ehsan-minadd/peikarband
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

refactor: reorganize project structure for better maintainability

Browse Source 
- Move Docker files to build/docker/
- Move CI/CD configs to build/ci/
- Move deployment configs to deploy/ (helm, k8s, argocd)
- Move config files to config/
- Move scripts to tools/
- Consolidate assets to assets/ (Reflex compatible)
- Add data/ directory for local data (gitignored)
- Update all path references in Makefile, Dockerfile, CI configs
- Add comprehensive README files for build/ and deploy/
- Update project documentation

Benefits:
- Clear separation of concerns
- Cleaner root directory
- Better developer experience
- Enterprise-grade structure
- Improved maintainability
This commit is contained in:
Ehsan.Asadi
2025-12-30 21:20:32 +03:30
parent 954387a8cf
commit 6820f0ee4f
45 changed files with 1737 additions and 361 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@@ -8,7 +8,6 @@ __pycache__/
*$py.class *$py.class
*.so *.so
.Python .Python
build/
develop-eggs/ develop-eggs/
dist/ dist/
downloads/ downloads/
@@ -27,6 +26,9 @@ venv/
env/ env/
ENV/ ENV/
# Local data directory
data/
# Reflex # Reflex
.web/ .web/
.reflex/ .reflex/

21
Makefile
View File

@@ -73,11 +73,12 @@ clean:
find . -type d -name ".mypy_cache" -exec rm -rf {} + find . -type d -name ".mypy_cache" -exec rm -rf {} +
find . -type d -name "*.egg-info" -exec rm -rf {} + find . -type d -name "*.egg-info" -exec rm -rf {} +
rm -rf .coverage htmlcov/ rm -rf .coverage htmlcov/
rm -rf dist/ build/ rm -rf dist/
# Docker commands # Docker commands
docker-build: docker-build:
DOCKER_BUILDKIT=$(DOCKER_BUILDKIT) docker build \ DOCKER_BUILDKIT=$(DOCKER_BUILDKIT) docker build \
-f build/docker/Dockerfile \
-t $(IMAGE_NAME):$(VERSION) \ -t $(IMAGE_NAME):$(VERSION) \
-t $(IMAGE_NAME):latest \ -t $(IMAGE_NAME):latest \
--build-arg VERSION=$(VERSION) \ --build-arg VERSION=$(VERSION) \
@@ -95,23 +96,23 @@ docker-login:
@docker login $(REGISTRY) @docker login $(REGISTRY)
docker-up: docker-up:
docker-compose up -d docker-compose -f build/docker/docker-compose.yml up -d
docker-down: docker-down:
docker-compose down docker-compose -f build/docker/docker-compose.yml down
# Helm commands # Helm commands
helm-lint: helm-lint:
helm lint helm/peikarband helm lint deploy/helm/peikarband
helm-template: helm-template:
helm template $(HELM_RELEASE) helm/peikarband --debug helm template $(HELM_RELEASE) deploy/helm/peikarband --debug
helm-package: helm-package:
helm package helm/peikarband --destination . helm package deploy/helm/peikarband --destination .
helm-install: helm-install:
helm install $(HELM_RELEASE) helm/peikarband \ helm install $(HELM_RELEASE) deploy/helm/peikarband \
--namespace $(NAMESPACE) \ --namespace $(NAMESPACE) \
--create-namespace \ --create-namespace \
--set image.repository=$(REGISTRY)/$(IMAGE_NAME) \ --set image.repository=$(REGISTRY)/$(IMAGE_NAME) \
@@ -119,7 +120,7 @@ helm-install:
--wait --wait
helm-upgrade: helm-upgrade:
helm upgrade --install $(HELM_RELEASE) helm/peikarband \ helm upgrade --install $(HELM_RELEASE) deploy/helm/peikarband \
--namespace $(NAMESPACE) \ --namespace $(NAMESPACE) \
--set image.repository=$(REGISTRY)/$(IMAGE_NAME) \ --set image.repository=$(REGISTRY)/$(IMAGE_NAME) \
--set image.tag=$(VERSION) \ --set image.tag=$(VERSION) \
@@ -135,8 +136,8 @@ k8s-deploy: docker-build docker-push helm-upgrade
# Database # Database
migrate: migrate:
alembic upgrade head alembic -c config/alembic.ini upgrade head
seed: seed:
python3 scripts/seed_database.py python3 tools/scripts/seed_database.py

23
README.md
View File

@@ -95,7 +95,7 @@ docker-compose up -d
```bash ```bash
# Deploy # Deploy
helm upgrade --install peikarband ./helm/peikarband \ helm upgrade --install peikarband ./deploy/helm/peikarband \
--namespace production \ --namespace production \
--set image.tag=0.1.0 --set image.tag=0.1.0
@@ -108,20 +108,25 @@ make k8s-deploy
## 📁 ساختار پروژه ## 📁 ساختار پروژه
``` ```
peikarband/ peikarband-landing/
├── docs/ # مستندات ├── build/ # Build configs (Docker, CI/CD)
├── src/ ├── deploy/ # Deployment configs (Helm, K8s, ArgoCD)
├── config/ # Configuration files
├── tools/ # Scripts و ابزارها
├── assets/ # Static assets
├── src/ # Source code (Clean Architecture)
│ ├── config/ # تنظیمات │ ├── config/ # تنظیمات
│ ├── core/ # هسته اصلی │ ├── core/ # هسته اصلی (Domain + Application)
│ │ ├── domain/ # Domain entities & logic
│ │ └── application/ # Use cases & DTOs
│ ├── infrastructure/ # پیاده‌سازی‌های فنی │ ├── infrastructure/ # پیاده‌سازی‌های فنی
│ ├── presentation/ # رابط کاربری │ ├── presentation/ # رابط کاربری (Reflex)
│ └── shared/ # کدهای مشترک │ └── shared/ # کدهای مشترک
├── tests/ # تست‌ها ├── tests/ # تست‌ها
── scripts/ # اسکریپت‌های کمکی ── docs/ # مستندات کامل
└── data/ # Local data (gitignored)
``` ```
📖 [ساختار کامل پروژه](docs/PROJECT_STRUCTURE.md)
## 🧪 تست ## 🧪 تست
```bash ```bash

0
src/presentation/web/assets/wordpress.gif → assets/wordpress.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 456 KiB

