salvacybersec/balikci
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: salvacybersec:f0b61735cc64302a9fc3e8ff6fe027739a3f41e4
Branches Tags
salvacybersec:main
..
compare: salvacybersec:main
Branches Tags
salvacybersec:main

9 Commits
f0b61735cc ... main

Author SHA1 Message Date
salvacybersec
3e8bb4e064 cors 2025-11-11 14:28:38 +03:00
salvacybersec
1ca2575612 front 2025-11-11 14:12:25 +03:00
salvacybersec
7582813f20 mesela yani 2025-11-11 14:05:20 +03:00
salvacybersec
9f53a34cfb ulaan 2025-11-11 07:46:58 +03:00
salvacybersec
36b62be2e1 corsu siktim v2 2025-11-11 07:42:40 +03:00
salvacybersec
c898ca4a65 corsu siktim 2025-11-11 07:40:02 +03:00
salvacybersec
992ccf056b bind 2025-11-11 07:37:27 +03:00
salvacybersec
282b7f7877 allah belanı vermesin 2025-11-11 07:33:24 +03:00
salvacybersec
9062a8d7e0 docker again 2025-11-11 07:31:43 +03:00
22 changed files with 469 additions and 1003 deletions
Expand all files Collapse all files

48
.dockerignore
View File

@@ -1,7 +1,13 @@
# Node modules
# Dependencies
node_modules/
npm-debug.log
yarn-error.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
# Build outputs
frontend/dist/
frontend/build/
backend/dist/
# Environment files
.env
@@ -11,6 +17,7 @@ yarn-error.log
# Git
.git/
.gitignore
.gitattributes
# IDE
.vscode/
@@ -27,35 +34,30 @@ Thumbs.db
logs/
*.log
# Database (will be in volume)
database/
*.db
*.db-journal
# Database files (will be created in container)
backend/database/*.db
backend/database/*.db-journal
# Build artifacts
dist/
build/
.cache/
# Test files
tests/
*.test.js
*.spec.js
coverage/
# Documentation
*.md
docs/
# Docker
Dockerfile*
docker-compose*.yml
.dockerignore
# Deployment
# Deployment scripts
deploy.sh
systemd/
nginx/
# Testing
coverage/
.nyc_output/
# Docker files (don't copy into itself)
Dockerfile
.dockerignore
docker-compose.yml
# Temporary files
tmp/
temp/
# Backups
backups/

