🔧 chore(workflows): update Docker image name in GitHub Actions
Some checks are pending
Build and Push Docker Image / build (push) Waiting to run
Some checks are pending
Build and Push Docker Image / build (push) Waiting to run
- change IMAGE_NAME from server-verwaltung to fleetledger for consistency
📝 docs(README): translate and update README content
- translate README content from German to English
- update sections for quickstart, environment variables, and security notes
- add detailed instructions for using Docker and Docker Compose
This commit is contained in:
nocci
parent
1c20bdb6d4
commit
61bb65653e
2 changed files with 72 additions and 53 deletions
2
.github/workflows/docker.yml
vendored
2
.github/workflows/docker.yml
vendored
|
|
@ -10,7 +10,7 @@ permissions:
|
||||||
packages: write
|
packages: write
|
||||||
|
|
||||||
env:
|
env:
|
||||||
IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/server-verwaltung
|
IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/fleetledger
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
build:
|
build:
|
||||||
|
|
|
||||||
105
README.md
105
README.md
|
|
@ -1,64 +1,83 @@
|
||||||
# FleetLedger
|
# FleetLedger
|
||||||
|
|
||||||
Self-hosted Übersicht für gemietete Server (VPS, Dedizierte, Storage, Managed). Mehrnutzerfähig, Dark-Mode-first und PWA-ready.
|
Self-hosted overview for rented servers (VPS, dedicated, storage, managed). Multi-user, dark-mode first, PWA-ready.
|
||||||
|
|
||||||
## Features
|
## Features
|
||||||
- Server-CRUD pro Benutzer, Soft-Delete/Archiv
|
- Server CRUD per user with soft delete/archiving
|
||||||
- Dashboard (Kosten, ablaufende Verträge) + Admin-Gesamtübersicht
|
- Dashboard (costs, expiring contracts) and admin-wide overview
|
||||||
- Map-Ansicht pro Nutzer auf Basis der Location-Namen (Leaflet)
|
- Map view per user (Leaflet) based on location names
|
||||||
- Optional verschlüsselte Speicherung von Management-Passwörtern (Fernet)
|
- Optional encrypted storage of management passwords (Fernet)
|
||||||
- Session-Auth mit CSRF-Schutz, Admin-Rolle
|
- Session auth with CSRF protection, admin role
|
||||||
- PWA: Manifest, Service Worker, installierbar
|
- PWA: manifest, service worker, installable
|
||||||
|
|
||||||
## Stack
|
## Stack
|
||||||
- FastAPI, SQLModel, Jinja2
|
- FastAPI, SQLModel, Jinja2
|
||||||
- SQLite (Standard), Passlib (bcrypt), Cryptography (Fernet)
|
- SQLite (default), Passlib (bcrypt), Cryptography (Fernet)
|
||||||
- Tailwind via CDN, Leaflet für Karte
|
- Tailwind via CDN, Leaflet for maps
|
||||||
- Uvicorn als ASGI-Server
|
- Uvicorn as ASGI server
|
||||||
|
|
||||||
## Schnellstart mit Docker
|
## Containers and Images
|
||||||
1. Repository klonen
|
- Public repo: `https://github.com/nocci-sl/fleetledger`.
|
||||||
```bash
|
- Prebuilt image on GHCR: `ghcr.io/nocci-sl/fleetledger:latest` (plus commit-tagged `ghcr.io/nocci-sl/fleetledger:<git-sha>`).
|
||||||
git clone https://example.com/your/fleetledger.git
|
- Pull directly with `docker pull ghcr.io/nocci-sl/fleetledger:latest`.
|
||||||
cd fleetledger
|
|
||||||
```
|
## Quickstart with Docker Compose (prebuilt image)
|
||||||
2. Umgebung setzen
|
Use the published GHCR image; no local build needed.
|
||||||
```bash
|
```bash
|
||||||
cp .env-example .env
|
cp .env-example .env
|
||||||
# SESSION_SECRET in .env auf einen starken, einzigartigen Wert setzen
|
# set SESSION_SECRET in .env to a strong random value
|
||||||
```
|
|
||||||
3. Starten
|
|
||||||
```bash
|
|
||||||
docker-compose up --build
|
|
||||||
```
|
|
||||||
Die SQLite-DB liegt in `./data/` (Bind-Mount in den Container unter `/app/data/fleetledger.db`).
|
|
||||||
|
|
||||||
## Lokale Entwicklung (ohne Docker)
|
cat > docker-compose.override.yml <<'EOF'
|
||||||
- Voraussetzungen: Python 3.12, virtualenv empfohlen.