After

Width:  |  Height:  |  Size: 456 KiB

81
build/README.md Normal file
View File

@@ -0,0 +1,81 @@
# Build Directory
این دایرکتوری شامل همه فایل‌های مربوط به **build process** پروژه است.
## 📁 ساختار
```
build/
├── docker/ # Docker configurations
│ ├── Dockerfile # Main application Dockerfile
│ ├── Dockerfile.base # Base image reference
│ ├── docker-compose.yml # Local development
│ └── .dockerignore
└── ci/ # CI/CD configurations
└── woodpecker.yml # Woodpecker CI pipeline
```
## 🐳 Docker
### Dockerfile
Multi-stage Dockerfile برای بهینه‌سازی حجم image و امنیت:
- **Stage 1 (Builder)**: Build و compile
- **Stage 2 (Runtime)**: Image نهایی بدون build tools
**Build:**
```bash
make docker-build
# یا
docker build -f build/docker/Dockerfile -t peikarband/landing:latest .
```
### Dockerfile.base
فایل مرجع برای base image که در repo جداگانه build می‌شود:
- Repo: `peikarband/base`
- Registry: `hub.peikarband.ir/peikarband/base:latest`
### docker-compose.yml
برای development محلی:
```bash
make docker-up
# یا
docker-compose -f build/docker/docker-compose.yml up -d
```
## 🔄 CI/CD
### woodpecker.yml
Woodpecker CI pipeline configuration:
- Build Docker image
- Push به Harbor registry
- Tag with commit SHA
- Cache optimization
**تنظیمات مورد نیاز:**
- `HARBOR_USERNAME`: Harbor registry username
- `HARBOR_PASSWORD`: Harbor registry password
## 🎯 Best Practices
1. **Docker Images**
- Multi-stage builds
- Minimal runtime dependencies
- Non-root user
- Health checks
2. **CI/CD**
- Cache layers
- Automated testing
- Semantic versioning
- Registry push on main branch only
3. **Security**
- Scan images for vulnerabilities
- Sign images
- Use specific versions (no `:latest` in production)
## 📚 مستندات بیشتر
- [Deployment Guide](../docs/deployment/kubernetes.md)
- [Production Deployment](../docs/deployment/PRODUCTION_DEPLOYMENT.md)

2
.woodpecker.yml → build/ci/woodpecker.yml
View File

@@ -16,7 +16,7 @@ pipeline:
- latest - latest
- ${CI_COMMIT_SHA:0:8} - ${CI_COMMIT_SHA:0:8}
dockerfile: Dockerfile dockerfile: build/docker/Dockerfile
context: . context: .
platforms: linux/amd64 platforms: linux/amd64

8
Dockerfile → build/docker/Dockerfile
View File

@@ -76,7 +76,7 @@ RUN set -ex && \
find /build -type f -name "*.pyc" -delete && \ find /build -type f -name "*.pyc" -delete && \
find /build -type f -name "*.pyo" -delete && \ find /build -type f -name "*.pyo" -delete && \
# Remove development files # Remove development files
rm -rf /build/tests /build/docs /build/scripts && \ rm -rf /build/tests /build/docs /build/tools && \
rm -rf /build/.git /build/.github /build/.vscode && \ rm -rf /build/.git /build/.github /build/.vscode && \
rm -rf /build/venv /build/env && \ rm -rf /build/venv /build/env && \
# Remove node_modules but KEEP .web (frontend static files) # Remove node_modules but KEEP .web (frontend static files)
@@ -130,8 +130,8 @@ COPY --from=builder /root/.local /home/peikarband/.local
COPY --from=builder /build /app COPY --from=builder /build /app
# Copy and set up runtime script # Copy and set up runtime script
COPY --chown=peikarband:peikarband scripts/update-env-json.sh /app/scripts/update-env-json.sh COPY --chown=peikarband:peikarband tools/scripts/update-env-json.sh /app/tools/scripts/update-env-json.sh
RUN chmod +x /app/scripts/update-env-json.sh RUN chmod +x /app/tools/scripts/update-env-json.sh
# Fix ownership # Fix ownership
RUN chown -R peikarband:peikarband /home/peikarband/.local /app RUN chown -R peikarband:peikarband /home/peikarband/.local /app
@@ -165,7 +165,7 @@ HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
# Use tini as init system for proper signal handling # Use tini as init system for proper signal handling
# Update .web/env.json from API_URL env var, then run the app # Update .web/env.json from API_URL env var, then run the app
ENTRYPOINT ["/usr/bin/tini", "--", "/app/scripts/update-env-json.sh"] ENTRYPOINT ["/usr/bin/tini", "--", "/app/tools/scripts/update-env-json.sh"]
# Run application (both frontend and backend) # Run application (both frontend and backend)
CMD ["python", "-m", "reflex", "run", "--env", "prod"] CMD ["python", "-m", "reflex", "run", "--env", "prod"]

54
build/docker/Dockerfile.base Normal file
View File

@@ -0,0 +1,54 @@
# Base Image for Peikarband Projects
#
# This Dockerfile should be in a SEPARATE repository: peikarband/base
# It's kept here for reference only.
#
# Purpose: Pre-installed build tools (Python, Node.js, bun, gcc, etc.)
# Registry: hub.peikarband.ir/peikarband/base:latest
#
# This image is built once and cached, making subsequent builds much faster
# All Peikarband projects should use this base image
ARG PYTHON_VERSION=3.11
ARG NODE_VERSION=20
FROM python:${PYTHON_VERSION}-slim AS base
LABEL maintainer="Peikarband Team <dev@peikarband.ir>"
LABEL description="Base image with Python, Node.js, bun, and build tools"
WORKDIR /build
# Install build dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
gcc \
g++ \
make \
curl \
gnupg \
ca-certificates \
unzip \
&& rm -rf /var/lib/apt/lists/*
# Install Node.js (required for Reflex)
RUN curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash - \
&& apt-get install -y --no-install-recommends nodejs \
&& rm -rf /var/lib/apt/lists/*
# Install bun (required by Reflex for frontend build)
# Retry mechanism for network issues
RUN set -ex && \
for i in 1 2 3 4 5; do \
curl -fsSL https://bun.sh/install | bash && break || \
(echo "Attempt $i failed, retrying in 5 seconds..." && sleep 5); \
done || (echo "Failed to install bun after 5 attempts" && exit 1)
# Add bun to PATH
ENV PATH="/root/.bun/bin:${PATH}"
# Verify installations
RUN python --version && \
node --version && \
npm --version && \
bun --version

0
docker-compose.yml → build/docker/docker-compose.yml
View File

0
alembic.ini → config/alembic.ini
View File

0
mypy.ini → config/mypy.ini
View File

0
pytest.ini → config/pytest.ini
View File

26
config/reflex.config.py Normal file
View File

@@ -0,0 +1,26 @@
"""Reflex configuration file.
This file configures the Reflex application settings.
"""
import os
import reflex as rx
# Environment-aware configuration
API_URL = os.getenv("API_URL", "http://localhost:8000")
FRONTEND_PORT = int(os.getenv("FRONTEND_PORT", "3000"))
BACKEND_PORT = int(os.getenv("BACKEND_PORT", "8000"))
DB_URL = os.getenv("DATABASE_URL", "sqlite:///reflex.db")
config = rx.Config(
app_name="peikarband",
api_url=API_URL,
frontend_port=FRONTEND_PORT,
backend_port=BACKEND_PORT,
db_url=DB_URL,
disable_plugins=["reflex.plugins.sitemap.SitemapPlugin"],
stylesheets=[
"https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800;900&display=swap",
"https://cdn.jsdelivr.net/gh/rastikerdar/vazirmatn@v33.003/Vazirmatn-font-face.css",
],
)

