From 6b4ec528e29fe81cbaf5ffb4e5d20bddaf26af61 Mon Sep 17 00:00:00 2001
From: Fu Zi Xiang <speed2exe@live.com.sg>
Date: Tue, 21 Nov 2023 16:20:50 +0800
Subject: [PATCH] docs: self host: use deploy nginx routed url

---
 deploy.env                 | 72 ++++++++++++++++++++++++++++++++++++++
 doc/AUTHENTICATION.md      | 10 +++---
 doc/DEPLOYMENT.md          | 15 ++++----
 doc/EC2_SELF_HOST_GUIDE.md | 29 +++++----------
 4 files changed, 93 insertions(+), 33 deletions(-)
 create mode 100644 deploy.env

diff --git a/deploy.env b/deploy.env
new file mode 100644
index 00000000..760dec14
--- /dev/null
+++ b/deploy.env
@@ -0,0 +1,72 @@
+# This file is used to set the environment variables for local development
+# Copy this file to .env and change the values as needed
+
+# authentication key, change this and keep the key safe and secret
+# self defined key, you can use any string
+GOTRUE_JWT_SECRET=hello456
+
+# User sign up will automatically be confirmed if this is set to true.
+# If you have OAuth2 set up or smtp configured, you can set this to false
+# to enforce email confirmation or OAuth2 login instead.
+# If you set this to false, you need to either set up SMTP
+GOTRUE_MAILER_AUTOCONFIRM=true
+
+# if you enable mail confirmation, you need to set the SMTP configuration below
+GOTRUE_SMTP_HOST=smtp.gmail.com
+GOTRUE_SMTP_PORT=465
+GOTRUE_SMTP_USER=email_sender@some_company.com
+GOTRUE_SMTP_PASS=email_sender_password
+GOTRUE_SMTP_ADMIN_EMAIL=comp_admin@some_company.com
+
+# gotrue admin
+GOTRUE_ADMIN_EMAIL=admin@example.com
+GOTRUE_ADMIN_PASSWORD=password
+
+# clicking on email verification link will redirect to this host
+# change this to your own domain where you host the docker-compose or gotrue
+API_EXTERNAL_URL=http://<host>
+
+# url to the postgres database
+DATABASE_URL=postgres://postgres:password@localhost:5433/postgres
+# uncomment this to enable build without database
+# .sqlx files must be pregenerated
+SQLX_OFFLINE=false
+
+# Google OAuth2
+GOTRUE_EXTERNAL_GOOGLE_ENABLED=true
+GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID=
+GOTRUE_EXTERNAL_GOOGLE_SECRET=
+GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=http://<host>/callback
+# GitHub OAuth2
+GOTRUE_EXTERNAL_GITHUB_ENABLED=false
+GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=
+GOTRUE_EXTERNAL_GITHUB_SECRET=
+GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI=http://<host>/callback
+# Discord OAuth2
+GOTRUE_EXTERNAL_DISCORD_ENABLED=false
+GOTRUE_EXTERNAL_DISCORD_CLIENT_ID=
+GOTRUE_EXTERNAL_DISCORD_SECRET=
+GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI=http://<host>/callback
+# File Storage
+USE_MINIO=true
+# MINIO_URL=http://localhost:9000 # change this if you are using a different address for minio
+AWS_ACCESS_KEY_ID=minioadmin
+AWS_SECRET_ACCESS_KEY=minioadmin
+AWS_S3_BUCKET=appflowy
+AWS_REGION=us-east-1
+
+RUST_LOG=info
+
+# PgAdmin
+PGADMIN_DEFAULT_EMAIL=admin@example.com
+PGADMIN_DEFAULT_PASSWORD=password
+
+# Portainer (username: admin)
+PORTAINER_PASSWORD=password1234
+
+# Grafana Dashboard
+GF_SECURITY_ADMIN_USER=admin
+GF_SECURITY_ADMIN_PASSWORD=password
+
+# Cloudflare tunnel token
+CLOUDFLARE_TUNNEL_TOKEN=
diff --git a/doc/AUTHENTICATION.md b/doc/AUTHENTICATION.md
index 02a64bff..1b83d6a6 100644
--- a/doc/AUTHENTICATION.md
+++ b/doc/AUTHENTICATION.md
@@ -25,7 +25,7 @@ For example, I create a project that used for localhost development. After creat
 
 ![create_credentials.png](../assets/images/create_google_credentials.png)
 
-The redirect URI should be `<your host server public ip/hostname>/callback`. For example, my host server is `localhost`, so the redirect URI is `http://localhost:9998/callback`. 
+The redirect URI should be `<your host server public ip/hostname>/gotrue/callback`. For example, my host server is `localhost`, so the redirect URI is `http://localhost/gotrue/callback`.
 
