# 🚀 GAuth-Central Deployment Rehberi ## 📋 Deployment Senaryoları ### Senaryo 1: Standalone Deployment (Mevcut Sunucularla) Bu senaryoda mevcut PostgreSQL ve Redis sunucularınızı kullanıyorsunuz. #### Ön Gereksinimler - ✅ PostgreSQL 17+ sunucusu çalışıyor - ✅ Redis 7+ sunucusu çalışıyor - ✅ Go 1.23+ yüklü - ✅ Sunuculara network erişimi var #### Adımlar 1. **Repository'yi klonlayın** ```bash git clone cd AuthCentral ``` 2. **.env dosyasını yapılandırın** ```bash # .env dosyasını oluşturun cp .env.example .env # Düzenleyin nano .env ``` **.env içeriği:** ```env PORT=8080 # Mevcut PostgreSQL sunucunuz DB_URL="host=10.80.80.70 user=cloud password=xxx dbname=go_gauth port=5432 sslmode=disable TimeZone=Europe/Istanbul" DB_USER=cloud DB_PASSWORD=xxx DB_NAME=go_gauth DB_PORT=5432 DB_HOST=10.80.80.70 # Mevcut Redis sunucunuz REDIS_HOST=10.80.80.70 REDIS_PORT=6379 REDIS_USER=default REDIS_PASSWORD=xxx REDIS_URL=redis://default:xxx@10.80.80.70:6379/0 # JWT Secret (production için güçlü bir değer) JWT_SECRET=super_secure_production_secret_key_change_this # OAuth Credentials GOOGLE_CLIENT_ID=your_client_id GOOGLE_CLIENT_SECRET=your_client_secret GITHUB_CLIENT_ID=your_client_id GITHUB_CLIENT_SECRET=your_client_secret CLIENT_CALLBACK_URL=http://your-domain.com/v1/auth APP_URL=http://your-domain.com ``` 3. **Bağımlılıkları yükleyin** ```bash go mod download ``` 4. **Bağlantıları test edin** ```bash # PostgreSQL bağlantısı PGPASSWORD=xxx psql -h 10.80.80.70 -U cloud -d go_gauth -c "SELECT version();" # Redis bağlantısı redis-cli -h 10.80.80.70 -p 6379 -a xxx --no-auth-warning PING ``` 5. **Uygulamayı başlatın** ```bash # Quick start script ile ./start.sh # veya systemd service olarak (aşağıya bakın) ``` --- ### Senaryo 2: Docker Compose Deployment Tüm servisleri (PostgreSQL, Redis, App) Docker ile çalıştırma. #### Adımlar 1. **Repository'yi klonlayın** ```bash git clone cd AuthCentral ``` 2. **.env dosyasını yapılandırın** ```bash cp .env.example .env nano .env ``` 3. **Docker Compose ile başlatın** ```bash docker-compose up -d ``` 4. **Logları kontrol edin** ```bash docker-compose logs -f app ``` 5. **Durum kontrolü** ```bash docker-compose ps curl http://localhost:8080/ ``` --- ### Senaryo 3: Production Deployment (Systemd) Production ortamında systemd ile çalıştırma. #### 1. Systemd Service Dosyası Oluşturun ```bash sudo nano /etc/systemd/system/gauth-central.service ``` **gauth-central.service:** ```ini [Unit] Description=GAuth-Central Authentication Service After=network.target [Service] Type=simple User=www-data Group=www-data WorkingDirectory=/opt/gauth-central EnvironmentFile=/opt/gauth-central/.env ExecStart=/opt/gauth-central/main Restart=always RestartSec=5 StandardOutput=append:/var/log/gauth-central/app.log StandardError=append:/var/log/gauth-central/error.log # Security NoNewPrivileges=true PrivateTmp=true [Install] WantedBy=multi-user.target ``` #### 2. Log Dizinini Oluşturun ```bash sudo mkdir -p /var/log/gauth-central sudo chown www-data:www-data /var/log/gauth-central ``` #### 3. Uygulamayı Deploy Edin ```bash # Deployment dizinine kopyalayın sudo mkdir -p /opt/gauth-central sudo cp -r . /opt/gauth-central/ cd /opt/gauth-central # Build edin go build -o main . # İzinleri ayarlayın sudo chown -R www-data:www-data /opt/gauth-central sudo chmod +x /opt/gauth-central/main ``` #### 4. Service'i Başlatın ```bash sudo systemctl daemon-reload sudo systemctl enable gauth-central sudo systemctl start gauth-central sudo systemctl status gauth-central ``` #### 5. Logları İzleyin ```bash # Real-time logs sudo journalctl -u gauth-central -f # Son 100 satır sudo journalctl -u gauth-central -n 100 # Application logs tail -f /var/log/gauth-central/app.log ``` --- ## 🔒 Production