|
services:
|
||||||
- Setup:
|
fleetledger:
|
||||||
|
image: ghcr.io/nocci-sl/fleetledger:latest
|
||||||
|
environment:
|
||||||
|
SESSION_SECRET: ${SESSION_SECRET:?set in .env}
|
||||||
|
SESSION_COOKIE_SECURE: ${SESSION_COOKIE_SECURE:-1}
|
||||||
|
ENCRYPTION_KEY: ${ENCRYPTION_KEY:-}
|
||||||
|
ALLOW_SELF_REGISTRATION: ${ALLOW_SELF_REGISTRATION:-0}
|
||||||
|
volumes:
|
||||||
|
- ./data:/app/data
|
||||||
|
EOF
|
||||||
|
|
||||||
|
docker-compose up -d
|
||||||
|
```
|
||||||
|
SQLite will live on the host in `./data/fleetledger.db`.
|
||||||
|
|
||||||
|
## Quickstart with Docker (build locally)
|
||||||
|
```bash
|
||||||
|
cp .env-example .env
|
||||||
|
# set SESSION_SECRET in .env
|
||||||
|
docker build -t fleetledger:local .
|
||||||
|
mkdir -p data
|
||||||
|
docker run --rm -p 8000:8000 --env-file .env -v $(pwd)/data:/app/data fleetledger:local
|
||||||
|
```
|
||||||
|
|
||||||
|
## Local development (without Docker)
|
||||||
|
Requirements: Python 3.12, virtualenv recommended.
|
||||||
```bash
|
```bash
|
||||||
python -m venv .venv
|
python -m venv .venv
|
||||||
source .venv/bin/activate
|
source .venv/bin/activate
|
||||||
pip install -r requirements.txt
|
pip install -r requirements.txt
|
||||||
cp .env-example .env
|
cp .env-example .env
|
||||||
export SESSION_SECRET="ein_langer_random_wert"
|
export SESSION_SECRET="long_random_value"
|
||||||
export SESSION_COOKIE_SECURE=0 # nur lokal ohne HTTPS
|
export SESSION_COOKIE_SECURE=0 # only for local HTTP
|
||||||
uvicorn app.main:app --reload --port 8000
|
uvicorn app.main:app --reload --port 8000
|
||||||
```
|
```
|
||||||
|
|
||||||
## Umgebungsvariablen
|
## Environment variables
|
||||||
- `SESSION_SECRET` (erforderlich): Langer, zufälliger String für die Session-Signierung.
|
- `SESSION_SECRET` (required): long random string for session signing.
|
||||||
- `SESSION_COOKIE_SECURE` (default `1`): Auf `0` nur für lokale HTTP-Tests setzen, sonst `1` (HTTPS).
|
- `SESSION_COOKIE_SECURE` (default `1`): set `0` only for local HTTP; keep `1` with HTTPS.
|
||||||
- `DATABASE_PATH` (default `/app/data/fleetledger.db` im Docker-Image): Pfad zur SQLite-Datei. Lokal z. B. `./data/fleetledger.db`.
|
- `DATABASE_PATH` (default `/app/data/fleetledger.db`): SQLite file path; locally e.g. `./data/fleetledger.db`.
|
||||||
- `ENCRYPTION_KEY` (optional): Fernet-Key für verschlüsselte Management-Passwörter. Leer lassen, wenn keine Speicherung gewünscht ist.
|
- `ENCRYPTION_KEY` (optional): Fernet key for encrypted management passwords. Leave empty to disable persistence of these passwords.
|
||||||
- `ALLOW_SELF_REGISTRATION` (default `0`): `1` erlaubt neue Selbst-Registrierungen auch wenn schon ein Admin existiert; `0` = nur Admin darf weitere User anlegen.
|
- `ALLOW_SELF_REGISTRATION` (default `0`): `1` allows new self-registrations even if an admin exists; `0` means only admin can create users.
|
||||||
|
|
||||||
## Sicherheitshinweise
|
## Security notes
|
||||||
- Immer einen starken `SESSION_SECRET` verwenden; im Docker-Setup wird der Start verweigert, wenn ein Platzhalter genutzt wird.
|
- Always use a strong `SESSION_SECRET`; the container refuses to start with a placeholder.
|
||||||
- Produktiv hinter HTTPS betreiben (`SESSION_COOKIE_SECURE=1`).
|
- Run behind HTTPS (`SESSION_COOKIE_SECURE=1`).
|
||||||
- Management-Passwörter nur mit gesetztem `ENCRYPTION_KEY` speichern; ohne Key werden sie nicht persistiert.
|
- Only store management passwords if `ENCRYPTION_KEY` is set.
|
||||||
- CSRF-Schutz ist aktiv für Form-POSTs; Browser-Service-Worker cached Assets versioniert.
|
- CSRF protection is enabled for form POSTs; service worker caches assets with versioning.
|
||||||
|
|
||||||
## Datenhaltung
|
## Data
|
||||||
- SQLite speichert die Daten in einer Datei (`DATABASE_PATH`). In Docker wird `./data/` aus dem Host eingebunden.
|
- SQLite stores data in the file at `DATABASE_PATH`. In Docker, `./data/` on the host is mounted to `/app/data/` in the container.
|
||||||
- Backups: Einfach die SQLite-Datei in `./data/` sichern, während der Dienst gestoppt ist.
|
- Backups: copy the SQLite file in `./data/` while the service is stopped.
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue