new awesome build

2026-01-28 22:37:47 +03:00
parent 848646003c
commit fcb8f6bac7
119 changed files with 7291 additions and 5575 deletions
--- a/DOCS/General/Deployment.md
+++ b/DOCS/General/Deployment.md
@@ -0,0 +1,110 @@
+# Deployment Guide: OpenVPN Monitor & Profiler
+
+This guide describes how to deploy the full suite on a fresh Linux server (Ubuntu/Debian).
+
+## Architecture Overview
+- **Frontend**: Vue.js (Built and served by Nginx) - `APP_UI`
+- **Monitoring API (APP_CORE)**: Flask (Port 5000) - Real-time statistics.
+- **Profiler API (APP_PROFILER)**: FastAPI (Port 8000) - Profile & Server management.
+
+---
+
+## 1. Prerequisites
+- Python 3.10+
+- Nginx
+- OpenVPN & Easy-RSA (for the Profiler)
+- Node.js & NPM (only for building the UI)
+
+---
+
+## 2. Shared Security Setup (Critical)
+Both API services must share the same `SECRET_KEY` to recognize the same JWT tokens.
+
+### A. Environment Variable (Recommended)
+Add this to your shell profile (`~/.bashrc`) or your Systemd service files:
+```bash
+export OVPMON_SECRET_KEY='your-very-long-random-secret-key'
+```
+
+### B. Configuration File
+Alternatively, set it in `APP_CORE/config.ini`:
+```ini
+[api]
+secret_key = your-very-long-random-secret-key
+```
+
+---
+
+## 3. Backend Deployment
+
+### Monitoring API (Flask)
+1. Navigate to `APP_CORE/`.
+2. Create virtual environment: `python3 -m venv venv`.
+3. Install dependencies: `venv/bin/pip install -r requirements.txt`.
+4. Run with Gunicorn (production):
+   ```bash
+   venv/bin/gunicorn -w 4 -b 127.0.0.1:5000 openvpn_api_v3:app
+   ```
+
+### Profiler API (FastAPI)
+1. Navigate to `APP_PROFILER/`.
+2. Create virtual environment: `python3 -m venv venv`.
+3. **Important**: Uninstall potential conflicts and install PyJWT:
+   ```bash
+   venv/bin/pip uninstall jwt PyJWT
+   venv/bin/pip install -r requirements.txt PyJWT
+   ```
+4. Run with Uvicorn:
+   ```bash
+   venv/bin/uvicorn main:app --host 127.0.0.1 --port 8000
+   ```
+
+---
+
+## 4. Frontend Deployment (Nginx)
+
+### Build the UI
+1. Navigate to `UI/client`.
+2. Install: `npm install`.
+3. Build: `npm run build`.
+4. Copy `dist/` contents to `/var/www/ovpmon/`.
+
+### Nginx Configuration
+Create `/etc/nginx/sites-available/ovpmon`:
+
+```nginx
+server {
+    listen 80;
+    server_name your_domain_or_ip;
+
+    root /var/www/ovpmon;
+    index index.html;
+
+    # Frontend Routing
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+
+    # Monitoring API (Flask)
+    location /api/v1/ {
+        proxy_pass http://127.0.0.1:5000/api/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+    }
+
+    # Profiler API (FastAPI)
+    location /profiles-api/ {
+        proxy_pass http://127.0.0.1:8000/api/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+    }
+}
+```
+
+---
+
+## 5. First Run & Initialization
+1. Access the UI via browser.
+2. Login with default credentials: `admin` / `password`.
+3. **Immediately** change the password and set up 2FA in the Settings/Profile section.
+4. If using the Profiler, ensure the `easy-rsa` directory is present and initialized via the UI.