salvacybersec/balikci
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: salvacybersec:f0b61735cc64302a9fc3e8ff6fe027739a3f41e4
Branches Tags
salvacybersec:main
..
compare: salvacybersec:main
Branches Tags
salvacybersec:main

9 Commits
f0b61735cc ... main

Author SHA1 Message Date
salvacybersec
3e8bb4e064 cors 2025-11-11 14:28:38 +03:00
salvacybersec
1ca2575612 front 2025-11-11 14:12:25 +03:00
salvacybersec
7582813f20 mesela yani 2025-11-11 14:05:20 +03:00
salvacybersec
9f53a34cfb ulaan 2025-11-11 07:46:58 +03:00
salvacybersec
36b62be2e1 corsu siktim v2 2025-11-11 07:42:40 +03:00
salvacybersec
c898ca4a65 corsu siktim 2025-11-11 07:40:02 +03:00
salvacybersec
992ccf056b bind 2025-11-11 07:37:27 +03:00
salvacybersec
282b7f7877 allah belanı vermesin 2025-11-11 07:33:24 +03:00
salvacybersec
9062a8d7e0 docker again 2025-11-11 07:31:43 +03:00
22 changed files with 469 additions and 1003 deletions
Expand all files Collapse all files

48
.dockerignore
View File

@@ -1,7 +1,13 @@
# Node modules # Dependencies
node_modules/ node_modules/
npm-debug.log npm-debug.log*
yarn-error.log yarn-debug.log*
yarn-error.log*
# Build outputs
frontend/dist/
frontend/build/
backend/dist/
# Environment files # Environment files
.env .env
@@ -11,6 +17,7 @@ yarn-error.log
# Git # Git
.git/ .git/
.gitignore .gitignore
.gitattributes
# IDE # IDE
.vscode/ .vscode/
@@ -27,35 +34,30 @@ Thumbs.db
logs/ logs/
*.log *.log
# Database (will be in volume) # Database files (will be created in container)
database/ backend/database/*.db
*.db backend/database/*.db-journal
*.db-journal
# Build artifacts # Test files
dist/ tests/
build/ *.test.js
.cache/ *.spec.js
coverage/
# Documentation # Documentation
*.md *.md
docs/ docs/
# Docker # Deployment scripts
Dockerfile*
docker-compose*.yml
.dockerignore
# Deployment
deploy.sh deploy.sh
systemd/ systemd/
nginx/ nginx/
# Testing # Docker files (don't copy into itself)
coverage/ Dockerfile
.nyc_output/ .dockerignore
docker-compose.yml
# Temporary files # Backups
tmp/ backups/
temp/