Checklist ### Güvenlik - [ ] JWT_SECRET güçlü bir değer olarak ayarlandı - [ ] PostgreSQL şifreleri güçlü - [ ] Redis şifre koruması aktif - [ ] SSL/TLS sertifikaları yapılandırıldı (Nginx/Caddy ile) - [ ] CORS AllowOrigins production domain'lere güncellendi - [ ] Firewall kuralları ayarlandı - [ ] PostgreSQL sslmode=require (production) - [ ] Rate limiting limitleri gözden geçirildi ### Performance - [ ] PostgreSQL connection pooling ayarları - [ ] Redis max memory policy ayarlandı - [ ] Log rotation yapılandırıldı - [ ] Monitoring kuruldu (Prometheus/Grafana) - [ ] Health check endpoint'i aktif ### Backup - [ ] PostgreSQL otomatik backup - [ ] Redis persistence yapılandırması - [ ] Backup restore testi yapıldı ### Monitoring - [ ] Application logs toplanıyor - [ ] Error tracking (Sentry vb.) - [ ] Uptime monitoring - [ ] Resource monitoring (CPU, RAM, Disk) --- ## 🌐 Nginx Reverse Proxy Production'da Nginx kullanarak SSL termination: ```nginx server { listen 80; server_name api.yourdomain.com; return 301 https://$server_name$request_uri; } server { listen 443 ssl http2; server_name api.yourdomain.com; ssl_certificate /etc/letsencrypt/live/api.yourdomain.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/api.yourdomain.com/privkey.pem; # Security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Content-Type-Options "nosniff" always; add_header X-XSS-Protection "1; mode=block" always; location / { proxy_pass http://localhost:8080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_cache_bypass $http_upgrade; } } ``` --- ## 📊 Health Checks ### Application Health Check ```bash curl http://localhost:8080/ ``` ### PostgreSQL Health ```bash PGPASSWORD=xxx psql -h 10.80.80.70 -U cloud -d go_gauth -c "SELECT 1;" ``` ### Redis Health ```bash redis-cli -h 10.80.80.70 -p 6379 -a xxx --no-auth-warning PING ``` --- ## 🔄 Update/Rollback Prosedürü ### Update ```bash cd /opt/gauth-central # Backup sudo cp main main.backup # Pull updates git pull # Build go build -o main . # Restart service sudo systemctl restart gauth-central # Check status sudo systemctl status gauth-central # Check logs sudo journalctl -u gauth-central -f ``` ### Rollback ```bash cd /opt/gauth-central # Restore backup sudo cp main.backup main # Restart sudo systemctl restart gauth-central ``` --- ## 🐛 Troubleshooting ### Service başlamıyor ```bash # Logs kontrol sudo journalctl -u gauth-central -n 50 # Config kontrol cat /opt/gauth-central/.env # Permissions kontrol ls -la /opt/gauth-central/main ``` ### PostgreSQL bağlantı hatası ```bash # Bağlantı testi PGPASSWORD=xxx psql -h HOST -U USER -d DB -c "SELECT 1;" # Network kontrolü telnet HOST 5432 ``` ### Redis bağlantı hatası ```bash # Redis testi redis-cli -h HOST -p PORT -a PASSWORD PING # Network kontrolü telnet HOST 6379 ``` --- ## 📝 Environment Variables Reference | Variable | Required | Example | Description | |----------|----------|---------|-------------| | `PORT` | Yes | `8080` | Application port | | `DB_URL` | Yes | `host=...` | PostgreSQL connection string | | `REDIS_URL` | Yes | `redis://...` | Redis connection URL | | `JWT_SECRET` | Yes | `secret123` | JWT signing key | | `GOOGLE_CLIENT_ID` | No | `xxx.apps.googleusercontent.com` | Google OAuth | | `GITHUB_CLIENT_ID` | No | `Ov23li...` | GitHub OAuth | | `CLIENT_CALLBACK_URL` | Yes | `http://localhost:8080/v1/auth` | OAuth callback base URL | | `APP_URL` | Yes | `http://localhost:8080` | Application URL | --- ## 🎯 Next Steps 1. Setup monitoring (Prometheus + Grafana) 2. Configure log aggregation (ELK Stack) 3. Setup automated backups 4. Configure CI/CD pipeline 5. Setup staging environment 6. Configure load balancing (if needed) --- 💡 **Pro Tip**: Her deployment öncesi staging ortamında test edin!