wip
This commit is contained in:
210
ENV_SETUP.md
Normal file
210
ENV_SETUP.md
Normal file
@@ -0,0 +1,210 @@
|
||||
# Environment Setup Guide
|
||||
|
||||
This guide explains how to configure environment variables for your Hetzner deployment.
|
||||
|
||||
## Quick Start
|
||||
|
||||
1. **Copy the example file:**
|
||||
```bash
|
||||
cp .env.example .env
|
||||
```
|
||||
|
||||
2. **Edit the .env file:**
|
||||
```bash
|
||||
nano .env
|
||||
```
|
||||
|
||||
3. **Fill in your values** (see below)
|
||||
|
||||
## Required Variables
|
||||
|
||||
### `DOMAIN`
|
||||
Your website domain name.
|
||||
```
|
||||
DOMAIN=mintel.me
|
||||
```
|
||||
|
||||
### `ADMIN_EMAIL`
|
||||
Email for SSL certificate notifications.
|
||||
```
|
||||
ADMIN_EMAIL=admin@mintel.me
|
||||
```
|
||||
|
||||
## Optional Variables
|
||||
|
||||
### `REDIS_URL`
|
||||
Connection string for Redis cache.
|
||||
- **Default**: `redis://redis:6379`
|
||||
- **Format**: `redis://host:port`
|
||||
- **Example**: `redis://redis:6379`
|
||||
|
||||
### `PLAUSIBLE_DOMAIN`
|
||||
Domain for Plausible analytics tracking.
|
||||
- **Default**: Same as `DOMAIN`
|
||||
- **Example**: `mintel.me`
|
||||
|
||||
### `PLAUSIBLE_SCRIPT_URL`
|
||||
URL to your Plausible analytics script.
|
||||
- **Default**: `https://plausible.yourdomain.com/js/script.js`
|
||||
- **Example**: `https://analytics.mintel.me/js/script.js`
|
||||
|
||||
## Woodpecker CI/CD Variables
|
||||
|
||||
These are only needed if using Woodpecker for automated deployment:
|
||||
|
||||
### `DEPLOY_HOST`
|
||||
Hetzner server IP address or hostname.
|
||||
```
|
||||
DEPLOY_HOST=123.45.67.89
|
||||
```
|
||||
|
||||
### `DEPLOY_USER`
|
||||
User for SSH access (usually root).
|
||||
```
|
||||
DEPLOY_USER=root
|
||||
```
|
||||
|
||||
### `SSH_PRIVATE_KEY`
|
||||
Private key for SSH authentication.
|
||||
```
|
||||
SSH_PRIVATE_KEY=-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
...
|
||||
-----END OPENSSH PRIVATE KEY-----
|
||||
```
|
||||
|
||||
**Generate SSH key if needed:**
|
||||
```bash
|
||||
ssh-keygen -t ed25519 -C "woodpecker@mintel.me"
|
||||
ssh-copy-id root@YOUR_HETZNER_IP
|
||||
```
|
||||
|
||||
### `SLACK_WEBHOOK` (Optional)
|
||||
Slack webhook for deployment notifications.