8
DEPLOYMENT.md
View File

@@ -338,7 +338,7 @@ After=network.target
[Service] [Service]
Type=simple Type=simple
User=oltalama User=www-data
WorkingDirectory=/opt/oltalama/backend WorkingDirectory=/opt/oltalama/backend
Environment=NODE_ENV=production Environment=NODE_ENV=production
ExecStart=/usr/bin/node /opt/oltalama/backend/src/app.js ExecStart=/usr/bin/node /opt/oltalama/backend/src/app.js
@@ -362,7 +362,7 @@ After=network.target
[Service] [Service]
Type=simple Type=simple
User=oltalama User=www-data
WorkingDirectory=/opt/oltalama/frontend WorkingDirectory=/opt/oltalama/frontend
Environment=NODE_ENV=production Environment=NODE_ENV=production
ExecStart=/usr/bin/npm run preview ExecStart=/usr/bin/npm run preview
@@ -522,7 +522,7 @@ const rl = readline.createInterface({
```bash ```bash
# Proje dizini izinleri # Proje dizini izinleri
sudo chown -R oltalama:oltalama /opt/oltalama sudo chown -R www-data:www-data /opt/oltalama
sudo chmod -R 755 /opt/oltalama sudo chmod -R 755 /opt/oltalama
# .env dosyalarını koru # .env dosyalarını koru
@@ -687,7 +687,7 @@ pm2 logs --lines 100
delaycompress delaycompress
missingok missingok
notifempty notifempty
create 0640 oltalama oltalama create 0640 www-data www-data
sharedscripts sharedscripts
postrotate postrotate
pm2 reloadLogs pm2 reloadLogs

542
DOCKER.md
View File

@@ -1,509 +1,203 @@
# 🐳 Docker Deployment Guide # Docker Deployment Guide
## Oltalama Test Yönetim Paneli - Docker ile Kurulum Bu dokümantasyon, Oltalama uygulamasını Docker ile tek container'da çalıştırma rehberidir.
Bu dokümantasyon, projeyi Docker ve Docker Compose kullanarak nasıl çalıştıracağınızııklar. ## Gereksinimler
--- - Docker 20.10+
- Docker Compose 2.0+ (opsiyonel)
## 📋 İçindekiler ## Hızlı Başlangıç
- [Gereksinimler](#gereksinimler) ### Docker Compose ile (Önerilen)
- [Hızlı Başlangıç](#hızlı-başlangıç)
- [Development Modu](#development-modu)
- [Production Modu](#production-modu)
- [Ortam Değişkenleri](#ortam-değişkenleri)
- [Veri Yedekleme](#veri-yedekleme)
- [İleri Seviye Kullanım](#ileri-seviye-kullanım)
--- 1. **Environment dosyası oluştur** (opsiyonel):
## 🔧 Gereksinimler
- **Docker**: 20.10 veya üzeri
- **Docker Compose**: 2.0 veya üzeri
- **Git**: (projeyi klonlamak için)
### Docker Kurulumu
#### Ubuntu/Debian:
```bash ```bash
# Docker kurulumu cp backend/.env.example backend/.env
curl -fsSL https://get.docker.com -o get-docker.sh # backend/.env dosyasını düzenle
sudo sh get-docker.sh
# Docker Compose kurulumu (eğer yoksa)
sudo apt-get install docker-compose-plugin
# Kullanıcıyı docker grubuna ekle
sudo usermod -aG docker $USER
newgrp docker
``` ```
#### RedHat/Oracle/CentOS: 2. **Docker Compose ile başlat**:
```bash ```bash
# Docker kurulumu docker-compose up -d
sudo dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
# Docker'ı başlat ve aktifleştir
sudo systemctl start docker
sudo systemctl enable docker
# Kullanıcıyı docker grubuna ekle
sudo usermod -aG docker $USER
newgrp docker
``` ```
--- 3. **Logları izle**:
## 🚀 Hızlı Başlangıç
### 1. Projeyi Klonlayın
```bash ```bash
git clone <repository-url> oltalama docker-compose logs -f
cd oltalama
``` ```
### 2. Environment Dosyasını Hazırlayın 4. **Durdur**:
```bash ```bash
# Örnek dosyadan kopyalayın docker-compose down
cat > .env << 'EOF'
SESSION_SECRET=your-strong-random-secret-here
GMAIL_USER=your-email@gmail.com
GMAIL_APP_PASSWORD=your-gmail-app-password
TELEGRAM_BOT_TOKEN=your-bot-token
TELEGRAM_CHAT_ID=your-chat-id
OLLAMA_SERVER_URL=http://host.docker.internal:11434
OLLAMA_MODEL=llama3.2:latest
VITE_API_URL=http://localhost:3000
EOF
# Editör ile açın ve konfigüre edin
nano .env
``` ```
**Minimum gerekli ayarlar:** ### Docker ile (Manuel)
```env
SESSION_SECRET=very-strong-random-secret-here 1. **Image'ı build et**:
GMAIL_USER=your-email@gmail.com ```bash
GMAIL_APP_PASSWORD=your-gmail-app-password docker build -t oltalama:latest .
TELEGRAM_BOT_TOKEN=your-bot-token
TELEGRAM_CHAT_ID=your-chat-id
``` ```
### 3. Production Modunda Başlatın 2. **Container'ı çalıştır**:
```bash ```bash
# Container'ları build edin ve başlatın docker run -d \
docker compose up -d --name oltalama \
-p 3000:3000 \
# Logları görüntüleyin -v $(pwd)/data/database:/app/database \
docker compose logs -f -v $(pwd)/data/logs:/app/logs \
-e NODE_ENV=production \
-e SESSION_SECRET=$(openssl rand -hex 32) \
-e FRONTEND_URL=http://localhost:3000 \
oltalama:latest
``` ```
### 4. Admin Kullanıcısı Oluşturun ## Environment Variables
İlk çalıştırmada admin kullanıcısı oluşturmanız gerekir: Aşağıdaki environment variable'ları ayarlayabilirsiniz:
- `NODE_ENV`: Ortam (production/development)
- `PORT`: Server portu (varsayılan: 3000)
- `DB_PATH`: Database dosya yolu (varsayılan: /app/database/oltalama.db)
- `SESSION_SECRET`: Session secret key (üretmek için: `openssl rand -hex 32`)
- `FRONTEND_URL`: Frontend URL'i (CORS için)
Daha fazla environment variable için `backend/.env.example` dosyasına bakın.
## Veri Kalıcılığı
Database ve log dosyaları volume'lerde saklanır:
- `./data/database`: SQLite database dosyaları
- `./data/logs`: Uygulama logları
İlk çalıştırmada bu dizinler otomatik oluşturulur.
## Admin Kullanıcı Oluşturma
İlk kurulumda admin kullanıcı oluşturmak için:
```bash ```bash
# Backend container'a bağlanın # Container içine gir
docker compose exec backend sh docker exec -it oltalama sh
# Admin kullanıcı scripti çalıştırın # Admin kullanıcı oluştur
node scripts/create-admin.js node scripts/create-admin.js
# Container'dan çıkın
exit
``` ```
### 5. Uygulamaya Erişin Veya container dışından:
- **Frontend**: http://localhost:4173
- **Backend API**: http://localhost:3000
- **Health Check**: http://localhost:3000/health
---
## 💻 Development Modu
Development modunda hot-reload aktif olur ve kod değişiklikleri anında yansır.
### Başlatma
```bash ```bash
# Development compose ile başlat docker exec -it oltalama node scripts/create-admin.js
docker compose -f docker-compose.dev.yml up
# Veya arka planda çalıştır
docker compose -f docker-compose.dev.yml up -d
``` ```
### Özellikler ## Health Check
-**Hot Reload**: Kod değişiklikleri anında yansır Container health check endpoint'i: `http://localhost:3000/health`
-**Volume Mount**: Local klasörler container'a mount edilir
-**Debug Modu**: Detaylı log çıktıları
-**Nodemon**: Backend için otomatik restart
### Development Portları Health check durumunu kontrol etmek için:
- **Frontend (Vite Dev Server)**: http://localhost:5173
