tek sunucuda çalışabilecek şekilde

configs/deployment/Readme_Nginx.md

@@ -0,0 +1,11 @@
+sudo apt update
+sudo apt install nginx -y
+sudo systemctl status nginx
+sudo rm /etc/nginx/sites-enabled/nginx.conf
+sudo cp ~/kurs-platform/configs/deployment/configs/nginx.conf /etc/nginx/sites-available/
+sudo ln -s /etc/nginx/sites-available/nginx.conf /etc/nginx/sites-enabled/
+sudo cp -r ./sozsoft.com /etc/ssl/sozsoft.com
+sudo systemctl restart nginx
+sudo nginx -t
+
+docker run --rm -v kurs-devops_n8n_data:/data alpine chown -R 1000:1000 /data

configs/deployment/Readme_Webmin.md

@@ -0,0 +1,44 @@
+# Webmin Kurulumu
+
+sudo apt update && sudo apt upgrade -y
+
+sudo apt install software-properties-common apt-transport-https wget -y
+wget -q http://www.webmin.com/jcameron-key.asc -O- | sudo apt-key add -
+sudo add-apt-repository "deb http://download.webmin.com/download/repository sarge contrib"
+
+sudo apt update
+sudo apt install webmin -y
+
+sudo ufw allow 22
+sudo ufw allow 25
+sudo ufw allow 143
+sudo ufw allow 587
+sudo ufw allow 993
+sudo ufw allow 10000
+sudo ufw allow 222    # Forgejo SSH
+sudo ufw allow 3000   # Forgejo Web Arayüzü
+sudo ufw allow 3001   # Rocket.Chat
+sudo ufw allow 27017  # MongoDB (gerekirse dış erişim)
+sudo ufw allow 5678   # n8n
+sudo ufw allow 6379   # Redis (gerekliyse dış erişim)
+sudo ufw allow 5432   # PostgreSQL (gerekliyse dış erişim)
+sudo ufw allow 8080   # API (backend)
+sudo ufw allow 3002   # UI (frontend)
+sudo ufw allow 8081   # CDN
+sudo ufw allow 80     # HTTP
+sudo ufw allow 443    # HTTPS
+sudo ufw enable
+
+kullanıcı adı:ssh kullanıcısı
+parola: ssh parolası
+ssl kurulumu yapılacak
+
+# Postfix & Dovecot Kurulumu
+sudo apt update
+sudo apt install postfix dovecot-core dovecot-imapd dovecot-pop3d -y
+
+Mail server configuration type: Internet Site
+System mail name: örneğin mail.sozsoft.com
+
+sudo systemctl restart postfix
+sudo systemctl restart dovecot

configs/deployment/configs/nginx-devops.conf

@@ -1,71 +0,0 @@
-server {
-    listen 80 default_server;
-    listen [::]:80 default_server;
-
-    location / {
-        return 301 https://$host$request_uri;
-    }
-}
-
-server {
-  listen 443 ssl http2;
-  server_name devops.sozsoft.com;
-
-  ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
-  ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
-
-  location / {
-    proxy_pass http://forgejo:3000;
-    proxy_set_header Connection $http_connection;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto $scheme;
-
-    client_max_body_size 512M;
-  }
-}
-
-server {
-  listen 443 ssl;
-  server_name chat.sozsoft.com;
-
-  ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
-  ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
-
-  location / {
-    proxy_pass http://rocket_chat;
-    proxy_set_header Connection $http_connection;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto $scheme;
-
-    client_max_body_size 512M;
-  }
-}
-
-server {
-  listen 443 ssl;
-  server_name ai.sozsoft.com;
-
-  ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
-  ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
-
-  location / {
-    proxy_pass http://n8n:5678;
-    proxy_set_header Connection $http_connection;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto $scheme;
-    proxy_read_timeout 300;
-    proxy_connect_timeout 300;
-    proxy_send_timeout 300;
-
-    client_max_body_size 512M;
-  }
-}