8
DEPLOYMENT.md
View File

@@ -338,7 +338,7 @@ After=network.target
[Service]
Type=simple
User=oltalama
User=www-data
WorkingDirectory=/opt/oltalama/backend
Environment=NODE_ENV=production
ExecStart=/usr/bin/node /opt/oltalama/backend/src/app.js
@@ -362,7 +362,7 @@ After=network.target
[Service]
Type=simple
User=oltalama
User=www-data
WorkingDirectory=/opt/oltalama/frontend
Environment=NODE_ENV=production
ExecStart=/usr/bin/npm run preview
@@ -522,7 +522,7 @@ const rl = readline.createInterface({
```bash
# Proje dizini izinleri
sudo chown -R oltalama:oltalama /opt/oltalama
sudo chown -R www-data:www-data /opt/oltalama
sudo chmod -R 755 /opt/oltalama
# .env dosyalarını koru
@@ -687,7 +687,7 @@ pm2 logs --lines 100
delaycompress
missingok
notifempty
create 0640 oltalama oltalama
create 0640 www-data www-data
sharedscripts
postrotate
pm2 reloadLogs

552
DOCKER.md
View File

@@ -1,509 +1,203 @@
# 🐳 Docker Deployment Guide
# Docker Deployment Guide
## Oltalama Test Yönetim Paneli - Docker ile Kurulum
Bu dokümantasyon, Oltalama uygulamasını Docker ile tek container'da çalıştırma rehberidir.
Bu dokümantasyon, projeyi Docker ve Docker Compose kullanarak nasıl çalıştıracağınızııklar.
## Gereksinimler
---
- Docker 20.10+
- Docker Compose 2.0+ (opsiyonel)
## 📋 İçindekiler
## Hızlı Başlangıç
- [Gereksinimler](#gereksinimler)
- [Hızlı Başlangıç](#hızlı-başlangıç)
- [Development Modu](#development-modu)
- [Production Modu](#production-modu)
- [Ortam Değişkenleri](#ortam-değişkenleri)
- [Veri Yedekleme](#veri-yedekleme)
- [İleri Seviye Kullanım](#ileri-seviye-kullanım)
### Docker Compose ile (Önerilen)
---
## 🔧 Gereksinimler
- **Docker**: 20.10 veya üzeri
- **Docker Compose**: 2.0 veya üzeri
- **Git**: (projeyi klonlamak için)
### Docker Kurulumu
#### Ubuntu/Debian:
1. **Environment dosyası oluştur** (opsiyonel):
```bash
# Docker kurulumu
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
# Docker Compose kurulumu (eğer yoksa)
sudo apt-get install docker-compose-plugin
# Kullanıcıyı docker grubuna ekle
sudo usermod -aG docker $USER
newgrp docker
cp backend/.env.example backend/.env
# backend/.env dosyasını düzenle
```
#### RedHat/Oracle/CentOS:
2. **Docker Compose ile başlat**:
```bash
# Docker kurulumu
sudo dnf install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
# Docker'ı başlat ve aktifleştir
sudo systemctl start docker
sudo systemctl enable docker
# Kullanıcıyı docker grubuna ekle
sudo usermod -aG docker $USER
newgrp docker
docker-compose up -d
```
---
## 🚀 Hızlı Başlangıç
### 1. Projeyi Klonlayın
3. **Logları izle**:
```bash
git clone <repository-url> oltalama
cd oltalama
docker-compose logs -f
```
### 2. Environment Dosyasını Hazırlayın
4. **Durdur**:
```bash
# Örnek dosyadan kopyalayın
cat > .env << 'EOF'
SESSION_SECRET=your-strong-random-secret-here
GMAIL_USER=your-email@gmail.com
GMAIL_APP_PASSWORD=your-gmail-app-password
TELEGRAM_BOT_TOKEN=your-bot-token
TELEGRAM_CHAT_ID=your-chat-id
OLLAMA_SERVER_URL=http://host.docker.internal:11434
OLLAMA_MODEL=llama3.2:latest
VITE_API_URL=http://localhost:3000
EOF
# Editör ile açın ve konfigüre edin
nano .env
docker-compose down
```
**Minimum gerekli ayarlar:**
```env
SESSION_SECRET=very-strong-random-secret-here
GMAIL_USER=your-email@gmail.com
GMAIL_APP_PASSWORD=your-gmail-app-password
TELEGRAM_BOT_TOKEN=your-bot-token
TELEGRAM_CHAT_ID=your-chat-id
### Docker ile (Manuel)
1. **Image'ı build et**:
```bash
docker build -t oltalama:latest .
```
### 3. Production Modunda Başlatın
2. **Container'ı çalıştır**:
```bash
# Container'ları build edin ve başlatın
docker compose up -d
# Logları görüntüleyin
docker compose logs -f
docker run -d \
--name oltalama \
-p 3000:3000 \
-v $(pwd)/data/database:/app/database \
-v $(pwd)/data/logs:/app/logs \
-e NODE_ENV=production \
-e SESSION_SECRET=$(openssl rand -hex 32) \
-e FRONTEND_URL=http://localhost:3000 \
oltalama:latest
```
### 4. Admin Kullanıcısı Oluşturun
## Environment Variables
İlk çalıştırmada admin kullanıcısı oluşturmanız gerekir:
Aşağıdaki environment variable'ları ayarlayabilirsiniz:
- `NODE_ENV`: Ortam (production/development)
- `PORT`: Server portu (varsayılan: 3000)
- `DB_PATH`: Database dosya yolu (varsayılan: /app/database/oltalama.db)
- `SESSION_SECRET`: Session secret key (üretmek için: `openssl rand -hex 32`)
- `FRONTEND_URL`: Frontend URL'i (CORS için)
Daha fazla environment variable için `backend/.env.example` dosyasına bakın.
## Veri Kalıcılığı
Database ve log dosyaları volume'lerde saklanır:
- `./data/database`: SQLite database dosyaları
- `./data/logs`: Uygulama logları
İlk çalıştırmada bu dizinler otomatik oluşturulur.
## Admin Kullanıcı Oluşturma
İlk kurulumda admin kullanıcı oluşturmak için:
```bash
# Backend container'a bağlanın
docker compose exec backend sh
# Container içine gir
docker exec -it oltalama sh
# Admin kullanıcı scripti çalıştırın
# Admin kullanıcı oluştur
node scripts/create-admin.js
# Container'dan çıkın
exit
```
### 5. Uygulamaya Erişin
- **Frontend**: http://localhost:4173
- **Backend API**: http://localhost:3000
- **Health Check**: http://localhost:3000/health
---
## 💻 Development Modu
Development modunda hot-reload aktif olur ve kod değişiklikleri anında yansır.
### Başlatma
Veya container dışından:
```bash
# Development compose ile başlat
docker compose -f docker-compose.dev.yml up
# Veya arka planda çalıştır
docker compose -f docker-compose.dev.yml up -d
docker exec -it oltalama node scripts/create-admin.js
```
### Özellikler
## Health Check
-**Hot Reload**: Kod değişiklikleri anında yansır
-**Volume Mount**: Local klasörler container'a mount edilir
-**Debug Modu**: Detaylı log çıktıları
-**Nodemon**: Backend için otomatik restart
Container health check endpoint'i: `http://localhost:3000/health`
### Development Portları
- **Frontend (Vite Dev Server)**: http://localhost:5173
- **Backend**: http://localhost:3000
---
## 🏭 Production Modu
Production modu için optimize edilmiş, multi-stage build ile küçük image boyutu.
### Başlatma
Health check durumunu kontrol etmek için:
```bash
# Production compose ile başlat
docker compose up -d
# Durum kontrolü
docker compose ps
# Logları görüntüle
docker compose logs -f backend
docker compose logs -f frontend
docker ps
# HEALTHY durumunu göreceksiniz
```
### Container Yönetimi
## Loglar
Logları görüntülemek için:
```bash
# Tüm servisleri durdur
docker compose stop
# Docker Compose
docker-compose logs -f
# Tüm servisleri başlat
docker compose start
# Tüm servisleri yeniden başlat
docker compose restart
# Servisleri kaldır (veri korunur)
docker compose down
# Servisleri ve volume'leri kaldır (VERİ SİLİNİR!)
docker compose down -v
# Docker
docker logs -f oltalama
```
### Build İşlemleri
## Database Backup
Database'i yedeklemek için:
```bash
# Image'ları yeniden build et
docker compose build
# Cache kullanmadan build et
docker compose build --no-cache
# Belirli bir servisi build et
docker compose build backend
# Container içindeki database'i kopyala
docker cp oltalama:/app/database/oltalama.db ./backup-$(date +%Y%m%d).db
```
---
## Troubleshooting
## 🔐 Ortam Değişkenleri
### Backend Değişkenleri
| Değişken | Açıklama | Varsayılan | Zorunlu |
|----------|----------|------------|---------|
| `NODE_ENV` | Çalışma ortamı | `production` | ❌ |
| `PORT` | Backend portu | `3000` | ❌ |
| `SESSION_SECRET` | Session şifreleme anahtarı | - | ✅ |
| `GMAIL_USER` | Gmail hesabı | - | ✅ |
| `GMAIL_APP_PASSWORD` | Gmail uygulama şifresi | - | ✅ |
| `TELEGRAM_BOT_TOKEN` | Telegram bot token | - | ✅ |
| `TELEGRAM_CHAT_ID` | Telegram chat ID | - | ✅ |
| `DOMAIN_URL` | Backend domain | `http://localhost:3000` | ❌ |
| `FRONTEND_URL` | Frontend domain | `http://localhost:4173` | ❌ |
| `OLLAMA_SERVER_URL` | Ollama AI server URL | `http://host.docker.internal:11434` | ❌ |
| `OLLAMA_MODEL` | Ollama model adı | `llama3.2:latest` | ❌ |
### Frontend Değişkenleri
| Değişken | Açıklama | Varsayılan | Zorunlu |
|----------|----------|------------|---------|
| `VITE_API_URL` | Backend API URL | `http://localhost:3000` | ✅ |
---
## 💾 Veri Yedekleme
### Manuel Yedekleme
### Container başlamıyor
1. Logları kontrol edin:
```bash
# Database yedekle
docker compose exec backend sh -c "cd database && tar czf /tmp/backup.tar.gz *.db"
docker compose cp backend:/tmp/backup.tar.gz ./backup-$(date +%Y%m%d).tar.gz
# Logs yedekle
docker compose exec backend sh -c "cd logs && tar czf /tmp/logs-backup.tar.gz *.log"
docker compose cp backend:/tmp/logs-backup.tar.gz ./logs-backup-$(date +%Y%m%d).tar.gz
docker logs oltalama
```
### Otomatik Yedekleme (Cron)
2. Port'un kullanılabilir olduğundan emin olun:
```bash
# Yedekleme scripti oluştur
cat > backup.sh << 'EOF'
#!/bin/bash
BACKUP_DIR="/backup/oltalama"
DATE=$(date +%Y%m%d_%H%M%S)
mkdir -p $BACKUP_DIR
# Database backup
docker compose exec -T backend sh -c "cd database && tar czf - *.db" > "$BACKUP_DIR/db-$DATE.tar.gz"
# Eski yedekleri sil (30 günden eski)
find $BACKUP_DIR -name "db-*.tar.gz" -mtime +30 -delete