- **Backend**: http://localhost:3000
---
## 🏭 Production Modu
Production modu için optimize edilmiş, multi-stage build ile küçük image boyutu.
### Başlatma
```bash ```bash
# Production compose ile başlat docker ps
docker compose up -d # HEALTHY durumunu göreceksiniz
# Durum kontrolü
docker compose ps
# Logları görüntüle
docker compose logs -f backend
docker compose logs -f frontend
``` ```
### Container Yönetimi ## Loglar
Logları görüntülemek için:
```bash ```bash
# Tüm servisleri durdur # Docker Compose
docker compose stop docker-compose logs -f
# Tüm servisleri başlat # Docker
docker compose start docker logs -f oltalama
# Tüm servisleri yeniden başlat
docker compose restart
# Servisleri kaldır (veri korunur)
docker compose down
# Servisleri ve volume'leri kaldır (VERİ SİLİNİR!)
docker compose down -v
``` ```
### Build İşlemleri ## Database Backup
Database'i yedeklemek için:
```bash ```bash
# Image'ları yeniden build et # Container içindeki database'i kopyala
docker compose build docker cp oltalama:/app/database/oltalama.db ./backup-$(date +%Y%m%d).db
# Cache kullanmadan build et
docker compose build --no-cache
# Belirli bir servisi build et
docker compose build backend
``` ```
--- ## Troubleshooting
## 🔐 Ortam Değişkenleri ### Container başlamıyor
### Backend Değişkenleri
| Değişken | Açıklama | Varsayılan | Zorunlu |
|----------|----------|------------|---------|
| `NODE_ENV` | Çalışma ortamı | `production` | ❌ |
| `PORT` | Backend portu | `3000` | ❌ |
| `SESSION_SECRET` | Session şifreleme anahtarı | - | ✅ |
| `GMAIL_USER` | Gmail hesabı | - | ✅ |
| `GMAIL_APP_PASSWORD` | Gmail uygulama şifresi | - | ✅ |
| `TELEGRAM_BOT_TOKEN` | Telegram bot token | - | ✅ |
| `TELEGRAM_CHAT_ID` | Telegram chat ID | - | ✅ |
| `DOMAIN_URL` | Backend domain | `http://localhost:3000` | ❌ |
| `FRONTEND_URL` | Frontend domain | `http://localhost:4173` | ❌ |
| `OLLAMA_SERVER_URL` | Ollama AI server URL | `http://host.docker.internal:11434` | ❌ |
| `OLLAMA_MODEL` | Ollama model adı | `llama3.2:latest` | ❌ |
### Frontend Değişkenleri
| Değişken | Açıklama | Varsayılan | Zorunlu |
|----------|----------|------------|---------|
| `VITE_API_URL` | Backend API URL | `http://localhost:3000` | ✅ |
---
## 💾 Veri Yedekleme
### Manuel Yedekleme
1. Logları kontrol edin:
```bash ```bash
# Database yedekle docker logs oltalama
docker compose exec backend sh -c "cd database && tar czf /tmp/backup.tar.gz *.db"
docker compose cp backend:/tmp/backup.tar.gz ./backup-$(date +%Y%m%d).tar.gz
# Logs yedekle
docker compose exec backend sh -c "cd logs && tar czf /tmp/logs-backup.tar.gz *.log"
docker compose cp backend:/tmp/logs-backup.tar.gz ./logs-backup-$(date +%Y%m%d).tar.gz
``` ```
### Otomatik Yedekleme (Cron) 2. Port'un kullanılabilir olduğundan emin olun:
```bash ```bash
# Yedekleme scripti oluştur netstat -tuln | grep 3000
cat > backup.sh << 'EOF'
#!/bin/bash
BACKUP_DIR="/backup/oltalama"
DATE=$(date +%Y%m%d_%H%M%S)
mkdir -p $BACKUP_DIR
# Database backup
docker compose exec -T backend sh -c "cd database && tar czf - *.db" > "$BACKUP_DIR/db-$DATE.tar.gz"
# Eski yedekleri sil (30 günden eski)
find $BACKUP_DIR -name "db-*.tar.gz" -mtime +30 -delete
echo "Backup completed: $DATE"
EOF
chmod +x backup.sh
# Crontab'a ekle (her gün 02:00'de)
(crontab -l 2>/dev/null; echo "0 2 * * * /path/to/backup.sh >> /var/log/oltalama-backup.log 2>&1") | crontab -
``` ```
### Geri Yükleme ### Database hatası
1. Database volume'ünün yazılabilir olduğundan emin olun:
```bash ```bash
# Database geri yükle chmod -R 777 ./data/database
docker compose cp ./backup-20250101.tar.gz backend:/tmp/
docker compose exec backend sh -c "cd database && tar xzf /tmp/backup-20250101.tar.gz"
docker compose restart backend
``` ```
--- 2. Container'ı yeniden başlatın:
## 🔧 İleri Seviye Kullanım
### Nginx ile Reverse Proxy
Nginx reverse proxy eklemek için:
```bash ```bash
# Nginx profili ile başlat docker-compose restart
docker compose --profile with-nginx up -d
``` ```
`nginx.conf` dosyasını düzenleyin: ### Frontend görünmüyor
```nginx 1. Frontend build'inin doğru yapıldığından emin olun:
# nginx/nginx.conf ```bash
server { docker exec oltalama ls -la /app/src/public/dist
listen 80;
server_name yourdomain.com;
location / {
proxy_pass http://frontend:4173;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /api/ {
proxy_pass http://backend:3000/api/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
``` ```
### Resource Limits 2. Container'ı yeniden build edin:
```bash
docker-compose build --no-cache
docker-compose up -d
```
Production ortamında resource limitleri ekleyin: ## Production Deployment
Production için:
1. **Güvenli SESSION_SECRET kullanın**:
```bash
export SESSION_SECRET=$(openssl rand -hex 64)
```
2. **HTTPS için reverse proxy kullanın** (Nginx, Traefik, vb.)
3. **Resource limitleri ayarlayın**:
```yaml ```yaml
# docker-compose.yml içine ekle # docker-compose.yml'e ekleyin
services:
backend:
# ... diğer ayarlar
deploy: deploy:
resources: resources:
limits: limits:
cpus: '1' cpus: '1'
memory: 512M memory: 512M
reservations:
cpus: '0.5'
memory: 256M
``` ```
### Health Check Monitoring 4. **Düzenli backup alın**
Container'ların sağlık durumunu izleyin: ## Güncelleme
Uygulamayı güncellemek için:
```bash ```bash
# Health status kontrolü # Yeni image'ı build et
docker compose ps docker-compose build
# Detaylı health check logları # Container'ı yeniden başlat
docker inspect --format='{{json .State.Health}}' oltalama-backend | jq docker-compose up -d
``` ```
### Ollama ile Kullanım ## Sorun Bildirimi
Eğer Ollama host makinede çalışıyorsa: Sorun yaşarsanız, lütfen GitHub Issues'da bildirin.
```bash
# Host'tan Ollama'ya erişim için
# .env dosyasında:
OLLAMA_SERVER_URL=http://host.docker.internal:11434
OLLAMA_MODEL=llama3.2:latest
```
Ollama'yı da Docker'da çalıştırmak için:
```yaml
# docker-compose.yml'e ekle
services:
ollama:
image: ollama/ollama:latest
container_name: oltalama-ollama
restart: unless-stopped
ports:
- "11434:11434"
volumes:
- ollama-data:/root/.ollama
networks:
- oltalama-network
volumes:
ollama-data:
driver: local
```
Sonra `.env` dosyasında:
```env
OLLAMA_SERVER_URL=http://ollama:11434
```
---
## 🐛 Troubleshooting
### Problem: Container başlamıyor
```bash
# Logları kontrol et
docker compose logs backend
docker compose logs frontend
# Container'ı interaktif başlat
docker compose run --rm backend sh
```
### Problem: Database erişim hatası
```bash
