELEASE_VERSION=v1.0.0
# Gitea token
GITHUB_TOKEN=din_gitea_personal_access_token
# SKIFT ALLE PASSWORDS!
POSTGRES_PASSWORD=et_meget_stærkt_password_her
SECRET_KEY=$(python3 -c "import secrets; print(secrets.token_urlsafe(32))")
# Production settings
LOG_LEVEL=WARNING
CORS_ORIGINS=https://yourdomain.com
# BEHOLD SAFETY SWITCHES PÅ!
ECONOMIC_READ_ONLY=true
ECONOMIC_DRY_RUN=true
```
### 5. Opret Nødvendige Directories
```bash
cd /opt/bmc_hub
# Opret data directories
mkdir -p logs uploads data/invoice_templates
# Sæt permissions (hvis nødvendigt)
chmod 755 logs uploads data
```
### 6. Start Services med Podman Compose
```bash
# Pull og build images
podman-compose -f docker-compose.yml build --no-cache
# Start services
podman-compose -f docker-compose.yml up -d
# Følg logs
podman-compose -f docker-compose.yml logs -f
```
### 7. Verificer Deployment
```bash
# Check container status
podman ps
# Test health endpoint
curl http://localhost:8000/health
# Check database
podman exec -it bmc-hub-postgres-prod psql -U bmc_hub_prod -d bmc_hub_prod -c "\dt"
```
Expected output:
```json
{
"status": "healthy",
"database": "connected",
"version": "v1.0.0"
}
```
## 🔄 Opdatering til Ny Version
```bash
# På din Mac - tag ny release
cd /Users/christianthomas/DEV/bmc_hub_dev
git tag v1.1.0
git push origin v1.1.0
# På production server
cd /opt/bmc_hub
# Opdater RELEASE_VERSION i .env
nano .env # Ændr til v1.1.0
# Rebuild og genstart
podman-compose down
podman-compose build --no-cache
podman-compose up -d
# Verificer
podman-compose logs -f api
```
## 🗄️ Database Migrations
Når der tilføjes nye migrations:
```bash
# Download nye migration filer til /opt/bmc_hub/migrations/
curl -H "Authorization: token YOUR_TOKEN" \
https://g.bmcnetworks.dk/api/v1/repos/ct/bmc_hub/raw/migrations/XXX_new_migration.sql?ref=v1.1.0 \
-o migrations/XXX_new_migration.sql
# Kør migration manuelt
podman exec -i bmc-hub-postgres-prod psql -U bmc_hub_prod -d bmc_hub_prod < migrations/XXX_new_migration.sql
```
**VIGTIGT:** init.sql kører KUN ved første database initialization. Nye migrations skal køres manuelt.
## 🔒 Sikkerhed Best Practices
1. **Passwords**: Brug minimum 32 tegn, tilfældige passwords
2. **Secret Key**: Generer med `secrets.token_urlsafe(32)`
3. **Gitea Token**: Begræns til read-only scope for production
4. **Firewall**: Åbn kun nødvendige porte (8000, 5432 hvis remote access)
5. **HTTPS**: Brug reverse proxy (nginx/traefik) med SSL i production
6. **Backups**: Sæt automatisk backup op for PostgreSQL data volume
## 📊 Monitoring
```bash
# Container status
podman-compose ps
# Resource usage
podman stats
# Application logs
podman-compose logs -f api
# Database logs
podman-compose logs -f postgres
# Health check
curl http://localhost:8000/health
curl http://localhost:8000/api/v1/system/health
```
## 🆘 Troubleshooting
### Database Connection Issues
```bash
# Check postgres logs
podman-compose logs postgres
# Test connection
podman exec -it bmc-hub-postgres-prod psql -U bmc_hub_prod -d bmc_hub_prod
# Check network
podman network inspect bmc-hub-network_bmc-hub-network
```
### API Won't Start
```bash
# Check detailed logs
podman logs bmc-hub-api-prod
# Verify environment variables
podman exec bmc-hub-api-prod env | grep -E "DATABASE|RELEASE"
# Check if database is ready
podman exec bmc-hub-postgres-prod pg_isready
```
### Gitea Download Fails
```bash
# Test token manually
curl -H "Authorization: token YOUR_TOKEN" \
https://g.bmcnetworks.dk/api/v1/repos/ct/bmc_hub/tags
# Verify release exists
curl https://g.bmcnetworks.dk/ct/bmc_hub/releases
```
## 🔄 Rollback Procedure
```bash
# Ændr RELEASE_VERSION til tidligere version
nano .env # v1.1.0 → v1.0.0
# Rebuild med gammel version
podman-compose down
podman-compose build --no-cache
podman-compose up -d
```
## 📦 Backup & Restore
### Backup Database
```bash
# Automated backup script
podman exec bmc-hub-postgres-prod pg_dump -U bmc_hub_prod bmc_hub_prod > backup_$(date +%Y%m%d).sql
# Eller med podman-compose
podman-compose exec postgres pg_dump -U bmc_hub_prod bmc_hub_prod > backup.sql
```
### Restore Database
```bash
# Stop API først
podman-compose stop api
# Restore
podman exec -i bmc-hub-postgres-prod psql -U bmc_hub_prod -d bmc_hub_prod < backup.sql
# Start API
podman-compose start api
```
## 🎯 Production Checklist
- [ ] Gitea token oprettet med read-only scope
- [ ] Release tagged i Git (f.eks. v1.0.0)
- [ ] `.env` fil udfyldt med production værdier
- [ ] Alle passwords ændret fra defaults
- [ ] SECRET_KEY genereret tilfældigt
- [ ] CORS_ORIGINS sat til production domain
- [ ] Safety switches aktiveret (READ_ONLY=true, DRY_RUN=true)
- [ ] Directories oprettet (logs, uploads, data)
- [ ] Migrations downloaded til `migrations/` directory
- [ ] Database initialiseret med init.sql
- [ ] Containers startet og healthy
- [ ] Health endpoints verificeret
- [ ] Backup strategi implementeret
- [ ] Firewall konfigureret
- [ ] SSL certifikat installeret (reverse proxy)
- [ ] Monitoring setup (optional: Uptime Kuma)
## 📞 Support
Ved problemer, kontakt: ct@bmcnetworks.dk

111
PRODUCTION_QUICK_START.md Normal file
View File

@ -0,0 +1,111 @@
# BMC Hub - Quick Production Setup
## 🚀 Hurtig Start (TL;DR)
```bash
# 1. På din Mac - tag en release
cd /Users/christianthomas/DEV/bmc_hub_dev
git tag v1.0.0 && git push origin v1.0.0
# 2. På production server
mkdir /opt/bmc_hub && cd /opt/bmc_hub
# 3. Download setup script
curl https://raw.githubusercontent.com/ct/bmc_hub/v1.0.0/scripts/deploy_production.sh -o setup.sh
chmod +x setup.sh
# 4. Opret .env (brug template nedenfor)
nano .env
# 5. Kør deployment
./setup.sh
# 6. Start services
podman-compose up -d --build
# 7. Verificer
curl http://localhost:8000/health
```
## 📋 Minimal .env Template
```bash
# Version
RELEASE_VERSION=v1.0.0
# Gitea (opret token på https://g.bmcnetworks.dk/user/settings/applications)
GITHUB_TOKEN=glpat-xxxxxxxxxxxxx
GITHUB_REPO=ct/bmc_hub
# Database (SKIFT PASSWORD!)
POSTGRES_USER=bmc_hub_prod
POSTGRES_PASSWORD=din_stærke_password_her
POSTGRES_DB=bmc_hub_prod
DATABASE_URL=postgresql://bmc_hub_prod:din_stærke_password_her@postgres:5432/bmc_hub_prod
# Security (generer med: python3 -c "import secrets; print(secrets.token_urlsafe(32))")
SECRET_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# API
API_PORT=8000
CORS_ORIGINS=https://yourdomain.com
# Safety (BEHOLD true!)
ECONOMIC_READ_ONLY=true
ECONOMIC_DRY_RUN=true
```
## 🔄 Opdater til Ny Version
```bash
cd /opt/bmc_hub
# Ændr version i .env
nano .env # RELEASE_VERSION=v1.1.0
# Rebuild
podman-compose down
podman-compose up -d --build
# Check
podman-compose logs -f api
```
## 📖 Fuld Dokumentation
Se [PRODUCTION_DEPLOYMENT.md](PRODUCTION_DEPLOYMENT.md) for detaljeret guide.