|
||||
```
|
||||
SLACK_WEBHOOK=https://hooks.slack.com/services/YOUR/WEBHOOK/URL
|
||||
```
|
||||
|
||||
## Usage Examples
|
||||
|
||||
### Local Development
|
||||
```bash
|
||||
# Create .env file
|
||||
cp .env.example .env
|
||||
|
||||
# Edit with your values
|
||||
nano .env
|
||||
|
||||
# Start services
|
||||
docker-compose up
|
||||
```
|
||||
|
||||
### Production Deployment
|
||||
```bash
|
||||
# On Hetzner server
|
||||
cd /opt/mintel
|
||||
|
||||
# Create .env file
|
||||
cat > .env << EOF
|
||||
DOMAIN=mintel.me
|
||||
ADMIN_EMAIL=admin@mintel.me
|
||||
REDIS_URL=redis://redis:6379
|
||||
PLAUSIBLE_DOMAIN=mintel.me
|
||||
PLAUSIBLE_SCRIPT_URL=https://analytics.mintel.me/js/script.js
|
||||
EOF
|
||||
|
||||
# Deploy
|
||||
./deploy.sh
|
||||
```
|
||||
|
||||
### Woodpecker CI/CD
|
||||
1. Go to your Gitea repository
|
||||
2. Navigate to Settings → Secrets
|
||||
3. Add these secrets:
|
||||
- `DEPLOY_HOST` - Your Hetzner IP
|
||||
- `DEPLOY_USER` - Usually `root`
|
||||
- `SSH_PRIVATE_KEY` - Private key content
|
||||
- `DOMAIN` - Your domain
|
||||
- `ADMIN_EMAIL` - Your email
|
||||
- (Optional) `SLACK_WEBHOOK`
|
||||
|
||||
## Security Notes
|
||||
|
||||
- **Never commit `.env` file** to git (it's in `.gitignore`)
|
||||
- **Keep SSH keys secure** and never share
|
||||
- **Use strong passwords** for all services
|
||||
- **Enable firewall** on Hetzner server
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### Variables not loading
|
||||
```bash
|
||||
# Check if .env file exists
|
||||
ls -la .env
|
||||
|
||||
# Check file permissions
|
||||
chmod 600 .env
|
||||
|
||||
# Verify variables
|
||||
cat .env
|
||||
```
|
||||
|
||||
### Docker Compose not using .env
|
||||
```bash
|
||||
# Explicitly specify env file
|
||||
docker-compose --env-file .env up
|
||||
|
||||
# Or check if it's being loaded
|
||||
docker-compose config
|
||||
```
|
||||
|
||||
### Woodpecker secrets not working
|
||||
1. Verify secret names match exactly
|
||||
2. Check repository settings
|
||||
3. Restart Woodpecker agent
|
||||
4. Check Woodpecker logs
|
||||
|
||||
## Environment-Specific Configurations
|
||||
|
||||
### Development
|
||||
```bash
|
||||
# .env
|
||||
DOMAIN=localhost:3000
|
||||
ADMIN_EMAIL=dev@localhost
|
||||
REDIS_URL=redis://localhost:6379
|
||||
```
|
||||
|
||||
### Staging
|
||||
```bash
|
||||
# .env
|
||||
DOMAIN=staging.mintel.me
|
||||
ADMIN_EMAIL=staging@mintel.me
|
||||
REDIS_URL=redis://redis:6379
|
||||
```
|
||||
|
||||
### Production
|
||||
```bash
|
||||
# .env
|
||||
DOMAIN=mintel.me
|
||||
ADMIN_EMAIL=admin@mintel.me
|
||||
REDIS_URL=redis://redis:6379
|
||||
PLAUSIBLE_DOMAIN=mintel.me
|
||||
PLAUSIBLE_SCRIPT_URL=https://analytics.mintel.me/js/script.js
|
||||
```
|
||||
|
||||
## Available Variables Reference
|
||||
|
||||
| Variable | Required | Default | Description |
|
||||
|----------|----------|---------|-------------|
|
||||
| `DOMAIN` | ✅ Yes | - | Website domain |
|
||||
| `ADMIN_EMAIL` | ✅ Yes | - | SSL contact email |
|
||||
| `REDIS_URL` | ❌ No | `redis://redis:6379` | Redis connection |
|
||||
| `PLAUSIBLE_DOMAIN` | ❌ No | Same as `DOMAIN` | Analytics domain |
|
||||
| `PLAUSIBLE_SCRIPT_URL` | ❌ No | Plausible default | Analytics script URL |
|
||||
| `DEPLOY_HOST` | CI Only | - | Hetzner server IP |
|
||||
| `DEPLOY_USER` | CI Only | `root` | SSH user |
|
||||
| `SSH_PRIVATE_KEY` | CI Only | - | SSH private key |
|
||||
| `SLACK_WEBHOOK` | ❌ No | - | Slack notifications |
|
||||
|
||||
---
|
||||
|
||||
**Next**: Run `./deploy.sh` or push to trigger CI/CD deployment!
|
||||
Reference in New Issue
Block a user