226
deploy/README.md Normal file
View File

@@ -0,0 +1,226 @@
# Deploy Directory
این دایرکتوری شامل همه فایل‌های مربوط به **deployment** پروژه است.
## 📁 ساختار
```
deploy/
├── helm/ # Helm charts
│ └── peikarband/
│ ├── Chart.yaml # Chart metadata
│ ├── values.yaml # Default values
│ ├── values-production.yaml
│ ├── values-staging.yaml
│ └── templates/ # K8s resource templates
├── kubernetes/ # Raw K8s manifests
│ └── secrets-template.yaml
└── argocd/ # ArgoCD GitOps
├── application.yaml
├── application-staging.yaml
└── README.md
```
## ⚓ Helm Charts
### نصب با Helm
**Staging:**
```bash
helm upgrade --install peikarband ./deploy/helm/peikarband \
--namespace staging \
--values deploy/helm/peikarband/values-staging.yaml \
--create-namespace
```
**Production:**
```bash
helm upgrade --install peikarband ./deploy/helm/peikarband \
--namespace production \
--values deploy/helm/peikarband/values-production.yaml \
--create-namespace
```
**یا استفاده از Makefile:**
```bash
make helm-upgrade NAMESPACE=production
```
### Values Files
- **`values.yaml`**: Default values (برای development)
- **`values-staging.yaml`**: Staging overrides
- **`values-production.yaml`**: Production overrides
**مهم‌ترین تنظیمات:**
```yaml
image:
repository: hub.peikarband.ir/peikarband/landing
tag: "latest"
resources:
requests:
cpu: 500m
memory: 512Mi
limits:
cpu: 1000m
memory: 1Gi
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
```
## ☸️ Kubernetes Manifests
### Secrets
Template برای secrets:
```bash
kubectl create secret generic peikarband-secrets \
--from-file=deploy/kubernetes/secrets-template.yaml \
--namespace production
```
## 🔄 ArgoCD GitOps
### Setup ArgoCD Application
**Staging:**
```bash
kubectl apply -f deploy/argocd/application-staging.yaml
```
**Production:**
```bash
kubectl apply -f deploy/argocd/application.yaml
```
### Sync Policy
- **Auto-sync**: Enabled برای staging
- **Manual sync**: Required برای production
### مانیتورینگ
```bash
argocd app get peikarband
argocd app sync peikarband
argocd app logs peikarband
```
## 🎯 Deployment Flow
```mermaid
graph LR
A[Code Push] --> B[CI Build]
B --> C[Push Image]
C --> D{Environment}
D -->|Staging| E[ArgoCD Auto-Sync]
D -->|Production| F[Manual ArgoCD Sync]
E --> G[Deploy]
F --> G
```
### Staging Deployment
1. Push به branch `main`
2. CI builds & pushes image
3. ArgoCD auto-sync
4. Rolling update
### Production Deployment
1. Tag release (e.g., `v1.0.0`)
2. CI builds & pushes image با tag
3. Update `values-production.yaml` با tag جدید
4. Manual ArgoCD sync یا `make helm-upgrade`
5. Rolling update با health checks
## 🔍 Troubleshooting
### Check Pod Status
```bash
kubectl get pods -n production
kubectl logs -f deployment/peikarband -n production
kubectl describe pod <pod-name> -n production
```
### Check Helm Release
```bash
helm list -n production
helm status peikarband -n production
helm history peikarband -n production
```
### Rollback
```bash
helm rollback peikarband <revision> -n production
# یا
kubectl rollout undo deployment/peikarband -n production
```
## 📊 Monitoring & Observability
### Health Checks
- **Liveness**: `/ping` endpoint
- **Readiness**: `/health` endpoint
- **Startup**: 60s timeout
### Metrics
- Prometheus metrics exposed on `/metrics`
- Grafana dashboards
- Alert rules
### Logs
- Centralized logging with Loki
- Log aggregation
- Search & filtering
## 🔐 Security
### Secrets Management
- Kubernetes Secrets
- Sealed Secrets (recommended)
- External Secrets Operator
### Network Policies
- Ingress rules defined
- Egress restrictions
- Service mesh (optional)
### RBAC
- ServiceAccount per namespace
- Minimal permissions
- Pod Security Standards
## 🎯 Best Practices
1. **Versioning**
- Semantic versioning
- Tag images با versions
- Lock Helm chart versions
2. **Resources**
- Set requests & limits
- Monitor usage
- Right-size pods
3. **Autoscaling**
- HPA based on CPU/memory
- VPA for recommendations
- Cluster autoscaling
4. **High Availability**
- Multiple replicas (min 2)
- Pod disruption budgets
- Anti-affinity rules
5. **Updates**
- Rolling updates
- Health checks
- Gradual rollout
## 📚 مستندات بیشتر
- [Deployment Checklist](../docs/deployment/DEPLOYMENT_CHECKLIST.md)
- [Production Deployment Guide](../docs/deployment/PRODUCTION_DEPLOYMENT.md)
- [Quick Start](../docs/deployment/DEPLOYMENT_QUICK_START.md)
- [Kubernetes Guide](../docs/deployment/kubernetes.md)

0
argocd/README.md → deploy/argocd/README.md
View File

0
argocd/application-staging.yaml → deploy/argocd/application-staging.yaml
View File

0
argocd/application.yaml → deploy/argocd/application.yaml
View File

0
helm/peikarband/.helmignore → deploy/helm/peikarband/.helmignore
View File

0
helm/peikarband/Chart.yaml → deploy/helm/peikarband/Chart.yaml
View File

0
helm/peikarband/README.md → deploy/helm/peikarband/README.md
View File

0
helm/peikarband/templates/NOTES.txt → deploy/helm/peikarband/templates/NOTES.txt
View File

0
helm/peikarband/templates/_helpers.tpl → deploy/helm/peikarband/templates/_helpers.tpl
View File

0
helm/peikarband/templates/configmap.yaml → deploy/helm/peikarband/templates/configmap.yaml
View File

0
helm/peikarband/templates/deployment.yaml → deploy/helm/peikarband/templates/deployment.yaml
View File

0
helm/peikarband/templates/docker-registry.yaml → deploy/helm/peikarband/templates/docker-registry.yaml
View File

0
helm/peikarband/templates/hpa.yaml → deploy/helm/peikarband/templates/hpa.yaml
View File

0
helm/peikarband/templates/ingress.yaml → deploy/helm/peikarband/templates/ingress.yaml
View File

0
helm/peikarband/templates/networkpolicy.yaml → deploy/helm/peikarband/templates/networkpolicy.yaml
View File

0
helm/peikarband/templates/pdb.yaml → deploy/helm/peikarband/templates/pdb.yaml
View File

0
helm/peikarband/templates/service.yaml → deploy/helm/peikarband/templates/service.yaml
View File

0
helm/peikarband/templates/serviceaccount.yaml → deploy/helm/peikarband/templates/serviceaccount.yaml
View File

0
helm/peikarband/values-production.yaml → deploy/helm/peikarband/values-production.yaml
View File

0
helm/peikarband/values-staging.yaml → deploy/helm/peikarband/values-staging.yaml
View File