configs/deployment/configs/nginx.conf

@@ -0,0 +1,110 @@
+# HTTP'den HTTPS'e yönlendirme
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    server_name _;
+
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+# devops.sozsoft.com - Forgejo
+server {
+    listen 443 ssl http2;
+    server_name devops.sozsoft.com;
+
+    ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
+    ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:3000;
+        include /etc/nginx/proxy_params;
+        proxy_set_header Connection $http_connection;
+        proxy_set_header Upgrade $http_upgrade;
+        client_max_body_size 512M;
+    }
+}
+
+# chat.sozsoft.com - Rocket.Chat
+server {
+    listen 443 ssl;
+    server_name chat.sozsoft.com;
+
+    ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
+    ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:3001;  # ← PORT bilgisi güncellendi
+        include /etc/nginx/proxy_params;
+        proxy_set_header Connection $http_connection;
+        proxy_set_header Upgrade $http_upgrade;
+        client_max_body_size 512M;
+    }
+}
+
+# ai.sozsoft.com - n8n
+server {
+    listen 443 ssl;
+    server_name ai.sozsoft.com;
+
+    ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
+    ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:5678;
+        include /etc/nginx/proxy_params;
+        proxy_set_header Connection $http_connection;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_read_timeout 300;
+        proxy_connect_timeout 300;
+        proxy_send_timeout 300;
+        client_max_body_size 512M;
+    }
+}
+
+# platform.sozsoft.com
+server {
+    listen 443 ssl http2;
+    server_name platform.sozsoft.com;
+
+    ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
+    ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
+
+    underscores_in_headers on;
+    ignore_invalid_headers off;
+    large_client_header_buffers 4 16k;
+
+    location / {
+        proxy_pass http://127.0.0.1:3002;  # ← PORT belirtildi
+        include /etc/nginx/proxy_params;
+    }
+}
+
+# platform-api.sozsoft.com
+server {
+    listen 443 ssl;
+    server_name platform-api.sozsoft.com;
+
+    ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
+    ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:8080/;
+        include /etc/nginx/proxy_params;
+    }
+}
+
+# platform-cdn.sozsoft.com
+server {
+    listen 443 ssl;
+    server_name platform-cdn.sozsoft.com;
+
+    ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
+    ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:8081;
+        include /etc/nginx/proxy_params;
+    }
+}

configs/deployment/configs/nginx.dev.conf

@@ -1,49 +0,0 @@
-server {
-  listen 80;
-  listen 443 ssl http2;
-  server_name platform-dev.sozsoft.com;
-  underscores_in_headers on;
-  ignore_invalid_headers off;
-
-  ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
-  ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
-
-  location / {
-    proxy_pass http://ui;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-  }
-}
-
-server {
-  listen 80;
-  listen 443 ssl;
-  server_name platform-dev-api.sozsoft.com;
-
-  ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
-  ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
-
-  location / {
-    proxy_pass http://api:8080/;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-  }
-}
-
-server {
-  listen 80;
-  listen 443 ssl;
-  server_name platform-dev-cdn.sozsoft.com;
-
-  ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
-  ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
-
-  location / {
-    proxy_pass http://cdn:8080;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-  }
-}

configs/deployment/configs/nginx.production.conf

@@ -1,49 +0,0 @@
-server {
-  listen 80;
-  listen 443 ssl http2;
-  server_name platform.sozsoft.com;
-  underscores_in_headers on;
-  ignore_invalid_headers off;
-
-  ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
-  ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
-
-  location / {
-    proxy_pass http://ui;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-  }
-}
-
-server {
-  listen 80;
-  listen 443 ssl;
-  server_name platform-api.sozsoft.com;
-
-  ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
-  ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
-
-  location / {
-    proxy_pass http://api:8080/;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-  }
-}
-
-server {
-  listen 80;
-  listen 443 ssl;
-  server_name platform-cdn.sozsoft.com;
-
-  ssl_certificate /etc/ssl/sozsoft.com/cert1.pem;
-  ssl_certificate_key /etc/ssl/sozsoft.com/privkey1.pem;
-
-  location / {
-    proxy_pass http://cdn:8080;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-  }
-}

configs/deployment/docker-compose-app.production.yml

@@ -16,7 +16,7 @@ services:
     restart: always
   cdn:
     restart: always
-  nginx:
+  # nginx:
-    restart: always
+  #   restart: always
-    volumes:
+  #   volumes:
-      - ./configs/nginx.production.conf:/etc/nginx/conf.d/default.conf
+  #     - ./configs/nginx.production.conf:/etc/nginx/conf.d/default.conf

configs/deployment/docker-compose-app.yml

@@ -9,6 +9,8 @@ volumes:
   api-keys:
 
 services:
+
+  # Veritabanı migrasyonları için geçici servis (kapsam dışı)
   migrator:
     image: devops.sozsoft.com/kurs/kurs-platform-migrator:latest
     profiles: ["migrator"]
@@ -17,39 +19,61 @@ services:
       - SEED=${SEED}
     networks:
       - kurs-platform-data_db
+
+  # Backend API
   api:
     image: devops.sozsoft.com/kurs/kurs-platform-api:latest
+    container_name: kurs-api
     profiles: ["app"]
     environment:
       - ASPNETCORE_ENVIRONMENT=Dev
-    networks:
+    ports:
-      - kurs-platform-data_db
+      - 8080:8080   # ⚠️ NGINX için eklendi
-      - default
     volumes:
       - cdn:/etc/api/cdn
       - api-keys:/root/.aspnet/DataProtection-Keys
+    networks:
+      - kurs-platform-data_db
+      - default
+
+  # Frontend (UI)
   ui:
     image: devops.sozsoft.com/kurs/kurs-platform-ui:latest
+    container_name: kurs-ui
     profiles: ["app"]
+    ports:
+      - 3002:80   # ⚠️ UI uygulaması için dış port açıldı
     networks:
       - default
+
+  # Statik dosya sunucusu (CDN)
   cdn:
     image: tozlu/http-server:latest
+    container_name: kurs-cdn
     profiles: ["app"]
-    networks:
-      - default
     working_dir: /srv/http-server
     volumes:
       - cdn:/public:ro
     command: "/public -c10 --cors"
-  nginx:
+    ports:
-    image: nginx:1.27-alpine
+      - 8081:8080   # Dış:İç (doğru port eşlemesi)
-    profiles: ["app"]
     networks:
       - default
-    ports:
+
-      - 80:80
+  # NGINX konteyneri (opsiyonel - eğer sistemde yoksa)
-      - 443:443
+  # nginx:
-    volumes:
+  #   image: nginx:1.27-alpine
-      - ./configs/nginx.conf:/etc/nginx/conf.d/default.conf
+  #   container_name: kurs-nginx
-      - ~/sozsoft.com:/etc/ssl/sozsoft.com:ro
+  #   profiles: ["app"]
+  #   ports:
+  #     - 80:80
+  #     - 443:443
+  #   volumes:
+  #     - ./configs/nginx.conf:/etc/nginx/conf.d/default.conf
+  #     - ~/sozsoft.com:/etc/ssl/sozsoft.com:ro
+  #   networks:
+  #     - default
+  #   depends_on:
+  #     - api
+  #     - cdn
+  #     - ui

configs/deployment/docker-compose-devops-forgejo.yml

@@ -1,26 +0,0 @@
-# DevOps Platform (Forgejo)
-name: kurs-devops
-
-networks:
-  forgejo:
-    external: false
-
-services:
-  forgejo:
-    image: codeberg.org/forgejo/forgejo:9
-    container_name: forgejo
-    environment:
-      - USER_UID=1000
-      - USER_GID=1000
-    restart: always
-    networks:
-      - forgejo
-    volumes:
-      - ./data:/data
-      - /etc/timezone:/etc/timezone:ro
-      - /etc/localtime:/etc/localtime:ro
-      - /etc/letsencrypt/archive/sozsoft.com:/etc/ssl:ro
-    ports:
-      - "80:80"
-      - "443:443"
-      - "222:22"

configs/deployment/docker-compose-devops.yml

@@ -15,54 +15,56 @@ volumes:
   n8n_data:
 