echo "Backup completed: $DATE"
EOF
chmod +x backup.sh
# Crontab'a ekle (her gün 02:00'de)
(crontab -l 2>/dev/null; echo "0 2 * * * /path/to/backup.sh >> /var/log/oltalama-backup.log 2>&1") | crontab -
netstat -tuln | grep 3000
```
### Geri Yükleme
### Database hatası
1. Database volume'ünün yazılabilir olduğundan emin olun:
```bash
# Database geri yükle
docker compose cp ./backup-20250101.tar.gz backend:/tmp/
docker compose exec backend sh -c "cd database && tar xzf /tmp/backup-20250101.tar.gz"
docker compose restart backend
chmod -R 777 ./data/database
```
---
## 🔧 İleri Seviye Kullanım
### Nginx ile Reverse Proxy
Nginx reverse proxy eklemek için:
2. Container'ı yeniden başlatın:
```bash
# Nginx profili ile başlat
docker compose --profile with-nginx up -d
docker-compose restart
```
`nginx.conf` dosyasını düzenleyin:
### Frontend görünmüyor
```nginx
# nginx/nginx.conf
server {
listen 80;
server_name yourdomain.com;
location / {
proxy_pass http://frontend:4173;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /api/ {
proxy_pass http://backend:3000/api/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
1. Frontend build'inin doğru yapıldığından emin olun:
```bash
docker exec oltalama ls -la /app/src/public/dist
```
### Resource Limits
2. Container'ı yeniden build edin:
```bash
docker-compose build --no-cache
docker-compose up -d
```
Production ortamında resource limitleri ekleyin:
## Production Deployment
Production için:
1. **Güvenli SESSION_SECRET kullanın**:
```bash
export SESSION_SECRET=$(openssl rand -hex 64)
```
2. **HTTPS için reverse proxy kullanın** (Nginx, Traefik, vb.)
3. **Resource limitleri ayarlayın**:
```yaml
# docker-compose.yml içine ekle
services:
backend:
# ... diğer ayarlar
deploy:
resources:
limits:
cpus: '1'
memory: 512M
reservations:
cpus: '0.5'
memory: 256M
# docker-compose.yml'e ekleyin
deploy:
resources:
limits:
cpus: '1'
memory: 512M
```
### Health Check Monitoring
4. **Düzenli backup alın**
Container'ların sağlık durumunu izleyin:
## Güncelleme
Uygulamayı güncellemek için:
```bash
# Health status kontrolü
docker compose ps
# Yeni image'ı build et
docker-compose build
# Detaylı health check logları
docker inspect --format='{{json .State.Health}}' oltalama-backend | jq
# Container'ı yeniden başlat
docker-compose up -d
```
### Ollama ile Kullanım
## Sorun Bildirimi
Eğer Ollama host makinede çalışıyorsa:
```bash
# Host'tan Ollama'ya erişim için
# .env dosyasında:
OLLAMA_SERVER_URL=http://host.docker.internal:11434
OLLAMA_MODEL=llama3.2:latest
```
Ollama'yı da Docker'da çalıştırmak için:
```yaml
# docker-compose.yml'e ekle
services:
ollama:
image: ollama/ollama:latest
container_name: oltalama-ollama
restart: unless-stopped
ports:
- "11434:11434"
volumes:
- ollama-data:/root/.ollama
networks:
- oltalama-network
volumes:
ollama-data:
driver: local
```
Sonra `.env` dosyasında:
```env
OLLAMA_SERVER_URL=http://ollama:11434
```
---
## 🐛 Troubleshooting
### Problem: Container başlamıyor
```bash
# Logları kontrol et
docker compose logs backend
docker compose logs frontend
# Container'ı interaktif başlat
docker compose run --rm backend sh
```
### Problem: Database erişim hatası
```bash
# Volume'leri kontrol et
docker volume ls
docker volume inspect oltalama_backend-data
# İzinleri düzelt
docker compose exec backend chown -R oltalama:oltalama /app/database
```
### Problem: Port conflict
```bash
# Kullanılan portları kontrol et
sudo lsof -i :3000
sudo lsof -i :4173
# Farklı port kullan
docker compose up -d --force-recreate
```
### Problem: Image boyutu çok büyük
```bash
# Kullanılmayan image'ları temizle
docker system prune -a
# Build cache'i temizle
docker builder prune
```
---
## 📊 Monitoring
### Container İstatistikleri
```bash
# Gerçek zamanlı resource kullanımı
docker stats
# Belirli container'lar için
docker stats oltalama-backend oltalama-frontend
```
### Log Yönetimi
```bash
# Son 100 satır
docker compose logs --tail=100 backend
# Gerçek zamanlı takip
docker compose logs -f
# Belirli bir zaman aralığı
docker compose logs --since="2025-01-01T00:00:00"
# Belirli bir service
docker compose logs backend
```
---
## 🚀 Production Deployment Checklist
- [ ] `.env` dosyasını production değerleri ile doldur
- [ ] `SESSION_SECRET` için güçlü random string oluştur
- [ ] Gmail App Password oluştur ve ayarla
- [ ] Telegram bot token ve chat ID ayarla
- [ ] Domain URL'lerini güncelle
- [ ] Nginx reverse proxy yapılandır (opsiyonel)
- [ ] SSL/TLS sertifikası ekle
- [ ] Firewall kurallarını ayarla
- [ ] Admin kullanıcı oluştur
- [ ] Otomatik yedekleme sistemi kur
- [ ] Health check monitoring kur
- [ ] Log rotation yapılandır
---
## 📚 Ek Kaynaklar
- [Docker Documentation](https://docs.docker.com/)
- [Docker Compose Documentation](https://docs.docker.com/compose/)
- [Best Practices for Node.js in Docker](https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md)
---
## 🆘 Destek
Sorun yaşıyorsanız:
1. Logları kontrol edin: `docker compose logs`
2. Container durumunu kontrol edin: `docker compose ps`
3. Health check durumunu kontrol edin
4. Issue açın veya dokümantasyonu inceleyin
---
**🎉 Artık Docker ile hazırsınız!**
Sorun yaşarsanız, lütfen GitHub Issues'da bildirin.

55
Dockerfile Normal file
View File

@@ -0,0 +1,55 @@
# Multi-stage build for Oltalama application
# Stage 1: Build frontend
FROM node:20-alpine AS frontend-builder
WORKDIR /app/frontend
# Copy frontend package files
COPY frontend/package*.json ./
# Install frontend dependencies
RUN npm install
# Copy frontend source
COPY frontend/ ./
# Build frontend (output will be in dist/)
RUN npm run build && test -f dist/index.html
# Stage 2: Backend + Runtime
FROM node:20-alpine
WORKDIR /app
# Install system dependencies for sqlite3
RUN apk add --no-cache python3 make g++ sqlite
# Copy backend package files
COPY backend/package*.json ./
# Install backend dependencies (production only)
RUN npm install --only=production
# Copy backend source
COPY backend/ ./
# Copy frontend build from previous stage to backend public directory
COPY --from=frontend-builder /app/frontend/dist ./src/public/dist
# Create database directory
RUN mkdir -p database
# Expose port
EXPOSE 3000
# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \
CMD node -e "require('http').get('http://localhost:3000/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"
# Start script that runs migrations and seeds before starting the server
COPY docker-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["node", "src/app.js"]

60
README.md
View File

@@ -179,6 +179,21 @@ curl http://localhost:3000/api/stats/dashboard
Sistem kullanıma hazır. Gmail ve Telegram ayarlarını yaparak phishing testlerinizi başlatabilirsiniz.
## 🐳 Docker ile Kurulum (Önerilen)
Tek container'da çalıştırmak için:
```bash
# Docker Compose ile (en kolay)
docker-compose up -d
# Veya Docker ile
docker build -t oltalama:latest .
docker run -d -p 3000:3000 --name oltalama oltalama:latest
```
**Detaylı Docker dokümantasyonu:** `DOCKER.md`
## 🚀 Sunucu Kurulumu (Production)
### Otomatik Kurulum
@@ -188,53 +203,20 @@ cd /opt/oltalama
sudo ./deploy.sh
```
### 🐳 Docker ile Deployment (Önerilen)
### Manuel Kurulum
Docker kullanarak tek komutla deploy edin (tüm platformlarda çalışır):
Detaylı sunucu kurulum talimatları için:
```bash
# 1. .env dosyası oluştur
nano .env
# SESSION_SECRET, GMAIL, TELEGRAM ayarlarını girin
# 2. Servisleri başlat
docker compose up -d
# 3. Admin kullanıcı oluştur
docker compose exec backend node scripts/create-admin.js
# 4. Erişim
# Frontend: http://localhost:4173
# Backend: http://localhost:3000
```
**Development Modu (Hot Reload):**
```bash
docker compose -f docker-compose.dev.yml up
```
**Detaylı Döküman:** `DOCKER.md` 📦
---
### 🖥️ Native Deployment (Linux Sunucu)
Otomatik deployment scripti ile:
```bash
sudo bash deploy.sh # Tüm Linux dağıtımları desteklenir
cat DEPLOYMENT.md
```
**Önemli dosyalar:**
- `DEPLOYMENT.md` - Detaylı sunucu kurulum kılavuzu
- `deploy.sh` - Otomatik kurulum scripti (apt & dnf/yum)
- `DOCKER.md` - Docker deployment kılavuzu 🐳
- `deploy.sh` - Otomatik kurulum scripti
- `systemd/` - Systemd servis dosyaları
- `nginx/` - Nginx konfigürasyon örneği
**Desteklenen Sistemler:**
- ✅ Ubuntu, Debian, Oracle Linux, RHEL, CentOS, Fedora
**Portlar:**
- Backend: `3000` (değiştirilebilir)
- Frontend: `4173` (değiştirilebilir)
@@ -272,8 +254,8 @@ node scripts/change-password.js
## 📚 Dokümantasyon
- **Ana Doküman:** `README.md` (bu dosya)
- **Docker Deployment:** `DOCKER.md` 🐳 (Docker kurulum ve yönetim)
- **Sunucu Kurulumu:** `DEPLOYMENT.md` 🚀 (Native Linux kurulum)
- **Docker Kurulumu:** `DOCKER.md` 🐳 (Docker ile tek container)
- **Sunucu Kurulumu:** `DEPLOYMENT.md` 🚀 (Production kurulum)
- **Ollama AI Entegrasyonu:** `OLLAMA_SETUP.md` 🤖 (AI mail şablon oluşturma)
- **Domain Yapılandırma:** `docs/DOMAIN_SETUP.md` 🌐 (Tek/İki domain)
- **Nginx Proxy Manager:** `docs/NGINX_PROXY_MANAGER.md` 🔄 (Reverse proxy)

