Fast/setup
Public Access
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
setup/README.md

412 lines
43 KiB
Markdown
Raw Permalink Blame History

# Fast Setup Guide
This guide provides a quick overview of setting up a server with Fast, including Docker installation, UFW firewall configuration, and Fast application deployment.
## Prerequisites
- A server running a supported Linux distribution (e.g., Ubuntu 20.04 or later).
- Root or sudo access to the server.
- Basic knowledge of terminal commands and Docker.
# Getting Started
```bash
git clone https://git.nxs.solutions/Fast/setup.git fast_setup
cd fast_setup
./setup.sh # Start the setup and follow the prompts
```
#### Persmissions
As Fast will install third party software, you may be prompted to enter your password for sudo permissions during the setup process.
```bash
./setup.sh
[sudo] password for user: ********
```
### Docker Installation
If Docker is not already installed on your server, the setup script will guide you through the installation process. Follow the prompts to install Docker and Docker Compose. This is based on the official Docker installation guide found at [Docker Docs](https://docs.docker.com/engine/install/).
```bash
Docker you want to set up Docker (Y/n)?:
Types: deb
URIs: https://download.docker.com/linux/debian
Suites: trixie
Components: stable
Signed-By: /etc/apt/keyrings/docker.asc
Hit:1 https://download.docker.com/linux/debian trixie InRelease
Hit:2 http://deb.debian.org/debian trixie InRelease
Hit:3 http://deb.debian.org/debian trixie-updates InRelease
Hit:4 http://deb.debian.org/debian trixie-backports InRelease
Hit:5 http://mirror.hetzner.com/debian/packages trixie InRelease
Hit:6 http://deb.debian.org/debian-security trixie-security InRelease
Hit:7 http://mirror.hetzner.com/debian/packages trixie-updates InRelease
Hit:8 https://deb.nodesource.com/node_25.x nodistro InRelease
Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease
Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease
All packages are up to date.
Warning: https://deb.nodesource.com/node_25.x/dists/nodistro/InRelease: Policy will reject signature within a year, see --audit for details
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
docker-ce is already the newest version (5:29.1.2-1~debian.13~trixie).
docker-ce-cli is already the newest version (5:29.1.2-1~debian.13~trixie).
containerd.io is already the newest version (2.2.0-2~debian.13~trixie).
docker-buildx-plugin is already the newest version (0.30.1-1~debian.13~trixie).
docker-compose-plugin is already the newest version (2.40.3-1~debian.13~trixie).
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
Docker has been installed and configured.
```
### UFW Firewall Configuration
To set up UFW (Uncomplicated Firewall) on your server to work correctly with docker containers based on the guide from [docker-ufw](https://github.com/chaifeng/ufw-docker).
During setup you will be asked to install and configure UFW if not already installed, add the after.rules file to the UFW configuration, setup base port rules, and enable UFW. If you manager your firewall manually, you can skip this step.
```bash
Do you want to set up UFW (Uncomplicated Firewall)? (Y/n):
Hit:1 http://deb.debian.org/debian trixie InRelease
Hit:2 https://download.docker.com/linux/debian trixie InRelease
Hit:3 http://deb.debian.org/debian trixie-updates InRelease
Hit:4 http://deb.debian.org/debian trixie-backports InRelease
Hit:5 http://deb.debian.org/debian-security trixie-security InRelease
Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease
Hit:7 http://mirror.hetzner.com/debian/packages trixie-updates InRelease
Hit:8 https://deb.nodesource.com/node_25.x nodistro InRelease
Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease
Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease
All packages are up to date.
Warning: https://deb.nodesource.com/node_25.x/dists/nodistro/InRelease: Policy will reject signature within a year, see --audit for details
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
ufw is already the newest version (0.36.2-9).
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
Skipping adding existing rule
Skipping adding existing rule (v6)
Skipping adding existing rule
Skipping adding existing rule (v6)
Skipping adding existing rule
Skipping adding existing rule (v6)
Skipping adding existing rule
Skipping adding existing rule (v6)
Skipping adding existing rule
Skipping adding existing rule (v6)
Firewall is active and enabled on system startup
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp ALLOW IN Anywhere
80/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
2222/tcp ALLOW IN Anywhere
60000:61000/udp ALLOW IN Anywhere
22/tcp (v6) ALLOW IN Anywhere (v6)
80/tcp (v6) ALLOW IN Anywhere (v6)
443/tcp (v6) ALLOW IN Anywhere (v6)
2222/tcp (v6) ALLOW IN Anywhere (v6)
60000:61000/udp (v6) ALLOW IN Anywhere (v6)
```
## Main installation
After completing the Docker and UFW setup, the script will proceed to deploy the Fast application using Docker Compose. Follow the prompts to configure your Fast installation, including setting up environment variables and any additional services you may require.
