update README.md

ShaunDyson-leetcode · ShaunDyson-leetcode · commit d2f5504cf7e1 · 2024-11-12T20:29:04.000Z
diff --git a/docker/.env.development b/docker/.env.development
@@ -0,0 +1,83 @@
+############
+# Secret
+############
+
+# stack
+STACK_SERVER_SECRET=u8WXA6g18tS2pGy8LKECYel5wlZAqgIo9Gxq67W1PF4
+NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY=this-publishable-client-key-is-for-local-development-only
+STACK_SECRET_SERVER_KEY=this-secret-server-key-is-for-local-development-only
+STACK_SUPER_SECRET_ADMIN_KEY=this-secret-admin-key-is-for-local-development-only
+
+# db
+POSTGRES_STACKFRAME_PASSWORD=this-db-password-is-for-local-development-only
+
+# svix
+POSTGRES_SVIX_PASSWORD=this-svix-password-is-for-local-development-only
+SVIX_JWT_SECRET=x6HeHo0IZGmTigbwq4AiCWb--wtTb9PxLiE8Kuj8RxU
+STACK_SVIX_API_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2NTUxNDA2MzksImV4cCI6MTk3MDUwMDYzOSwibmJmIjoxNjU1MTQwNjM5LCJpc3MiOiJzdml4LXNlcnZlciIsInN1YiI6Im9yZ18yM3JiOFlkR3FNVDBxSXpwZ0d3ZFhmSGlyTXUifQ.VCP8uc2wqIQfMZfalNykRd1xNVyKKKEZFGnatwvwO7M
+
+############
+# Config
+############
+
+POSTGRES_DELAY_MS=0
+# This is needed for local development to allow self-signed certificates
+NODE_TLS_REJECT_UNAUTHORIZED=0
+
+############
+# Stack Dashboard
+############
+
+NEXT_PUBLIC_STACK_URL=https://api.stack-auth.internal
+NEXT_PUBLIC_STACK_PROJECT_ID=internal
+NEXT_PUBLIC_STACK_SVIX_SERVER_URL=https://svix-api.stack-auth.internal
+STACK_ACCESS_TOKEN_EXPIRATION_TIME=
+NEXT_PUBLIC_STACK_HEAD_TAGS=[{ "tagName": "script", "attributes": {}, "innerHTML": "// insert head tags here" }]
+
+############
+# Sentry
+############
+
+NEXT_PUBLIC_SENTRY_DSN=
+NEXT_PUBLIC_SENTRY_ORG=
+NEXT_PUBLIC_SENTRY_PROJECT=
+SENTRY_AUTH_TOKEN=
+
+############
+# Auth
+############
+
+# OAuth mock provider settings
+STACK_OAUTH_MOCK_URL=
+
+# OAuth shared keys
+# Can be set to MOCK to use mock OAuth providers
+STACK_GITHUB_CLIENT_ID=
+STACK_GITHUB_CLIENT_SECRET=
+STACK_GOOGLE_CLIENT_ID=
+STACK_GOOGLE_CLIENT_SECRET=
+STACK_MICROSOFT_CLIENT_ID=
+STACK_MICROSOFT_CLIENT_SECRET=
+STACK_SPOTIFY_CLIENT_ID=
+STACK_SPOTIFY_CLIENT_SECRET=
+
+# Email
+# For local development, you can spin up a local SMTP server like inbucket
+STACK_EMAIL_HOST=
+STACK_EMAIL_PORT=
+STACK_EMAIL_SECURE=
+STACK_EMAIL_USERNAME=
+STACK_EMAIL_PASSWORD=
+STACK_EMAIL_SENDER=
+
+# Misc, optional
+STACK_ACCESS_TOKEN_EXPIRATION_TIME=
+STACK_SETUP_ADMIN_GITHUB_ID=
+OTEL_EXPORTER_OTLP_ENDPOINT=
+
+############
+# Database - You can change these to any PostgreSQL database that has logical replication enabled.