 ![create_client.png](../assets/images/create_google_oauth_client_id.png)
 
@@ -53,8 +53,8 @@ Begin by accessing your [GitHub Developer Settings](https://github.com/settings/
 1. In the 'OAuth Apps' section, click 'New OAuth App'.
 2. Fill in the 'Application name' with your app's name.
 3. For 'Homepage URL', provide the full URL to your app's homepage.
-4. Specify your app's 'Authorization callback URL' where users will be redirected post-authorization. The redirect URI should be 
-`<your host server public ip/hostname>/callback`. For example, my host server is `localhost`, so the redirect URI is `http://localhost:9998/callback`..
+4. Specify your app's 'Authorization callback URL' where users will be redirected post-authorization. The redirect URI should be
+`<your host server public ip/hostname>/gotrue/callback`. For example, my host server is `localhost`, so the redirect URI is `http://localhost/gotrue/callback`..
 5. Click 'Register Application' at the bottom.
 6. Once registered, securely store the generated OAuth credentials.
 7. Copy and save your Client ID.
@@ -73,8 +73,8 @@ Update the `.env` file with the Client ID and Client Secret.
 2. Click 'New Application' in the top right.
 3. Name your application and select 'Create'.
 4. In the settings menu, choose 'OAuth2'.
-5. Under 'Redirects', select 'Add Redirect' and input your callback URL. The redirect URI should be `<your host server public ip/hostname>/callback`.
-For example, my host server is `localhost`, so the redirect URI is `http://localhost:9998/callback`.
+5. Under 'Redirects', select 'Add Redirect' and input your callback URL. The redirect URI should be `<your host server public ip/hostname>/gotrue/callback`.
+For example, my host server is `localhost`, so the redirect URI is `http://localhost/gotrue/callback`.
 6. Remember to 'Save Changes' at the bottom.
 7. Under 'Client Information', note down your 'Client ID' and 'Client Secret' for later use.
 
diff --git a/doc/DEPLOYMENT.md b/doc/DEPLOYMENT.md
index 42976deb..de8095ae 100644
--- a/doc/DEPLOYMENT.md
+++ b/doc/DEPLOYMENT.md
@@ -44,7 +44,7 @@ cd AppFlowy-Cloud
 - It is required that that is a `.env` file in the root directory of the repository.
 - To get started, copy the template `dev.env` as `.env` using the following shell commands:
 ```bash
-cp dev.env .env
+cp deploy.env .env
 ```
 - There will be values in the `.env` that needs to be change according to your needs
 - Kindly read the following comments for each set of settings
@@ -77,7 +77,7 @@ GOTRUE_ADMIN_PASSWORD=password
 # which is the same as the public IP/hostname of your host server
 # when an email confirmation link is click, this is the host that user's devices
 # will try to connect to
-API_EXTERNAL_URL=http://localhost:9998
+API_EXTERNAL_URL=http://<host>
 
 # 2 fields below are only relevant for development, can ignore
 DATABASE_URL=postgres://postgres:password@localhost:5433/postgres
@@ -103,25 +103,25 @@ If using localhost, then just keep the default value.
 GOTRUE_EXTERNAL_GOOGLE_ENABLED=true
 GOTRUE_EXTERNAL_GOOGLE_CLIENT_ID=
 GOTRUE_EXTERNAL_GOOGLE_SECRET=
-GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=http://localhost:9998/callback
+GOTRUE_EXTERNAL_GOOGLE_REDIRECT_URI=http://<host>/gotrue/callback
 
 # GitHub OAuth2
 GOTRUE_EXTERNAL_GITHUB_ENABLED=true
 GOTRUE_EXTERNAL_GITHUB_CLIENT_ID=your-github-client-id
 GOTRUE_EXTERNAL_GITHUB_SECRET=your-github-secret
-GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI=http://localhost:9998/callback
+GOTRUE_EXTERNAL_GITHUB_REDIRECT_URI=http://<host>/gotrue/callback
 
 # Discord OAuth2
 GOTRUE_EXTERNAL_DISCORD_ENABLED=true
 GOTRUE_EXTERNAL_DISCORD_CLIENT_ID=your-discord-client-id
 GOTRUE_EXTERNAL_DISCORD_SECRET=your-discord-secret
-GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI=http://localhost:9998/callback
+GOTRUE_EXTERNAL_DISCORD_REDIRECT_URI=http://<host>/gotrue/callback
 ```
 
 ### 3. Running the services
 
 ### Start and run AppFlowy-Cloud
-- The following command will build and start the AppFlowy-Cloud. 
+- The following command will build and start the AppFlowy-Cloud.
 