 services:
-  nginx:
+
-    image: nginx:1.27-alpine
+  # nginx:
-    networks:
+  #   image: nginx:1.27-alpine
-      - forgejo
+  #   container_name: nginx-devops
-      - rocket
+  #   restart: always
-      - n8n
+  #   ports:
-    ports:
+  #     - 80:80
-      - 80:80
+  #     - 443:443
-      - 443:443
+  #   volumes:
-    volumes:
+  #     - ./configs/nginx-devops.conf:/etc/nginx/conf.d/default.conf
-      - ./configs/nginx-devops.conf:/etc/nginx/conf.d/default.conf
+  #     - ~/sozsoft.com:/etc/ssl/sozsoft.com:ro
-      - ~/sozsoft.com:/etc/ssl/sozsoft.com:ro
+  #   networks:
-    depends_on:
+  #     - forgejo
-      - forgejo
+  #     - rocket
-      - rocket_mongodb
+  #     - n8n
-      - n8n
+  #   depends_on:
+  #     - forgejo
+  #     - rocket_chat
+  #     - n8n
 
   forgejo:
     image: codeberg.org/forgejo/forgejo:9
+    container_name: forgejo
+    restart: always
     environment:
       - USER_UID=1000
       - USER_GID=1000
-    restart: always
+    ports:
-    networks:
+      - 222:22
-      - forgejo
+      - 3000:3000  # ⚠️ Eklendi: HTTP arayüz için gerekli!
     volumes:
       - ~/forgejo/data:/data
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
       - /etc/letsencrypt/archive/sozsoft.com:/etc/ssl:ro
-    ports:
+    networks:
-      - 222:22
+      - forgejo
 
   rocket_chat:
     image: registry.rocket.chat/rocketchat/rocket.chat:latest
+    container_name: rocketchat
     restart: always
-    labels:
-      traefik.enable: "true"
-      traefik.http.routers.rocketchat.rule: Host(`${DOMAIN:-}`)
-      traefik.http.routers.rocketchat.tls: "true"
-      traefik.http.routers.rocketchat.entrypoints: https
-      traefik.http.routers.rocketchat.tls.certresolver: le
     environment:
       MONGO_URL: "mongodb://bot:JT74Sb2Tb3@rocket_mongodb:27017/rocketchat?authSource=admin&replicaSet=rs0"
       MONGO_OPLOG_URL: "mongodb://bot:JT74Sb2Tb3@rocket_mongodb:27017/local?authSource=admin&replicaSet=rs0"
       ROOT_URL: https://chat.sozsoft.com
-      PORT: 80
+      PORT: 3001
       DEPLOY_METHOD: docker
+    ports:
+      - 3001:3001  # ⚠️ Düzeltildi
     depends_on:
       - rocket_mongodb
     networks:
@@ -70,9 +72,8 @@ services:
 
   rocket_mongodb:
     image: docker.io/bitnami/mongodb:8.0
+    container_name: rocket-mongo
     restart: always
-    volumes:
-      - rocket_mongodb_data:/bitnami/mongodb
     environment:
       MONGODB_REPLICA_SET_MODE: primary
       MONGODB_REPLICA_SET_NAME: rs0
@@ -85,6 +86,8 @@ services:
       MONGODB_ROOT_PASSWORD: JT74Sb2Tb3
     ports:
       - 27017:27017
+    volumes:
+      - rocket_mongodb_data:/bitnami/mongodb
     networks:
       - rocket
 
@@ -92,6 +95,7 @@ services:
     build:
       context: .
       dockerfile: Dockerfile
+    container_name: n8n
     command: n8n
     ports:
       - 5678:5678
@@ -107,4 +111,3 @@ services:
       - n8n_data:/home/node/.n8n
     networks:
       - n8n
-      

configs/deployment/scripts/2-data.sh

@@ -0,0 +1,4 @@
+cd ~/kurs-platform/configs/deployment
+
+docker compose -f docker-compose-data.yml down
+docker compose -f docker-compose-data.yml up -d

configs/deployment/scripts/3-devops.sh

@@ -0,0 +1,4 @@
+cd ~/kurs-platform/configs/deployment
+
+docker compose -f docker-compose-devops.yml down
+docker compose -f docker-compose-devops.yml up -d

deploy-dev.sh

@@ -1 +1 @@
-~/kurs-platform/configs/deployment/scripts/2-app.sh dev
+~/kurs-platform/configs/deployment/scripts/4-app.sh dev

deploy-production.sh

@@ -1 +1 @@
-~/kurs-platform/configs/deployment/scripts/2-app.sh production
+~/kurs-platform/configs/deployment/scripts/4-app.sh production