+############
+
+STACK_DATABASE_CONNECTION_STRING=postgres://postgres:${POSTGRES_STACKFRAME_PASSWORD}@127.0.0.1:8111/stackframe
+STACK_DIRECT_DATABASE_CONNECTION_STRING=postgres://postgres:${POSTGRES_STACKFRAME_PASSWORD}@127.0.0.1:8111/stackframe
diff --git a/docker/README.md b/docker/README.md
@@ -1,159 +1,95 @@
-You need three folders:
-
-0. server for setup - generate your token and seed the data
-   - `docker/stack-auth-setup`
-      ```sh
-      git clone https://github.com/ShaunDyson-leetcode/stack.git
-      ```
-
-1. server for builder - build your own token
-   - `docker/stack-auth-builder`
-      ```sh
-      git clone https://github.com/ShaunDyson-leetcode/stack.git
-      ```
-2. server for services - run your docker
-   - `docker/stack-auth-services`
-      ```sh
-      wget https://github.com/ShaunDyson-leetcode/stack/archive/refs/heads/dev.zip -O repo.zip
-      unzip repo.zip "stack-dev/docker/stack-auth-services/*" -d stack-auth-services
-      mv stack-auth-services/stack-dev/docker/stack-auth-services/* stack-auth-services
-      rm -rvf stack-auth-services/stack-dev
-      rm repo.zip
-      ```
-
-### Setup
-
-Go to folder `docker/stack-auth-setup`
-
-0. **Pre-install**
-   ```sh
-   cd docker/stack-auth-setup
-   pnpm i --ignore-workspace
-   ```
-1. **Update Environment Variables**
-   - Navigate to `docker/setup` and update the `.env` file:
+### Stack Auth Setup Guide
+
+This guide provides step-by-step instructions to set up the `stack-auth` environment using Docker. Follow each step carefully to ensure proper configuration and smooth execution.
+
+---
+
+### 1. **Create `.env` File**
+   - Copy the development environment file:
      ```sh
      cp .env.development .env
      ```
-2. **Create Tokens**
-   - Run the key generation script:
-     ```sh
-     pnpm tsx scripts/generateKeys.ts
-     ```
-   - Copy them to `.env` under the `generated by generateKeys.ts` section.
-3. **Configure Hosts**
-   - Set up Sentry variables according to [Sentry's documentation](https://docs.sentry.io/platforms/javascript/guides/nextjs/manual-setup):
-     ```env
-     NEXT_PUBLIC_SENTRY_DSN=
-     NEXT_PUBLIC_SENTRY_ORG=
-     NEXT_PUBLIC_SENTRY_PROJECT=
-     SENTRY_AUTH_TOKEN=
-     ```
-   - The following environment variables are not necessary to update:
-     ```env
-     NEXT_PUBLIC_STACK_URL=https://api.stack-auth.internal
-     NEXT_PUBLIC_STACK_SVIX_SERVER_URL=https://svix-api.stack-auth.internal
-     NEXT_PUBLIC_STACK_HEAD_TAGS=[{ "tagName": "script", "attributes": {}, "innerHTML": "// insert head tags here" }]
-
-     # db connection
-     STACK_DATABASE_CONNECTION_STRING=postgres://postgres:${POSTGRES_STACKFRAME_PASSWORD}@127.0.0.1:5432/stackframe 
-     STACK_DIRECT_DATABASE_CONNECTION_STRING=postgres://postgres:${POSTGRES_STACKFRAME_PASSWORD}@127.0.0.1:5432/stackframe
-     ```
-   - Setup db connection (Optional if you use our docker server setup)
-      - It will be used to deploy prisma data.
-4. **Generate Builder Environment file**
-   - Run the builder environment generation script:
-     ```sh
-     pnpm dotenv -c -- tsx scripts/generateBuilderEnv.ts
-     ```
-   - Copy this to the builder server.