# Volume'leri kontrol et
docker volume ls
docker volume inspect oltalama_backend-data
# İzinleri düzelt
docker compose exec backend chown -R oltalama:oltalama /app/database
```
### Problem: Port conflict
```bash
# Kullanılan portları kontrol et
sudo lsof -i :3000
sudo lsof -i :4173
# Farklı port kullan
docker compose up -d --force-recreate
```
### Problem: Image boyutu çok büyük
```bash
# Kullanılmayan image'ları temizle
docker system prune -a
# Build cache'i temizle
docker builder prune
```
---
## 📊 Monitoring
### Container İstatistikleri
```bash
# Gerçek zamanlı resource kullanımı
docker stats
# Belirli container'lar için
docker stats oltalama-backend oltalama-frontend
```
### Log Yönetimi
```bash
# Son 100 satır
docker compose logs --tail=100 backend
# Gerçek zamanlı takip
docker compose logs -f
# Belirli bir zaman aralığı
docker compose logs --since="2025-01-01T00:00:00"
# Belirli bir service
docker compose logs backend
```
---
## 🚀 Production Deployment Checklist
- [ ] `.env` dosyasını production değerleri ile doldur
- [ ] `SESSION_SECRET` için güçlü random string oluştur
- [ ] Gmail App Password oluştur ve ayarla
- [ ] Telegram bot token ve chat ID ayarla
- [ ] Domain URL'lerini güncelle
- [ ] Nginx reverse proxy yapılandır (opsiyonel)
- [ ] SSL/TLS sertifikası ekle
- [ ] Firewall kurallarını ayarla
- [ ] Admin kullanıcı oluştur
- [ ] Otomatik yedekleme sistemi kur
- [ ] Health check monitoring kur
- [ ] Log rotation yapılandır
---
## 📚 Ek Kaynaklar
- [Docker Documentation](https://docs.docker.com/)
- [Docker Compose Documentation](https://docs.docker.com/compose/)
- [Best Practices for Node.js in Docker](https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md)
---
## 🆘 Destek
Sorun yaşıyorsanız:
1. Logları kontrol edin: `docker compose logs`
2. Container durumunu kontrol edin: `docker compose ps`
3. Health check durumunu kontrol edin
4. Issue açın veya dokümantasyonu inceleyin
---
**🎉 Artık Docker ile hazırsınız!**

55
Dockerfile Normal file
View File

@@ -0,0 +1,55 @@
# Multi-stage build for Oltalama application
# Stage 1: Build frontend
FROM node:20-alpine AS frontend-builder
WORKDIR /app/frontend
# Copy frontend package files
COPY frontend/package*.json ./
# Install frontend dependencies
RUN npm install
# Copy frontend source
COPY frontend/ ./
# Build frontend (output will be in dist/)
RUN npm run build && test -f dist/index.html
# Stage 2: Backend + Runtime
FROM node:20-alpine
WORKDIR /app
# Install system dependencies for sqlite3
RUN apk add --no-cache python3 make g++ sqlite
# Copy backend package files
COPY backend/package*.json ./
# Install backend dependencies (production only)
RUN npm install --only=production
# Copy backend source
COPY backend/ ./
# Copy frontend build from previous stage to backend public directory
COPY --from=frontend-builder /app/frontend/dist ./src/public/dist
# Create database directory
RUN mkdir -p database
# Expose port
EXPOSE 3000
# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \
CMD node -e "require('http').get('http://localhost:3000/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"
# Start script that runs migrations and seeds before starting the server
COPY docker-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["node", "src/app.js"]

60
README.md
View File

@@ -179,6 +179,21 @@ curl http://localhost:3000/api/stats/dashboard
Sistem kullanıma hazır. Gmail ve Telegram ayarlarını yaparak phishing testlerinizi başlatabilirsiniz. Sistem kullanıma hazır. Gmail ve Telegram ayarlarını yaparak phishing testlerinizi başlatabilirsiniz.
## 🐳 Docker ile Kurulum (Önerilen)
Tek container'da çalıştırmak için:
```bash
# Docker Compose ile (en kolay)
docker-compose up -d
# Veya Docker ile
docker build -t oltalama:latest .
docker run -d -p 3000:3000 --name oltalama oltalama:latest
```
**Detaylı Docker dokümantasyonu:** `DOCKER.md`
## 🚀 Sunucu Kurulumu (Production) ## 🚀 Sunucu Kurulumu (Production)
### Otomatik Kurulum ### Otomatik Kurulum
@@ -188,53 +203,20 @@ cd /opt/oltalama
sudo ./deploy.sh sudo ./deploy.sh
``` ```
### 🐳 Docker ile Deployment (Önerilen) ### Manuel Kurulum
Docker kullanarak tek komutla deploy edin (tüm platformlarda çalışır): Detaylı sunucu kurulum talimatları için:
```bash ```bash
# 1. .env dosyası oluştur cat DEPLOYMENT.md
nano .env
# SESSION_SECRET, GMAIL, TELEGRAM ayarlarını girin
# 2. Servisleri başlat
docker compose up -d
# 3. Admin kullanıcı oluştur
docker compose exec backend node scripts/create-admin.js
# 4. Erişim
# Frontend: http://localhost:4173
# Backend: http://localhost:3000
```
**Development Modu (Hot Reload):**
```bash
docker compose -f docker-compose.dev.yml up
```
**Detaylı Döküman:** `DOCKER.md` 📦
---
### 🖥️ Native Deployment (Linux Sunucu)
Otomatik deployment scripti ile:
```bash
sudo bash deploy.sh # Tüm Linux dağıtımları desteklenir
``` ```
**Önemli dosyalar:** **Önemli dosyalar:**
- `DEPLOYMENT.md` - Detaylı sunucu kurulum kılavuzu - `DEPLOYMENT.md` - Detaylı sunucu kurulum kılavuzu
- `deploy.sh` - Otomatik kurulum scripti (apt & dnf/yum) - `deploy.sh` - Otomatik kurulum scripti
- `DOCKER.md` - Docker deployment kılavuzu 🐳
- `systemd/` - Systemd servis dosyaları - `systemd/` - Systemd servis dosyaları
- `nginx/` - Nginx konfigürasyon örneği - `nginx/` - Nginx konfigürasyon örneği
**Desteklenen Sistemler:**
- ✅ Ubuntu, Debian, Oracle Linux, RHEL, CentOS, Fedora
**Portlar:** **Portlar:**
- Backend: `3000` (değiştirilebilir) - Backend: `3000` (değiştirilebilir)
- Frontend: `4173` (değiştirilebilir) - Frontend: `4173` (değiştirilebilir)
@@ -272,8 +254,8 @@ node scripts/change-password.js
## 📚 Dokümantasyon ## 📚 Dokümantasyon
- **Ana Doküman:** `README.md` (bu dosya) - **Ana Doküman:** `README.md` (bu dosya)
- **Docker Deployment:** `DOCKER.md` 🐳 (Docker kurulum ve yönetim) - **Docker Kurulumu:** `DOCKER.md` 🐳 (Docker ile tek container)
- **Sunucu Kurulumu:** `DEPLOYMENT.md` 🚀 (Native Linux kurulum) - **Sunucu Kurulumu:** `DEPLOYMENT.md` 🚀 (Production kurulum)
- **Ollama AI Entegrasyonu:** `OLLAMA_SETUP.md` 🤖 (AI mail şablon oluşturma) - **Ollama AI Entegrasyonu:** `OLLAMA_SETUP.md` 🤖 (AI mail şablon oluşturma)
- **Domain Yapılandırma:** `docs/DOMAIN_SETUP.md` 🌐 (Tek/İki domain) - **Domain Yapılandırma:** `docs/DOMAIN_SETUP.md` 🌐 (Tek/İki domain)
- **Nginx Proxy Manager:** `docs/NGINX_PROXY_MANAGER.md` 🔄 (Reverse proxy) - **Nginx Proxy Manager:** `docs/NGINX_PROXY_MANAGER.md` 🔄 (Reverse proxy)