Enter the credentials for accessing the Fast repository:
```bash
Cloning into 'lib'...
Username for 'https://git.nxs.solutions': anorien
Password for 'https://anorien@git.nxs.solutions':
```
Clone the Fast repository to your desired location:
```bash
remote: Enumerating objects: 2098, done.
remote: Counting objects: 100% (2098/2098), done.
remote: Compressing objects: 100% (1842/1842), done.
remote: Total 2098 (delta 999), reused 356 (delta 74), pack-reused 0 (from 0)
Receiving objects: 100% (2098/2098), 17.48 MiB | 14.73 MiB/s, done.
Resolving deltas: 100% (999/999), done.
Enter the full path where you want to set up Fast (e.g., /opt/fast):
```
Set up Fast in the specified directory:
```bash
Removing .git directory to detach from the original repository...
FAST_PATH already exists in .bashrc.
Overwriting FAST_PATH in .bashrc...
FAST_PATH updated in .bashrc and sourced.
Fast has been set up at /opt/fast
```
## Final Configuration
To finalize the Fast setup, the script will guide you through configuring your environment variables in the `.env` file. You can choose to have the script prompt you for each sensitive variable or skip the prompts to keep the existing values defined in the template at config/.env.example. This step is crucial for ensuring the security and proper functioning of your Fast installation.
```bash
Environment file copied to /opt/fast/.env
Mode: 🟢 Interactive (Will prompt for input)
--- .env File Security Checker ---
Searching for sensitive variables in .env...
-----------------------------------
⚠️ Sensitive variable found: **RUNPOD_API_KEY**
Current value: your_rupod_api_key_here
Enter a new secure value for RUNPOD_API_KEY: lasdf01244a9f1fasf
lasdf01244a9f1fasf
Action: Manual update applied.
⚠️ Sensitive variable found: **TASK_MANAGER_API_KEY**
Current value: task_manager_api_key
Enter a new secure value for TASK_MANAGER_API_KEY: this_should_be_my_own_task_manager_apie_key
this_should_be_my_own_task_manager_apie_key
Action: Manual update applied.
⚠️ Sensitive variable found: **SECRET_MANAGER_API_KEY**
Current value: secret_manager_api_key
Enter a new secure value for SECRET_MANAGER_API_KEY:
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **POSTGRES_USER**
Current value: your_postgres_user
Enter a new secure value for POSTGRES_USER: postgres
postgres
Action: Manual update applied.
⚠️ Sensitive variable found: **POSTGRES_PASSWORD**
Current value: your_postgres_password
Enter a new secure value for POSTGRES_PASSWORD: PostGresQlPwD
PostGresQlPwD
Action: Manual update applied.
⚠️ Sensitive variable found: **ACCESS_MANAGER_API_KEY**
Current value: access_manager_api_key
Enter a new secure value for ACCESS_MANAGER_API_KEY:
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **EXOSCALE_API_KEY**
Current value: your_exoscale_api_key_here
Enter a new secure value for EXOSCALE_API_KEY:
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **STRIPE_SECRET_KEY**
Current value: your_stripe_api_key_here
Enter a new secure value for STRIPE_SECRET_KEY:
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **ADMIN_USERNAME**
Current value: your_admin_username_here
Enter a new secure value for ADMIN_USERNAME: admin
admin
Action: Manual update applied.
⚠️ Sensitive variable found: **ADMIN_PASSWORD**
Current value: your_admin_password_here
Enter a new secure value for ADMIN_PASSWORD: this_is_my_realy_important_admin_pwd
this_is_my_realy_important_admin_pwd
Action: Manual update applied.
⚠️ Sensitive variable found: **ADMIN_EMAIL**
Current value: your_admin@email.com
Enter a new secure value for ADMIN_EMAIL: info@nxs.solution
info@nxs.solution
Action: Manual update applied.
⚠️ Sensitive variable found: **JWT_SECRET_KEY**
Current value: your_jwt_secret_key_here
Enter a new secure value for JWT_SECRET_KEY:
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **SENDER_USER**
Current value: your_smtp_username_here
Enter a new secure value for SENDER_USER: info@nxs.solutions
info@nxs.solutions
Action: Manual update applied.
⚠️ Sensitive variable found: **SENDER_PASSWORD**
Current value: your_smtp_password_here
Enter a new secure value for SENDER_PASSWORD: asdasd012ß4iafs9a8r124
asdasd012ß4iafs9a8r124
Action: Manual update applied.
⚠️ Sensitive variable found: **SENDER_EMAIL**
Current value: your_sender_email_here
Enter a new secure value for SENDER_EMAIL: noreply@nxs.solutions
noreply@nxs.solutions
Action: Manual update applied.
