Issue #143 make app nixpacks/coolify compatible

- add ops doc
- fix pnpm workspace and shebang
- fix startup without ./env

Author: boly38

.github/CONTRIBUTING.md

@@ -45,20 +45,36 @@ cp ./env/.env.template ./env/.env.development
 
 Execute the application
 ```bash
-pnpm startDev
+pnpm dev
 ```
 or (production mode)
 ```bash
 pnpm start
 ```
 
+
+## About nixpacks packaging
+
+This app is a Node.js ESM simple application.
+
+- compatible with [nixpacks](https://nixpacks.com/docs/getting-started)
+
+### nixpacks build
+cf. [OPS_app](../doc/OPS_app.md)
+
+
 ## PullRequests additional information
 Activated bot:
 - [houndci](https://houndci.com/)
 
 
 # Maintainer HowTos
 
+## HowTo operate bot hosting
+- for now, botEnSky is manually deployed via www.render.com free plan in state. There is just ENV to setup.
+- there is a plan to move on a dedicated VM (#142), and a draft version of [OPS](../doc/OPS.md) guide exist.
+
+
 ## HowTo create a fresh version
 - use patch or minor or major workflow
 

bin/commonEnv.js

@@ -1,5 +1,15 @@
 import dotEnvFlow from 'dotenv-flow';
+import fs from 'fs';
+
+//~ project init of environment
 export const initEnv = () => {
-    //~ project init of environment
-    dotEnvFlow.config({ path: './env/' });
-}
+    if (!fs.existsSync('./env/.env.development') && !fs.existsSync('./env/.env.production')) {
+        console.log('🔌 Environment must be configured inline');
+    } else {
+        dotEnvFlow.config({ path: './env/' });
+    }
+    if (!process.env.BLUESKY_USERNAME) {
+        console.error('❌ BLUESKY_USERNAME environment variable is required');
+        process.exit(1);
+    }
+}

bin/start.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+if [ -z "$NODE_ENV" ]; then
+  echo "Error: NODE_ENV environment variable is not set"
+  exit 1
+fi
+exec node --unhandled-rejections=strict ./bin/www

bin/startDev.sh

@@ -1,3 +1,3 @@
-#!/bin/bash
+#!/usr/bin/env bash
 . ./env/.env.bash.development
 exec node ./bin/www

bin/startServer.sh

@@ -1,3 +1,3 @@
-#!/bin/bash
+#!/usr/bin/env bash
 .  ./env/.env.bash.production
 exec node --unhandled-rejections=strict ./bin/www

doc/OPS.md

@@ -0,0 +1,97 @@
+[< botEnSky](../README.md)
+
+# Operator guide - OPS guide --- DRAFT VERSION
+
+BotEnSky application is currently deployed on render.com free plan without special requirements out of setting environment.
+This page don't talk about render.com as there is nothing to add to official doc.
+
+BotEnSky application planB (#142) is to deploy it on a private VM having special requirements : ex. #143 Coolify PaaS
+
+💁 NOTE: this is a DRAFT VERSION, as for now only local test has been done
+
+This page describe VM requirements + Coolify PaaS installation.
+
+For BotEnSky applications install, cf. [OPS_app](./OPS_app.md)
+
+## Requirements
+
+### A Secure Linux Virtual machine (VM)
+- Example : OVH dedicated VM ([VPS help doc](https://help.ovhcloud.com/csm/fr-vps-getting-started?id=kb_article_view&sysparm_article=KB0047736))
+- you could use your own VM, or VM provider to instantiate a new Linux VM.
+- you must have an ssh access to the VM.
+
+### Ssh notice
+
+- configure VM ssh service, and keep pk in a secure place,
+- refuse ssh root login with password (mandatory),
+- add an ssh script `/etc/ssh/scripts/sshnotify.sh` that will notify ssh connexions to your favorite tchat app channel.
+
+TODO: add more details on this
+
+### Fail2Ban service is recommended
+- add [fail2ban](https://github.com/fail2ban/fail2ban) : a project that monitor and ban IP of ssh attempts too many failures
+````
+systemctl start/enable/stop fail2ban
+````
+
+To see banned ip :
+```
+sudo fail2ban-client status
+sudo fail2ban-client status sshd
+```
+
+### Coolify 
+💁 NOTE: this is a DRAFT VERSION, for now only local QA using WSL2 has been done.
+
+#### Coolify install
+- Follow [Coolify installation guide](https://coolify.io/docs/installation)
+- On issue, you could rely on [manual as fallback](https://coolify.io/docs/get-started/installation#manual-installation)
+- ✔️ at the end, you have docker installed on your VM, and coolify visible from your browser.
+- ➕👤 create a Coolify administrator account with a secure password.
+
+
+### Coolify - TIPS
+#### Coolify Start
+```bash
+sudo su -
+cd /data/coolify
+docker compose \
+  --env-file /data/coolify/source/.env \
+  -f /data/coolify/source/docker-compose.yml \
+  -f /data/coolify/source/docker-compose.prod.yml \
+  up -d --pull always --remove-orphans --force-recreate
+````
+
+go to http://youserver:8000
+
+#### Coolify Stop
+```bash
+docker compose \
+  --env-file /data/coolify/source/.env \
+  -f /data/coolify/source/docker-compose.yml \
+  -f /data/coolify/source/docker-compose.prod.yml down
+```
+
+#### Coolify Recover admin account
+
+💁 TIP: I dont remember the email used by account creation
+
+```bash
+docker exec -it coolify-db psql -U coolify
+````
+
+Then in Postgres console :
+
+````sql
+\c coolify
+SELECT email FROM users;
+````
+
+💁 TIP: I want to reset admin account creation (not tested)
+
+```bash
+docker exec -it coolify bash
+php artisan coolify:reset-password
+```
+
+TIP: save it in a safe place (like Keepass)