12
SECURITY.md
View File

@@ -155,11 +155,11 @@ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; prelo
```bash ```bash
# Database dosya izinleri # Database dosya izinleri
sudo chmod 600 /opt/oltalama/backend/database/oltalama.db sudo chmod 600 /opt/oltalama/backend/database/oltalama.db
sudo chown oltalama:oltalama /opt/oltalama/backend/database/oltalama.db sudo chown www-data:www-data /opt/oltalama/backend/database/oltalama.db
# Backup dizini izinleri # Backup dizini izinleri
sudo chmod 700 /opt/oltalama/backups sudo chmod 700 /opt/oltalama/backups
sudo chown oltalama:oltalama /opt/oltalama/backups sudo chown www-data:www-data /opt/oltalama/backups
``` ```
#### Düzenli Yedekleme #### Düzenli Yedekleme
@@ -201,8 +201,8 @@ sudo chmod 600 /opt/oltalama/backend/.env
sudo chmod 600 /opt/oltalama/frontend/.env sudo chmod 600 /opt/oltalama/frontend/.env
# Sahibi ayarla # Sahibi ayarla
sudo chown oltalama:oltalama /opt/oltalama/backend/.env sudo chown www-data:www-data /opt/oltalama/backend/.env
sudo chown oltalama:oltalama /opt/oltalama/frontend/.env sudo chown www-data:www-data /opt/oltalama/frontend/.env
``` ```
#### Session Secret #### Session Secret
@@ -273,7 +273,7 @@ echo ".env" >> .gitignore
```bash ```bash
# Log dizini izinleri # Log dizini izinleri
sudo chmod 750 /var/log/oltalama sudo chmod 750 /var/log/oltalama
sudo chown oltalama:oltalama /var/log/oltalama sudo chown www-data:www-data /var/log/oltalama
# Log dosyaları izinleri # Log dosyaları izinleri
sudo chmod 640 /var/log/oltalama/*.log sudo chmod 640 /var/log/oltalama/*.log
@@ -290,7 +290,7 @@ sudo chmod 640 /var/log/oltalama/*.log
delaycompress delaycompress
missingok missingok
notifempty notifempty
create 0640 oltalama oltalama create 0640 www-data www-data
sharedscripts sharedscripts
postrotate postrotate
pm2 reloadLogs pm2 reloadLogs

