Skip to content

fsiatama/loan-management-deployment

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Loan Management Deployment

Description

This repository loan-management-deployment contains the necessary Docker Compose and Nginx configurations needed to deploy the loan management system, which includes the backend API loan-management-api and the frontend UI loan-management-ui.

Overview

The deployment uses Docker Compose to orchestrate the multiple services that make up the application. The services include:

  • loan-management-api: The backend NestJS service.
  • loan-management-ui: The frontend ReactJS service.
  • web: The Nginx server that serves the frontend and provides a reverse proxy to the backend.
  • certbot: A service that helps in getting free SSL certificates from Let's Encrypt.

Getting Started

Ensure Docker and Docker Compose are installed on your machine.

Clone the repository:

$ git clone https://github.com/fsiatama/loan-management-deployment.git
$ cd loan-management-deployment

Create a .env file at the root of the project and add your environment variables:

JWT_SECRET=your_jwt_secret
AUTH_API_PORT=your_api_port
DATABASE_URL=your_mongodb_url
PAYMENT_CONCEPT_ID=your_payment_concept_id
LATE_FEE_CONCEPT_ID=your_late_fee_concept_id

Build and run the Docker Compose file:

docker-compose up --build -d

Configuration

The services' configurations are located in the docker-compose.yml file. If you need to change the default settings of a service, such as the exposed port or the environment variables, you can do so by editing this file.

The Nginx configuration is located in web-config/000-default.conf. If you want to change the server settings, you can do so by editing this file.

For SSL certificate generation, the Certbot service requires a domain name. Certbot stores the SSL certificates in the certbot/conf/ directory.

SSL Certificate Generation and Renewal

This system uses Certbot to manage SSL certificates. The steps to generate, update, expand and renew a certificate are described below.

Before proceeding, ensure you replace your-domain.com with your actual domain name.

Generate a new SSL certificate

To generate a new SSL certificate, run the following command:

sudo docker-compose run --rm certbot certonly --webroot --webroot-path=/var/www/certbot/ --dry-run -d your-domain.com

This command will perform a dry run. If everything is ok, proceed to generate the certificate by running:

sudo docker-compose run --rm certbot certonly --webroot --webroot-path=/var/www/certbot/ -d your-domain.com

Update or expand an existing certificate

To update or expand an existing certificate to include another domain, use the following command:

sudo docker-compose --rm certbot certonly --webroot --webroot-path=/var/www/certbot/ --cert-name your-existing-domain.com -d your-new-domain.com

In this command, replace your-existing-domain.com with the domain of your existing certificate and your-new-domain.com with the new domain you want to add to the certificate.

Renew certificate

Certificates issued by Certbot are valid for 90 days. You can renew your certificates manually using the following command:

sudo docker-compose run --rm certbot renew

This command will renew all the certificates that are due for renewal.

Nginx Configuration

The Nginx configuration is located in the web-config/000-default.conf file.

Currently, the configuration is set up to serve your application over HTTP and reverse proxy API requests to your loan-management-api service.

Once you have generated an SSL certificate for your domain using Certbot, you can enable serving your application over HTTPS. To do so, you'll need to uncomment (remove the # before) the second server block in the 000-default.conf file.

This second server block includes configuration for listening on port 443 (the default port for HTTPS) and using the SSL certificate files generated by Certbot.

Here is how you can do it:

  • Replace your-new-domain.com with your domain in both the server_name and ssl_certificate/ssl_certificate_key paths.

  • Uncomment the lines by removing the # at the start of each line in the second server block.

Remember to save the file and restart Nginx for the changes to take effect. You can do this by rebuilding your Docker containers:

docker-compose down
docker-compose up --build -d

This will make your application accessible over HTTPS, providing better security for your users.

Related Repositories

For any additional information or queries, feel free to open an issue.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages