# Fast Setup Guide This guide provides a quick overview of setting up a server with Fast, including Docker installation, UFW firewall configuration, and Fast application deployment. ## Prerequisites - A server running a supported Linux distribution (e.g., Ubuntu 20.04 or later). - Root or sudo access to the server. - Basic knowledge of terminal commands and Docker. # Getting Started ```bash git clone https://git.nxs.solutions/Fast/setup.git fast_setup cd fast_setup ./setup.sh # Start the setup and follow the prompts ``` #### Persmissions As Fast will install third party software, you may be prompted to enter your password for sudo permissions during the setup process. ```bash ./setup.sh [sudo] password for user: ******** ``` ### Docker Installation If Docker is not already installed on your server, the setup script will guide you through the installation process. Follow the prompts to install Docker and Docker Compose. This is based on the official Docker installation guide found at [Docker Docs](https://docs.docker.com/engine/install/). ```bash Docker you want to set up Docker (Y/n)?: Types: deb URIs: https://download.docker.com/linux/debian Suites: trixie Components: stable Signed-By: /etc/apt/keyrings/docker.asc Hit:1 https://download.docker.com/linux/debian trixie InRelease Hit:2 http://deb.debian.org/debian trixie InRelease Hit:3 http://deb.debian.org/debian trixie-updates InRelease Hit:4 http://deb.debian.org/debian trixie-backports InRelease Hit:5 http://mirror.hetzner.com/debian/packages trixie InRelease Hit:6 http://deb.debian.org/debian-security trixie-security InRelease Hit:7 http://mirror.hetzner.com/debian/packages trixie-updates InRelease Hit:8 https://deb.nodesource.com/node_25.x nodistro InRelease Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease All packages are up to date. Warning: https://deb.nodesource.com/node_25.x/dists/nodistro/InRelease: Policy will reject signature within a year, see --audit for details Summary: Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 docker-ce is already the newest version (5:29.1.2-1~debian.13~trixie). docker-ce-cli is already the newest version (5:29.1.2-1~debian.13~trixie). containerd.io is already the newest version (2.2.0-2~debian.13~trixie). docker-buildx-plugin is already the newest version (0.30.1-1~debian.13~trixie). docker-compose-plugin is already the newest version (2.40.3-1~debian.13~trixie). Summary: Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 Docker has been installed and configured. ``` ### UFW Firewall Configuration To set up UFW (Uncomplicated Firewall) on your server to work correctly with docker containers based on the guide from [docker-ufw](https://github.com/chaifeng/ufw-docker). During setup you will be asked to install and configure UFW if not already installed, add the after.rules file to the UFW configuration, setup base port rules, and enable UFW. If you manager your firewall manually, you can skip this step. ```bash Do you want to set up UFW (Uncomplicated Firewall)? (Y/n): Hit:1 http://deb.debian.org/debian trixie InRelease Hit:2 https://download.docker.com/linux/debian trixie InRelease Hit:3 http://deb.debian.org/debian trixie-updates InRelease Hit:4 http://deb.debian.org/debian trixie-backports InRelease Hit:5 http://deb.debian.org/debian-security trixie-security InRelease Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease Hit:7 http://mirror.hetzner.com/debian/packages trixie-updates InRelease Hit:8 https://deb.nodesource.com/node_25.x nodistro InRelease Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease All packages are up to date. Warning: https://deb.nodesource.com/node_25.x/dists/nodistro/InRelease: Policy will reject signature within a year, see --audit for details Summary: Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 ufw is already the newest version (0.36.2-9). Summary: Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0 Skipping adding existing rule Skipping adding existing rule (v6) Skipping adding existing rule Skipping adding existing rule (v6) Skipping adding existing rule Skipping adding existing rule (v6) Skipping adding existing rule Skipping adding existing rule (v6) Skipping adding existing rule Skipping adding existing rule (v6) Firewall is active and enabled on system startup Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), deny (routed) New profiles: skip To Action From -- ------ ---- 22/tcp ALLOW IN Anywhere 80/tcp ALLOW IN Anywhere 443/tcp ALLOW IN Anywhere 2222/tcp ALLOW IN Anywhere 60000:61000/udp ALLOW IN Anywhere 22/tcp (v6) ALLOW IN Anywhere (v6) 80/tcp (v6) ALLOW IN Anywhere (v6) 443/tcp (v6) ALLOW IN Anywhere (v6) 2222/tcp (v6) ALLOW IN Anywhere (v6) 60000:61000/udp (v6) ALLOW IN Anywhere (v6) ``` ## Main installation After completing the Docker and UFW setup, the script will proceed to deploy the Fast application using Docker Compose. Follow the prompts to configure your Fast installation, including setting up environment variables and any additional services you may require. Enter the credentials for accessing the Fast repository: ```bash Cloning into 'lib'... Username for 'https://git.nxs.solutions': anorien Password for 'https://anorien@git.nxs.solutions': ``` Clone the Fast repository to your desired location: ```bash remote: Enumerating objects: 2098, done. remote: Counting objects: 100% (2098/2098), done. remote: Compressing objects: 100% (1842/1842), done. remote: Total 2098 (delta 999), reused 356 (delta 74), pack-reused 0 (from 0) Receiving objects: 100% (2098/2098), 17.48 MiB | 14.73 MiB/s, done. Resolving deltas: 100% (999/999), done. Enter the full path where you want to set up Fast (e.g., /opt/fast): ``` Set up Fast in the specified directory: ```bash Removing .git directory to detach from the original repository... FAST_PATH already exists in .bashrc. Overwriting FAST_PATH in .bashrc... FAST_PATH updated in .bashrc and sourced. Fast has been set up at /opt/fast ``` ## Final Configuration To finalize the Fast setup, the script will guide you through configuring your environment variables in the `.env` file. You can choose to have the script prompt you for each sensitive variable or skip the prompts to keep the existing values defined in the template at config/.env.example. This step is crucial for ensuring the security and proper functioning of your Fast installation. ```bash Environment file copied to /opt/fast/.env Mode: 🟢 Interactive (Will prompt for input) --- .env File Security Checker --- Searching for sensitive variables in .env... ----------------------------------- ⚠️ Sensitive variable found: **RUNPOD_API_KEY** Current value: your_rupod_api_key_here Enter a new secure value for RUNPOD_API_KEY: lasdf01244a9f1fasf lasdf01244a9f1fasf Action: Manual update applied. ⚠️ Sensitive variable found: **TASK_MANAGER_API_KEY** Current value: task_manager_api_key Enter a new secure value for TASK_MANAGER_API_KEY: this_should_be_my_own_task_manager_apie_key this_should_be_my_own_task_manager_apie_key Action: Manual update applied. ⚠️ Sensitive variable found: **SECRET_MANAGER_API_KEY** Current value: secret_manager_api_key Enter a new secure value for SECRET_MANAGER_API_KEY: No input provided. Keeping original value. Action: Manual update applied. ⚠️ Sensitive variable found: **POSTGRES_USER** Current value: your_postgres_user Enter a new secure value for POSTGRES_USER: postgres postgres Action: Manual update applied. ⚠️ Sensitive variable found: **POSTGRES_PASSWORD** Current value: your_postgres_password Enter a new secure value for POSTGRES_PASSWORD: PostGresQlPwD PostGresQlPwD Action: Manual update applied. ⚠️ Sensitive variable found: **ACCESS_MANAGER_API_KEY** Current value: access_manager_api_key Enter a new secure value for ACCESS_MANAGER_API_KEY: No input provided. Keeping original value. Action: Manual update applied. ⚠️ Sensitive variable found: **EXOSCALE_API_KEY** Current value: your_exoscale_api_key_here Enter a new secure value for EXOSCALE_API_KEY: No input provided. Keeping original value. Action: Manual update applied. ⚠️ Sensitive variable found: **STRIPE_SECRET_KEY** Current value: your_stripe_api_key_here Enter a new secure value for STRIPE_SECRET_KEY: No input provided. Keeping original value. Action: Manual update applied. ⚠️ Sensitive variable found: **ADMIN_USERNAME** Current value: your_admin_username_here Enter a new secure value for ADMIN_USERNAME: admin admin Action: Manual update applied. ⚠️ Sensitive variable found: **ADMIN_PASSWORD** Current value: your_admin_password_here Enter a new secure value for ADMIN_PASSWORD: this_is_my_realy_important_admin_pwd this_is_my_realy_important_admin_pwd Action: Manual update applied. ⚠️ Sensitive variable found: **ADMIN_EMAIL** Current value: your_admin@email.com Enter a new secure value for ADMIN_EMAIL: info@nxs.solution info@nxs.solution Action: Manual update applied. ⚠️ Sensitive variable found: **JWT_SECRET_KEY** Current value: your_jwt_secret_key_here Enter a new secure value for JWT_SECRET_KEY: No input provided. Keeping original value. Action: Manual update applied. ⚠️ Sensitive variable found: **SENDER_USER** Current value: your_smtp_username_here Enter a new secure value for SENDER_USER: info@nxs.solutions info@nxs.solutions Action: Manual update applied. ⚠️ Sensitive variable found: **SENDER_PASSWORD** Current value: your_smtp_password_here Enter a new secure value for SENDER_PASSWORD: asdasd012ß4iafs9a8r124 asdasd012ß4iafs9a8r124 Action: Manual update applied. ⚠️ Sensitive variable found: **SENDER_EMAIL** Current value: your_sender_email_here Enter a new secure value for SENDER_EMAIL: noreply@nxs.solutions noreply@nxs.solutions Action: Manual update applied. ⚠️ Sensitive variable found: **PERSONAL_API_KEY** Current value: your_personal_api_key_here Enter a new secure value for PERSONAL_API_KEY: No input provided. Keeping original value. Action: Manual update applied. --- adding DOCKER_GROUP_ID=989 to .env --- --- adding DATA_MANAGER_DB_URL to .env --- --- Finalizing Update --- ✅ All updates applied. The original .env has been overwritten. ``` Now, you can proceed to build the Fast components as per your requirements. ### Building of components ```bash Do you want to start building Fast components now? (Y/n): Starting Fast build process in /opt/fast... Do you want to build secret_manager? (Y/n): ==> Found component Dockerfile: .docker/secret_manager/Dockerfile [+] Building 1.2s (11/11) FINISHED docker:default => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 328B 0.0s => [internal] load metadata for docker.io/library/python:3.13-slim 0.9s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [1/6] FROM docker.io/library/python:3.13-slim@sha256:7b8dbc09c76ca63fc57dae35f6211d0c8e22cf0ec5509a63e41408a79e323b28 0.0s => => resolve docker.io/library/python:3.13-slim@sha256:7b8dbc09c76ca63fc57dae35f6211d0c8e22cf0ec5509a63e41408a79e323b28 0.0s => [internal] load build context 0.1s => => transferring context: 1.46MB 0.0s => CACHED [2/6] WORKDIR /app 0.0s => CACHED [3/6] COPY ./.docker/secret_manager/requirements.txt . 0.0s => CACHED [4/6] RUN pip install --no-cache-dir -r requirements.txt 0.0s => CACHED [5/6] COPY ./src/Fast ./Fast 0.0s => CACHED [6/6] COPY ./webapp . 0.0s => exporting to image 0.1s => => exporting layers 0.0s => => exporting manifest sha256:94d98f2a3c584aab89dd06e142e88ae4b12b6e14b3ad43df40890d797371db10 0.0s => => exporting config sha256:7c04c14d05cb8afdd3f7eefaf552d4115c7cfd8f12208f2ba9d6a42169b2b780 0.0s => => exporting attestation manifest sha256:610382bb87a7e320facdc5622cfdb511b3fbb64c72a92e39fc0f2061bd2561f5 0.0s => => exporting manifest list sha256:62e71951ce5bdc06c941a89a676496dae9abb682745db6b04c1ba380811aef8a 0.0s => => naming to docker.io/fast/secret_manager:latest 0.0s => => unpacking to docker.io/fast/secret_manager:latest 0.0s Do you want to build access_manager? (Y/n): ==> Found component Dockerfile: .docker/access_manager/Dockerfile [+] Building 1.7s (11/11) FINISHED docker:default => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 398B 0.0s => [internal] load metadata for docker.io/library/python:3.9-slim 0.2s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [1/6] FROM docker.io/library/python:3.9-slim@sha256:2d97f6910b16bd338d3060f261f53f144965f755599aab1acda1e13cf1731b1b 0.0s => => resolve docker.io/library/python:3.9-slim@sha256:2d97f6910b16bd338d3060f261f53f144965f755599aab1acda1e13cf1731b1b 0.0s => [internal] load build context 0.0s => => transferring context: 14.29kB 0.0s => CACHED [2/6] WORKDIR /app 0.0s => CACHED [3/6] COPY ./.docker/access_manager/requirements.txt . 0.0s => CACHED [4/6] RUN echo "gevent" >> requirements.txt && pip install --no-cache-dir -r requirements.txt 0.0s => CACHED [5/6] COPY ./src/Fast ./Fast 0.0s => [6/6] COPY ./webapp . 