43
backend/.dockerignore
View File

@@ -1,43 +0,0 @@
# Node modules
node_modules/
npm-debug.log
# Environment files
.env
.env.local
# Git
.git/
.gitignore
# Database (will be in volume)
database/
*.db
*.db-journal
# Logs (will be in volume)
logs/
*.log
# Documentation
*.md
# IDE
.vscode/
.idea/
# OS
.DS_Store
# Testing
coverage/
.nyc_output/
# Migrations (already applied)
migrations/
seeders/
# Temporary
tmp/
temp/

54
backend/Dockerfile
View File

@@ -1,54 +0,0 @@
# Backend Dockerfile
# Multi-stage build for optimized production image
# Stage 1: Build stage
FROM node:20-alpine AS builder
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install dependencies
RUN npm ci --only=production
# Stage 2: Production stage
FROM node:20-alpine
# Install required packages
RUN apk add --no-cache \
sqlite \
tini
# Create app user
RUN addgroup -g 1001 -S oltalama && \
adduser -S oltalama -u 1001 -G oltalama
WORKDIR /app
# Copy dependencies from builder
COPY --from=builder /app/node_modules ./node_modules
# Copy application code
COPY --chown=oltalama:oltalama . .
# Create necessary directories
RUN mkdir -p database logs && \
chown -R oltalama:oltalama /app
# Switch to non-root user
USER oltalama
# Expose port
EXPOSE 3000
# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD node -e "require('http').get('http://localhost:3000/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"
# Use tini as entrypoint for proper signal handling
ENTRYPOINT ["/sbin/tini", "--"]
# Start application
CMD ["node", "src/app.js"]

33
backend/Dockerfile.dev
View File

@@ -1,33 +0,0 @@
# Backend Development Dockerfile
# Hot reload enabled with nodemon
FROM node:20-alpine
# Install required packages
RUN apk add --no-cache \
sqlite \
tini
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install all dependencies (including dev)
RUN npm install
# Copy application code
COPY . .
# Create necessary directories
RUN mkdir -p database logs
# Expose port
EXPOSE 3000
# Use tini as entrypoint
ENTRYPOINT ["/sbin/tini", "--"]
# Start with nodemon for hot reload
CMD ["npm", "run", "dev"]

163
backend/src/app.js
View File

@@ -1,7 +1,7 @@
require('dotenv').config({ path: require('path').join(__dirname, '../.env') }); require('dotenv').config({ path: require('path').join(__dirname, '../.env') });
const express = require('express'); const express = require('express');
const session = require('express-session'); const session = require('express-session');
const helmet = require('helmet'); // const helmet = require('helmet'); // Geçici olarak devre dışı
const cors = require('cors'); const cors = require('cors');
const logger = require('./config/logger'); const logger = require('./config/logger');
const sessionConfig = require('./config/session'); const sessionConfig = require('./config/session');
@@ -12,50 +12,109 @@ const { apiLimiter } = require('./middlewares/rateLimiter');
const app = express(); const app = express();
const PORT = process.env.PORT || 3000; const PORT = process.env.PORT || 3000;
// Security middleware // Security middleware - Helmet'i tamamen kaldır (CORS ve mixed content sorunları için)
app.use(helmet()); // app.use(helmet()); // Geçici olarak devre dışı
// Dynamic CORS configuration (will be updated from settings)
let corsOptions = {
origin: process.env.FRONTEND_URL || 'http://localhost:5173',
credentials: true,
};
// Basic CSP for SPA and assets to avoid white page due to blocked module scripts
// Allow self assets, inline/eval for Vite-built bundles, blobs/data, and API/websocket connections
app.use((req, res, next) => { app.use((req, res, next) => {
cors(corsOptions)(req, res, next); // Only set CSP for HTML responses later, but keeping a permissive default helps some browsers on preload
res.setHeader(
'Content-Security-Policy',
[
"default-src 'self' data: blob:;",
"script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:;",
"style-src 'self' 'unsafe-inline';",
"img-src 'self' data: blob:;",
"font-src 'self' data:;",
"connect-src 'self' http: https: ws: wss:;",
"frame-ancestors 'self';",
'base-uri \'self\';',
].join(' ')
);
next();
}); });
// Function to update CORS from database // CORS - Her yerden erişime izin ver (tüm route'larda)
const updateCorsFromSettings = async () => { app.use((req, res, next) => {
try { res.header('Access-Control-Allow-Origin', '*');
const { Settings } = require('./models'); res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, PATCH, OPTIONS');
const corsEnabledSetting = await Settings.findOne({ where: { key: 'cors_enabled' } }); res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization');
const frontendUrlSetting = await Settings.findOne({ where: { key: 'frontend_url' } }); res.header('Access-Control-Allow-Credentials', 'true');
if (corsEnabledSetting && corsEnabledSetting.value === 'true' && frontendUrlSetting) { // OPTIONS request'i için hemen cevap ver
corsOptions.origin = frontendUrlSetting.value; if (req.method === 'OPTIONS') {
logger.info(`CORS enabled for: ${frontendUrlSetting.value}`); return res.sendStatus(200);
} else {
// Default: allow both frontend and backend on same origin
corsOptions.origin = process.env.FRONTEND_URL || 'http://localhost:5173';
} }
} catch (error) {
logger.warn('Could not load CORS settings from database, using defaults');
}
};
// Update CORS on startup (with delay to ensure DB is ready) next();
setTimeout(updateCorsFromSettings, 2000); });
// Export for use in settings controller // CORS middleware'i de ekle (çift güvence)
app.updateCorsSettings = updateCorsFromSettings; app.use(cors({
origin: '*', // Tüm origin'lere izin ver
credentials: true,
methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Origin', 'Accept'],
}));
// Body parsing middleware // Body parsing middleware
app.use(express.json()); app.use(express.json());
app.use(express.urlencoded({ extended: true })); app.use(express.urlencoded({ extended: true }));
// Serve static files (landing page) // Serve static files (landing page and frontend build)
app.use(express.static('src/public')); const path = require('path');
app.use(express.static(path.join(__dirname, 'public'), {
setHeaders: (res, filePath) => {
// CORS headers for ALL static files (CSS, JS, images, etc.)
res.set('Access-Control-Allow-Origin', '*');
res.set('Access-Control-Allow-Methods', 'GET, OPTIONS');
res.set('Access-Control-Allow-Headers', 'Content-Type, Accept, Origin');
res.set('Access-Control-Allow-Credentials', 'true');
// Ensure CSP also present on static (mainly harmless for non-HTML)
res.set('Content-Security-Policy',
"default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; font-src 'self' data:; connect-src 'self' http: https: ws: wss:; frame-ancestors 'self'; base-uri 'self';"
);
// Content-Type header'larını doğru ayarla
if (filePath.endsWith('.js')) {
// Serve ES modules correctly
res.set('Content-Type', 'application/javascript; charset=utf-8');
} else if (filePath.endsWith('.css')) {
res.set('Content-Type', 'text/css; charset=utf-8');
} else if (filePath.endsWith('.mjs')) {
res.set('Content-Type', 'application/javascript; charset=utf-8');
} else if (filePath.endsWith('.svg')) {
res.set('Content-Type', 'image/svg+xml');
}
}
}));
// Serve compiled frontend assets at /assets (Vite output)
app.use('/assets', express.static(path.join(__dirname, 'public', 'dist', 'assets'), {
setHeaders: (res, filePath) => {
res.set('Access-Control-Allow-Origin', '*');
res.set('Access-Control-Allow-Methods', 'GET, OPTIONS');
res.set('Access-Control-Allow-Headers', 'Content-Type, Accept, Origin');
res.set('Access-Control-Allow-Credentials', 'true');
res.set('Content-Security-Policy',
"default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; font-src 'self' data:; connect-src 'self' http: https: ws: wss:; frame-ancestors 'self'; base-uri 'self';"
);
if (filePath.endsWith('.js') || filePath.endsWith('.mjs')) {
res.set('Content-Type', 'application/javascript; charset=utf-8');
} else if (filePath.endsWith('.css')) {
res.set('Content-Type', 'text/css; charset=utf-8');
} else if (filePath.endsWith('.svg')) {
res.set('Content-Type', 'image/svg+xml');
}
}
}));
// Serve landing page at /landing route
app.get('/landing', (req, res) => {
res.sendFile(path.join(__dirname, 'public', 'landing.html'));
});
// Session middleware // Session middleware
app.use(session(sessionConfig)); app.use(session(sessionConfig));
@@ -93,6 +152,35 @@ app.use('/api/stats', require('./routes/stats.routes'));
// Public tracking route (no rate limit on this specific route) // Public tracking route (no rate limit on this specific route)
app.use('/t', require('./routes/tracking.routes')); app.use('/t', require('./routes/tracking.routes'));
// Serve frontend SPA (must be after API routes)
app.get('*', (req, res, next) => {
// Skip if it's an API route, tracking route, or landing page
if (req.path.startsWith('/api') || req.path.startsWith('/t') || req.path.startsWith('/landing') || req.path.startsWith('/health')) {
return next();
}
// CORS headers for HTML
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET, OPTIONS');
res.header('Access-Control-Allow-Headers', 'Content-Type');
// Explicit CSP for HTML documents
res.setHeader(
'Content-Security-Policy',
"default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; font-src 'self' data:; connect-src 'self' http: https: ws: wss:; frame-ancestors 'self'; base-uri 'self';"
);
// Serve frontend index.html for all other routes
const frontendPath = path.join(__dirname, 'public', 'dist', 'index.html');
res.sendFile(frontendPath, (err) => {
if (err) {
// If frontend build doesn't exist, inform clearly
res.status(503).send(
'Frontend build not found. Please build the frontend (npm run build) and ensure dist is copied to backend/src/public/dist.'
);
}
});
});
// 404 handler // 404 handler
app.use((req, res) => { app.use((req, res) => {
res.status(404).json({ res.status(404).json({
@@ -110,14 +198,15 @@ const startServer = async () => {
// Test database connection // Test database connection
await testConnection(); await testConnection();
// Start listening // Start listening on all interfaces (0.0.0.0) to allow remote access
app.listen(PORT, () => { app.listen(PORT, '0.0.0.0', () => {
logger.info(`🚀 Server is running on port ${PORT}`); logger.info(`🚀 Server is running on port ${PORT}`);
logger.info(`📊 Environment: ${process.env.NODE_ENV || 'development'}`); logger.info(`📊 Environment: ${process.env.NODE_ENV || 'development'}`);
logger.info(`🔗 Health check: http://localhost:${PORT}/health`); logger.info(`🔗 Health check: http://0.0.0.0:${PORT}/health`);
console.log(`\n✨ Oltalama Backend Server Started!`); console.log(`\n✨ Oltalama Backend Server Started!`);
console.log(`🌐 API: http://localhost:${PORT}/api`); console.log(`🌐 API: http://0.0.0.0:${PORT}/api`);
console.log(`🎯 Tracking: http://localhost:${PORT}/t/:token\n`); console.log(`🎯 Tracking: http://0.0.0.0:${PORT}/t/:token`);
console.log(`🌍 Server listening on all interfaces (0.0.0.0:${PORT})\n`);
}); });
} catch (error) { } catch (error) {
logger.error('Failed to start server:', error); logger.error('Failed to start server:', error);

