kunthawat/consentos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity
Files
d3af80145bc90877134a7c78266c903f4503a627
consentos/EASYPANEL.md
Ami Bot 062a384444
Some checks failed
CI / Detect changes (push) Has been cancelled
Details
CI / API Lint (push) Has been cancelled
Details
CI / Admin UI Tests (push) Has been cancelled
Details
CI / Admin UI Build (push) Has been cancelled
Details
CI / API Tests (push) Has been cancelled
Details
CI / Scanner Lint (push) Has been cancelled
Details
CI / Scanner Tests (push) Has been cancelled
Details
CI / Banner Lint & Typecheck (push) Has been cancelled
Details
CI / Banner Tests (push) Has been cancelled
Details
CI / Banner Build (push) Has been cancelled
Details
CI / Admin UI Typecheck (push) Has been cancelled
Details
feat: add Easypanel deployment config 
- Dockerfile.app: single container with supervisord (API + Worker + Beat + Scanner)
- supervisord.conf: process manager for 4 services in one container
- EASYPANEL.md: step-by-step deploy guide for Easypanel
- EASYPANEL-README.md: repo structure and deploy flow overview
2026-04-20 18:37:20 +07:00

274 lines
8.2 KiB
Markdown
Raw Blame History

# Deploy ConsentOS on Easypanel
## Architecture
```
consentos (Project)
├── consentos-db ← PostgreSQL (Easypanel managed)
├── consentos-redis ← Redis (Easypanel managed)
└── consentos-app ← 1 container รันทุกอย่าง (API + Worker + Beat + Scanner)
└── 5 services ภายใน via supervisord
consentos-admin (Separate Project)
└── consentos-admin ← Admin UI (nginx, static files)
```
---
## Step 1: Clone Repo to Git
```bash
git clone https://github.com/kunthawat/consentos.git
# Push to your own Git repo (GitHub/Gitea)
# ต้องมี Dockerfile.app + supervisord.conf + apps/ ที่ root
```
> ถ้าต้องการแยก repo — ต้อง push เฉพาะ apps/ กับ Dockerfile.app + supervisord.conf + docker-compose.yml
---
## Step 2: Create Database Services
### 2.1 PostgreSQL
ใน Easypanel → สร้าง **Postgres Service**:
| Field | Value |
|-------|-------|
| Name | `consentos-db` |
| Database | `consentos` |
| User | `consentos` |
| Password | (generate strong password) |
**Copy connection details** — จะได้ใช้ใน env:
- Host: `consentos-db` (internal Docker network)
- Port: `5432`
- User: `consentos`
- Database: `consentos`
### 2.2 Redis
ใน Easypanel → สร้าง **Redis Service**:
| Field | Value |
|-------|-------|
| Name | `consentos-redis` |
| Password | (generate strong password) |
---
## Step 3: Create App Service (Backend)
ใน Easypanel → สร้าง **App Service**:
### Source
| Field | Value |
|-------|-------|
| Build Method | **Dockerfile** |
| Dockerfile Path | `Dockerfile.app` |
### Environment Variables
```env
# ── Application ───────────────────────────────────────────────────────
APP_NAME=ConsentOS
ENVIRONMENT=production
DEBUG=false
LOG_LEVEL=INFO
# ── Database (use Easypanel service names as host) ───────────────────
DATABASE_URL=postgresql+asyncpg://consentos:PASSWORD@consentos-db:5432/consentos
# ── Redis ─────────────────────────────────────────────────────────────
REDIS_URL=redis://:PASSWORD@consentos-redis:6379/0
# ── Authentication ────────────────────────────────────────────────────
# Generate with: openssl rand -base64 48
JWT_SECRET_KEY=YOUR_JWT_SECRET_HERE
PSEUDONYMISATION_SECRET=YOUR_JWT_SECRET_HERE
# ── Admin Bootstrap (runs once on first deploy) ──────────────────────
INITIAL_ADMIN_EMAIL=admin@yourdomain.com
INITIAL_ADMIN_PASSWORD=YOUR_ADMIN_PASSWORD
INITIAL_ADMIN_FULL_NAME=Admin
INITIAL_ORG_NAME=Your Company
INITIAL_ORG_SLUG=your-company
# ── CORS ───────────────────────────────────────────────────────────────
# ตั้ง domain ของ admin UI ที่จะ deploy ใน step ถัดไป
ALLOWED_ORIGINS=https://admin.yourdomain.com,https://consent.yourdomain.com
# ── Scanner (optional) ────────────────────────────────────────────────
ENABLE_SCANNER=false
CRAWLER_HEADLESS=true
CRAWLER_TIMEOUT_MS=30000
