movie-web/docs
1
0
Fork 0
mirror of https://github.com/movie-web/docs.git synced 2025-09-13 10:23:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Port all documents to MDX

Browse Source
This commit is contained in:
mrjvs
2024-03-30 20:34:50 +01:00
parent c06bedc93c
commit 268014552c
30 changed files with 62 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
pages/backend/changelog.mdx Normal file
View File

@@ -0,0 +1,36 @@
---
title: 'Changelog'
---
# Version 1.3.1
- Fixed bug where "false" env variables weren't treated as false for booleans
- Added ARM support for hosted docker container
- Stopped using JSON for recaptcha verifications.
# Version 1.3.0
For this update, you will need to run migrations.
- proxy url syncing
- remove npm usage, replace with pnpm
- add postgresql ssl support
# Version 1.2.0
::alert{type="warning"}
For this update, you will need to run migrations.
::
- [Added option to trust Cloudflare IP headers for ratelimits](2.configuration.md#servertrustcloudflare)
- Removed unused table
- Optimized prometheus metrics, should make less indexes
# Version 1.1.5
- Prometheus metrics endpoint
- Account creation/deletion endpoints
- Endpoints for importing old account data
- Endpoints for syncing data
- [Ratelimit system](2.configuration.md#ratelimit)
- [Captcha system](2.configuration.md#captcha)

245
pages/backend/configuration.mdx Normal file
View File

@@ -0,0 +1,245 @@
---
title: 'Configuration'
---
# Backend Config Reference
The backend can be configured in 3 different ways:
- Make a `config.json` file in the working directory of the application (root of repository)
- Make a `.env` file in the working directory of the application (root of repository)
- Add environment variables to your system (or container)
These different config options are all mutually inclusive, so you can use multiple at the same time if you want to.
::alert{type="warning"}
With any of these configurations, you have to have atleast three variables set for the server to function:
[`postgres.connection`](#postgresconnection), [`crypto.sessionSecret`](#cryptosessionsecret) and [`meta.name`](#metaname)
::
### Method 1 - `config.json`
This method uses nesting, so the key `server.basePath` with the value of `"/backend"` will result in a file that looks like this:
```json
{
"server": {
"basePath": "/backend"
}
}
```
### Method 2 - `.env`
The environment variable names use double underscores as separators and `MWB_` as the prefix. So the key `server.basePath` will result in the .env file like this:
```sh
MWB_SERVER__BASE_PATH=/backend
```
### Method 3 - Environment
This method is identical to the `.env` method listed above, but you add the variables to the environment instead of writing it in a file.
# Reference
## Server
All configurations related to the HTTP server.
### `server.port`
- Type: `number`
- Default: `8080`
Port number that the HTTP server listens on.
### `server.cors`
- Type: `string`
- Default: `""`
- Example: `"https://movie-web.app https://testing.movie-web.app"`
Space separated list of allowed origins.
### `server.allowAnySite`
- Type: `boolean`
- Default: `false`
If set to true, it allows any origin to access the site. This overwrites the [`server.cors`](#servercors) setting.
### `server.trustProxy`
- Type: `boolean`
- Default: `false`
Controls whether the server should trust reverse proxy headers. This is used to identify users for ratelimiting.
### `server.trustCloudflare`
- Type: `boolean`
- Default: `false`
Controls whether the server should trust Cloudflare IP headers. This is used to identify users for ratelimiting.
### `server.basePath`
- Type: `string`
- Default: `"/"`
Prefix for which path is being listened on. Useful if you're hosting on `example.com/backend` for example.
::alert{type="info"}