12
SECURITY.md
View File

@@ -155,11 +155,11 @@ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; prelo
```bash
# Database dosya izinleri
sudo chmod 600 /opt/oltalama/backend/database/oltalama.db
sudo chown oltalama:oltalama /opt/oltalama/backend/database/oltalama.db
sudo chown www-data:www-data /opt/oltalama/backend/database/oltalama.db
# Backup dizini izinleri
sudo chmod 700 /opt/oltalama/backups
sudo chown oltalama:oltalama /opt/oltalama/backups
sudo chown www-data:www-data /opt/oltalama/backups
```
#### Düzenli Yedekleme
@@ -201,8 +201,8 @@ sudo chmod 600 /opt/oltalama/backend/.env
sudo chmod 600 /opt/oltalama/frontend/.env
# Sahibi ayarla
sudo chown oltalama:oltalama /opt/oltalama/backend/.env
sudo chown oltalama:oltalama /opt/oltalama/frontend/.env
sudo chown www-data:www-data /opt/oltalama/backend/.env
sudo chown www-data:www-data /opt/oltalama/frontend/.env
```
#### Session Secret
@@ -273,7 +273,7 @@ echo ".env" >> .gitignore
```bash
# Log dizini izinleri
sudo chmod 750 /var/log/oltalama
sudo chown oltalama:oltalama /var/log/oltalama
sudo chown www-data:www-data /var/log/oltalama
# Log dosyaları izinleri
sudo chmod 640 /var/log/oltalama/*.log
@@ -290,7 +290,7 @@ sudo chmod 640 /var/log/oltalama/*.log
delaycompress
missingok
notifempty
create 0640 oltalama oltalama
create 0640 www-data www-data
sharedscripts
postrotate
pm2 reloadLogs