0
helm/peikarband/values.yaml → deploy/helm/peikarband/values.yaml
View File

360
docs/PROJECT_STRUCTURE.md Normal file
View File

@@ -0,0 +1,360 @@
# ساختار پروژه پیکربند - Landing Page
## 📁 ساختار کلی (بازسازی شده)
```
peikarband-landing/
├── README.md # Main project documentation
├── requirements.txt # Production dependencies
├── requirements-dev.txt # Development dependencies
├── Makefile # Build automation commands
├── rxconfig.py # Reflex config loader (imports from config/)
├── .gitignore
├── build/ # 🔨 همه چیز مربوط به Build
│ ├── docker/
│ │ ├── Dockerfile # Main application Dockerfile
│ │ ├── Dockerfile.base # Base image (reference)
│ │ ├── docker-compose.yml # Local development setup
│ │ └── .dockerignore
│ └── ci/
│ └── woodpecker.yml # CI/CD pipeline configuration
├── deploy/ # 🚀 همه چیز مربوط به Deployment
│ ├── helm/
│ │ └── peikarband/ # Helm chart
│ │ ├── Chart.yaml
│ │ ├── templates/ # K8s resource templates
│ │ ├── values.yaml # Default values
│ │ ├── values-production.yaml
│ │ └── values-staging.yaml
│ ├── kubernetes/
│ │ └── secrets-template.yaml # K8s manifest templates
│ └── argocd/ # ArgoCD GitOps configs
│ ├── application.yaml
│ ├── application-staging.yaml
│ ├── README.md
│ └── secrets/
├── config/ # ⚙️ همه Configuration Files
│ ├── alembic.ini # Database migration config
│ ├── mypy.ini # Type checking config
│ ├── pytest.ini # Test configuration
│ └── reflex.config.py # Reflex app configuration
├── tools/ # 🔧 Scripts و ابزارهای کمکی
│ ├── scripts/
│ │ ├── update-env-json.sh # Runtime config updater
│ │ └── diagnose-502.sh # Diagnostic tools
│ └── setup.py # Package setup
├── assets/ # 🎨 Static Assets (served by Reflex)
│ ├── logo.png
│ ├── banner-3.gif
│ ├── custom.css
│ ├── hero-*.svg
│ └── wordpress*.gif
├── data/ # 💾 Local Data (gitignored)
│ ├── db/ # Local database files
│ ├── cache/ # Cache files
│ └── logs/ # Log files
├── src/ # 💻 Source Code (Clean Architecture)
│ ├── config/ # Application configuration
│ │ ├── settings.py
│ │ ├── database.py
│ │ ├── cache.py
│ │ └── logging.py
│ ├── core/ # Core business logic
│ │ ├── domain/ # Domain layer
│ │ │ ├── entities/ # Domain entities
│ │ │ ├── value_objects/ # Value objects
│ │ │ ├── enums/ # Domain enums
│ │ │ └── exceptions/ # Domain exceptions
│ │ └── application/ # Application layer
│ │ ├── use_cases/ # Use cases
│ │ ├── dto/ # Data Transfer Objects
│ │ ├── interfaces/ # Interfaces/Ports
│ │ └── validators/ # Validators
│ ├── infrastructure/ # Infrastructure layer
│ │ ├── database/ # Database implementation
│ │ │ ├── models/ # SQLAlchemy models
│ │ │ ├── repositories/ # Repository implementations
│ │ │ └── migrations/ # Alembic migrations
│ │ ├── cache/ # Cache implementation (Redis)
│ │ ├── external/ # External API integrations
│ │ │ ├── email/
│ │ │ ├── sms/
│ │ │ ├── payment/
│ │ │ └── providers/
│ │ ├── security/ # Security implementations
│ │ └── tasks/ # Background tasks (Celery)
│ ├── presentation/ # Presentation layer
│ │ ├── web/ # Reflex web application
│ │ │ ├── pages/ # Reflex pages
│ │ │ ├── components/ # Reusable components
│ │ │ ├── state/ # Application state
│ │ │ └── styles/ # Styling
│ │ └── api/ # REST API endpoints (if needed)
│ │ ├── routes/
│ │ └── middleware/
│ └── shared/ # Shared utilities
│ ├── events/ # Event system
│ └── messaging/ # Message bus
├── tests/ # 🧪 Test Suites
│ ├── unit/ # Unit tests
│ │ ├── core/
│ │ └── infrastructure/
│ ├── integration/ # Integration tests
│ │ ├── database/
│ │ └── external/
│ ├── e2e/ # End-to-end tests
│ │ └── scenarios/
│ ├── fixtures/ # Test fixtures
│ └── conftest.py # Pytest configuration
├── docs/ # 📚 Documentation
│ ├── api/ # API documentation
│ ├── architecture/ # Architecture docs
│ │ ├── overview.md
│ │ └── database-strategy.md
│ ├── deployment/ # Deployment guides
│ │ ├── DEPLOYMENT_CHECKLIST.md
│ │ ├── DEPLOYMENT_QUICK_START.md
│ │ ├── PRODUCTION_DEPLOYMENT.md
│ │ ├── CHANGELOG-DEPLOYMENT.md
│ │ └── kubernetes.md
│ ├── development/ # Development guides
│ │ ├── setup.md
│ │ ├── coding-standards.md
│ │ └── git-workflow.md
│ ├── changelog/ # Change logs
│ │ ├── CHANGELOG.md
│ │ ├── migrations.md
│ │ └── known-issues.md
│ ├── operations/ # Operations docs
│ ├── handbook.md # Complete handbook
│ └── PROJECT_STRUCTURE.md # This file
└── tmp/ # Temporary files (gitignored)
```
## 🎯 معماری جدید - Separation of Concerns
### 1. `build/` - Build Configurations
**هدف**: جداسازی همه چیز مربوط به build process
- **`build/docker/`**: تمام فایل‌های Docker
- Multi-stage Dockerfile با optimization
- Docker Compose برای development
- .dockerignore
- **`build/ci/`**: CI/CD configurations
- Woodpecker CI pipeline
- سایر CI configs (GitHub Actions, GitLab CI)
**مزایا**:
- ✅ Root directory تمیزتر
- ✅ Build configs مدیریت شده در یک مکان
- ✅ CI/CD configs جدا از کد
### 2. `deploy/` - Deployment Configurations
**هدف**: تمرکز همه deployment configs
- **`deploy/helm/`**: Helm charts
- Production و Staging values
- Templates برای تمام K8s resources
- **`deploy/kubernetes/`**: Raw K8s manifests
- Secret templates
- Custom resources
- **`deploy/argocd/`**: ArgoCD GitOps
- Application definitions
- Sync policies
**مزایا**:
- ✅ یک مکان برای همه deployment
- ✅ واضح برای DevOps engineers
- ✅ جداسازی از source code
### 3. `config/` - Configuration Files
**هدف**: تمرکز همه config files
- `alembic.ini`: Database migrations
- `mypy.ini`: Type checking
- `pytest.ini`: Testing
- `reflex.config.py`: Reflex framework
**مزایا**:
- ✅ Root directory خلوت‌تر
- ✅ Configs به راحتی پیدا می‌شوند
- ✅ مدیریت بهتر
### 4. `tools/` - Utility Scripts
**هدف**: جداسازی scripts و ابزارها
- Runtime scripts
- Diagnostic tools
- Setup utilities
**مزایا**:
- ✅ Scripts منظم و دسته‌بندی شده
- ✅ جدا از source code
### 5. `assets/` - Consolidated Assets
**هدف**: یک مکان واحد برای همه static assets
**قبلاً**: Assets پراکنده در `assets/` و `src/presentation/web/assets/`
**الان**: همه در `assets/` (served directly by Reflex)
**فایل‌های موجود**:
- `logo.png` - لوگوی پیکربند
- `banner-3.gif` - Banner animation
- `wordpress-logo.gif` - WordPress logo
- `hero-*.svg` - Hero section icons
- `custom.css` - Custom styles
**استفاده در کد**:
```python
rx.image(src="/logo.png") # Reflex serves from /assets
```
**مزایا**:
- ✅ No duplication
- ✅ یک منبع حقیقت
- ✅ مدیریت آسان‌تر
- ✅ سازگار با Reflex
### 6. `data/` - Local Data (gitignored)
**هدف**: Local development data
- `data/db/`: SQLite و database files
- `data/cache/`: Redis dumps
- `data/logs/`: Log files
**مزایا**:
- ✅ Data جدا از code
- ✅ .gitignore شده
- ✅ Clean repository
## 🔗 ارتباط با پروژه‌های دیگر
### Base Image Repository
- **Repo**: `peikarband/base`
- **Registry**: `hub.peikarband.ir/peikarband/base:latest`
- **Purpose**: Base image with Python, Node.js, bun, build tools
- **Build**: Separate CI/CD pipeline
- **Usage**: Referenced in `build/docker/Dockerfile`
### Landing Page (This Repo)
- **Repo**: `peikarband/landing`
- **Registry**: `hub.peikarband.ir/peikarband/landing:latest`
- **Purpose**: Landing page application
- **Dependencies**: Uses base image
## 📝 فایل‌های Root (Minimal)
### ضروری
- `README.md`: Main documentation
- `requirements.txt`: Dependencies
- `Makefile`: Build commands
- `rxconfig.py`: Reflex config loader
- `.gitignore`: Git ignore rules
### حذف شده از Root
-`Dockerfile``build/docker/`
-`docker-compose.yml``build/docker/`
-`.woodpecker.yml``build/ci/`
-`alembic.ini``config/`
-`pytest.ini``config/`
-`mypy.ini``config/`
-`scripts/``tools/scripts/`
-`setup.py``tools/`
-`helm/``deploy/helm/`
-`argocd/``deploy/argocd/`
- ❌ Duplicate assets → `assets/static/`
## 🎯 Best Practices
### Root Directory
- ✅ فقط فایل‌های ضروری
- ✅ Config files در `config/`
- ✅ Build files در `build/`
- ✅ Deploy files در `deploy/`
### Source Code (`src/`)
- ✅ Clean Architecture layers
- ✅ Separation of concerns
- ✅ SOLID principles
### Documentation
- ✅ همه docs در `docs/`
- ✅ دسته‌بندی منطقی
- ✅ به‌روز و جامع
### Deployment
- ✅ Helm charts محیط‌محور
- ✅ ArgoCD GitOps
- ✅ Secrets جدا از code
### Testing
- ✅ Unit/Integration/E2E جدا
- ✅ Fixtures منظم
- ✅ Coverage بالا
## 🚀 مزایای معماری جدید
1. **Clarity**
- واضح است که هر فایل کجا باشد
- Navigation آسان‌تر
2. **Maintainability** 🔧
- نگهداری آسان‌تر
- Onboarding سریع‌تر
3. **Scalability** 📈
- اضافه کردن configs جدید ساده
- مقیاس‌پذیری بهتر
4. **Professional** 💼
- استاندارد enterprise projects
- Best practices معماری
5. **Developer Experience** 👨‍💻
- کم‌تر سردرگم
- Productivity بالاتر
## 📊 مقایسه قبل و بعد
### قبل
```
root/
├── 15+ config files 😰
├── Docker files
├── CI configs
├── helm/
├── argocd/
├── scripts/
├── assets/ (duplicate!)
└── src/
```
### بعد
```
root/
├── 4 essential files only 😌
├── build/ (organized)
├── deploy/ (organized)
├── config/ (organized)
├── tools/ (organized)
├── assets/static/ (consolidated)
└── src/ (clean)
```
---
**آخرین بروزرسانی**: 2025-01-30
**نسخه معماری**: 2.0 (Restructured)