0.1s => exporting to image 1.2s => => exporting layers 0.2s => => exporting manifest sha256:0d5bc19de463465357caa8e4fecb6836c339a058ecd428afc51dffbe4014c875 0.0s => => exporting config sha256:0d49af87af7f6331d138bae959247e1a157f24bf86e69a4974b45b222df1fe98 0.0s => => exporting attestation manifest sha256:3ea0b6fa104f3c30a383e811e4e57650a609d71bfd33212f55b6fdcfeb780939 0.0s => => exporting manifest list sha256:f64953f77103811eeb55f52a850c852f23a212dfd7592f3991da6660e0b6395d 0.0s => => naming to docker.io/fast/access_manager:latest 0.0s => => unpacking to docker.io/fast/access_manager:latest 0.9s Do you want to build task_manager? (Y/n): n Skipping build for task_manager. Do you want to build data_manager? (Y/n): n Skipping build for data_manager. Do you want to build bill_manager? (Y/n): ==> Found component Dockerfile: .docker/bill_manager/Dockerfile [+] Building 10.1s (10/10) FINISHED docker:default => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 303B 0.0s => [internal] load metadata for docker.io/library/python:3.13-slim 0.2s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [1/5] FROM docker.io/library/python:3.13-slim@sha256:7b8dbc09c76ca63fc57dae35f6211d0c8e22cf0ec5509a63e41408a79e323b28 0.0s => => resolve docker.io/library/python:3.13-slim@sha256:7b8dbc09c76ca63fc57dae35f6211d0c8e22cf0ec5509a63e41408a79e323b28 0.0s => [internal] load build context 0.0s => => transferring context: 15.45kB 0.0s => CACHED [2/5] WORKDIR /app 0.0s => [3/5] COPY ./.docker/bill_manager/requirements.txt . 0.1s => [4/5] RUN pip install --no-cache-dir -r requirements.txt 6.5s => [5/5] COPY ./src ./Fast 0.1s => exporting to image 3.0s => => exporting layers 2.0s => => exporting manifest sha256:af38308d2076bfab6726117301e300a31b8f8ec803fa3e1777051add83df6e30 0.0s => => exporting config sha256:9e72ccdaa28d1567b090fa141584c9c85a4a356e4307ffd9217fbec274e5530c 0.0s => => exporting attestation manifest sha256:b61b7782bec7e10c227800a5d1d3147059964a36a2fdd62ac42e6c157f28ea39 0.0s => => exporting manifest list sha256:a723f02ce492577530eff3abf55a051259c3dbcb14e51685d53bcdc925ed04b8 0.0s => => naming to docker.io/fast/bill_manager:latest 0.0s => => unpacking to docker.io/fast/bill_manager:latest 0.8s Do you want to build load_manager? (Y/n): ==> Found component Dockerfile: .docker/load_manager/Dockerfile [+] Building 0.5s (12/12) FINISHED docker:default => [internal] load build definition from Dockerfile 0.0s => => transferring dockerfile: 661B 0.0s => [internal] load metadata for docker.io/library/python:3.9-slim 0.2s => [internal] load .dockerignore 0.0s => => transferring context: 2B 0.0s => [1/7] FROM docker.io/library/python:3.9-slim@sha256:2d97f6910b16bd338d3060f261f53f144965f755599aab1acda1e13cf1731b1b 0.0s => => resolve docker.io/library/python:3.9-slim@sha256:2d97f6910b16bd338d3060f261f53f144965f755599aab1acda1e13cf1731b1b 0.0s => [internal] load build context 0.1s => => transferring context: 886.81kB 0.0s => CACHED [2/7] WORKDIR /app 0.0s => CACHED [3/7] RUN apt-get update && apt-get install -y --no-install-recommends gcc libffi-dev libssl-dev python3-dev build-essential && rm -rf /var/lib/apt/lists/* 0.0s => CACHED [4/7] COPY ./.docker/load_manager/requirements.txt ./requirements.txt 0.0s => CACHED [5/7] RUN pip install --no-cache-dir -r requirements.txt 0.0s => CACHED [6/7] COPY ./src/Fast ./Fast 0.0s => CACHED [7/7] COPY ./webapp . 0.0s => exporting to image 0.1s => => exporting layers 0.0s => => exporting manifest sha256:ccccb68870923d2806001b7a61fa5103e9349199bcce951f4b229dce3b4d6563 0.0s => => exporting config sha256:a5c36909a4e8032b545c7d05a2b08deae9985b30784259b7517ada90c5d0beef 0.0s => => exporting attestation manifest sha256:98503507460b5d9f0300c8dd85fdbadf31442328b09a9267265a290e41de4917 0.0s => => exporting manifest list sha256:6bc650a89f0ddfe4308723ba61c2c9fbbddebbd21f4dc515f79b46069e107190 0.0s => => naming to docker.io/fast/load_manager:latest 0.0s => => unpacking to docker.io/fast/load_manager:latest ``` You can now run the built images using Docker commands, for example: ## Setup Gitea Version controls system ```bash Do you want to set up Gitea (self-hosted git service)? (Y/n): Cloning into 'lib'... remote: Enumerating objects: 20, done. remote: Counting objects: 100% (20/20), done. remote: Compressing objects: 100% (15/15), done. remote: Total 20 (delta 4), reused 0 (delta 0), pack-reused 0 (from 0) Receiving objects: 100% (20/20), 6.30 KiB | 6.30 MiB/s, done. Resolving deltas: 100% (4/4), done. Enter the full path where you want to set up Fast (e.g., /opt/gitea): ``` After entering the path, the script will proceed to set up Gitea and ask if you want to start it immediately: ```bash Gitea has been set up at /opt/gitea ```