43
backend/.dockerignore
View File

@@ -1,43 +0,0 @@
# Node modules
node_modules/
npm-debug.log
# Environment files
.env
.env.local
# Git
.git/
.gitignore
# Database (will be in volume)
database/
*.db
*.db-journal
# Logs (will be in volume)
logs/
*.log
# Documentation
*.md
# IDE
.vscode/
.idea/
# OS
.DS_Store
# Testing
coverage/
.nyc_output/
# Migrations (already applied)
migrations/
seeders/
# Temporary
tmp/
temp/

54
backend/Dockerfile
View File

@@ -1,54 +0,0 @@
# Backend Dockerfile
# Multi-stage build for optimized production image
# Stage 1: Build stage
FROM node:20-alpine AS builder
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install dependencies
RUN npm ci --only=production
# Stage 2: Production stage
FROM node:20-alpine
# Install required packages
RUN apk add --no-cache \
sqlite \
tini
# Create app user
RUN addgroup -g 1001 -S oltalama && \
adduser -S oltalama -u 1001 -G oltalama
WORKDIR /app
# Copy dependencies from builder
COPY --from=builder /app/node_modules ./node_modules
# Copy application code
COPY --chown=oltalama:oltalama . .
# Create necessary directories
RUN mkdir -p database logs && \
chown -R oltalama:oltalama /app
# Switch to non-root user
USER oltalama
# Expose port
EXPOSE 3000
# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD node -e "require('http').get('http://localhost:3000/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"
# Use tini as entrypoint for proper signal handling
ENTRYPOINT ["/sbin/tini", "--"]
# Start application
CMD ["node", "src/app.js"]

33
backend/Dockerfile.dev
View File

@@ -1,33 +0,0 @@
# Backend Development Dockerfile
# Hot reload enabled with nodemon
FROM node:20-alpine
# Install required packages
RUN apk add --no-cache \
sqlite \
tini
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install all dependencies (including dev)
RUN npm install
# Copy application code
COPY . .
# Create necessary directories
RUN mkdir -p database logs
# Expose port
EXPOSE 3000
# Use tini as entrypoint
ENTRYPOINT ["/sbin/tini", "--"]
# Start with nodemon for hot reload
CMD ["npm", "run", "dev"]