⚠️ Sensitive variable found: **PERSONAL_API_KEY**
Current value: your_personal_api_key_here
Enter a new secure value for PERSONAL_API_KEY:
No input provided. Keeping original value.
Action: Manual update applied.
--- adding DOCKER_GROUP_ID=989 to .env ---
--- adding DATA_MANAGER_DB_URL to .env ---
--- Finalizing Update ---
✅ All updates applied. The original .env has been overwritten.
```
Now, you can proceed to build the Fast components as per your requirements.
### Building of components
```bash
Do you want to start building Fast components now? (Y/n):
Starting Fast build process in /opt/fast...
Do you want to build secret_manager? (Y/n):
==> Found component Dockerfile: .docker/secret_manager/Dockerfile
[+] Building 1.2s (11/11) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 328B 0.0s
=> [internal] load metadata for docker.io/library/python:3.13-slim 0.9s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/6] FROM docker.io/library/python:3.13-slim@sha256:7b8dbc09c76ca63fc57dae35f6211d0c8e22cf0ec5509a63e41408a79e323b28 0.0s
=> => resolve docker.io/library/python:3.13-slim@sha256:7b8dbc09c76ca63fc57dae35f6211d0c8e22cf0ec5509a63e41408a79e323b28 0.0s
=> [internal] load build context 0.1s
=> => transferring context: 1.46MB 0.0s
=> CACHED [2/6] WORKDIR /app 0.0s
=> CACHED [3/6] COPY ./.docker/secret_manager/requirements.txt . 0.0s
=> CACHED [4/6] RUN pip install --no-cache-dir -r requirements.txt 0.0s
=> CACHED [5/6] COPY ./src/Fast ./Fast 0.0s
=> CACHED [6/6] COPY ./webapp . 0.0s
=> exporting to image 0.1s
=> => exporting layers 0.0s
=> => exporting manifest sha256:94d98f2a3c584aab89dd06e142e88ae4b12b6e14b3ad43df40890d797371db10 0.0s
=> => exporting config sha256:7c04c14d05cb8afdd3f7eefaf552d4115c7cfd8f12208f2ba9d6a42169b2b780 0.0s
=> => exporting attestation manifest sha256:610382bb87a7e320facdc5622cfdb511b3fbb64c72a92e39fc0f2061bd2561f5 0.0s
=> => exporting manifest list sha256:62e71951ce5bdc06c941a89a676496dae9abb682745db6b04c1ba380811aef8a 0.0s
=> => naming to docker.io/fast/secret_manager:latest 0.0s
=> => unpacking to docker.io/fast/secret_manager:latest 0.0s
Do you want to build access_manager? (Y/n):
==> Found component Dockerfile: .docker/access_manager/Dockerfile
[+] Building 1.7s (11/11) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 398B 0.0s
=> [internal] load metadata for docker.io/library/python:3.9-slim 0.2s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/6] FROM docker.io/library/python:3.9-slim@sha256:2d97f6910b16bd338d3060f261f53f144965f755599aab1acda1e13cf1731b1b 0.0s
=> => resolve docker.io/library/python:3.9-slim@sha256:2d97f6910b16bd338d3060f261f53f144965f755599aab1acda1e13cf1731b1b 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 14.29kB 0.0s
=> CACHED [2/6] WORKDIR /app 0.0s
=> CACHED [3/6] COPY ./.docker/access_manager/requirements.txt . 0.0s
=> CACHED [4/6] RUN echo "gevent" >> requirements.txt && pip install --no-cache-dir -r requirements.txt 0.0s
=> CACHED [5/6] COPY ./src/Fast ./Fast 0.0s
=> [6/6] COPY ./webapp . 0.1s
=> exporting to image 1.2s
=> => exporting layers 0.2s
=> => exporting manifest sha256:0d5bc19de463465357caa8e4fecb6836c339a058ecd428afc51dffbe4014c875 0.0s
=> => exporting config sha256:0d49af87af7f6331d138bae959247e1a157f24bf86e69a4974b45b222df1fe98 0.0s
=> => exporting attestation manifest sha256:3ea0b6fa104f3c30a383e811e4e57650a609d71bfd33212f55b6fdcfeb780939 0.0s
=> => exporting manifest list sha256:f64953f77103811eeb55f52a850c852f23a212dfd7592f3991da6660e0b6395d 0.0s
=> => naming to docker.io/fast/access_manager:latest 0.0s
=> => unpacking to docker.io/fast/access_manager:latest 0.9s
Do you want to build task_manager? (Y/n): n
Skipping build for task_manager.
Do you want to build data_manager? (Y/n): n
Skipping build for data_manager.
