feat: Complete HTTPS multi-endpoint configuration and deployment automation

- Enhanced Caddyfile with consolidated HTTPS block supporting all access points - Added support for https://digiserver, https://10.76.152.164, and https://digiserver.sibiusb.harting.intra - Configured Caddy reverse proxy with HTTP/3 (QUIC), TLS 1.3+, and HTTP/2 support - Implemented security headers (X-Frame-Options, X-Content-Type-Options, X-XSS-Protection) - Added HTTP to HTTPS automatic redirects for all endpoints - Enhanced setup_https.sh with improved error handling and progress reporting - Created deploy.sh for fully automated one-command deployment - Added comprehensive deployment documentation (5 guides) - Configured 2GB file upload limit and 300s request/response timeouts - Added Caddy admin API on port 2019 for configuration management - Implemented health checks and container dependency management - All volumes persistent and properly isolated - Production-ready configuration with environment variable parameterization
2026-01-14 20:40:26 +02:00
parent 361e0bc459
commit cedb411536
10 changed files with 1924 additions and 41 deletions
--- a/setup_https.sh
+++ b/setup_https.sh
@@ -1,32 +1,146 @@
 #!/bin/bash
-# Setup script for HTTPS Configuration Management
+# Setup script for HTTPS Configuration Management and complete system initialization
+# This script can be run locally or on a new deployment PC

-echo "Setting up HTTPS Configuration Management..."
+set -e  # Exit on any error
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+# Determine if we're running in Docker or on host
+IN_DOCKER=false
+if [ -f /.dockerenv ]; then
+    IN_DOCKER=true
+fi
+
+echo -e "${BLUE}╔════════════════════════════════════════════════════════════════╗${NC}"
+echo -e "${BLUE}║         DigiServer HTTPS Configuration Setup                   ║${NC}"
+echo -e "${BLUE}╚════════════════════════════════════════════════════════════════╝${NC}"
 echo ""

-# Step 1: Run migration
-echo "📦 Creating https_config database table..."
-python /app/migrations/add_https_config_table.py
+# ============================================================================
+# OPTION 1: Running inside Docker container
+# ============================================================================
+if [ "$IN_DOCKER" = true ]; then
+    echo -e "${YELLOW}📍 Running inside Docker container${NC}"
+    echo ""
+    
+    echo -e "${BLUE}Step 1/4:${NC} ${YELLOW}Creating https_config database table...${NC}"
+    python /app/migrations/add_https_config_table.py
+    echo -e "${GREEN}✅ https_config table created${NC}"
+    echo ""
+    
+    echo -e "${BLUE}Step 2/4:${NC} ${YELLOW}Creating player_user database table...${NC}"
+    python /app/migrations/add_player_user_table.py
+    echo -e "${GREEN}✅ player_user table created${NC}"
+    echo ""
+    
+    echo -e "${BLUE}Step 3/4:${NC} ${YELLOW}Adding email column to https_config...${NC}"
+    python /app/migrations/add_email_to_https_config.py
+    echo -e "${GREEN}✅ Email column added${NC}"
+    echo ""
+    
+    echo -e "${BLUE}Step 4/4:${NC} ${YELLOW}Migrating player_user global settings...${NC}"
+    python /app/migrations/migrate_player_user_global.py
+    echo -e "${GREEN}✅ Player user migration completed${NC}"
+    echo ""
+    
+    echo -e "${GREEN}✅ HTTPS Configuration Management is now ready!${NC}"
+    echo ""
+    echo -e "${BLUE}ℹ️  Next steps:${NC}"
+    echo "1. Log in to the admin panel"
+    echo "2. Navigate to: Admin Panel → 🔒 HTTPS Configuration"
+    echo "3. Configure your HTTPS settings:"
+    echo "   - Enable HTTPS"
+    echo "   - Set hostname: digiserver"
+    echo "   - Set domain: digiserver.sibiusb.harting.intra"
+    echo "   - Set IP: 10.76.152.164"
+    echo "4. Save the configuration"
+    echo ""
+    exit 0
+fi