7
backend/src/controllers/settings.controller.js
View File

@@ -166,14 +166,9 @@ exports.updateSystemSettings = async (req, res, next) => {
}); });
} }
// Update CORS configuration if available
if (req.app && req.app.updateCorsSettings) {
await req.app.updateCorsSettings();
}
res.json({ res.json({
success: true, success: true,
message: 'Sistem ayarları güncellendi. CORS ayarları uygulandı.', message: 'Sistem ayarları güncellendi.',
}); });
} catch (error) { } catch (error) {
next(error); next(error);

75
deploy.sh
View File

@@ -19,7 +19,7 @@ NC='\033[0m' # No Color
INSTALL_DIR="/opt/oltalama" INSTALL_DIR="/opt/oltalama"
LOG_DIR="/var/log/oltalama" LOG_DIR="/var/log/oltalama"
BACKUP_DIR="${INSTALL_DIR}/backups" BACKUP_DIR="${INSTALL_DIR}/backups"
USER="oltalama" # Tüm sistemler için ortak kullanıcı USER="www-data"
NODE_VERSION="20" NODE_VERSION="20"
# Fonksiyonlar # Fonksiyonlar
@@ -62,21 +62,6 @@ check_os() {
OS=$ID OS=$ID
VERSION=$VERSION_ID VERSION=$VERSION_ID
print_success "İşletim sistemi tespit edildi: $PRETTY_NAME" print_success "İşletim sistemi tespit edildi: $PRETTY_NAME"
# Paket yöneticisi tespit et
if command -v apt-get &> /dev/null; then
PKG_MANAGER="apt"
print_info "Paket yöneticisi: APT (Debian/Ubuntu)"
elif command -v dnf &> /dev/null; then
PKG_MANAGER="dnf"
print_info "Paket yöneticisi: DNF (RedHat/Oracle/Fedora)"
elif command -v yum &> /dev/null; then
PKG_MANAGER="yum"
print_info "Paket yöneticisi: YUM (RedHat/CentOS)"
else
print_error "Desteklenen paket yöneticisi bulunamadı!"
exit 1
fi
else else
print_error "İşletim sistemi tespit edilemedi!" print_error "İşletim sistemi tespit edilemedi!"
exit 1 exit 1
@@ -95,13 +80,8 @@ install_nodejs() {
fi fi
# NodeSource repository ekle # NodeSource repository ekle
if [[ "$PKG_MANAGER" == "apt" ]]; then
curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash - curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash -
apt-get install -y nodejs apt-get install -y nodejs
elif [[ "$PKG_MANAGER" == "dnf" ]] || [[ "$PKG_MANAGER" == "yum" ]]; then
curl -fsSL https://rpm.nodesource.com/setup_${NODE_VERSION}.x | bash -
$PKG_MANAGER install -y nodejs
fi
print_success "Node.js $(node -v) kuruldu." print_success "Node.js $(node -v) kuruldu."
print_success "npm $(npm -v) kuruldu." print_success "npm $(npm -v) kuruldu."
@@ -109,20 +89,8 @@ install_nodejs() {
install_dependencies() { install_dependencies() {
print_info "Sistem bağımlılıkları kuruluyor..." print_info "Sistem bağımlılıkları kuruluyor..."
if [[ "$PKG_MANAGER" == "apt" ]]; then
apt-get update apt-get update
apt-get install -y git curl wget build-essential sqlite3 apt-get install -y git curl wget build-essential sqlite3
elif [[ "$PKG_MANAGER" == "dnf" ]] || [[ "$PKG_MANAGER" == "yum" ]]; then
$PKG_MANAGER update -y
# EPEL repository (bazı paketler için gerekli)
$PKG_MANAGER install -y epel-release 2>/dev/null || true
# Paketleri kur
$PKG_MANAGER install -y git curl wget gcc-c++ make sqlite
# Development tools
$PKG_MANAGER groupinstall -y "Development Tools" 2>/dev/null || true
fi
print_success "Sistem bağımlılıkları kuruldu." print_success "Sistem bağımlılıkları kuruldu."
} }
@@ -142,18 +110,6 @@ setup_directories() {
print_success "Dizinler oluşturuldu." print_success "Dizinler oluşturuldu."
} }
create_user() {
print_info "Sistem kullanıcısı kontrol ediliyor..."
if id "$USER" &>/dev/null; then
print_success "Kullanıcı '$USER' zaten mevcut."
else
print_info "Kullanıcı '$USER' oluşturuluyor..."
useradd -r -s /bin/bash -d $INSTALL_DIR -m $USER
print_success "Kullanıcı '$USER' oluşturuldu."
fi
}
install_project() { install_project() {
print_info "Proje dosyaları kontrol ediliyor..." print_info "Proje dosyaları kontrol ediliyor..."
@@ -485,9 +441,6 @@ setup_firewall() {
print_info "Firewall ayarlanıyor..." print_info "Firewall ayarlanıyor..."
if command -v ufw &> /dev/null; then if command -v ufw &> /dev/null; then
# Ubuntu/Debian - UFW
print_info "UFW kullanılıyor..."
# SSH izin ver # SSH izin ver
ufw allow 22/tcp comment 'SSH' ufw allow 22/tcp comment 'SSH'
@@ -507,30 +460,9 @@ setup_firewall() {
echo "y" | ufw enable echo "y" | ufw enable
fi fi
print_success "Firewall ayarlandı (UFW)." print_success "Firewall ayarlandı."
elif command -v firewall-cmd &> /dev/null; then
# RedHat/Oracle/CentOS - firewalld
print_info "firewalld kullanılıyor..."
# firewalld'yi başlat ve aktifleştir
systemctl start firewalld 2>/dev/null || true
systemctl enable firewalld 2>/dev/null || true
# HTTP/HTTPS izin ver
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --permanent --add-service=ssh
# Backend ve Frontend portları sadece localhost'tan erişilebilir
# (reverse proxy kullanılacağı için dışarıdan erişim kapalı)
# Yeniden yükle
firewall-cmd --reload
print_success "Firewall ayarlandı (firewalld)."
else else
print_warning "Firewall bulunamadı, firewall ayarları atlanıyor." print_warning "UFW bulunamadı, firewall ayarları atlanıyor."
print_warning "Güvenlik için manuel olarak firewall yapılandırmanız önerilir."
fi fi
} }
@@ -608,7 +540,6 @@ main() {
install_dependencies install_dependencies
install_nodejs install_nodejs
install_pm2 install_pm2
create_user
setup_directories setup_directories
install_project install_project
install_backend install_backend

67
docker-compose.dev.yml
View File

@@ -1,67 +0,0 @@
version: '3.8'
# Development Docker Compose
# Hot reload enabled, volumes mounted
services:
# Backend Service (Development)
backend:
build:
context: ./backend
dockerfile: Dockerfile.dev
container_name: oltalama-backend-dev
restart: unless-stopped
ports:
- "3000:3000"
environment:
- NODE_ENV=development
- PORT=3000
- SESSION_SECRET=dev-secret-change-in-production
- GMAIL_USER=${GMAIL_USER}
- GMAIL_APP_PASSWORD=${GMAIL_APP_PASSWORD}
- TELEGRAM_BOT_TOKEN=${TELEGRAM_BOT_TOKEN}
- TELEGRAM_CHAT_ID=${TELEGRAM_CHAT_ID}
- DOMAIN_URL=http://localhost:3000
- FRONTEND_URL=http://localhost:5173
- OLLAMA_SERVER_URL=${OLLAMA_SERVER_URL:-http://host.docker.internal:11434}
- OLLAMA_MODEL=${OLLAMA_MODEL:-llama3.2:latest}
volumes:
- ./backend:/app
- /app/node_modules
- backend-data:/app/database
- backend-logs:/app/logs
networks:
- oltalama-network
command: npm run dev
# Frontend Service (Development)
frontend:
build:
context: ./frontend
dockerfile: Dockerfile.dev
container_name: oltalama-frontend-dev
restart: unless-stopped
ports:
- "5173:5173"
environment:
- NODE_ENV=development
- VITE_API_URL=http://localhost:3000
volumes:
- ./frontend:/app
- /app/node_modules
depends_on:
- backend
networks:
- oltalama-network
command: npm run dev
volumes:
backend-data:
driver: local
backend-logs:
driver: local
networks:
oltalama-network:
driver: bridge

88
docker-compose.yml
View File

@@ -1,89 +1,27 @@
version: '3.8'
services: services:
# Backend Service oltalama:
backend:
build: build:
context: ./backend context: .
dockerfile: Dockerfile dockerfile: Dockerfile
container_name: oltalama-backend container_name: oltalama
restart: unless-stopped
ports: ports:
- "3000:3000" - "0.0.0.0:3000:3000"
environment: environment:
- NODE_ENV=production - NODE_ENV=production
- PORT=3000 - PORT=3000
- SESSION_SECRET=${SESSION_SECRET:-change-this-secret-in-production} - DB_PATH=/app/database/oltalama.db
- GMAIL_USER=${GMAIL_USER} - SESSION_SECRET=${SESSION_SECRET:-change-me-in-production}
- GMAIL_APP_PASSWORD=${GMAIL_APP_PASSWORD} - FRONTEND_URL=${FRONTEND_URL:-http://localhost:3000}
- TELEGRAM_BOT_TOKEN=${TELEGRAM_BOT_TOKEN}
- TELEGRAM_CHAT_ID=${TELEGRAM_CHAT_ID}
- DOMAIN_URL=${DOMAIN_URL:-http://localhost:3000}
- FRONTEND_URL=${FRONTEND_URL:-http://localhost:4173}
- OLLAMA_SERVER_URL=${OLLAMA_SERVER_URL:-http://host.docker.internal:11434}
- OLLAMA_MODEL=${OLLAMA_MODEL:-llama3.2:latest}
volumes: volumes:
- backend-data:/app/database # Persist database
- backend-logs:/app/logs - ./data/database:/app/database
networks: # Persist logs
- oltalama-network - ./data/logs:/app/logs
restart: unless-stopped
healthcheck: healthcheck:
test: ["CMD", "node", "-e", "require('http').get('http://localhost:3000/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"] test: ["CMD", "node", "-e", "require('http').get('http://localhost:3000/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"]
interval: 30s interval: 30s
timeout: 10s timeout: 3s
retries: 3 retries: 3
start_period: 40s start_period: 40s
# Frontend Service
frontend:
build:
context: ./frontend
dockerfile: Dockerfile
container_name: oltalama-frontend
restart: unless-stopped
ports:
- "4173:4173"
environment:
- NODE_ENV=production
- VITE_API_URL=${VITE_API_URL:-http://localhost:3000}
depends_on:
backend:
condition: service_healthy
networks:
- oltalama-network
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:4173"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
# Nginx Reverse Proxy (Optional)
nginx:
image: nginx:alpine
container_name: oltalama-nginx
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./nginx/ssl:/etc/nginx/ssl:ro
depends_on:
- backend
- frontend
networks:
- oltalama-network
profiles:
- with-nginx
volumes:
backend-data:
driver: local
backend-logs:
driver: local
networks:
oltalama-network:
driver: bridge