doc/OPS_app.md

@@ -0,0 +1,43 @@
+[< OPS](./OPS.md)
+
+## BotEnSky Application deployment --- DRAFT VERSION
+
+Coolify is used to deploy app.
+
+The app need to be nixpacks compatible to be deployed.
+
+### HowTo verify nixpacks compatibility
+
+````bash
+# NB: this works under WSL2
+# git clone and cd botensky/
+# cat ./nixpacks.toml
+nixpacks build . --name botensky-app
+````
+
+### run
+Once nixpacks build is done, you could start app container.
+
+````bash
+docker run -it -p 5000:5000 botensky-app
+````
+
+
+
+### HowTo deploy botEnSky on Coolify
+
+- once Coolify is installed, 
+- `Servers` : check you have a server installed with ssh access (ie. start ssh server if needed) 
+- `Projects > +add` : add and name a new project ex. Name `boly38/bot-en-sky:localQA` - Description `this is my bot`
+- You could name your environment ex. replace `Production` by `wsl2`
+- `Dashboard > boly38/bot-en-sky:localQA > +Add resource` :
+- choose `Public repository`, 
+- if needed to validate the server to use
+- Repository URL: `https://github.com/boly38/botEnSky` | Build Pack : `Nixpacks` | Base dir : `/` | Port `5000` | uncheck static site + `Continue`
+- `General` > adapt name suffix ex `boly38/bot-en-sky:nixpacks/coolify-withWsl2` | Port mapping `5000:5000` (or your need)
+- `Environment` > Paste in developper mode your env variables list
++ `Save` + `Deploy` et voilà 🚀
+
+TIP: show debug log to see the very first deployment in details. Coolify is very friendly.
+
+TIP: to test using local WSL2, you could map 127.0.0.1 to a given name ex `coolify.local` and set `General > Domains` with `http://coolify.local/`. In that context, your app is visible from http://coolify.local:5000/

nixpacks.toml

@@ -0,0 +1,22 @@
+# nixpacks.toml for botEnSky
+# This configuration allows using the same file in both production and development
+# environments, controlled by the NODE_ENV variable.
+[phases.setup]
+nixPkgs = ["nodejs_23", "pnpm"]
+
+[phases.install]
+cmds = [
+    # In production:
+    #   > pnpm install --prod --frozen-lockfile --ignore-workspace-root-check
+    #   Install only runtime dependencies
+    # In development:
+    #   > pnpm install
+    #   Install all dependencies, including devDependencies
+    "if [ \"$NODE_ENV\" = \"production\" ]; then pnpm install --prod --frozen-lockfile; else pnpm install; fi"
+]
+
+[phases.build]
+cmds = []  # No build step required for this project
+
+[start]
+cmd = "bash ./bin/start.sh"

package.json

@@ -4,7 +4,7 @@
   "description": "BlueSky botEnSky - a bot account that reply to bluesky post with Pla@ntNet identification",
   "scripts": {
     "audit": "npm audit&&npm outdated --depth=3",
-    "startDev": "bash ./bin/startDev.sh",
+    "dev": "bash ./bin/startDev.sh",
     "start": "bash ./bin/startServer.sh",
     "setupDev": "npm install -g jshint",
     "lint": "eslint .",
@@ -81,5 +81,5 @@
   "notes": {
     "chai-http": "with last version 5.0.0 : 20 tst issue 'chai.request is not a function'"
   },
-  "packageManager": "pnpm@10.15.0+sha512.486ebc259d3e999a4e8691ce03b5cac4a71cbeca39372a9b762cb500cfdf0873e2cb16abe3d951b1ee2cf012503f027b98b6584e4df22524e0c7450d9ec7aa7b"
+  "packageManager": "pnpm@10.18.0+sha512.e804f889f1cecc40d572db084eec3e4881739f8dec69c0ff10d2d1beff9a4e309383ba27b5b750059d7f4c149535b6cd0d2cb1ed3aeb739239a4284a68f40cfa"
 }

pnpm-workspace.yaml

@@ -1,3 +1,6 @@
+packages:
+  - .
+
 onlyBuiltDependencies:
   - bufferutil
   - msw