From 8938b61c78c882ea51e3aac55343bce18c48e417 Mon Sep 17 00:00:00 2001
From: mirivlad <mirivlad@gmail.com>
Date: Tue, 14 Apr 2026 15:54:16 +0800
Subject: [PATCH] deploy: add deploy.sh script, secure .env

- deploy.sh: auto-install docker, generate random passwords, start
- .env removed from git, added to .gitignore and .dockerignore
- Secrets are now local-only

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
---
 .dockerignore    |  1 +
 .gitignore       |  1 +
 docker/.env      | 41 -------------------------
 docker/deploy.sh | 79 ++++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 81 insertions(+), 41 deletions(-)
 delete mode 100644 docker/.env
 create mode 100755 docker/deploy.sh

diff --git a/.dockerignore b/.dockerignore
index 1da891d..6787987 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -18,3 +18,4 @@ __pycache__
 # Backups
 *.bak.*
 *.broken
+docker/.env
diff --git a/.gitignore b/.gitignore
index 73d3c86..3ec4f4f 100755
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
 vendor/
 node_modules/
 *.log
+.env
diff --git a/docker/.env b/docker/.env
deleted file mode 100644
index ac4d66a..0000000
--- a/docker/.env
+++ /dev/null
@@ -1,41 +0,0 @@
-# ==========================================
-# MirvMon — Environment Configuration
-# ==========================================
-# Скопируйте этот файл в .env и заполните значения
-
-# ------------------------------------------
-# Приложение
-# ------------------------------------------
-APP_PORT=8082
-APP_TIMEZONE=Asia/Irkutsk
-
-# ------------------------------------------
-# База данных
-# ------------------------------------------
-DB_NAME=monitoring_system
-DB_USERNAME=mon_user
-DB_PASSWORD=mon_password_123
-DB_ROOT_PASSWORD=mirvmon_db_root_2026
-
-# ------------------------------------------
-# Пользователь веб-интерфейса (первый запуск)
-# ------------------------------------------
-ADMIN_USERNAME=admin
-ADMIN_PASSWORD=admin_change_me
-
-# ------------------------------------------
-# Уведомления — Email (опционально)
-# ------------------------------------------
-# SMTP_HOST=smtp.gmail.com
-# SMTP_PORT=587
-# SMTP_USERNAME=your@email.com
-# SMTP_PASSWORD=your_app_password
-# SMTP_ENCRYPTION=tls
-# SMTP_FROM_EMAIL=your@email.com
-
-# ------------------------------------------
-# Уведомления — Telegram (опционально)
-# ------------------------------------------
-# TELEGRAM_BOT_TOKEN=123456:ABC-DEF1234ghIkl-zyx57W2v1u123ew11
-# TELEGRAM_CHAT_ID=-1001234567890
-# TELEGRAM_PROXY=http://127.0.0.1:1081
diff --git a/docker/deploy.sh b/docker/deploy.sh
new file mode 100755
index 0000000..b4bfe82
--- /dev/null
+++ b/docker/deploy.sh
@@ -0,0 +1,79 @@
+#!/bin/bash
+# deploy.sh — Быстрый разворот MirvMon на чистом сервере
+# Использование: bash deploy.sh
+
+set -e
+
+echo "🚀 MirvMon — Deploy to new server"
+echo ""
+
+# ------------------------------------------
+# 1. Проверяем Docker
+# ------------------------------------------
+if ! command -v docker &>/dev/null; then
+    echo "❌ Docker not installed. Installing..."
+    apt update -qq && apt install -y -qq docker.io docker-compose 2>/dev/null
+    echo "✅ Docker installed"
+fi
+
+DOCKER_COMPOSE_CMD="docker-compose"
+if docker compose version &>/dev/null 2>&1; then
+    DOCKER_COMPOSE_CMD="docker compose"
+fi
+
+echo "✅ Docker: $(docker --version)"
+echo "✅ Compose: $($DOCKER_COMPOSE_CMD version 2>/dev/null || echo 'v1')"
+echo ""
+
+# ------------------------------------------
+# 2. Создаём .env если нет
+# ------------------------------------------
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
+if [ ! -f "$SCRIPT_DIR/.env" ]; then
+    echo "📝 Creating .env from template..."
+    cp "$SCRIPT_DIR/.env.example" "$SCRIPT_DIR/.env"
+    
+    # Генерируем случайные пароли
+    ROOT_PASS=$(openssl rand -base64 16 | tr -dc 'a-zA-Z0-9' | head -c 20)
+    DB_PASS=$(openssl rand -base64 16 | tr -dc 'a-zA-Z0-9' | head -c 20)
+    ADMIN_PASS=$(openssl rand -base64 16 | tr -dc 'a-zA-Z0-9' | head -c 20)
+    
+    sed -i "s/DB_ROOT_PASSWORD=.*/DB_ROOT_PASSWORD=${ROOT_PASS}/" "$SCRIPT_DIR/.env"
+    sed -i "s/DB_PASSWORD=.*/DB_PASSWORD=${DB_PASS}/" "$SCRIPT_DIR/.env"
+    sed -i "s/ADMIN_PASSWORD=.*/ADMIN_PASSWORD=${ADMIN_PASS}/" "$SCRIPT_DIR/.env"
+    
+    echo "🔐 Generated random passwords:"
+    echo "   DB root: $ROOT_PASS"
+    echo "   DB user: $DB_PASS"
+    echo "   Admin web: $ADMIN_PASS"
+    echo ""
+    echo "⚠️  Save these! Change .env if you want custom passwords."
+else
+    echo "✅ .env already exists"
+fi
+echo ""
+
+# ------------------------------------------
+# 3. Запускаем
+# ------------------------------------------
+echo "📦 Building and starting services..."
+$DOCKER_COMPOSE_CMD up -d --build
+
+echo ""
+echo "⏳ Waiting for migrations..."
+sleep 10
+
+# Проверяем статус
+$DOCKER_COMPOSE_CMD ps
+
+echo ""
+echo "✅ MirvMon is running!"
+echo ""
+echo "🌐 Web UI: http://localhost:$(grep APP_PORT .env | cut -d= -f2)"
+echo "👤 Login: admin"
+echo "🔑 Password: $(grep ADMIN_PASSWORD .env | cut -d= -f2)"
+echo ""
+echo "📊 To check logs: $DOCKER_COMPOSE_CMD logs -f app"
+echo "🔧 To stop: $DOCKER_COMPOSE_CMD down"
+echo ""