163
backend/src/app.js
View File

@@ -1,7 +1,7 @@
require('dotenv').config({ path: require('path').join(__dirname, '../.env') });
const express = require('express');
const session = require('express-session');
const helmet = require('helmet');
// const helmet = require('helmet'); // Geçici olarak devre dışı
const cors = require('cors');
const logger = require('./config/logger');
const sessionConfig = require('./config/session');
@@ -12,50 +12,109 @@ const { apiLimiter } = require('./middlewares/rateLimiter');
const app = express();
const PORT = process.env.PORT || 3000;
// Security middleware
app.use(helmet());
// Dynamic CORS configuration (will be updated from settings)
let corsOptions = {
origin: process.env.FRONTEND_URL || 'http://localhost:5173',
credentials: true,
};
// Security middleware - Helmet'i tamamen kaldır (CORS ve mixed content sorunları için)
// app.use(helmet()); // Geçici olarak devre dışı
// Basic CSP for SPA and assets to avoid white page due to blocked module scripts
// Allow self assets, inline/eval for Vite-built bundles, blobs/data, and API/websocket connections
app.use((req, res, next) => {
cors(corsOptions)(req, res, next);
// Only set CSP for HTML responses later, but keeping a permissive default helps some browsers on preload
res.setHeader(
'Content-Security-Policy',
[
"default-src 'self' data: blob:;",
"script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:;",
"style-src 'self' 'unsafe-inline';",
"img-src 'self' data: blob:;",
"font-src 'self' data:;",
"connect-src 'self' http: https: ws: wss:;",
"frame-ancestors 'self';",
'base-uri \'self\';',
].join(' ')
);
next();
});
// Function to update CORS from database
const updateCorsFromSettings = async () => {
try {
const { Settings } = require('./models');
const corsEnabledSetting = await Settings.findOne({ where: { key: 'cors_enabled' } });
const frontendUrlSetting = await Settings.findOne({ where: { key: 'frontend_url' } });
// CORS - Her yerden erişime izin ver (tüm route'larda)
app.use((req, res, next) => {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, PATCH, OPTIONS');
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization');
res.header('Access-Control-Allow-Credentials', 'true');
if (corsEnabledSetting && corsEnabledSetting.value === 'true' && frontendUrlSetting) {
corsOptions.origin = frontendUrlSetting.value;
logger.info(`CORS enabled for: ${frontendUrlSetting.value}`);
} else {
// Default: allow both frontend and backend on same origin
corsOptions.origin = process.env.FRONTEND_URL || 'http://localhost:5173';
}
} catch (error) {
logger.warn('Could not load CORS settings from database, using defaults');
// OPTIONS request'i için hemen cevap ver
if (req.method === 'OPTIONS') {
return res.sendStatus(200);
}
};
// Update CORS on startup (with delay to ensure DB is ready)
setTimeout(updateCorsFromSettings, 2000);
next();
});
// Export for use in settings controller
app.updateCorsSettings = updateCorsFromSettings;
// CORS middleware'i de ekle (çift güvence)
app.use(cors({
origin: '*', // Tüm origin'lere izin ver
credentials: true,
methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS'],
allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Origin', 'Accept'],
}));
// Body parsing middleware
app.use(express.json());
app.use(express.urlencoded({ extended: true }));
// Serve static files (landing page)
app.use(express.static('src/public'));
// Serve static files (landing page and frontend build)
const path = require('path');
app.use(express.static(path.join(__dirname, 'public'), {
setHeaders: (res, filePath) => {
// CORS headers for ALL static files (CSS, JS, images, etc.)
res.set('Access-Control-Allow-Origin', '*');
res.set('Access-Control-Allow-Methods', 'GET, OPTIONS');
res.set('Access-Control-Allow-Headers', 'Content-Type, Accept, Origin');
res.set('Access-Control-Allow-Credentials', 'true');
// Ensure CSP also present on static (mainly harmless for non-HTML)
res.set('Content-Security-Policy',
"default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; font-src 'self' data:; connect-src 'self' http: https: ws: wss:; frame-ancestors 'self'; base-uri 'self';"
);
// Content-Type header'larını doğru ayarla
if (filePath.endsWith('.js')) {
// Serve ES modules correctly
res.set('Content-Type', 'application/javascript; charset=utf-8');
} else if (filePath.endsWith('.css')) {
res.set('Content-Type', 'text/css; charset=utf-8');
} else if (filePath.endsWith('.mjs')) {
res.set('Content-Type', 'application/javascript; charset=utf-8');
} else if (filePath.endsWith('.svg')) {
res.set('Content-Type', 'image/svg+xml');
}
}
}));
// Serve compiled frontend assets at /assets (Vite output)
app.use('/assets', express.static(path.join(__dirname, 'public', 'dist', 'assets'), {
setHeaders: (res, filePath) => {
res.set('Access-Control-Allow-Origin', '*');
res.set('Access-Control-Allow-Methods', 'GET, OPTIONS');
res.set('Access-Control-Allow-Headers', 'Content-Type, Accept, Origin');
res.set('Access-Control-Allow-Credentials', 'true');
res.set('Content-Security-Policy',
"default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; font-src 'self' data:; connect-src 'self' http: https: ws: wss:; frame-ancestors 'self'; base-uri 'self';"
);
if (filePath.endsWith('.js') || filePath.endsWith('.mjs')) {
res.set('Content-Type', 'application/javascript; charset=utf-8');
} else if (filePath.endsWith('.css')) {
res.set('Content-Type', 'text/css; charset=utf-8');
} else if (filePath.endsWith('.svg')) {
res.set('Content-Type', 'image/svg+xml');
}
}
}));
// Serve landing page at /landing route
app.get('/landing', (req, res) => {
res.sendFile(path.join(__dirname, 'public', 'landing.html'));
});
// Session middleware
app.use(session(sessionConfig));
@@ -93,6 +152,35 @@ app.use('/api/stats', require('./routes/stats.routes'));
// Public tracking route (no rate limit on this specific route)
app.use('/t', require('./routes/tracking.routes'));
// Serve frontend SPA (must be after API routes)
app.get('*', (req, res, next) => {
// Skip if it's an API route, tracking route, or landing page
if (req.path.startsWith('/api') || req.path.startsWith('/t') || req.path.startsWith('/landing') || req.path.startsWith('/health')) {
return next();
}
// CORS headers for HTML
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET, OPTIONS');
res.header('Access-Control-Allow-Headers', 'Content-Type');
// Explicit CSP for HTML documents
res.setHeader(
'Content-Security-Policy',
"default-src 'self' data: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; font-src 'self' data:; connect-src 'self' http: https: ws: wss:; frame-ancestors 'self'; base-uri 'self';"
);
// Serve frontend index.html for all other routes
const frontendPath = path.join(__dirname, 'public', 'dist', 'index.html');
res.sendFile(frontendPath, (err) => {
if (err) {
// If frontend build doesn't exist, inform clearly
res.status(503).send(
'Frontend build not found. Please build the frontend (npm run build) and ensure dist is copied to backend/src/public/dist.'
);
}
});
});
// 404 handler
app.use((req, res) => {
res.status(404).json({
@@ -110,14 +198,15 @@ const startServer = async () => {
// Test database connection
await testConnection();
// Start listening
app.listen(PORT, () => {
// Start listening on all interfaces (0.0.0.0) to allow remote access
app.listen(PORT, '0.0.0.0', () => {
logger.info(`🚀 Server is running on port ${PORT}`);
logger.info(`📊 Environment: ${process.env.NODE_ENV || 'development'}`);
logger.info(`🔗 Health check: http://localhost:${PORT}/health`);
logger.info(`🔗 Health check: http://0.0.0.0:${PORT}/health`);
console.log(`\n✨ Oltalama Backend Server Started!`);
console.log(`🌐 API: http://localhost:${PORT}/api`);
console.log(`🎯 Tracking: http://localhost:${PORT}/t/:token\n`);
console.log(`🌐 API: http://0.0.0.0:${PORT}/api`);
console.log(`🎯 Tracking: http://0.0.0.0:${PORT}/t/:token`);
console.log(`🌍 Server listening on all interfaces (0.0.0.0:${PORT})\n`);
});
} catch (error) {
logger.error('Failed to start server:', error);

7
backend/src/controllers/settings.controller.js
View File

@@ -166,14 +166,9 @@ exports.updateSystemSettings = async (req, res, next) => {
});
}
// Update CORS configuration if available
if (req.app && req.app.updateCorsSettings) {
await req.app.updateCorsSettings();
}
res.json({
success: true,
message: 'Sistem ayarları güncellendi. CORS ayarları uygulandı.',
message: 'Sistem ayarları güncellendi.',
});
} catch (error) {
next(error);