MAX_PAGES_PER_SCAN=50
# ── Performance ──────────────────────────────────────────────────────
API_WORKERS=2
```
### Mounts (Data Persistence)
| Type | mountPath |
|------|-----------|
| **Volume** | `/var/log/supervisor` |
### Ports
| Published | Target |
|-----------|--------|
| `8000` | `8000` |
### Deploy Settings
| Field | Value |
|-------|-------|
| Container Replicas | `1` |
| Shm Size | `256mb` |
---
## Step 4: Create Admin UI (Separate App)
สร้าง **อีก Project** ชื่อ `consentos-admin`:
### Source
| Field | Value |
|-------|-------|
| Build Method | **Dockerfile** |
| Dockerfile Path | `apps/admin-ui/Dockerfile` |
### Environment Variables
```env
# URL ของ API service (ใช้ service name ของ Easypanel)
VITE_API_URL=https://consent.yourdomain.com
```
### Domains
เพิ่ม domain `admin.yourdomain.com` → ใช้ SSL auto ของ Easypanel
---
## Step 5: Update CORS + Deploy
หลัง deploy admin UI ได้ domain แล้ว:
1. กลับไปที่ `consentos-app`**Environment** → แก้ `ALLOWED_ORIGINS`:
```
ALLOWED_ORIGINS=https://admin.yourdomain.com,https://consent.yourdomain.com
```
2. **Redeploy** `consentos-app`
---
## Step 6: First-Time Setup
หลัง container start ครั้งแรก → bootstrap script รันอัตโนมัติ:
- Database migrations (Alembic)
- Initial admin user creation
- Seed known cookies
**ตรวจสอบ logs:**
```
Easypanel → consentos-app → Logs
```
---
## Environment Variables Reference
### Required (ต้องกำหนดเอง)
| Variable | Example | ที่ไหนได้มา |
|----------|---------|-------------|
| `JWT_SECRET_KEY` | `openssl rand -base64 48` | Generate |
| `DATABASE_URL` | `postgresql+asyncpg://consentos:PASS@consentos-db:5432/consentos` | From Easypanel PostgreSQL |
| `REDIS_URL` | `redis://:PASS@consentos-redis:6379/0` | From Easypanel Redis |
| `INITIAL_ADMIN_EMAIL` | `admin@example.com` | กำหนดเอง |
| `INITIAL_ADMIN_PASSWORD` | `Str0ng!Pass` | กำหนดเอง |
| `ALLOWED_ORIGINS` | `https://admin.example.com` | หลัง deploy admin UI |
### Optional (มี default แล้ว)
| Variable | Default | คำอธิบาย |
|----------|---------|-----------|
| `API_WORKERS` | `2` | จำนวน uvicorn workers |
| `ENABLE_SCANNER` | `false` | เปิด scanner (ใช้ RAM เยอะ) |
| `LOG_LEVEL` | `INFO` | DEBUG สำหรับ verbose logs |
| `DEBUG` | `false` | เปิด FastAPI debug mode |
---
## Data Persistence
| Data | Storage | หายไหมตอน redeploy? |
|------|---------|---------------------|
| Database | Easypanel `consentos-db` volume | ✅ ไม่หาย |
| Redis | Easypanel `consentos-redis` volume | ✅ ไม่หาย |
| Code | Container image | ❌ Rebuild ตามปกติ |
| Logs | `/var/log/supervisor` mount | ✅ Mounted volume |
---
## Update / Redeploy
```bash
# 1. Pull code ใน Git repo
git pull
# 2. Redeploy ใน Easypanel
# consentos-app → Deploy (Redeploy button)
# consentos-admin → Deploy (Redeploy button)
```
หรือตั้ง **Auto Deploy** → Easypanel จะ deploy อัตโนมัติเมื่อ push ไปที่ Git
---
## Troubleshooting
### Bootstrap failed
```bash
# ดู logs
consentos-app → Logs
# ถ้า admin สร้างไปแล้ว → bootstrap script จะ skip
# ถ้าต้องการ reset admin:
# ไปที่ console แล้ว:
docker exec -it consentos-app python -m src.cli.bootstrap_admin
```
### CORS errors
เพิ่ม domain ใหม่เข้า `ALLOWED_ORIGINS` แล้ว redeploy
### Scanner กิน RAM เยอะ
```env
ENABLE_SCANNER=false # ปิดไปก่อน
```
### Celery worker ไม่ทำงาน
```bash
# ดู worker logs
consentos-app → Console
supervisorctl status
supervisorctl tail worker
```
---
## Memory Requirements
| Service | RAM (approximate) |
|---------|------------------|
| consentos-db | ~256-512 MB |
| consentos-redis | ~64-128 MB |
| consentos-app (API) | ~256-512 MB |
| consentos-app (Worker) | ~256-512 MB |
| consentos-app (Scanner) | ~512-1024 MB (ถ้าเปิด) |
| **Total (without scanner)** | ~576-1152 MB |
| **Total (with scanner)** | ~1088-2176 MB |
**แนะนำ:** VPS/Server อย่างน้อย **2 GB RAM** (ถ้าไม่ใช้ scanner) หรือ **4 GB** (ถ้าใช้ scanner)
Reference in New Issue View Git Blame Copy Permalink