IntelSight/v2-Docker
3
0
Fork 0
Code Issues Pull-Requests Actions Pakete Projekte Releases Wiki Aktivität
Files
main
v2-Docker/PRODUCTION_DEPLOYMENT.md
Claude Project Manager 0d7d888502 Initial commit
2025-07-05 17:51:16 +02:00

2.8 KiB
Originalformat Permalink Blame Verlauf

Production Deployment Guide for intelsight.de

Pre-Deployment Checklist

1. Generate Secure Secrets

python3 generate-secrets.py

Save the output securely - you'll need these passwords!

Note: The admin panel users (rac00n and w@rh@mm3r) keep their existing passwords as configured in the .env file.

2. Configure Environment Files

v2/.env

  1. Copy the template: 
    cp v2/.env.production.template v2/.env
  2. Replace all CHANGE_THIS_ placeholders with generated secrets
  3. Ensure PRODUCTION=true is set

v2_lizenzserver/.env

  1. Copy the template: 
    cp v2_lizenzserver/.env.production.template v2_lizenzserver/.env
  2. Use the same database password as in v2/.env
  3. Set a unique SECRET_KEY from generate-secrets.py

3. SSL Certificates

# Copy your SSL certificates
cp /SSL/fullchain.pem v2_nginx/ssl/
cp /SSL/privkey.pem v2_nginx/ssl/
chmod 644 v2_nginx/ssl/fullchain.pem
chmod 600 v2_nginx/ssl/privkey.pem

# Generate dhparam.pem (this takes a few minutes)
openssl dhparam -out v2_nginx/ssl/dhparam.pem 2048

4. Verify Configuration

./verify-deployment.sh

Deployment on Hetzner Server

1. Update Deploy Script

On your Hetzner server:

nano /root/deploy.sh

Replace YOUR_GITHUB_TOKEN with your actual GitHub token.

2. Run Deployment

cd /root
./deploy.sh

3. Start Services

cd /opt/v2-Docker/v2
docker compose up -d

4. Check Status

docker compose ps
docker compose logs -f

Post-Deployment

1. Create Admin Panel API Key

  1. Access https://admin-panel-undso.intelsight.de
  2. Login with your admin credentials
  3. Go to "Lizenzserver Administration"
  4. Generate a new API key for production use

2. Test Endpoints

3. Monitor Logs

docker compose logs -f admin-panel
docker compose logs -f license-server

Security Notes

  1. Never commit .env files with real passwords to git
  2. Backup your passwords securely
  3. Rotate API keys regularly
  4. Monitor access logs for suspicious activity
  5. Keep SSL certificates up to date (expires every 90 days)

Troubleshooting

Services won't start

docker compose down
docker compose up -d
docker compose logs

Database connection issues

  • Verify POSTGRES_PASSWORD matches in both .env files
  • Check if postgres container is running: docker compose ps db

SSL issues

  • Ensure certificates are in v2_nginx/ssl/
  • Check nginx logs: docker compose logs nginx-proxy

Cannot access website

  • Verify DNS points to your server IP
  • Check if ports 80/443 are open: ss -tlnp | grep -E '(:80|:443)'
  • Check nginx is running: docker compose ps nginx-proxy