239
docs/deployment/CHANGELOG-DEPLOYMENT.md Normal file
View File

@@ -0,0 +1,239 @@
# Changelog - Production Deployment Setup
تمام تغییرات مربوط به آماده‌سازی دیپلوی Production در این فایل ثبت می‌شود.
## [1.0.0] - 2025-12-26 - ApprovalToken:PROD-001
### ✅ Added
#### CI/CD Pipeline
- **woodpecker.yml**: پایپلاین کامل CI/CD با 11 stage
- Linting (Python & YAML)
- Unit & Integration Tests
- Security Scanning (Safety, Bandit, Trivy, Trufflehog)
- Docker Build & Push
- Helm Validation
- Database Migration Check
- Automated Deployment (Staging & Production)
- Post-Deployment Verification
- Notifications (Telegram & Slack)
#### Docker & Registry
- **.dockerignore**: بهینه‌سازی Docker build با exclude کردن فایل‌های غیرضروری
- **Dockerfile** (بهبود یافته):
- Multi-stage build برای کاهش حجم image
- Security hardening (non-root user, tini init, minimal runtime)
- Build arguments برای versioning
- Health checks بهبود یافته
- Labels و metadata کامل
#### Kubernetes & Helm
- **k8s/secrets-template.yaml**: Template کامل برای Kubernetes secrets
- Harbor registry credentials
- Application secrets (DB, Redis, JWT, etc.)
- External provider credentials
- CI/CD secrets
- مثال‌های External Secrets Operator
#### Configuration Files
- **.env.example**: Template کامل environment variables (200+ configs)
- Application settings
- Database & Redis
- Security & JWT
- Cloud providers (DigitalOcean, Hetzner, OVH)
- Payment gateways (Zarinpal, IDPay)
- Notification services (Email, SMS, Telegram)
- Monitoring & logging
- Feature flags
- **.yamllint.yml**: پیکربندی YAML linter برای validation
#### Health Checks
- **src/presentation/api/routes/health.py**: Endpoints کامل health checking
- `/ping`: Basic health check
- `/health`: Detailed health with dependencies
- `/ready`: Readiness probe برای Kubernetes
- `/live`: Liveness probe
- `/metrics`: Basic metrics endpoint
#### Documentation
- **docs/deployment/PRODUCTION_DEPLOYMENT.md**: راهنمای کامل 50+ صفحه‌ای
- تنظیمات Harbor Registry
- پیکربندی Kubernetes
- راه‌اندازی ArgoCD
- تنظیمات Woodpecker CI
- مراحل دیپلوی اولیه
- مانیتورینگ و logging
- عیب‌یابی مشکلات متداول
- **DEPLOYMENT_QUICK_START.md**: راهنمای سریع 10 دقیقه‌ای
- Setup سریع در 5 مرحله
- Checklist production-ready
- دستورات مفید
- Pipeline flow diagram
### 🔄 Modified
#### Build & Deploy
- **Makefile**: آپدیت برای Harbor registry
- تغییر REGISTRY به `harbor.peikarband.ir`
- اضافه شدن DOCKER_BUILDKIT flag
- بهبود docker-build با build arguments
- اضافه شدن docker-login command
#### Helm Charts
- **helm/peikarband/values.yaml**:
- آپدیت image repository به Harbor
- اضافه شدن imagePullSecrets
#### ArgoCD Applications
- **argocd/application.yaml** (Production):
- اضافه شدن annotations برای notifications
- اضافه شدن labels
- تعیین targetRevision به `main`
- اضافه شدن Helm parameters برای image
- بهبود syncOptions
- **argocd/application-staging.yaml** (Staging):
- اضافه شدن annotations و labels
- targetRevision: `develop`
- Helm parameters برای staging
### 🏗️ Infrastructure Changes
#### Registry Strategy
- **Before**: `registry.example.com`
- **After**: `harbor.peikarband.ir/peikarband/landing`
- **Authentication**: Robot account با محدودیت دسترسی
#### Deployment Strategy
- **GitOps**: ArgoCD برای automated sync
- **CI/CD**: Woodpecker برای build و test
- **Environments**:
- Production: `main` branch → `peikarband.ir`
- Staging: `develop` branch → `staging.peikarband.ir`
#### Security Improvements
- Image scanning با Trivy
- Secret scanning با Trufflehog
- Dependency scanning با Safety
- Code security با Bandit
- Non-root containers
- Network policies enabled
- Pod security contexts configured
### 📊 Pipeline Metrics
- **Total Stages**: 11
- **Estimated Time**: 10-15 minutes
- **Parallelization**: Services (PostgreSQL, Redis)
- **Matrix Build**: Multi-arch support (amd64, arm64)
### 🔐 Security Checklist
- [x] Non-root user در Docker
- [x] Image vulnerability scanning
- [x] Secret management با Kubernetes
- [x] TLS/SSL با cert-manager
- [x] Network policies
- [x] Resource limits
- [x] Pod security contexts
- [x] Image pull secrets
### 📝 Configuration Files Summary
| File | Purpose | Status |
|------|---------|--------|
| woodpecker.yml | CI/CD Pipeline | ✅ Created |
| .dockerignore | Build optimization | ✅ Created |
| .env.example | Config template | ✅ Created |
| .yamllint.yml | YAML validation | ✅ Created |
| Dockerfile | Container image | ✅ Enhanced |
| Makefile | Build commands | ✅ Updated |
| k8s/secrets-template.yaml | K8s secrets | ✅ Created |
| argocd/application.yaml | Production GitOps | ✅ Updated |
| argocd/application-staging.yaml | Staging GitOps | ✅ Updated |
| helm/peikarband/values.yaml | Helm values | ✅ Updated |
### 🎯 Prerequisites for Production
1. **Kubernetes Cluster**
- Version: 1.24+
- Nodes: 3+ workers
- Resources: 6 CPU cores, 6GB RAM minimum
2. **External Services**
- Harbor Registry
- ArgoCD
- Woodpecker CI
- PostgreSQL 14+
- Redis 7+
3. **DNS Configuration**
- peikarband.ir
- staging.peikarband.ir
- harbor.peikarband.ir
- argocd.peikarband.ir
4. **Secrets Required**
- Harbor robot account
- Database credentials
- Redis password
- JWT secrets
- Cloud provider tokens
- Payment gateway keys
- Notification service tokens
### 🚀 Deployment Steps
1. Setup Harbor registry and create robot account
2. Create Kubernetes secrets
3. Install and configure ArgoCD
4. Configure Woodpecker CI secrets
5. Push code to trigger pipeline
6. Verify deployment with health checks
### 📚 Documentation Structure
```
docs/
├── deployment/
│ ├── PRODUCTION_DEPLOYMENT.md (50+ pages, complete guide)
│ └── kubernetes.md (existing)
├── DEPLOYMENT_QUICK_START.md (Quick reference)
└── CHANGELOG-DEPLOYMENT.md (This file)
```
### 🔗 References
- Harbor: https://goharbor.io
- ArgoCD: https://argo-cd.readthedocs.io
- Woodpecker: https://woodpecker-ci.org
- Kubernetes: https://kubernetes.io
### ⚠️ Breaking Changes
- Image repository path changed from `registry.example.com` to `harbor.peikarband.ir`
- Harbor authentication required
- Kubernetes secrets must be created before deployment
- Environment variables significantly expanded
### 🎉 Impact
این تغییرات پروژه را **کاملاً آماده برای دیپلوی Production** می‌کند با:
- ✅ Automated CI/CD pipeline
- ✅ Security scanning
- ✅ GitOps deployment
- ✅ Health monitoring
- ✅ Comprehensive documentation
- ✅ Production-grade Docker images
- ✅ Scalability support
- ✅ High availability configuration
---
**Approved By**: #اکسپت ApprovalToken:PROD-001
**Implementation Date**: 2025-12-26
**Status**: ✅ Complete
**Next Steps**: Follow DEPLOYMENT_QUICK_START.md for deployment

