You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Parameterize infrastructure scripts to remove all hardcoded values
(anulectra.com, towlion/platform). Bootstrap script now accepts
ACME_EMAIL, OPS_DOMAIN, and ALERT_REPO as env vars. Fix documentation
to list correct 4 required secrets (not 7). Add critical missing step
to tutorial (pre-clone app on server). Update roadmap status.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Copy file name to clipboardExpand all lines: docs/roadmap.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -93,7 +93,7 @@ Enable self-hosting through repository forks.
93
93
94
94
**Done when:** A person who has never seen the project can fork an app repo, configure 4-5 secrets, run the bootstrap script on a fresh server, push to `main`, and have a working deployment. Tested by someone other than the author.
95
95
96
-
**Status:**Model is conceptually sound but impractical without bootstrap automation.
96
+
**Status:**Infrastructure parameterized (ACME_EMAIL, OPS_DOMAIN, ALERT_REPO replace all hardcoded values). Documentation corrected (self-hosting.md, tutorial.md list correct 4 secrets, tutorial uses bootstrap script). App-template README updated with deployment secrets and self-hosting links. Awaiting external validation (tested by someone other than the author).
This creates a dedicated PostgreSQL user and MinIO bucket. Credentials are written to `/opt/platform/credentials/<app-name>.env` and automatically picked up by the deploy workflow.
123
+
124
+
### Monitoring (Optional)
125
+
126
+
If you set `OPS_DOMAIN` during bootstrap (or add it to `/opt/platform/.env`), Grafana is accessible at `https://OPS_DOMAIN`. The default admin credentials are in `/opt/platform/.env`. Configure DNS for the ops domain the same way as app domains.
Copy file name to clipboardExpand all lines: docs/tutorial.md
+37-26Lines changed: 37 additions & 26 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -51,51 +51,61 @@ You should see a shell prompt. If this works, you are ready to bootstrap.
51
51
52
52
## Step 3: Bootstrap the server
53
53
54
-
SSH into your server and install Docker:
54
+
SSH into your server as root and run the bootstrap script. This installs Docker, creates the `deploy` user, starts all platform services, and generates credentials:
You should see `Hello from Docker!` in the output.
82
-
83
-
Create the data directory structure:
99
+
Create the deploy environment file from the template:
84
100
85
101
```bash
86
-
sudo mkdir -p /data/{postgres,redis,minio,caddy}
87
-
sudo chown -R $USER:$USER /data
102
+
cp deploy/env.template deploy/.env
88
103
```
89
104
90
-
This is where persistent data lives across deployments. The directory layout:
105
+
The deploy workflow will auto-update `deploy/.env` with the correct credentials on the next push.
91
106
92
-
```
93
-
/data/
94
-
postgres/ # Database files
95
-
redis/ # Cache and queue data
96
-
minio/ # Object storage
97
-
caddy/ # TLS certificates and config
98
-
```
107
+
!!! warning
108
+
The `deploy` user needs SSH access to your GitHub repo to `git pull`. Add the deploy user's public key (`/home/deploy/.ssh/id_ed25519.pub`) as a deploy key on your GitHub repository, or use HTTPS cloning with a personal access token.
99
109
100
110
## Step 4: Configure DNS
101
111
@@ -139,9 +149,10 @@ In your forked repository on GitHub, go to **Settings > Secrets and variables >
139
149
|`SERVER_USER`|`deploy`| SSH username on the server |
140
150
|`SERVER_SSH_KEY`|*(private key contents)*| SSH private key for deployment |
141
151
|`APP_DOMAIN`|`app.example.com`| Domain pointing to your server |
> **Note:** Database and storage credentials are auto-generated by the bootstrap script on the server. You do not need to create them as GitHub secrets.
154
+
155
+
Optionally, add `PREVIEW_DOMAIN` (e.g., `example.com`) to enable preview environments for pull requests.
info "Credentials generated and written to $ENV_FILE"
193
+
194
+
if [[ "${ACME_EMAIL:-admin@localhost}"=="admin@localhost" ]];then
195
+
warn "ACME_EMAIL is admin@localhost — TLS certificates will fail. Re-run with ACME_EMAIL=you@example.com"
196
+
fi
186
197
fi
187
198
188
199
# --- Caddyfile ---
@@ -400,7 +411,7 @@ else
400
411
"gridPos": { "h": 4, "w": 24, "x": 0, "y": 20 },
401
412
"options": {
402
413
"mode": "markdown",
403
-
"content": "## Towlion Platform Overview\n\nThis dashboard shows logs from all containers on the platform.\n\n- **Log Stream**: All container logs (filter by service label)\n- **Error Rate**: Count of ERROR lines per service over 5-minute windows\n- **Container Logs by App**: Select an app from the dropdown to filter logs\n\nAlerts are managed by `check-alerts.sh` (cron every 5 min) and create GitHub Issues on the `towlion/platform` repo."
414
+
"content": "## Towlion Platform Overview\n\nThis dashboard shows logs from all containers on the platform.\n\n- **Log Stream**: All container logs (filter by service label)\n- **Error Rate**: Count of ERROR lines per service over 5-minute windows\n- **Container Logs by App**: Select an app from the dropdown to filter logs\n\nAlerts are managed by `check-alerts.sh` (cron every 5 min) and create GitHub Issues when ALERT_REPO is configured."
404
415
}
405
416
}
406
417
],
@@ -435,15 +446,17 @@ fi
435
446
OPS_CADDY="/opt/platform/caddy-apps/ops.caddy"
436
447
if [[ -f"$OPS_CADDY" ]];then
437
448
info "Grafana Caddy route already exists"
438
-
else
439
-
cat >"$OPS_CADDY"<<'EOF'
440
-
ops.anulectra.com {
449
+
elif [[ -n"${OPS_DOMAIN:-}" ]];then
450
+
cat >"$OPS_CADDY"<<EOF
451
+
${OPS_DOMAIN} {
441
452
reverse_proxy grafana:3000
442
453
}
443
454
EOF
444
455
445
456
chown deploy:deploy "$OPS_CADDY"
446
457
info "Grafana Caddy route created at $OPS_CADDY"
458
+
else
459
+
info "OPS_DOMAIN not set — skipping Grafana Caddy route (set OPS_DOMAIN to enable)"
0 commit comments