 ```bash
 docker compose up -d
@@ -133,10 +133,11 @@ docker ps -a
 
 > When using the `docker compose up -d` command without specifying a tag, Docker Compose will pull the `latest`
 tag for the `appflowy_cloud` and `admin_frontend` images from Docker Hub by default. If you've set the `BACKEND_VERSION`
-environment variable, it will pull the specified version instead. If `BACKEND_VERSION` is not set, Docker Compose 
+environment variable, it will pull the specified version instead. If `BACKEND_VERSION` is not set, Docker Compose
 defaults to using the `latest` tag.
 
 - The metrics endpoint can also be used to verify that the AppFlowy-Cloud server is running. It should return a status of 200 OK.
+- This command should only be run in the host machine as port 8000 should not be exposed
 ```bash
 curl -v localhost:8000/metrics
 ```
diff --git a/doc/EC2_SELF_HOST_GUIDE.md b/doc/EC2_SELF_HOST_GUIDE.md
index f41a7e6d..8b6469a8 100644
--- a/doc/EC2_SELF_HOST_GUIDE.md
+++ b/doc/EC2_SELF_HOST_GUIDE.md
@@ -71,25 +71,19 @@ If you have any questions, please feel free to reach out to us on [Discord](http
    Create a `.env` file from the template. There will be values in the `.env` that needs to be change according to
    your needs Kindly read the comments in `.env` file.
    ```bash
-   cp dev.env .env
+   cp deploy.env .env
    ```
 
-3. **Mailer Configuration**:
-   Set up auto-confirmation for the Gotrue mailer in the `.env` file:
-   ```bash
-   echo "GOTRUE_MAILER_AUTOCONFIRM=true" >> .env
-   ```
+3. **Authentication Setup**:
+   Update OAuth redirect URIs in `.env` with your EC2 Public IPv4 DNS, e.g., `http:ec2-13-228-28-244.ap-southeast-1.compute.amazonaws.com/gotrue/callback`. Refer to the [Authentication documentation](./AUTHENTICATION.md) for detailed setup instructions.
 
-4. **Authentication Setup**:
-   Update OAuth redirect URIs in `.env` with your EC2 Public IPv4 DNS, e.g., `http:ec2-13-228-28-244.ap-southeast-1.compute.amazonaws.com/callback`. Refer to the [Authentication documentation](./AUTHENTICATION.md) for detailed setup instructions.
-
-5. **Start AppFlowy Services**:
+4. **Start AppFlowy Services**:
    Launch the services using Docker Compose:
    ```bash
    docker-compose up -d
    ```
 
-6. **Verify Service Status**:
+5. **Verify Service Status**:
    Check that all services are running:
    ```bash
    docker ps -a
@@ -120,9 +114,9 @@ Once you've successfully set up AppFlowy Cloud on your server, the next step is
 
 2. **Copy Configuration URLs**:
    - Use the following URLs as your environment secrets. These URLs correspond to the services running on your EC2 instance:
-      - `APPFLOWY_CLOUD_BASE_URL`: `http://ec2-13-228-28-244.ap-southeast-1.compute.amazonaws.com:8000`
-      - `APPFLOWY_CLOUD_WS_BASE_URL`: `ws://ec2-13-228-28-244.ap-southeast-1.compute.amazonaws.com:8000/ws`
-      - `APPFLOWY_CLOUD_GOTRUE_URL`: `http://ec2-13-228-28-244.ap-southeast-1.compute.amazonaws.com:9998`
+      - `APPFLOWY_CLOUD_BASE_URL`: `http://ec2-13-228-28-244.ap-southeast-1.compute.amazonaws.com`
+      - `APPFLOWY_CLOUD_WS_BASE_URL`: `ws://ec2-13-228-28-244.ap-southeast-1.compute.amazonaws.com/ws`
+      - `APPFLOWY_CLOUD_GOTRUE_URL`: `http://ec2-13-228-28-244.ap-southeast-1.compute.amazonaws.com/gotrue`
 
 3. **Configure the Client**:
    - Return to the [Building AppFlowy with a Self-hosted Server guide](https://docs.appflowy.io/docs/guides/appflowy/self-hosting-appflowy#step-2-building-appflowy-with-a-self-hosted-server).
@@ -213,10 +207,3 @@ Alternatively, you can selectively reduce Docker's disk usage:
   Additionally, ensure that dependencies on the `admin_frontend` service are also commented out as needed.
 
   ![Commenting Out Dependencies on Admin Frontend](../assets/images/comment_out_deps_on_admin_frontend.png)
-
-
-
-
-
-
-