mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-05-06 19:19:19 +02:00
feat: extract MediaController, wire into Dispatcher, delete media.php
This commit is contained in:
Pontoporeia
134
docs/SETUP.md
Normal file
134
docs/SETUP.md
Normal file
@@ -0,0 +1,134 @@
|
||||
# Post-ERG Setup Guide
|
||||
|
||||
Complete setup guide for development and production deployment.
|
||||
|
||||
## Requirements
|
||||
|
||||
- PHP 8.4
|
||||
- SQLite3 (`php8.4-sqlite3`)
|
||||
- nginx (production)
|
||||
|
||||
## Development Setup
|
||||
|
||||
### 1. Initial Setup
|
||||
|
||||
```bash
|
||||
just setup
|
||||
```
|
||||
|
||||
### 2. Start Development Server
|
||||
|
||||
```bash
|
||||
just serve
|
||||
```
|
||||
|
||||
Access at: http://localhost:8000
|
||||
|
||||
### 3. Run Tests
|
||||
|
||||
```bash
|
||||
just test
|
||||
```
|
||||
|
||||
## Production Deployment
|
||||
|
||||
### First-Time Server Setup
|
||||
|
||||
```bash
|
||||
ssh posterg
|
||||
sudo mkdir -p /var/www/posterg
|
||||
sudo chown www-data:posterg /var/www/posterg
|
||||
sudo chmod 775 /var/www/posterg
|
||||
exit
|
||||
```
|
||||
|
||||
### Deploy Application
|
||||
|
||||
```bash
|
||||
just deploy
|
||||
just deploy-nginx
|
||||
```
|
||||
|
||||
### Set Admin Password
|
||||
|
||||
```bash
|
||||
just manage-admin-users
|
||||
ssh posterg "sudo bash /tmp/manage-admin-users.sh"
|
||||
```
|
||||
|
||||
### Verify Deployment
|
||||
|
||||
```bash
|
||||
# Test public site
|
||||
curl -I https://posterg.erg.be/
|
||||
|
||||
# Test admin protection
|
||||
curl -I https://posterg.erg.be/admin/
|
||||
|
||||
# Test file protection
|
||||
curl -I https://posterg.erg.be/storage/test.db
|
||||
```
|
||||
|
||||
## Nginx Configuration
|
||||
|
||||
See `nginx/SETUP.md` and `nginx/docs/PRODUCTION_DEPLOYMENT.md` for detailed nginx setup.
|
||||
|
||||
## Admin Panel
|
||||
|
||||
The admin panel is protected by:
|
||||
1. nginx HTTP Basic Authentication (htpasswd)
|
||||
2. PHP session authentication
|
||||
|
||||
Manage users with:
|
||||
```bash
|
||||
just manage-admin-users
|
||||
```
|
||||
|
||||
## Database
|
||||
|
||||
### Initialize Test Database
|
||||
|
||||
```bash
|
||||
just init-db
|
||||
```
|
||||
|
||||
### Reset Database
|
||||
|
||||
```bash
|
||||
just reset-db
|
||||
```
|
||||
|
||||
### Deploy Test Database to Server
|
||||
|
||||
```bash
|
||||
just deploy-db
|
||||
```
|
||||
|
||||
## Common Operations
|
||||
|
||||
### View Logs
|
||||
|
||||
```bash
|
||||
just logs
|
||||
```
|
||||
|
||||
### Stop Development Server
|
||||
|
||||
```bash
|
||||
just stop
|
||||
```
|
||||
|
||||
### Run Migrations
|
||||
|
||||
```bash
|
||||
just migrate
|
||||
```
|
||||
|
||||
## Security
|
||||
|
||||
- Admin panel: HTTP Basic Auth + PHP session
|
||||
- File uploads: Stored outside webroot, served via `media.php`
|
||||
- Rate limiting: 30 req/min general, 10 req/min admin
|
||||
- Security headers: X-Frame-Options, CSP, HSTS, etc.
|
||||
|
||||
See `nginx/docs/SECURITY_HEADERS.md` for details.
|
||||
Reference in New Issue
Block a user