## 🆘 Problemer?
```bash
# Check logs
podman-compose logs -f
# Check containers
podman ps -a
# Restart
podman-compose restart
# Start forfra
podman-compose down -v
podman-compose up -d --build
```
## 📁 Struktur på Production Server
```
/opt/bmc_hub/
├── .env # Din konfiguration (opret selv)
├── docker-compose.yml # Downloaded fra Gitea
├── Dockerfile # Downloaded fra Gitea
├── requirements.txt # Downloaded fra Gitea
├── migrations/ # SQL migrations
│ └── init.sql
├── logs/ # Application logs
├── uploads/ # Uploaded files
└── data/ # Application data
└── invoice_templates/
```
**VIGTIGT:** Kun disse filer downloades til serveren. Al application kode hentes automatisk af Docker/Podman fra Gitea release når containeren bygges.

10
docker-compose.prod.yml
View File

@ -1,7 +1,7 @@
version: '3.8' version: '3.8'
services: services:
# PostgreSQL Database # PostgreSQL Database - Production
postgres: postgres:
image: postgres:16-alpine image: postgres:16-alpine
container_name: bmc-hub-postgres-prod container_name: bmc-hub-postgres-prod
@ -11,7 +11,8 @@ services:
POSTGRES_DB: ${POSTGRES_DB} POSTGRES_DB: ${POSTGRES_DB}
volumes: volumes:
- postgres_data:/var/lib/postgresql/data - postgres_data:/var/lib/postgresql/data
- ./migrations/init.sql:/docker-entrypoint-initdb.d/init.sql:ro # Mount all migration files for initialization
- ./migrations:/docker-entrypoint-initdb.d:ro
ports: ports:
- "${POSTGRES_PORT:-5432}:5432" - "${POSTGRES_PORT:-5432}:5432"
restart: always restart: always
@ -23,7 +24,7 @@ services:
networks: networks:
- bmc-hub-network - bmc-hub-network
# FastAPI Application - Production with GitHub Release Version # FastAPI Application - Production with Gitea Release
api: api:
build: build:
context: . context: .
@ -40,10 +41,10 @@ services:
ports: ports:
- "${API_PORT:-8000}:8000" - "${API_PORT:-8000}:8000"
volumes: volumes:
# Data persistence (NO source code in production)
- ./logs:/app/logs - ./logs:/app/logs
- ./uploads:/app/uploads - ./uploads:/app/uploads
- ./data:/app/data - ./data:/app/data
# NOTE: No source code mount in production - code comes from GitHub release
env_file: env_file:
- .env - .env
environment: environment:
@ -62,6 +63,7 @@ services:
labels: labels:
- "com.bmcnetworks.app=bmc-hub" - "com.bmcnetworks.app=bmc-hub"
- "com.bmcnetworks.version=${RELEASE_VERSION:-latest}" - "com.bmcnetworks.version=${RELEASE_VERSION:-latest}"
- "com.bmcnetworks.environment=production"
networks: networks:
bmc-hub-network: bmc-hub-network:

128
scripts/deploy_production.sh Normal file
View File

@ -0,0 +1,128 @@
#!/bin/bash
# BMC Hub - Production Deployment Script
# Dette script automatiserer download af nødvendige filer fra Gitea
set -e # Exit on error
# Farver til output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
# Check om .env eksisterer
if [ ! -f .env ]; then
echo -e "${RED}❌ Fejl: .env fil ikke fundet${NC}"
echo "Kopier .env.example til .env og udfyld med dine værdier:"
echo " cp .env.example .env"
echo " nano .env"
exit 1
fi