83
deploy.sh
View File

@@ -19,7 +19,7 @@ NC='\033[0m' # No Color
INSTALL_DIR="/opt/oltalama"
LOG_DIR="/var/log/oltalama"
BACKUP_DIR="${INSTALL_DIR}/backups"
USER="oltalama" # Tüm sistemler için ortak kullanıcı
USER="www-data"
NODE_VERSION="20"
# Fonksiyonlar
@@ -62,21 +62,6 @@ check_os() {
OS=$ID
VERSION=$VERSION_ID
print_success "İşletim sistemi tespit edildi: $PRETTY_NAME"
# Paket yöneticisi tespit et
if command -v apt-get &> /dev/null; then
PKG_MANAGER="apt"
print_info "Paket yöneticisi: APT (Debian/Ubuntu)"
elif command -v dnf &> /dev/null; then
PKG_MANAGER="dnf"
print_info "Paket yöneticisi: DNF (RedHat/Oracle/Fedora)"
elif command -v yum &> /dev/null; then
PKG_MANAGER="yum"
print_info "Paket yöneticisi: YUM (RedHat/CentOS)"
else
print_error "Desteklenen paket yöneticisi bulunamadı!"
exit 1
fi
else
print_error "İşletim sistemi tespit edilemedi!"
exit 1
@@ -95,13 +80,8 @@ install_nodejs() {
fi
# NodeSource repository ekle
if [[ "$PKG_MANAGER" == "apt" ]]; then
curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash -
apt-get install -y nodejs
elif [[ "$PKG_MANAGER" == "dnf" ]] || [[ "$PKG_MANAGER" == "yum" ]]; then
curl -fsSL https://rpm.nodesource.com/setup_${NODE_VERSION}.x | bash -
$PKG_MANAGER install -y nodejs
fi
curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash -
apt-get install -y nodejs
print_success "Node.js $(node -v) kuruldu."
print_success "npm $(npm -v) kuruldu."
@@ -109,20 +89,8 @@ install_nodejs() {
install_dependencies() {
print_info "Sistem bağımlılıkları kuruluyor..."
if [[ "$PKG_MANAGER" == "apt" ]]; then
apt-get update
apt-get install -y git curl wget build-essential sqlite3
elif [[ "$PKG_MANAGER" == "dnf" ]] || [[ "$PKG_MANAGER" == "yum" ]]; then
$PKG_MANAGER update -y
# EPEL repository (bazı paketler için gerekli)
$PKG_MANAGER install -y epel-release 2>/dev/null || true
# Paketleri kur
$PKG_MANAGER install -y git curl wget gcc-c++ make sqlite
# Development tools
$PKG_MANAGER groupinstall -y "Development Tools" 2>/dev/null || true
fi
apt-get update
apt-get install -y git curl wget build-essential sqlite3
print_success "Sistem bağımlılıkları kuruldu."
}
@@ -142,18 +110,6 @@ setup_directories() {
print_success "Dizinler oluşturuldu."
}
create_user() {
print_info "Sistem kullanıcısı kontrol ediliyor..."
if id "$USER" &>/dev/null; then
print_success "Kullanıcı '$USER' zaten mevcut."
else
print_info "Kullanıcı '$USER' oluşturuluyor..."
useradd -r -s /bin/bash -d $INSTALL_DIR -m $USER
print_success "Kullanıcı '$USER' oluşturuldu."
fi
}
install_project() {
print_info "Proje dosyaları kontrol ediliyor..."
@@ -485,9 +441,6 @@ setup_firewall() {
print_info "Firewall ayarlanıyor..."
if command -v ufw &> /dev/null; then
# Ubuntu/Debian - UFW
print_info "UFW kullanılıyor..."
# SSH izin ver
ufw allow 22/tcp comment 'SSH'
@@ -507,30 +460,9 @@ setup_firewall() {
echo "y" | ufw enable
fi
print_success "Firewall ayarlandı (UFW)."
elif command -v firewall-cmd &> /dev/null; then
# RedHat/Oracle/CentOS - firewalld
print_info "firewalld kullanılıyor..."
# firewalld'yi başlat ve aktifleştir
systemctl start firewalld 2>/dev/null || true
systemctl enable firewalld 2>/dev/null || true
# HTTP/HTTPS izin ver
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --permanent --add-service=ssh
# Backend ve Frontend portları sadece localhost'tan erişilebilir
# (reverse proxy kullanılacağı için dışarıdan erişim kapalı)
# Yeniden yükle
firewall-cmd --reload
print_success "Firewall ayarlandı (firewalld)."
print_success "Firewall ayarlandı."
else
print_warning "Firewall bulunamadı, firewall ayarları atlanıyor."
print_warning "Güvenlik için manuel olarak firewall yapılandırmanız önerilir."
print_warning "UFW bulunamadı, firewall ayarları atlanıyor."
fi
}
@@ -608,7 +540,6 @@ main() {
install_dependencies
install_nodejs
install_pm2
create_user
setup_directories
install_project
install_backend

67
docker-compose.dev.yml
View File

@@ -1,67 +0,0 @@
version: '3.8'
# Development Docker Compose
# Hot reload enabled, volumes mounted
services:
# Backend Service (Development)
backend:
build:
context: ./backend
dockerfile: Dockerfile.dev
container_name: oltalama-backend-dev
restart: unless-stopped
ports:
- "3000:3000"
environment:
- NODE_ENV=development
- PORT=3000
- SESSION_SECRET=dev-secret-change-in-production
- GMAIL_USER=${GMAIL_USER}
- GMAIL_APP_PASSWORD=${GMAIL_APP_PASSWORD}
- TELEGRAM_BOT_TOKEN=${TELEGRAM_BOT_TOKEN}
- TELEGRAM_CHAT_ID=${TELEGRAM_CHAT_ID}
- DOMAIN_URL=http://localhost:3000
- FRONTEND_URL=http://localhost:5173
- OLLAMA_SERVER_URL=${OLLAMA_SERVER_URL:-http://host.docker.internal:11434}
- OLLAMA_MODEL=${OLLAMA_MODEL:-llama3.2:latest}
volumes:
- ./backend:/app
- /app/node_modules
- backend-data:/app/database
- backend-logs:/app/logs
networks:
- oltalama-network
command: npm run dev
# Frontend Service (Development)
frontend:
build:
context: ./frontend
dockerfile: Dockerfile.dev
container_name: oltalama-frontend-dev
restart: unless-stopped
ports:
- "5173:5173"
environment:
- NODE_ENV=development
- VITE_API_URL=http://localhost:3000
volumes:
- ./frontend:/app
- /app/node_modules
depends_on:
- backend
networks:
- oltalama-network
command: npm run dev
volumes:
backend-data:
driver: local
backend-logs:
driver: local
networks:
oltalama-network:
driver: bridge

88
docker-compose.yml
View File

@@ -1,89 +1,27 @@
version: '3.8'
services:
# Backend Service
backend:
oltalama:
build:
context: ./backend
context: .
dockerfile: Dockerfile
container_name: oltalama-backend
restart: unless-stopped
container_name: oltalama
ports:
- "3000:3000"
- "0.0.0.0:3000:3000"
environment:
- NODE_ENV=production
- PORT=3000
- SESSION_SECRET=${SESSION_SECRET:-change-this-secret-in-production}
- GMAIL_USER=${GMAIL_USER}
- GMAIL_APP_PASSWORD=${GMAIL_APP_PASSWORD}
- TELEGRAM_BOT_TOKEN=${TELEGRAM_BOT_TOKEN}
- TELEGRAM_CHAT_ID=${TELEGRAM_CHAT_ID}
- DOMAIN_URL=${DOMAIN_URL:-http://localhost:3000}
- FRONTEND_URL=${FRONTEND_URL:-http://localhost:4173}
- OLLAMA_SERVER_URL=${OLLAMA_SERVER_URL:-http://host.docker.internal:11434}
- OLLAMA_MODEL=${OLLAMA_MODEL:-llama3.2:latest}
- DB_PATH=/app/database/oltalama.db
- SESSION_SECRET=${SESSION_SECRET:-change-me-in-production}
- FRONTEND_URL=${FRONTEND_URL:-http://localhost:3000}
volumes:
- backend-data:/app/database
- backend-logs:/app/logs
networks:
- oltalama-network
# Persist database
- ./data/database:/app/database
# Persist logs
- ./data/logs:/app/logs
restart: unless-stopped
healthcheck:
test: ["CMD", "node", "-e", "require('http').get('http://localhost:3000/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"]
interval: 30s
timeout: 10s
timeout: 3s
retries: 3
start_period: 40s
# Frontend Service
frontend:
build:
context: ./frontend
dockerfile: Dockerfile
container_name: oltalama-frontend
restart: unless-stopped
ports:
- "4173:4173"
environment:
- NODE_ENV=production
- VITE_API_URL=${VITE_API_URL:-http://localhost:3000}
depends_on:
backend:
condition: service_healthy
networks:
- oltalama-network
healthcheck:
test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:4173"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
# Nginx Reverse Proxy (Optional)
nginx:
image: nginx:alpine
container_name: oltalama-nginx
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./nginx/ssl:/etc/nginx/ssl:ro
depends_on:
- backend
- frontend
networks:
- oltalama-network
profiles:
- with-nginx
volumes:
backend-data:
driver: local
backend-logs:
driver: local
networks:
oltalama-network:
driver: bridge