-
-5. **Prepare Services Environment Files**
-   - Populate `.env` in `docker/services` with required values from `setup/.env`:
-     - `POSTGRES_STACKFRAME_PASSWORD`
-     - `POSTGRES_SVIX_PASSWORD`
-     - `SVIX_JWT_SECRET`
-   - Copy the `.env.dashboard` configuration:
-     ```sh
-     pnpm dotenv -c -- tsx scripts/generateDashboardEnv.ts
-     ```
-      - Uncomment `DEPTH_ZERO_SELF_SIGNED_CERT` if self-trust SSL is needed.
-   - Copy the `.env.backend` configuration:
-      - Include necessary secrets like `STACK_SERVER_SECRET` and `STACK_SVIX_API_KEY`.
-      - Generate the `STACK_SVIX_API_KEY`:
-      ```sh
-      docker compose up svix-server -d
-      docker exec -it <container_id> sh
-      svix-server jwt generate
-      ```
-   - **Configure Sentry Variables**
-      Copy Sentry-related variables into `.env.sentry` from `setup/.env`.
-6. **Initialize Data**
-   - After starting services:
-   - Update db IP for your services server.
-   - If deploying and building on the same server, run initialization:
+   - **Note**: After copying, open the new `.env` file and adjust environment variables as needed.
+
+---
+
+### 2. **Build Docker Images**
+   - Build Docker images. If you change any `NEXT_JS_*` environment variables in `.env`, rebuild the images for those changes to take effect:
      ```sh
-     cd docker/stack-auth-setup
-     cp -r ../../apps/backend/prisma/ .
-     pnpm prisma generate
-     pnpm prisma migrate deploy
-     pnpm dotenv -c -- tsx scripts/seed.ts
+     docker compose -f docker-compose.builder.yaml build
      ```
-   - Use `pnpm prisma studio` to update `ProjectUser`, adding `"internal"` to `managedProjectIds`.
-
-7. **Network**
-   - Add `https://stack-auth.internal`, `svix-api.stack-auth.internal`, `api.stack-auth.internal` to your DNS hosts.
-   - Expose ports:
-      - 443
-      - 8111 (Optional: database)
-
-8. **User Signup**
-   - Access `https://stack-auth.internal` and complete the signup process.
-   - Ignore whitelist warnings on first-time signup and proceed to sign in.
-
-9. **Set Domains and Handlers**
-   - In the Admin project:
-     - Disable localhost.
-     - Add `https://stack-auth.internal` to domains.
-     - Set user to "verified" for OTP.
-
-### Build
-Go to the builder server.
-
-**Build Docker Images**
-- Navigate to `docker/builder` and build:
-   ```sh
-   docker compose build
-   ```
-
-### Start Services 
-
-0. **SSL Certificates**
-   - Place SSL files in the `certs` directory.
-   ```sh
-   openssl genrsa -out stack-auth.key 2048
-   openssl req -new -key stack-auth.key -out stack-auth.csr
-   openssl x509 -req -days 365 -in stack-auth.csr -signkey stack-auth.key -out stack-auth.crt
-   ```
-
-1. **Start Docker Services**
-   - Pull `stack-auth/dashboard` and `stack-auth/backend`.
-   - Start services in detached mode:
+
+---
+
+### 3. **Setup Service**
+   - **Download Config Files**:
+     - Fetch the latest config files and organize them into the required directories:
+       ```sh
+       wget https://github.com/ShaunDyson-leetcode/stack/archive/refs/heads/dev.zip -O repo.zip
+       unzip repo.zip "stack-dev/docker/*" -d stack-auth
+       mv stack-auth/stack-dev/docker stack-auth/
+       rm -rf stack-auth/stack-dev repo.zip
+       ```
+
+---
+
+### 4. **Network and DNS Setup**
+   - **DNS Entries**:
+     - Add the following entries to your system’s `/etc/hosts` file (or DNS management system):
+       - `stack-auth.internal`
+       - `svix-api.stack-auth.internal`
+       - `api.stack-auth.internal`
+   - **Port Exposure**:
+     - Ensure the following ports are accessible:
+       - **443**: Main service
+       - **8111**: Optional (database)
+     - **Firewall**: If you are on a network with firewall restrictions, ensure these ports are open.