56
docker-entrypoint.sh Normal file
View File

@@ -0,0 +1,56 @@
#!/bin/sh
set -e
echo "🚀 Starting Oltalama application..."
# Ensure database directory exists
mkdir -p database
# Run database migrations
echo "📊 Running database migrations..."
if node migrations/run-migrations.js; then
echo "✅ Migrations completed successfully"
else
echo "⚠️ Migration failed, but continuing..."
fi
# Check if we should seed the database
# Only seed if database is empty (no admin users)
if [ ! -f "database/oltalama.db" ] || [ ! -s "database/oltalama.db" ]; then
echo "🌱 Database is empty, seeding initial data..."
if node seeders/run-seeders.js; then
echo "✅ Seeding completed successfully"
else
echo "⚠️ Seeding failed, but continuing..."
fi
else
# Check if admin user exists
if command -v sqlite3 >/dev/null 2>&1; then
ADMIN_COUNT=$(sqlite3 database/oltalama.db "SELECT COUNT(*) FROM admin_user;" 2>/dev/null || echo "0")
if [ "$ADMIN_COUNT" = "0" ]; then
echo "🌱 Database exists but no admin user found. Running seeders..."
if node seeders/run-seeders.js; then
echo "✅ Seeding completed successfully"
else
echo "⚠️ Seeding failed, but continuing..."
fi
else
echo "✅ Database already initialized with admin user(s), skipping seeders."
fi
else
echo "⚠️ sqlite3 command not found, skipping admin user check."
fi
fi
# Ensure frontend build exists before starting server
FRONTEND_INDEX="src/public/dist/index.html"
if [ ! -f "$FRONTEND_INDEX" ]; then
echo "❌ Frontend build not found at $FRONTEND_INDEX"
echo " Please run 'npm run build' in the frontend (or rebuild the Docker image) so the dist assets are available."
exit 1
fi
# Start the application
echo "✨ Starting server..."
exec "$@"

33
frontend/.dockerignore
View File

@@ -1,33 +0,0 @@
# Node modules
node_modules/
npm-debug.log
# Environment files
.env
.env.local
# Git
.git/
.gitignore
# Build artifacts
dist/
.cache/
# Documentation
*.md
# IDE
.vscode/
.idea/
# OS
.DS_Store
# Testing
coverage/
# Temporary
tmp/
temp/

49
frontend/Dockerfile
View File

@@ -1,49 +0,0 @@
# Frontend Dockerfile
# Multi-stage build for optimized production image
# Stage 1: Build stage
FROM node:20-alpine AS builder
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install dependencies
RUN npm ci
# Copy application code
COPY . .
# Build for production
RUN npm run build
# Stage 2: Production stage
FROM node:20-alpine
# Create app user
RUN addgroup -g 1001 -S oltalama && \
adduser -S oltalama -u 1001 -G oltalama
WORKDIR /app
# Copy built assets from builder
COPY --from=builder --chown=oltalama:oltalama /app/dist ./dist
COPY --from=builder --chown=oltalama:oltalama /app/package*.json ./
# Install only production dependencies (for preview server)
RUN npm ci --only=production
# Switch to non-root user
USER oltalama
# Expose port
EXPOSE 4173
# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:4173 || exit 1
# Start preview server
CMD ["npm", "run", "preview", "--", "--host", "0.0.0.0"]

22
frontend/Dockerfile.dev
View File

@@ -1,22 +0,0 @@
# Frontend Development Dockerfile
# Hot reload enabled with Vite
FROM node:20-alpine
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install all dependencies (including dev)
RUN npm install
# Copy application code
COPY . .
# Expose Vite dev server port
EXPOSE 5173
# Start Vite dev server with host binding
CMD ["npm", "run", "dev", "--", "--host", "0.0.0.0"]

14
frontend/src/services/api.js
View File

@@ -1,6 +1,18 @@
import axios from 'axios'; import axios from 'axios';
const API_URL = import.meta.env.VITE_API_URL || 'http://localhost:3000'; const resolveApiUrl = () => {
if (import.meta.env.VITE_API_URL) {
return import.meta.env.VITE_API_URL;
}
if (typeof window !== 'undefined' && window.location?.origin) {
return window.location.origin;
}
return 'http://localhost:3000';
};
const API_URL = resolveApiUrl();
const api = axios.create({ const api = axios.create({
baseURL: API_URL, baseURL: API_URL,

13
frontend/vite.config.js
View File

@@ -4,4 +4,17 @@ import react from '@vitejs/plugin-react'
// https://vite.dev/config/ // https://vite.dev/config/
export default defineConfig({ export default defineConfig({
plugins: [react()], plugins: [react()],
base: '/', // Base path - root'tan servis edilecek
build: {
assetsDir: 'assets',
// Relative path'ler kullan (absolute değil)
rollupOptions: {
output: {
// Asset dosyaları için relative path
assetFileNames: 'assets/[name]-[hash][extname]',
chunkFileNames: 'assets/[name]-[hash].js',
entryFileNames: 'assets/[name]-[hash].js',
},
},
},
}) })

4
systemd/oltalama-backend.service
View File

@@ -5,8 +5,8 @@ After=network.target
[Service] [Service]
Type=simple Type=simple
User=oltalama User=www-data
Group=oltalama Group=www-data
WorkingDirectory=/opt/oltalama/backend WorkingDirectory=/opt/oltalama/backend
Environment=NODE_ENV=production Environment=NODE_ENV=production
Environment=PORT=3000 Environment=PORT=3000

4
systemd/oltalama-frontend.service
View File

@@ -5,8 +5,8 @@ After=network.target oltalama-backend.service
[Service] [Service]
Type=simple Type=simple
User=oltalama User=www-data
Group=oltalama Group=www-data
WorkingDirectory=/opt/oltalama/frontend WorkingDirectory=/opt/oltalama/frontend
Environment=NODE_ENV=production Environment=NODE_ENV=production
Environment=PORT=4173 Environment=PORT=4173