a40b945c84
Securely manage PostgreSQL credentials by storing them in a dedicated file and updating deployment scripts to reference this file, removing hardcoded passwords from configuration and documentation. Replit-Commit-Author: Agent Replit-Commit-Session-Id: 42d8028a-fa71-4ec2-938c-e43eedf7df01 Replit-Commit-Checkpoint-Type: intermediate_checkpoint Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/6d543d2c-20b9-4ea6-93fe-70fe9b1d9f80/42d8028a-fa71-4ec2-938c-e43eedf7df01/aazyBOE
3.7 KiB
3.7 KiB
🚀 Quick Start - Deployment VigilanzaTurni
Guida rapida per deployment: Replit → GitLab → vt.alfacom.it
📝 Checklist Pre-Deployment
- Server AlmaLinux 9 disponibile (min 2GB RAM)
- Dominio vt.alfacom.it configurato
- Account GitLab
- SSH access al server
⚡ Setup Iniziale (15 minuti)
1️⃣ Setup Server (5 min)
# SSH nel server
ssh root@vt.alfacom.it
# Clone repository
cd /var/www
git clone https://git.alfacom.it/marco/VigilanzaTurni.git vigilanza-turni
cd vigilanza-turni
# Esegui setup automatico
sudo bash deploy/setup-server.sh
Lo script installa automaticamente:
- Node.js 20
- PostgreSQL 15 (password autogenerata)
- PM2
- Nginx
- Certbot (SSL)
⚠️ Password DB salvata in: /root/.vigilanza_db_password
2️⃣ Configura Nginx (2 min)
# Copia configurazione Nginx
sudo cp deploy/nginx.conf /etc/nginx/conf.d/vigilanza-turni.conf
# Test e reload
sudo nginx -t
sudo systemctl reload nginx
# SSL Certificate
sudo certbot --nginx -d vt.alfacom.it
3️⃣ Configura .env (2 min)
cd /var/www/vigilanza-turni
# Recupera password DB da file sicuro
DB_PASS=$(grep PGPASSWORD /root/.vigilanza_db_password | cut -d= -f2)
SESSION_SECRET=$(openssl rand -base64 32)
# Crea .env con valori reali (no shell variables)
cat > .env << EOF
# Database
DATABASE_URL=postgresql://vigilanza_user:${DB_PASS}@localhost:5432/vigilanza_turni
PGHOST=localhost
PGPORT=5432
PGDATABASE=vigilanza_turni
PGUSER=vigilanza_user
PGPASSWORD=${DB_PASS}
# Session
SESSION_SECRET=${SESSION_SECRET}
# Application
NODE_ENV=production
PORT=5000
APP_URL=https://vt.alfacom.it
# Backup
BACKUP_ENABLED=true
BACKUP_DIR=/var/backups/vigilanza-turni
LOG_LEVEL=info
EOF
echo "✅ File .env creato"
Verifica:
cat .env | grep DATABASE_URL
# Deve mostrare password reale, non variabili shell
4️⃣ Primo Deploy (2 min)
cd /var/www/vigilanza-turni
bash deploy/deploy.sh
🔄 Workflow Quotidiano
Deploy in 2 Comandi
Da Replit o locale:
# 1. Push a GitLab
./push-to-gitlab.sh
# 2. Sul server: Deploy
ssh root@vt.alfacom.it "cd /var/www/vigilanza-turni && bash deploy/deploy.sh"
Il deploy automaticamente:
- ✅ Esegue backup database
- ✅ Pull ultime modifiche da GitLab
- ✅ Build frontend Vite
- ✅ Esegue migrations database
- ✅ Restart applicazione PM2
- ✅ Health check
📊 Comandi Utili
# Status applicazione
pm2 status
# Logs real-time
pm2 logs vigilanza-turni
# Restart
pm2 restart vigilanza-turni
# Verifica backup
ls -lht /var/backups/vigilanza-turni/
# Ripristina backup (usa password da file)
export $(cat /root/.vigilanza_db_password | xargs)
gunzip -c /var/backups/vigilanza-turni/backup_20250116_143022.sql.gz | \
psql -h localhost -U vigilanza_user -d vigilanza_turni
🆘 Troubleshooting
App non risponde:
pm2 restart vigilanza-turni
pm2 logs vigilanza-turni --lines 50
sudo systemctl reload nginx
Errore database:
# Verifica connessione (usa password da file)
export $(cat /root/.vigilanza_db_password | xargs)
psql -h localhost -U vigilanza_user -d vigilanza_turni -c "SELECT version();"
Build fallito:
cd /var/www/vigilanza-turni
rm -rf node_modules dist
npm ci
npm run build
pm2 restart vigilanza-turni
🌐 Accesso
Applicazione: https://vt.alfacom.it
Backup automatici:
- Directory:
/var/backups/vigilanza-turni/ - Retention: 30 giorni
- Formato:
backup_YYYYMMDD_HHMMSS.sql.gz
📚 File Importanti
deploy/deploy.sh- Script deployment automaticodeploy/setup-server.sh- Setup iniziale serverdeploy/nginx.conf- Configurazione reverse proxy.env- Variabili ambiente produzionepush-to-gitlab.sh- Helper push GitLab