diff --git a/content/4.backend/1.deploy.md b/content/4.backend/1.deploy.md index 475bce0..ddb1fb6 100644 --- a/content/4.backend/1.deploy.md +++ b/content/4.backend/1.deploy.md @@ -12,26 +12,73 @@ For configuration, check out the [configuration reference](2.configuration.md). The postgres database will need to be populated with [migrations](0.introduction.md#migrations) if `postgres.migrateOnBoot` isn't enabled. :: -## Method 1 - Docker +## Method 1 - Docker Deployment -This method will help you set up the backend with the bare minimum configuration options. You'll most likely want to [add some more environment variables](2.configuration.md) to customize your experience more thoroughly. +This method provides a straightforward setup with minimal configuration. For more extensive customization, see the [Configuration Reference](2.configuration.md). -The command below will not work unless customized by you, change the [`MWB_POSTGRES__CONNECTION`](2.configuration.md#postgresconnection) and [`MWB_CRYPTO__SESSION_SECRET`](2.configuration.md#cryptosessionsecret) to something valid for the backend to function. +**Prerequisites** -If you're using a hosted postgres database like [Neon](https://neon.tech/){target="\_blank"}, you'll also want to enable SSL support for the backend using the [`postgres.ssl`](2.configuration.md#postgresssl) option. +* **Docker:** If you don't have Docker installed, download it from the official website: [Docker installation](https://www.docker.com/get-started) +* **Docker Compose:** Install Docker Compose following the instructions for your operating system: [Docker-Compose installation](https://docs.docker.com/compose/install/) -For other versions of the image, [check out the package page](https://github.com/movie-web/backend/pkgs/container/backend){target="\_blank"}. +**Setup** +1. **Create `docker-compose.yml`:** -```sh -docker run \ - -p 80:80 \ - -e MWB_POSTGRES__CONNECTION=postgresql://localhost:5432 \ - -e MWB_CRYPTO__SESSION_SECRET=add-your-own-secret \ - -e MWB_META__NAME=unofficial-movie-web \ - ghcr.io/movie-web/backend:latest -``` + ```yaml + version: '3.8' -After running that command, your backend [_should_](../1.self-hosting/4.troubleshooting.md) now be available on `localhost:80`. if you want to be able to connect to the backend outside of your local network (for example sharing it with your friends), then you'll need set up to port forwarding. + services: + postgres: + image: postgres + environment: + POSTGRES_USER: movie_web_user + POSTGRES_DB: movie_web_backend + POSTGRES_PASSWORD: YourPasswordHere + ports: + - "5432:5432" + networks: + - movie-web-network + + movie-web: + image: ghcr.io/movie-web/backend:latest + environment: + MWB_POSTGRES__CONNECTION: postgresql://movie_web_user:YourPasswordHere@postgres:5432/movie_web_backend + MWB_CRYPTO__SESSION_SECRET: 32CharacterLongStringHere + MWB_META__NAME: unofficial-movie-web + MWB_POSTGRES__MIGRATE_ON_BOOT: "true" + MIKRO_ORM_MIGRATIONS_DISABLE_FOREIGN_KEYS: "true" + ports: + - "80:80" + depends_on: + - postgres + networks: + - movie-web-network + + networks: + movie-web-network: + driver: bridge + ``` + + **Important:** + * Replace `YourPasswordHere` with your secure database password. + * Generate a strong session secret and replace `32CharacterLongStringHere`. +2. **Start the Backend:** Open a terminal in the directory containing `docker-compose.yml` and execute: + + ```bash + docker-compose up -d + ``` + +**Accessing Your Backend** + +Your backend should be accessible on `(YourPrivateIP):80`. To share it outside your local network, you'll need to configure port forwarding or cloudflared tunnel. + +**Optional: Implementing a Reverse Proxy** + +To enhance your SSL and domain configuration, it's advisable to establish a reverse proxy, such as Nginx. For an optimal choice in this regard, Cloudflare Zero Trust Tunnel is recommended. You can find more information [here](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/). + +- If you decide to utilize a reverse proxy, it's important to include `MWB_SERVER__CORS: "https://movie.example.com"` in your configuration. + - `MWB_SERVER__CORS` must contain a **space-separated** list of origins (Protocol + Hostname) for the client to be able to access the backend. +- Depending on your specific setup, you may also require the addition of `MWB_SERVER__TRUST_PROXY: true` and `MWB_SERVER__TRUST_CLOUDFLARE: true`. ## Method 2 - Railway (Easy)