451
docs/deployment/DEPLOYMENT_CHECKLIST.md Normal file
View File

@@ -0,0 +1,451 @@
# ✅ Deployment Readiness Checklist - Peikarband
تاریخ بررسی: 2025-12-27
وضعیت: **READY FOR DEPLOYMENT** 🚀
---
## 📊 خلاصه بررسی
| Category | Status | Details |
|----------|--------|---------|
| Assets & Static Files | ✅ FIXED | `.dockerignore` اصلاح شد |
| Health Endpoints | ✅ FIXED | Endpoints متصل شدند |
| Dependencies | ✅ COMPLETE | `psutil` اضافه شد |
| Docker Build | ✅ READY | Multi-stage build optimized |
| CI/CD Pipeline | ✅ READY | Woodpecker configured |
| Kubernetes | ✅ READY | Helm charts + ArgoCD |
| Documentation | ✅ COMPLETE | راهنماهای کامل |
---
## 🔧 مشکلات برطرف شده
### 1⃣ Assets در Docker Image (CRITICAL) ✅
**مشکل**: فایل‌های استاتیک (logo.png, banner-3.gif, custom.css) در `.dockerignore` exclude شده بودند.
**راه‌حل**:
```diff
# Before
*.gif
*.png
*.svg
!assets/logo.png
# After
# Keep assets directory
!assets/
!src/presentation/web/assets/
```
**تاثیر**: بدون این تغییر، صفحه landing بدون تصاویر نمایش داده می‌شد.
---
### 2⃣ psutil Dependency (MEDIUM) ✅
**مشکل**: `psutil` برای metrics endpoint نیاز بود ولی در `requirements.txt` نبود.
**راه‌حل**: اضافه شد به requirements:
```python
psutil==5.9.6
```
**تاثیر**: بدون این، `/metrics` endpoint crash می‌کرد.
---
### 3⃣ Health Endpoints Integration (MEDIUM) ✅
**مشکل**: Health check endpoints تعریف شده بودند ولی به Reflex app متصل نبودند.
**راه‌حل**: `peikarband/peikarband.py` اصلاح شد:
```python
@rx.page(route="/ping")
def ping():
data = ping_endpoint()
return rx.box(rx.text(str(data)))
# + /health, /ready, /live
```
**تاثیر**: Kubernetes probes حالا کار می‌کنند.
---
## ✅ تایید شده
### Assets & Static Files ✅
-`/logo.png` - در navbar
-`/banner-3.gif` - در hero section
-`/custom.css` - استایل‌های سفارشی
-`assets/` directory شامل می‌شود
-`src/presentation/web/assets/` شامل می‌شود
### Reflex Configuration ✅
-`rxconfig.py` صحیح است
- ✅ Stylesheets (Vazirmatn, Inter) لود می‌شوند
- ✅ Ports: Frontend 3000, Backend 8000
### Docker Build ✅
- ✅ Multi-stage build (Builder + Runtime)
- ✅ Non-root user (peikarband:1000)
- ✅ Security hardening (tini, minimal runtime)
- ✅ Health checks configured
- ✅ Labels و metadata کامل
- ✅ BuildKit enabled
### Dependencies ✅
**Core:**
- ✅ reflex==0.4.0
- ✅ sqlalchemy==2.0.23
- ✅ psycopg2-binary==2.9.9
- ✅ redis==5.0.1
- ✅ psutil==5.9.6 ⭐ (اضافه شد)
**Security:**
- ✅ pyjwt==2.8.0
- ✅ cryptography==41.0.7
- ✅ passlib[bcrypt]==1.7.4
**Monitoring:**
- ✅ sentry-sdk==1.38.0
- ✅ prometheus-client==0.19.0
- ✅ structlog==23.2.0
### Health Checks ✅
-`/ping` - Basic health check
-`/health` - Detailed with dependencies
-`/ready` - Readiness probe
-`/live` - Liveness probe
-`/metrics` - System metrics (با psutil)
### Woodpecker CI Pipeline ✅
**Active Stages:**
- ✅ Lint (Python + YAML)
- ✅ Docker Build
- ✅ Helm Validation
- ✅ Migration Check
- ✅ ArgoCD Deployment
- ✅ Health Verification
- ✅ Notifications
**Temporarily Disabled** (برای سرعت اولیه):
- ⏸️ Unit Tests (commented)
- ⏸️ Integration Tests (commented)
- ⏸️ Security Scans (commented)
**توصیه**: بعد از اولین deploy موفق، uncomment کنید.
### Harbor Registry ✅
- ✅ URL: `harbor.peikarband.ir`
- ✅ Project: `peikarband`
- ✅ Image pull secrets configured
- ✅ Makefile updated
### Kubernetes & Helm ✅
- ✅ Helm chart validated
- ✅ values.yaml با Harbor registry
- ✅ values-production.yaml configured
- ✅ Resource limits defined
- ✅ HPA enabled (2-20 replicas)
- ✅ PDB enabled
- ✅ Network policies configured
### ArgoCD ✅
- ✅ Production app: `argocd/application.yaml`
- ✅ Staging app: `argocd/application-staging.yaml`
- ✅ Auto-sync enabled
- ✅ Notifications configured
- ✅ Image parameters set
### Documentation ✅
-`PRODUCTION_DEPLOYMENT.md` (50+ pages)
-`DEPLOYMENT_QUICK_START.md` (10 minutes)
-`CHANGELOG-DEPLOYMENT.md` (complete history)
- ✅ This checklist
---
## 🧪 Pre-Deployment Tests
### Local Testing:
```bash
# 1. Install dependencies
pip install -r requirements.txt
# 2. Run app locally
make dev
# OR
python3 -m reflex run
# 3. Test endpoints
curl http://localhost:8000/ping
curl http://localhost:8000/health
# 4. Kill processes
make kill-dev
```
### Docker Testing:
```bash
# 1. Build image
make docker-build
# 2. Run container
docker run -p 3000:3000 -p 8000:8000 peikarband/landing:latest
# 3. Test health
curl http://localhost:8000/ping
# 4. Check logs
docker logs <container_id>
```
### Helm Testing:
```bash
# 1. Lint chart
helm lint helm/peikarband
# 2. Dry run
helm template peikarband helm/peikarband \
--set image.tag=latest \
--debug
