doc: update document

ShaunDyson-leetcode · ShaunDyson-leetcode · commit 0d05673a1893 · 2024-11-09T19:42:41.000Z
diff --git a/docker/README.md b/docker/README.md
@@ -1,105 +1,106 @@
-### Docker - Build at Building Server
-
+You need three folders:
+
+0. server for setup - generate your token and seed the data
+   - `docker/stack-auth-setup`
+      ```sh
+      git clone https://github.com/ShaunDyson-leetcode/stack.git
+      ```
+
+1. server for builder - build your own token
+   - `docker/stack-auth-builder`
+      ```sh
+      git clone https://github.com/ShaunDyson-leetcode/stack.git
+      ```
+2. server for services - run your docker
+   - `docker/stack-auth-services`
+      ```sh
+      wget https://github.com/ShaunDyson-leetcode/stack/archive/refs/heads/dev.zip -O repo.zip && unzip -j repo.zip "stack-dev/docker/stack-auth-services/*" -d stack-auth-services && rm repo.zip
+      ```
+
+### Setup
+
+Go to folder `docker/stack-auth-setup`
+
+0. **Pre-install**
+   ```sh
+   cd docker/stack-auth-setup
+   pnpm i --ignore-workspace
+   ```
 1. **Update Environment Variables**
    - Navigate to `docker/setup` and update the `.env` file:
      ```sh
-     cd docker/setup
      cp .env.development .env
-     cd ../..
      ```
-
 2. **Create Tokens**
-   - Install dependencies and run the key generation script:
+   - Run the key generation script:
      ```sh
-     cd docker/setup
-     pnpm i --ignore-workspace
      pnpm tsx scripts/generateKeys.ts
-     cd ../..
      ```
-
+   - Copy them to `.env` under the `generated by generateKeys.ts` section.
 3. **Configure Hosts**
-   - Set the following environment variables:
-     ```env
-     NEXT_PUBLIC_STACK_URL=https://api.stack-auth.internal
-     NEXT_PUBLIC_STACK_SVIX_SERVER_URL=https://svix-api.stack-auth.internal
-     NEXT_PUBLIC_STACK_HEAD_TAGS=[{ "tagName": "script", "attributes": {}, "innerHTML": "// insert head tags here" }]
-     ```
-
-4. **Sentry Integration**
    - Set up Sentry variables according to [Sentry's documentation](https://docs.sentry.io/platforms/javascript/guides/nextjs/manual-setup):
      ```env
      NEXT_PUBLIC_SENTRY_DSN=
      NEXT_PUBLIC_SENTRY_ORG=
      NEXT_PUBLIC_SENTRY_PROJECT=
      SENTRY_AUTH_TOKEN=
      ```
+   - The following environment variables are not necessary to update:
+     ```env
+     NEXT_PUBLIC_STACK_URL=https://api.stack-auth.internal
+     NEXT_PUBLIC_STACK_SVIX_SERVER_URL=https://svix-api.stack-auth.internal
+     NEXT_PUBLIC_STACK_HEAD_TAGS=[{ "tagName": "script", "attributes": {}, "innerHTML": "// insert head tags here" }]
 
-5. **Generate Builder Environment**
+     # db connection
+     STACK_DATABASE_CONNECTION_STRING=postgres://postgres:${POSTGRES_STACKFRAME_PASSWORD}@127.0.0.1:5432/stackframe 
+     STACK_DIRECT_DATABASE_CONNECTION_STRING=postgres://postgres:${POSTGRES_STACKFRAME_PASSWORD}@127.0.0.1:5432/stackframe
+     ```
+   - Setup db connection (Optional if you use our docker server setup)
+      - It will be used to deploy prisma data.
+4. **Generate Builder Environment file**
    - Run the builder environment generation script:
      ```sh
-     cd docker/setup
      pnpm dotenv -c -- tsx scripts/generateBuilderEnv.ts
-     cd ../..
-     ```
-
-6. **Build Docker Images**
-   - Navigate to `docker/builder` and build:
-     ```sh
-     cd docker/builder
-     docker compose build
-     cd ..
-     ```
-
----
-
-### Services at Deployment Server
-
-1. **Prepare Environment Files**
-   - Copy the `.env.dashboard` configuration:
-     ```sh
-     cd docker/setup
-     pnpm dotenv -c -- tsx scripts/generateDashboardEnv.ts
-     cd ../..
      ```
+   - Copy this to the builder server.
 
-2. **Configure `.env` File**
+5. **Prepare Services Environment Files**
    - Populate `.env` in `docker/services` with required values from `setup/.env`:
      - `POSTGRES_STACKFRAME_PASSWORD`
      - `POSTGRES_SVIX_PASSWORD`
      - `SVIX_JWT_SECRET`
-
-3. **Configure `.env.backend` File**
-   - Include necessary secrets like `STACK_SERVER_SECRET` and `STACK_SVIX_API_KEY`.
-   - Generate the `STACK_SVIX_API_KEY`:
-     ```sh
-     docker compose up svix-server -d
-     docker exec -it <container_id> sh
-     svix-server jwt generate
-     ```
-
-4. **Configure Sentry Variables**
-   - Copy Sentry-related variables into `.env.sentry` from `setup/.env`.
-
-5. **SSL Certificates**
-   - Place SSL files in the `certs` directory.
-
-6. **Start Docker Services**
-   - Start services in detached mode:
+   - Copy the `.env.dashboard` configuration:
      ```sh
-     cd docker/services
-     docker compose up -d
+     pnpm dotenv -c -- tsx scripts/generateDashboardEnv.ts
      ```
-
-7. **Initialize Data**
+      - Uncomment `DEPTH_ZERO_SELF_SIGNED_CERT` if self-trust SSL is needed.
+   - Copy the `.env.backend` configuration:
+      - Include necessary secrets like `STACK_SERVER_SECRET` and `STACK_SVIX_API_KEY`.
+      - Generate the `STACK_SVIX_API_KEY`:
+      ```sh
+      docker compose up svix-server -d
+      docker exec -it <container_id> sh
+      svix-server jwt generate
+      ```
+   - **Configure Sentry Variables**
+      Copy Sentry-related variables into `.env.sentry` from `setup/.env`.
+6. **Initialize Data**
+   - After starting services:
+   - Update db IP for your services server.
    - If deploying and building on the same server, run initialization:
      ```sh
-     cd docker/setup
+     cd docker/stack-auth-setup
      cp -r ../../apps/backend/prisma/ .
      pnpm prisma generate
      pnpm prisma migrate deploy
      pnpm dotenv -c -- tsx scripts/seed.ts
      ```
-   - Use `pnpm prisma studio` to update ProjectUser, adding `"internal"` to `managedProjectIds`.
+   - Use `pnpm prisma studio` to update `ProjectUser`, adding `"internal"` to `managedProjectIds`.
+
+7. **Network**
+   - Add `https://stack-auth.internal`, `svix-api.stack-auth.internal`, `api.stack-auth.internal` to your DNS hosts.
+   - Expose ports:
+      - 443
 
 8. **User Signup**
    - Access `https://stack-auth.internal` and complete the signup process.
@@ -109,4 +110,40 @@
    - In the Admin project:
      - Disable localhost.
      - Add `https://stack-auth.internal` to domains.
-     - Set user to "verified" for otp.
+     - Set user to "verified" for OTP.
+
+### Build
+Go to the builder server.
+
+**Build Docker Images**
+- Navigate to `docker/builder` and build:
+   ```sh
+   docker compose build
+   ```
+
+### Start Services 
+
+0. **SSL Certificates**
+   - Place SSL files in the `certs` directory.
+   ```sh
+   openssl genrsa -out stack-auth.key 2048
+   openssl req -new -key stack-auth.key -out stack-auth.csr
+   openssl x509 -req -days 365 -in stack-auth.csr -signkey stack-auth.key -out stack-auth.crt
+   ```
+
+1. **Start Docker Services**
+   - Pull `stack-auth/dashboard` and `stack-auth/backend`.
+   - Start services in detached mode:
+     ```sh
+     docker compose up -d
+     ```
+
+### Questions!
+
+1. Self-host and self-signed cert
+
+- Dashboard `DEPTH_ZERO_SELF_SIGNED_CERT`
+- Browser visit:
+   - `https://stack-auth.internal`
+   - `svix-api.stack-auth.internal`
+   - `api.stack-auth.internal`