56
docker-entrypoint.sh Normal file
View File

@@ -0,0 +1,56 @@
#!/bin/sh
set -e
echo "🚀 Starting Oltalama application..."
# Ensure database directory exists
mkdir -p database
# Run database migrations
echo "📊 Running database migrations..."
if node migrations/run-migrations.js; then
echo "✅ Migrations completed successfully"
else
echo "⚠️ Migration failed, but continuing..."
fi
# Check if we should seed the database
# Only seed if database is empty (no admin users)
if [ ! -f "database/oltalama.db" ] || [ ! -s "database/oltalama.db" ]; then
echo "🌱 Database is empty, seeding initial data..."
if node seeders/run-seeders.js; then
echo "✅ Seeding completed successfully"
else
echo "⚠️ Seeding failed, but continuing..."
fi
else
# Check if admin user exists
if command -v sqlite3 >/dev/null 2>&1; then
ADMIN_COUNT=$(sqlite3 database/oltalama.db "SELECT COUNT(*) FROM admin_user;" 2>/dev/null || echo "0")
if [ "$ADMIN_COUNT" = "0" ]; then
echo "🌱 Database exists but no admin user found. Running seeders..."
if node seeders/run-seeders.js; then
echo "✅ Seeding completed successfully"
else
echo "⚠️ Seeding failed, but continuing..."
fi
else
echo "✅ Database already initialized with admin user(s), skipping seeders."
fi
else
echo "⚠️ sqlite3 command not found, skipping admin user check."
fi
fi
# Ensure frontend build exists before starting server
FRONTEND_INDEX="src/public/dist/index.html"
if [ ! -f "$FRONTEND_INDEX" ]; then
echo "❌ Frontend build not found at $FRONTEND_INDEX"
echo " Please run 'npm run build' in the frontend (or rebuild the Docker image) so the dist assets are available."
exit 1
fi
# Start the application
echo "✨ Starting server..."
exec "$@"

33
frontend/.dockerignore
View File

@@ -1,33 +0,0 @@
# Node modules
node_modules/
npm-debug.log
# Environment files
.env
.env.local
# Git
.git/
.gitignore
# Build artifacts
dist/
.cache/
# Documentation
*.md
# IDE
.vscode/
.idea/
# OS
.DS_Store
# Testing
coverage/
# Temporary
tmp/
temp/

49
frontend/Dockerfile
View File

@@ -1,49 +0,0 @@
# Frontend Dockerfile
# Multi-stage build for optimized production image
# Stage 1: Build stage
FROM node:20-alpine AS builder
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install dependencies
RUN npm ci
# Copy application code
COPY . .
# Build for production
RUN npm run build
# Stage 2: Production stage
FROM node:20-alpine
# Create app user
RUN addgroup -g 1001 -S oltalama && \
adduser -S oltalama -u 1001 -G oltalama
WORKDIR /app
# Copy built assets from builder
COPY --from=builder --chown=oltalama:oltalama /app/dist ./dist
COPY --from=builder --chown=oltalama:oltalama /app/package*.json ./
# Install only production dependencies (for preview server)
RUN npm ci --only=production
# Switch to non-root user
USER oltalama
# Expose port
EXPOSE 4173
# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:4173 || exit 1
# Start preview server
CMD ["npm", "run", "preview", "--", "--host", "0.0.0.0"]

22
frontend/Dockerfile.dev
View File

@@ -1,22 +0,0 @@
# Frontend Development Dockerfile
# Hot reload enabled with Vite
FROM node:20-alpine
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install all dependencies (including dev)
RUN npm install
# Copy application code
COPY . .
# Expose Vite dev server port
EXPOSE 5173
# Start Vite dev server with host binding
CMD ["npm", "run", "dev", "--", "--host", "0.0.0.0"]

14
frontend/src/services/api.js
View File

@@ -1,6 +1,18 @@
import axios from 'axios';
const API_URL = import.meta.env.VITE_API_URL || 'http://localhost:3000';
const resolveApiUrl = () => {
if (import.meta.env.VITE_API_URL) {
return import.meta.env.VITE_API_URL;
}
if (typeof window !== 'undefined' && window.location?.origin) {
return window.location.origin;
}
return 'http://localhost:3000';
};
const API_URL = resolveApiUrl();
const api = axios.create({
baseURL: API_URL,

13
frontend/vite.config.js
View File

@@ -4,4 +4,17 @@ import react from '@vitejs/plugin-react'
// https://vite.dev/config/
export default defineConfig({
plugins: [react()],
base: '/', // Base path - root'tan servis edilecek
build: {
assetsDir: 'assets',
// Relative path'ler kullan (absolute değil)
rollupOptions: {
output: {
// Asset dosyaları için relative path
assetFileNames: 'assets/[name]-[hash][extname]',
chunkFileNames: 'assets/[name]-[hash].js',
entryFileNames: 'assets/[name]-[hash].js',
},
},
},
})

4
systemd/oltalama-backend.service
View File

@@ -5,8 +5,8 @@ After=network.target
[Service]
Type=simple
User=oltalama
Group=oltalama
User=www-data
Group=www-data
WorkingDirectory=/opt/oltalama/backend
Environment=NODE_ENV=production
Environment=PORT=3000

4
systemd/oltalama-frontend.service
View File

@@ -5,8 +5,8 @@ After=network.target oltalama-backend.service
[Service]
Type=simple
User=oltalama
Group=oltalama
User=www-data
Group=www-data
WorkingDirectory=/opt/oltalama/frontend
Environment=NODE_ENV=production
Environment=PORT=4173