# 3. Validate
helm install peikarband helm/peikarband --dry-run
```
---
## 🚀 Deployment Steps
### Quick Deploy (از commit تا production):
1. **Push to Git**
```bash
git add .
git commit -m "feat: production-ready deployment"
git push origin main
```
2. **Woodpecker CI** (Automatic)
- ✅ Lint code
- ✅ Build Docker image
- ✅ Push to Harbor
- ✅ Update ArgoCD
- ⏱️ ~5-8 minutes
3. **ArgoCD** (Automatic)
- ✅ Sync Helm chart
- ✅ Deploy to Kubernetes
- ✅ Rolling update
- ⏱️ ~2-3 minutes
4. **Verify**
```bash
# Check pods
kubectl get pods -n peikarband
# Test endpoint
curl https://peikarband.ir/ping
# Check ArgoCD
argocd app get peikarband
```
**Total Time**: ~10 minutes از push تا production! 🎉
---
## ⚠️ Known Issues & Notes
### 1. Tests Temporarily Disabled
تست‌ها در woodpecker.yml موقتاً comment شدند برای سرعت بیشتر.
**برای فعال‌سازی**:
- Uncomment کردن test stages در `woodpecker.yml`
- اطمینان از PostgreSQL و Redis در CI environment
### 2. Reflex Export در Dockerfile
```dockerfile
RUN python -m reflex init --template blank && \
python -m reflex export --frontend-only --no-zip || true
```
`|| true` اضافه شده تا در صورت fail شدن export، build متوقف نشود.
**نکته**: Reflex در runtime mode اجرا می‌شود، نه export mode.
### 3. Database در Production
در حال حاضر از SQLite استفاده می‌شود. برای production:
```bash
# Update rxconfig.py
db_url="postgresql://USER:PASS@HOST:5432/peikarband"
# Run migrations
kubectl exec -it POD_NAME -n peikarband -- alembic upgrade head
```
---
## 📈 Performance Expectations
### Resource Usage:
- **Memory**: 512MB - 1GB per pod
- **CPU**: 0.5 - 1 core per pod
- **Startup Time**: 30-60 seconds
- **Response Time**: < 200ms
### Scaling:
- **Min Replicas**: 2 (production), 1 (staging)
- **Max Replicas**: 20 (production), 5 (staging)
- **Target CPU**: 60% (production), 70% (staging)
### Availability:
- **SLA Target**: 99.9% uptime
- **RTO**: < 5 minutes (Recovery Time Objective)
- **RPO**: < 1 hour (Recovery Point Objective)
---
## 🎯 Post-Deployment Tasks
### Immediate (Day 1):
- [ ] Verify all endpoints responding
- [ ] Check logs for errors
- [ ] Monitor resource usage
- [ ] Test domain and SSL
- [ ] Verify database connectivity
### Short-term (Week 1):
- [ ] Enable monitoring (Prometheus/Grafana)
- [ ] Set up alerting
- [ ] Configure backup strategy
- [ ] Enable security scans in CI
- [ ] Uncomment tests in pipeline
- [ ] Load testing
### Long-term (Month 1):
- [ ] Performance optimization
- [ ] Cost optimization
- [ ] Disaster recovery testing
- [ ] Security audit
- [ ] Documentation updates
---
## 🔐 Security Checklist
- [x] Non-root containers
- [x] Image pull secrets configured
- [x] TLS/SSL ready (cert-manager)
- [x] Network policies enabled
- [x] Resource limits set
- [x] Pod security contexts
- [x] Secrets in Kubernetes
- [ ] Vulnerability scanning (enable after deploy)
- [ ] RBAC configured
- [ ] Audit logging enabled
---
## 📚 Quick References
### Essential Commands:
```bash
# Logs
kubectl logs -f deployment/peikarband -n peikarband
# Scale
kubectl scale deployment peikarband --replicas=5 -n peikarband
# Restart
kubectl rollout restart deployment/peikarband -n peikarband
# Status
kubectl get all -n peikarband
# Describe
kubectl describe deployment peikarband -n peikarband
```
### Troubleshooting:
- **Pod CrashLoopBackOff**: Check logs with `--previous` flag
- **ImagePullError**: Verify Harbor credentials
- **Ingress 404**: Check DNS and ingress configuration
- **Database Error**: Verify secrets and connectivity
---
## ✅ Final Status
```
🎉 پروژه پیکربند آماده دیپلوی در Production است!
✅ Assets: FIXED
✅ Dependencies: COMPLETE
✅ Health Checks: WORKING
✅ Docker: OPTIMIZED
✅ CI/CD: CONFIGURED
✅ Kubernetes: READY
✅ Documentation: COMPLETE
📝 تغییرات اعمال شده:
1. .dockerignore اصلاح شد (assets شامل می‌شوند)
2. psutil به requirements اضافه شد
3. Health endpoints به Reflex متصل شدند
4. peikarband.py بروز شد
🚀 آماده برای: git push origin main
```
---
**تایید شده توسط**: AI Code Review
**تاریخ**: 2025-12-27
**نسخه**: 1.0.0
**Status**: ✅ PRODUCTION READY
---
## 🎁 Bonus
### VS Code Tasks (اختیاری):
ایجاد فایل `.vscode/tasks.json`:
```json
{
"version": "2.0.0",
"tasks": [
{
"label": "Dev Server",
"type": "shell",
"command": "make dev",
"problemMatcher": []
},
{
"label": "Kill Dev Server",
"type": "shell",
"command": "make kill-dev"
},
{
"label": "Docker Build",
"type": "shell",
"command": "make docker-build"
},
{
"label": "Test Health",
"type": "shell",
"command": "curl http://localhost:8000/ping"
}
]
}
```
---
**Happy Deploying! 🚀🎉**