Do you want to build bill_manager? (Y/n):
==> Found component Dockerfile: .docker/bill_manager/Dockerfile
[+] Building 10.1s (10/10) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 303B 0.0s
=> [internal] load metadata for docker.io/library/python:3.13-slim 0.2s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/5] FROM docker.io/library/python:3.13-slim@sha256:7b8dbc09c76ca63fc57dae35f6211d0c8e22cf0ec5509a63e41408a79e323b28 0.0s
=> => resolve docker.io/library/python:3.13-slim@sha256:7b8dbc09c76ca63fc57dae35f6211d0c8e22cf0ec5509a63e41408a79e323b28 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 15.45kB 0.0s
=> CACHED [2/5] WORKDIR /app 0.0s
=> [3/5] COPY ./.docker/bill_manager/requirements.txt . 0.1s
=> [4/5] RUN pip install --no-cache-dir -r requirements.txt 6.5s
=> [5/5] COPY ./src ./Fast 0.1s
=> exporting to image 3.0s
=> => exporting layers 2.0s
=> => exporting manifest sha256:af38308d2076bfab6726117301e300a31b8f8ec803fa3e1777051add83df6e30 0.0s
=> => exporting config sha256:9e72ccdaa28d1567b090fa141584c9c85a4a356e4307ffd9217fbec274e5530c 0.0s
=> => exporting attestation manifest sha256:b61b7782bec7e10c227800a5d1d3147059964a36a2fdd62ac42e6c157f28ea39 0.0s
=> => exporting manifest list sha256:a723f02ce492577530eff3abf55a051259c3dbcb14e51685d53bcdc925ed04b8 0.0s
=> => naming to docker.io/fast/bill_manager:latest 0.0s
=> => unpacking to docker.io/fast/bill_manager:latest 0.8s
Do you want to build load_manager? (Y/n):
==> Found component Dockerfile: .docker/load_manager/Dockerfile
[+] Building 0.5s (12/12) FINISHED docker:default
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 661B 0.0s
=> [internal] load metadata for docker.io/library/python:3.9-slim 0.2s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [1/7] FROM docker.io/library/python:3.9-slim@sha256:2d97f6910b16bd338d3060f261f53f144965f755599aab1acda1e13cf1731b1b 0.0s
=> => resolve docker.io/library/python:3.9-slim@sha256:2d97f6910b16bd338d3060f261f53f144965f755599aab1acda1e13cf1731b1b 0.0s
=> [internal] load build context 0.1s
=> => transferring context: 886.81kB 0.0s
=> CACHED [2/7] WORKDIR /app 0.0s
=> CACHED [3/7] RUN apt-get update && apt-get install -y --no-install-recommends gcc libffi-dev libssl-dev python3-dev build-essential && rm -rf /var/lib/apt/lists/* 0.0s
=> CACHED [4/7] COPY ./.docker/load_manager/requirements.txt ./requirements.txt 0.0s
=> CACHED [5/7] RUN pip install --no-cache-dir -r requirements.txt 0.0s
=> CACHED [6/7] COPY ./src/Fast ./Fast 0.0s
=> CACHED [7/7] COPY ./webapp . 0.0s
=> exporting to image 0.1s
=> => exporting layers 0.0s
=> => exporting manifest sha256:ccccb68870923d2806001b7a61fa5103e9349199bcce951f4b229dce3b4d6563 0.0s
=> => exporting config sha256:a5c36909a4e8032b545c7d05a2b08deae9985b30784259b7517ada90c5d0beef 0.0s
=> => exporting attestation manifest sha256:98503507460b5d9f0300c8dd85fdbadf31442328b09a9267265a290e41de4917 0.0s
=> => exporting manifest list sha256:6bc650a89f0ddfe4308723ba61c2c9fbbddebbd21f4dc515f79b46069e107190 0.0s
=> => naming to docker.io/fast/load_manager:latest 0.0s
=> => unpacking to docker.io/fast/load_manager:latest
```
You can now run the built images using Docker commands, for example:
## Setup Gitea Version controls system
```bash
Do you want to set up Gitea (self-hosted git service)? (Y/n):
Cloning into 'lib'...
remote: Enumerating objects: 20, done.
remote: Counting objects: 100% (20/20), done.
remote: Compressing objects: 100% (15/15), done.
remote: Total 20 (delta 4), reused 0 (delta 0), pack-reused 0 (from 0)
Receiving objects: 100% (20/20), 6.30 KiB | 6.30 MiB/s, done.
Resolving deltas: 100% (4/4), done.
Enter the full path where you want to set up Fast (e.g., /opt/gitea):
```
After entering the path, the script will proceed to set up Gitea and ask if you want to start it immediately:
```bash
Gitea has been set up at /opt/gitea
```
Reference in New Issue View Git Blame Copy Permalink