+   - **Self-Signed SSL Certificates**:
+     - Place SSL files in the `volumes/nginx/certs` directory.
+     - If you need to create self-signed certificates, use:
+       ```sh
+       openssl genrsa -out stack-auth.key 2048
+       openssl req -new -key stack-auth.key -out stack-auth.csr
+       openssl x509 -req -days 365 -in stack-auth.csr -signkey stack-auth.key -out stack-auth.crt
+       ```
+     - **Note**: This is optional for development but recommended for production. Uncomment `DEPTH_ZERO_SELF_SIGNED_CERT` in `.env` if using self-signed certificates.
+
+---
+
+### 5. **Start Services**
+   - Start Docker services in detached mode:
      ```sh
      docker compose up -d
      ```
+   - **Verification**: Run `docker ps` to confirm that all services started successfully.
+   - **Troubleshooting**: Common errors at this step may include port conflicts or permission issues. Check Docker logs if services fail to start.
+
+   - **Access Services**:
+     - Open the following URLs in your browser:
+       - `https://svix-api.stack-auth.internal`
+       - `https://api.stack-auth.internal`
+       - `https://stack-auth.internal`
+     - **Browser Compatibility**: Certain browsers may show a warning for self-signed certificates; proceed past these warnings to access the sites.
+
+---
+
+### 6. **User Signup**
+   - Access `https://stack-auth.internal` to complete the signup process.
+   - **Note**: Ignore any whitelist warnings on your first login; these warnings will not affect your signup process.
 
-### Questions!
+---
 
-1. Self-host and self-signed cert
+### 7. **Set Domains and Handlers**
+   - Access the Admin project (refer to the project documentation if unsure how to access this).
+   - Update settings as follows:
+     - **Disable**: `localhost` domain for security.
+     - **Add**: `https://stack-auth.internal` to the allowed domains.
+     - **Set User Verification**: Set the user to "verified" for OTP.
 
-- Dashboard `DEPTH_ZERO_SELF_SIGNED_CERT`
-- Browser visit:
-   - `https://stack-auth.internal`
-   - `svix-api.stack-auth.internal`
-   - `api.stack-auth.internal`
+---
 
+## **Development**
 
-``` sh
-pnpm prisma migrate diff   --from-empty   --to-schema-datamodel ../../apps/backend/prisma/schema.prisma   --script > ../stack-auth-services/volumes/db/stack-auth-init.sql
+```sh
+pnpm prisma migrate diff --from-empty --to-schema-datamodel ../../apps/backend/prisma/schema.prisma --script > ../stack-auth-services/volumes/db/stack-auth-init.sql
 ```
diff --git a/docker/docker-compose.builder.yaml b/docker/docker-compose.builder.yaml
@@ -3,9 +3,9 @@ services:
   stack-auth-dashboard:
     image: stack-auth/dashboard
     build:
-      context: ../..
+      context: ../
       target: dashboard
-      dockerfile: ./docker/stack-auth-builder/Dockerfile
+      dockerfile: ./docker/Dockerfile
       args:  # Pass all necessary variables for build
         NEXT_PUBLIC_STACK_URL: ${NEXT_PUBLIC_STACK_URL}
         NEXT_PUBLIC_STACK_PROJECT_ID: ${NEXT_PUBLIC_STACK_PROJECT_ID}
@@ -20,9 +20,9 @@ services:
   stack-auth-backend:
     image: stack-auth/backend
     build:
-      context: ../..
+      context: ../
       target: backend
-      dockerfile: ./docker/stack-auth-builder/Dockerfile
+      dockerfile: ./docker/Dockerfile
       args:  # Pass all necessary variables for build
         NEXT_PUBLIC_SENTRY_DSN: ${NEXT_PUBLIC_SENTRY_DSN}
         NEXT_PUBLIC_SENTRY_ORG: ${NEXT_PUBLIC_SENTRY_ORG}