-if [ $? -eq 0 ]; then
-    echo "✅ Database migration completed successfully!"
-else
-    echo "❌ Database migration failed!"
+# ============================================================================
+# OPTION 2: Running on host machine with docker-compose
+# ============================================================================
+echo -e "${YELLOW}📍 Running on host machine${NC}"
+echo ""
+
+# Check if docker-compose is available
+if ! command -v docker-compose &> /dev/null; then
+    echo -e "${RED}❌ docker-compose not found!${NC}"
    exit 1
 fi

+# Check if we're in the project directory
+if [ ! -f "docker-compose.yml" ]; then
+    echo -e "${RED}❌ docker-compose.yml not found!${NC}"
+    echo "Please run this script from the digiserver-v2 directory"
+    exit 1
+fi
+
+echo -e "${BLUE}Checking container status...${NC}"
+RUNNING=$(docker-compose ps -q digiserver-app 2>/dev/null || echo "")
+if [ -z "$RUNNING" ]; then
+    echo -e "${YELLOW}📦 Starting containers...${NC}"
+    docker-compose up -d
+    echo -e "${YELLOW}⏳ Waiting for containers to be ready...${NC}"
+    sleep 5
+fi
+
+echo -e "${GREEN}✅ Containers are running${NC}"
 echo ""
-echo "✅ HTTPS Configuration Management is now ready!"
+
+# Run all migrations
+echo -e "${BLUE}Step 1/5:${NC} ${YELLOW}Creating https_config database table...${NC}"
+docker-compose exec -T digiserver-app python /app/migrations/add_https_config_table.py
+echo -e "${GREEN}✅ https_config table created${NC}"
 echo ""
-echo "Next steps:"
-echo "1. Start the application: docker-compose up -d"
-echo "2. Log in to the admin panel"
-echo "3. Navigate to: Admin Panel → 🔒 HTTPS Configuration"
-echo "4. Configure your HTTPS settings:"
-echo "   - Enable HTTPS"
-echo "   - Set hostname: digiserver"
-echo "   - Set domain: digiserver.sibiusb.harting.intra"
-echo "   - Set IP: 10.76.152.164"
-echo "5. Save the configuration"
+
+echo -e "${BLUE}Step 2/5:${NC} ${YELLOW}Creating player_user database table...${NC}"
+docker-compose exec -T digiserver-app python /app/migrations/add_player_user_table.py
+echo -e "${GREEN}✅ player_user table created${NC}"
+echo ""
+
+echo -e "${BLUE}Step 3/5:${NC} ${YELLOW}Adding email column to https_config...${NC}"
+docker-compose exec -T digiserver-app python /app/migrations/add_email_to_https_config.py
+echo -e "${GREEN}✅ Email column added${NC}"
+echo ""
+
+echo -e "${BLUE}Step 4/5:${NC} ${YELLOW}Migrating player_user global settings...${NC}"
+docker-compose exec -T digiserver-app python /app/migrations/migrate_player_user_global.py
+echo -e "${GREEN}✅ Player user migration completed${NC}"
+echo ""
+
+# Configure HTTPS automatically
+echo -e "${BLUE}Step 5/5:${NC} ${YELLOW}Configuring HTTPS settings...${NC}"
+docker-compose exec -T digiserver-app python /app/https_manager.py enable \
+    digiserver \
+    digiserver.sibiusb.harting.intra \
+    admin@example.com \
+    10.76.152.164 \
+    443
+
+echo -e "${GREEN}✅ HTTPS configured successfully${NC}"
+echo ""
+
+# Display configuration status
+echo -e "${BLUE}Configuration Status:${NC}"
+docker-compose exec -T digiserver-app python /app/https_manager.py status
+echo ""
+
+echo -e "${GREEN}╔════════════════════════════════════════════════════════════════╗${NC}"
+echo -e "${GREEN}║              🎉 Deployment Complete!                          ║${NC}"
+echo -e "${GREEN}╚════════════════════════════════════════════════════════════════╝${NC}"
+echo ""
+echo -e "${BLUE}Access your application at:${NC}"
+echo "  🔒 https://digiserver"
+echo "  🔒 https://10.76.152.164"
+echo "  🔒 https://digiserver.sibiusb.harting.intra"
+echo ""
+echo -e "${BLUE}📖 For more deployment commands, see: DEPLOYMENT_COMMANDS.md${NC}"
 echo ""
-echo "📖 For detailed information, see HTTPS_CONFIGURATION.md"