Skip to content

Deployment Overview of Restyaboard on Server

Prerequisites and Basic Requirements

The following requirements must be met on the target server before deploying Restyaboard:

  • Operating System: Ubuntu (compatible with apt package manager).

  • Privileges: Root access or sudo privileges are required to install Docker and manage system services.

  • Domain: The deployment utilizes the hostkey.in zone.

  • Ports:

  • Internal application port: 8080 (bound to 127.0.0.1).

  • External HTTPS port: 443 (managed by the Nginx proxy).

  • External HTTP port: 80 (managed by the Nginx proxy for SSL redirection).

FQDN of the Final Panel

The application is accessible via the following Fully Qualified Domain Name (FQDN) format:

  • restyaboard<Server ID>.hostkey.in

  • The service listens on port 443 for secure HTTPS connections.

File and Directory Structure

The deployment utilizes the following directory structure for data persistence and configuration:

  • /opt/restyaboard/postgres: Persistent storage for the PostgreSQL database data.

  • /opt/restyaboard/uploads: Storage directory for Restyaboard uploads.

  • /root/nginx: Directory containing the Nginx proxy configuration and Docker Compose files.

  • /root/nginx/compose.yml: Docker Compose configuration for the Nginx proxy service.

  • /data/nginx/user_conf.d/: Directory containing custom Nginx configuration files for the specific server instance.

  • /data/nginx/nginx-certbot.env: Environment file for the Nginx-Certbot service.

Application Installation Process

The application is deployed using Docker containers. The installation process involves the following steps:

  1. Docker Installation: The system installs Docker CE, CLI, containerd.io, and the Docker Compose plugin.

  2. Network Creation: A dedicated Docker network named restya_net is created to isolate the application and database containers.

  3. Image Pulling: The following Docker images are pulled:

    • postgres:15

    • restyaplatform/restyaboard:v1.7.1

  4. Database Initialization:

    • A PostgreSQL container named restya_db is started.

    • A database role named restya is created with a specific password.

    • A database named restyaboard is created and owned by the restya role.

    • If the database schema is empty, the SQL schema file is extracted from the application container and applied to the database.

  5. Application Launch:

    • The Restyaboard container named restya_app is started.

    • The application connects to the restya_db container via the internal network.

    • The application listens on 127.0.0.1:8080.

Docker Containers and Their Deployment

The deployment consists of three primary Docker containers:

Restyaboard Application Container

  • Name: restya_app

  • Image: restyaplatform/restyaboard:v1.7.1

  • Network: restya_net

  • Port Mapping: 127.0.0.1:8080:80

  • Restart Policy: unless-stopped

  • Environment Variables:

  • POSTGRES_HOST: restya_db

  • POSTGRES_PORT: 5432

  • POSTGRES_ADMIN_USER: postgres

  • POSTGRES_ADMIN_PASS: (Secure password)

  • RESTYA_DB_USERNAME: restya

  • RESTYA_DB_USERPASS: (Secure password)

  • RESTYA_DB: restyaboard

PostgreSQL Database Container

  • Name: restya_db

  • Image: postgres:15

  • Network: restya_net

  • Volume Mount: /opt/restyaboard/postgres:/var/lib/postgresql/data

  • Restart Policy: unless-stopped

  • Environment Variables:

  • POSTGRES_USER: postgres

  • POSTGRES_PASSWORD: (Secure password)

  • POSTGRES_DB: restyaboard

Nginx Proxy Container

  • Service Name: nginx (managed via Docker Compose)

  • Image: jonasal/nginx-certbot:latest

  • Network Mode: host

  • Restart Policy: unless-stopped

  • Volumes:

  • nginx_secrets mounted to /etc/letsencrypt

  • /data/nginx/user_conf.d mounted to /etc/nginx/user_conf.d

  • Environment:

  • CERTBOT_EMAIL: [email protected]

Proxy Servers

The application is fronted by an Nginx proxy container that handles SSL termination and routing.

  • Proxy Software: Nginx with Certbot integration (jonasal/nginx-certbot).

  • SSL Configuration: Managed automatically by Certbot for the hostkey.in domain.

  • Routing:

  • The Nginx configuration file located at /data/nginx/user_conf.d/restyaboard<Server ID>.hostkey.in.conf contains the location block.

  • Traffic is proxied from the external port 443 to the internal application address http://127.0.0.1:8080.

  • Configuration Management:

  • The proxy_pass directive is set to http://127.0.0.1:8080; within the location / block.

  • The Nginx service is started using docker compose -p certproxy up -d nginx from the /root/nginx directory.

Databases

The application uses a PostgreSQL database for data storage.

  • Database Type: PostgreSQL version 15.

  • Connection Method: Internal Docker network communication between restya_app and restya_db.

  • Database Name: restyaboard.

  • Database User: restya.

  • Storage Location: Data is persisted in the host directory /opt/restyaboard/postgres.

  • Schema Initialization:

  • The schema is imported from a SQL file located inside the application container (e.g., restyaboard_with_empty_data.sql or postgresql.sql).

  • The schema is applied to the database if the oauth_clients or settings tables are missing.

Access Rights and Security

  • Firewall: The application container binds only to 127.0.0.1, preventing direct external access to the application port. All external traffic must pass through the Nginx proxy on ports 80 and 443.

  • User Privileges:

  • The database uses a dedicated role restya with limited privileges for the application.

  • The postgres superuser is used for administrative tasks during initialization.

  • Password Security: Database passwords are managed via environment variables and are not stored in plain text within the configuration files visible in the documentation.

Permission Settings

The following file and directory permissions are enforced during deployment:

  • /opt/restyaboard/postgres: 0755 (Owner: root, Group: root).

  • /opt/restyaboard/uploads: 0755 (Owner: root, Group: root).

  • /root/nginx: 0755 (Owner: root, Group: root).

  • /root/nginx/compose.yml: 0644 (Owner: root, Group: root).

Location of Configuration Files and Data

  • Nginx Compose File: /root/nginx/compose.yml

  • Nginx Custom Config: /data/nginx/user_conf.d/restyaboard<Server ID>.hostkey.in.conf

  • Nginx Environment File: /data/nginx/nginx-certbot.env

  • Database Data: /opt/restyaboard/postgres

  • Application Uploads: /opt/restyaboard/uploads

Available Ports for Connection

  • Port 80: HTTP (Handled by Nginx proxy for SSL redirection).

  • Port 443: HTTPS (Public access to Restyaboard via Nginx proxy).

  • Port 8080: Internal application port (Bound to 127.0.0.1 only, not accessible from the public internet).

Starting, Stopping, and Updating

The following commands are used to manage the services:

Managing the Nginx Proxy

  • Start/Restart: 
    docker compose -p certproxy up -d nginx
    (Execute from /root/nginx)

Managing Restyaboard Containers

  • Start Application: 

    docker start restya_app

  • Stop Application: 

    docker stop restya_app

  • Restart Application: 

    docker restart restya_app

  • Start Database: 

    docker start restya_db

  • Stop Database: 

    docker stop restya_db

  • Update Images: 

    docker pull postgres:15
docker pull restyaplatform/restyaboard:v1.7.1
    (After pulling, containers must be stopped and restarted to apply updates).

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×