# Load environment variables
source .env
# Verificer påkrævede variables
if [ -z "$GITHUB_TOKEN" ] || [ "$GITHUB_TOKEN" == "your_gitea_token_here" ]; then
echo -e "${RED}❌ Fejl: GITHUB_TOKEN ikke sat i .env${NC}"
echo "Opret en Personal Access Token på:"
echo " https://g.bmcnetworks.dk/user/settings/applications"
exit 1
fi
if [ -z "$RELEASE_VERSION" ]; then
echo -e "${RED}❌ Fejl: RELEASE_VERSION ikke sat i .env${NC}"
exit 1
fi
GITEA_BASE="https://g.bmcnetworks.dk"
REPO="${GITHUB_REPO:-ct/bmc_hub}"
VERSION="${RELEASE_VERSION}"
echo -e "${GREEN}🚀 BMC Hub Production Deployment${NC}"
echo -e "Repository: ${REPO}"
echo -e "Version: ${VERSION}"
echo ""
# Download function
download_file() {
local file=$1
local output=${2:-$file}
echo -e "${YELLOW}⬇️ Downloader: ${file}${NC}"
if curl -f -H "Authorization: token ${GITHUB_TOKEN}" \
"${GITEA_BASE}/api/v1/repos/${REPO}/raw/${file}?ref=${VERSION}" \
-o "${output}" 2>/dev/null; then
echo -e "${GREEN}✅ Success: ${output}${NC}"
return 0
else
echo -e "${RED}❌ Fejl ved download af ${file}${NC}"
return 1
fi
}
# Opret directories
echo -e "${YELLOW}📁 Opretter directories...${NC}"
mkdir -p migrations logs uploads data/invoice_templates
# Download core files
echo -e "\n${YELLOW}📥 Downloader core filer...${NC}"
download_file "docker-compose.prod.yml" "docker-compose.yml"
download_file "Dockerfile"
download_file "requirements.txt"
# Download migrations
echo -e "\n${YELLOW}📥 Downloader migrations...${NC}"
# Liste over alle migrations (i rækkefølge)
MIGRATIONS=(
"init.sql"
"002_auth_system.sql"
"003_extend_customers.sql"
"004_contacts_relationships.sql"
"005_vendors.sql"
"006_settings.sql"
"007_dev_portal.sql"
"008_credit_notes.sql"
"008_supplier_invoices.sql"
"009_document_extraction.sql"
"010_supplier_invoice_templates.sql"
"011_extraction_lines_context.sql"
"011_quick_analysis.sql"
"012_own_invoice_filter.sql"
"012_template_default_category.sql"
"013_email_system.sql"
"013_timetracking_module.sql"
"014_add_contact_user_company.sql"
"014_economic_customer_number.sql"
"014_email_workflows.sql"
"015_bmc_office_subscriptions.sql"
"023_subscriptions_lock.sql"
"024_backup_system.sql"
"025_ticket_module.sql"
"026_ticket_enhancements.sql"
"026_ticket_permissions.sql"
"027_customer_notes.sql"
"027_tag_system.sql"
"028_auto_link_tmodule_customers.sql"
"029_ticket_contacts.sql"
"030_ticket_contacts_flexible_roles.sql"
"050_email_activity_log.sql"
)
for migration in "${MIGRATIONS[@]}"; do
download_file "migrations/${migration}" "migrations/${migration}" || echo -e "${YELLOW}⚠️ Kunne ikke downloade ${migration} (måske findes den ikke i denne version)${NC}"
done
echo -e "\n${GREEN}✅ Download komplet!${NC}"
echo ""
echo -e "${YELLOW}Næste trin:${NC}"
echo "1. Verificer .env filen er korrekt udfyldt"
echo "2. Start services:"
echo -e " ${GREEN}podman-compose up -d --build${NC}"
echo "3. Check logs:"
echo -e " ${GREEN}podman-compose logs -f${NC}"
echo "4. Test health endpoint:"
echo -e " ${GREEN}curl http://localhost:8000/health${NC}"
echo ""