If this is set, you shouldn't apply URL rewriting before proxying.
::
## Logging
All configurations related to how the HTTP server will log. This is not related to the [metrics](0.introduction.md#metrics) endpoint.
### `logging.format`
- Type: `string` | `"pretty"` | `"json"`
- Default: `"pretty"`
Logging format to use, should be either `pretty` or `json`, most users should probably use the default.
## Postgres
All configurations related to how postgres functions.
### `postgres.connection` ⚠
- Type: `string`
- Example: `"postgresql://localhost:5432"`
Connection URL for postgres instance, should contain the database in the URL.
::alert{type="danger"}
**Required. The backend will not start if this is not configured.**
::
### `postgres.migrateOnBoot`
- Type: `boolean`
- Default: `false`
Run all [migrations](0.introduction.md#migrations) that haven't ran yet on boot.
::alert{type="warning"}
If you have multiple replicas running, this can cause a lot of issues. We recommend only using this if you run only one replica.
::
### `postgres.debugLogging`
- Type: `boolean`
- Default: `false`
Log all postgres queries in the console. Useful for debugging issues with the database.
::alert{type="warning"}
This outputs sensitive, **DO NOT** run it in production.
::
### `postgres.ssl`
- Type: `boolean`
- Default: `false`
Enable SSL for postgres connections. Useful if you're using a hosted postgres database.
## Cryptography
All configurations related to cryptography.
### `crypto.sessionSecret` ⚠
- Type: `string`
The secret used to sign sessions. **Must be at least 32 characters long.**
::alert{type="danger"}
**Required. The backend will not start if this is not configured.**
::
## Meta
These options configure how the server will display itself to the frontend.
### `meta.name` ⚠
- Type: `string`
- Example: `"Unofficial movie-web"`
The name of the backend instance, this will be displayed to users who try to create an account.
::alert{type="danger"}
**Required. The backend will not start if this is not configured.**
::
### `meta.description`
- Type: `string`
- Default: `""`
- Example: `"This is not an official instance of movie-web"`
The description of the backend instance, this will be displayed to users who try to create an account.
## Captcha
All configurations related to adding captcha functionality. Captchas' help to protect your server from bot attacks.
### `captcha.enabled`
- Type: `boolean`
- Default: `false`
Enables [Recaptcha](https://www.google.com/recaptcha/about/) support for user registration and login. [You can follow this guide to create a Recaptcha key](https://cloud.google.com/recaptcha-enterprise/docs/create-key-website#create-key){target="\_blank"}.
::alert{type="warning"}
If this is enabled, all other captcha related settings are required.
::
### `captcha.secret`
- Type: `string`
- Default: `""`
- Example: `"sjgaJ@3djasFVx"`
[Google Recaptcha](https://www.google.com/recaptcha/about/) secret key.
### `captcha.clientKey`
- Type: `string`
- Default: `""`
- Example: `"2jf853z5bc63bvDb2323FAda"`
[Google Recaptcha](https://www.google.com/recaptcha/about/) site key.
## Ratelimits
All configuration options related to adding ratelimiting functionality. Helps to protect against bot attacks or spammy users.
::alert{type="info"}
Make sure your IP headers are properly forwarded if you're using a reverse proxy. Also see [`server.trustProxy`](#servertrustproxy).
::
### `ratelimits.enabled`
- Type: `boolean`
- Default: `false`
Enables ratelimiting some more expensive endpoints.
::alert{type="warning"}
If this is enabled, all other ratelimit related settings are required.
::
### `ratelimits.redisUrl`
- Type: `string`
- Default: `""`
- Example: `"redis://localhost:6379"`
Redis connection URL for storing ratelimit data. You can use a plain redis instance for this, no modules are required.

97
pages/backend/deploy.mdx Normal file
View File

@@ -0,0 +1,97 @@
---
title: 'Deploy'
---
# Deploying the backend
The only officially recognized hosting method is through Docker (or similar container runtimes). It can be scaled horizontally to all your heart's content and is the safest way to host the backend.
For configuration, check out the [configuration reference](2.configuration.md).
::alert{type="info"}
The postgres database will need to be populated with [migrations](0.introduction.md#migrations) if `postgres.migrateOnBoot` isn't enabled.
::
## Method 1 - Docker Deployment
This method provides a straightforward setup with minimal configuration. For more extensive customization, see the [Configuration Reference](2.configuration.md).
**Prerequisites**
* **Docker:** If you don't have Docker installed, download it from the official website: [Docker installation](https://www.docker.com/get-started)
* **Docker Compose:** Install Docker Compose following the instructions for your operating system: [Docker-Compose installation](https://docs.docker.com/compose/install/)
**Setup**
1. **Create `docker-compose.yml`:**
```yaml
version: '3.8'
services:
postgres:
image: postgres
environment:
POSTGRES_USER: movie_web_user
POSTGRES_DB: movie_web_backend
POSTGRES_PASSWORD: YourPasswordHere
ports:
- "5432:5432"
networks:
- movie-web-network
movie-web:
image: ghcr.io/movie-web/backend:latest
environment:
MWB_POSTGRES__CONNECTION: postgresql://movie_web_user:YourPasswordHere@postgres:5432/movie_web_backend
MWB_CRYPTO__SESSION_SECRET: 32CharacterLongStringHere
MWB_META__NAME: unofficial-movie-web
MWB_POSTGRES__MIGRATE_ON_BOOT: "true"
MIKRO_ORM_MIGRATIONS_DISABLE_FOREIGN_KEYS: "true"
ports:
- "80:80"
depends_on:
- postgres
networks:
- movie-web-network
networks:
movie-web-network:
driver: bridge
```
**Important:**
* Replace `YourPasswordHere` with your secure database password.
* Generate a strong session secret and replace `32CharacterLongStringHere`.
2. **Start the Backend:** Open a terminal in the directory containing `docker-compose.yml` and execute:
```bash
docker-compose up -d
```
**Accessing Your Backend**
Your backend should be accessible on `(YourPrivateIP):80`. To share it outside your local network, you'll need to configure port forwarding or cloudflared tunnel.
**Optional: Implementing a Reverse Proxy**
To enhance your SSL and domain configuration, it's advisable to establish a reverse proxy, such as Nginx. For an optimal choice in this regard, Cloudflare Zero Trust Tunnel is recommended. You can find more information [here](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/get-started/create-remote-tunnel/).
- If you decide to utilize a reverse proxy, it's important to include `MWB_SERVER__CORS: "https://movie.example.com"` in your configuration.
- `MWB_SERVER__CORS` must contain a **space-separated** list of origins (Protocol + Hostname) for the client to be able to access the backend.
- Depending on your specific setup, you may also require the addition of `MWB_SERVER__TRUST_PROXY: true` and `MWB_SERVER__TRUST_CLOUDFLARE: true`.
## Method 2 - Railway (Easy)
Railway offers you $5 of credit once you verify your account, which is enough to run the backend for around 5 months (~$0.90 per month).
[![Deploy on Railway](https://railway.app/button.svg)](https://railway.app/template/TS4mw5)
1. Login to your [Railway](https://railway.app) account if you have one, otherwise create one [here](https://railway.app/login).
1. If you are signing up, then verify your account by clicking the link in the email Railway sends you.
1. If you created your account with an email, then to verify your account further, go to your account, then plans and verify your account with a GitHub account.
1. Click the [`Deploy on Railway`](https://railway.app/template/TS4mw5) button above.
1. If a `Configure` button is displayed, click on it and allow Railway to access your GitHub account.
1. Fill in the required variables or change the default values.
1. The `Deploy` button at the bottom of the template should be active, click on it.
1. Once the `Backend` service has deployed, copy the URL from the `Deployments` page. (Might take a second for it to be available after the service has deployed)
1. Congratulations! You have deployed the backend, you can now [set up the client](../1.self-hosting/2.use-backend.md).

30
pages/backend/introduction.mdx Normal file
View File

@@ -0,0 +1,30 @@
---
title: 'Introduction'
---
# Introduction to the backend
The backend is essentially just an account server. It handles user accounts, syncing, and other account related features.
## Recommended Community Backend
To keep consistency and compatibility between different instances our partner, [lonelil](https://github.com/lonelil), has kindly offered to host a movie-web backend with a copy of the original data from the now unavailable movie-web.app backend. You can access this backend at: `https://mw-backend.lonelil.com` and `https://mw-backend.lonelil.ru`
Meaning users **do not** have to set up a new account; you can use your previous passphrase from movie-web, and all of your data will be there!
## Metrics
The backend exposes an endpoint for [Prometheus metrics](https://prometheus.io/){target="\_blank"} which allows you to keep track of the backend more easily, it can be accessed on `/metrics`.
To view these metrics properly, you'll need to use an analytics program like [Grafana](https://grafana.com/){target="\_blank"}, [which can visualize logs from Prometheus](https://prometheus.io/docs/visualization/grafana/){target="\_blank"}.
## Security
Optionally, there are a few security settings:
- [Recaptcha support](2.configuration.md#captcha), the server can verify Recaptcha v3 tokens on register and login.
- [Ratelimits](2.configuration.md#ratelimits), some expensive endpoints have ratelimits, but only when enabled. This requires an additional redis connection.
## Migrations
Migrations help keep your database schema in sync with everyone else. To run migrations, you can use the `pnpm migration:up` command inside the docker container or in your command-line if you're not using docker.
Alternatively, you can enable the [`postgres.migrateOnBoot`](2.configuration.md#postgresmigrateonboot) variable and it will be automatically migrated on boot.

7
pages/backend/upgrade.mdx Normal file
View File

@@ -0,0 +1,7 @@
---
title: 'Upgrade guide'
---
# Upgrade guide
There is only one major version, there is nothing to write here yet.