259
docs/deployment/DEPLOYMENT_QUICK_START.md Normal file
View File

@@ -0,0 +1,259 @@
# راهنمای سریع دیپلوی - Peikarband
راهنمای سریع برای راه‌اندازی پروژه پیکربند در Production
## 🚀 دیپلوی سریع در 10 دقیقه
### 1⃣ Harbor Registry Setup (2 دقیقه)
```bash
# لاگین به Harbor
docker login harbor.peikarband.ir
# ساخت project: peikarband
# ساخت robot account: deployer
```
### 2⃣ Kubernetes Secrets (2 دقیقه)
```bash
# Harbor pull secret
kubectl create secret docker-registry harbor-registry-secret \
--docker-server=harbor.peikarband.ir \
--docker-username=robot\$peikarband+deployer \
--docker-password="YOUR_TOKEN" \
--namespace=peikarband
# Application secrets
kubectl create secret generic peikarband-prod-secrets \
--from-literal=db-password=YOUR_DB_PASS \
--from-literal=redis-password=YOUR_REDIS_PASS \
--from-literal=secret-key=YOUR_SECRET_KEY \
--from-literal=jwt-secret-key=YOUR_JWT_KEY \
--namespace=peikarband
```
### 3⃣ ArgoCD Setup (3 دقیقه)
```bash
# نصب ArgoCD
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
# Deploy application
kubectl apply -f argocd/application.yaml
# Sync
argocd app sync peikarband
```
### 4⃣ Woodpecker CI Secrets (2 دقیقه)
در Woodpecker UI یا با CLI:
```bash
woodpecker-cli secret add --name harbor_username --value "robot\$peikarband+deployer"
woodpecker-cli secret add --name harbor_password --value "YOUR_TOKEN"
woodpecker-cli secret add --name argocd_server --value "argocd.peikarband.ir"
woodpecker-cli secret add --name argocd_token --value "YOUR_ARGOCD_TOKEN"
```
### 5⃣ Push & Deploy (1 دقیقه)
```bash
git add .
git commit -m "feat: production deployment setup"
git push origin main
# Woodpecker به صورت خودکار:
# ✅ Tests را اجرا می‌کند
# ✅ Docker image را build می‌کند
# ✅ به Harbor push می‌کند
# ✅ ArgoCD را trigger می‌کند
# ✅ در Kubernetes deploy می‌شود
```
---
## 📋 Checklist قبل از Production
### Infrastructure
- [ ] Kubernetes cluster آماده است (3+ nodes)
- [ ] Harbor registry نصب شده
- [ ] ArgoCD نصب شده
- [ ] Woodpecker CI پیکربندی شده
- [ ] cert-manager برای SSL نصب شده
- [ ] Ingress NGINX نصب شده
### Database & Cache
- [ ] PostgreSQL در دسترس است
- [ ] Redis در دسترس است
- [ ] Backup strategy تعریف شده
### DNS & SSL
- [ ] Domain به cluster اشاره می‌کند
- [ ] SSL certificate صادر شده (Let's Encrypt)
- [ ] HTTPS کار می‌کند
### Secrets & Security
- [ ] Harbor robot account ساخته شده
- [ ] Kubernetes secrets ایجاد شده
- [ ] ArgoCD token ساخته شده
- [ ] Woodpecker secrets تنظیم شده
### Monitoring
- [ ] Prometheus نصب شده (اختیاری)
- [ ] Grafana پیکربندی شده (اختیاری)
- [ ] Telegram/Slack notifications تنظیم شده
---
## 🧪 تست سریع
```bash
# Health check
curl https://peikarband.ir/ping
# Expected: {"status":"ok",...}
# Kubernetes pods
kubectl get pods -n peikarband
# Expected: 3 pods در حالت Running
# ArgoCD status
argocd app get peikarband
# Expected: Health Status: Healthy, Sync Status: Synced
# Logs
kubectl logs -f deployment/peikarband -n peikarband
```
---
## 📊 CI/CD Pipeline Flow
```mermaid
graph LR
A[Git Push] --> B[Woodpecker CI]
B --> C[Run Tests]
C --> D[Build Docker Image]
D --> E[Push to Harbor]
E --> F[Update ArgoCD]
F --> G[Deploy to K8s]
G --> H[Health Check]
H --> I[Notify Team]
```
### Pipeline Stages:
1. **Lint & Test** (2-3 min)
- Python linting (flake8, black)
- Unit tests
- Integration tests
2. **Security Scan** (1-2 min)
- Dependency vulnerabilities
- Secret scanning
- Code security analysis
3. **Build & Push** (3-5 min)
- Docker build (multi-stage)
- Trivy security scan
- Push to Harbor
4. **Deploy** (2-3 min)
- Update ArgoCD app
- Kubernetes rolling update
- Health verification
**Total Pipeline Time**: ~10-15 minutes
---
## 🔧 دستورات مفید
### Development
```bash
# Local development
make dev
# Run tests
make test
# Build Docker image
make docker-build
# Push to Harbor
make docker-login
make docker-push
```
### Deployment
```bash
# Full deploy
make k8s-deploy
# Helm lint
make helm-lint
# Helm upgrade
make helm-upgrade
```
### Monitoring
```bash
# Watch pods
kubectl get pods -n peikarband -w
# Tail logs
kubectl logs -f deployment/peikarband -n peikarband
# Port forward to app
kubectl port-forward svc/peikarband -n peikarband 8000:8000
# Describe deployment
kubectl describe deployment peikarband -n peikarband
```
### Troubleshooting
```bash
# Pod details
kubectl describe pod POD_NAME -n peikarband
# Previous logs (if crashed)
kubectl logs POD_NAME -n peikarband --previous
# Execute in pod
kubectl exec -it POD_NAME -n peikarband -- /bin/bash
# Events
kubectl get events -n peikarband --sort-by='.lastTimestamp'
```
---
## 📞 Support
- **Documentation**: [docs/deployment/PRODUCTION_DEPLOYMENT.md](docs/deployment/PRODUCTION_DEPLOYMENT.md)
- **Issues**: راهنمای کامل عیب‌یابی در مستندات
- **Team**: support@peikarband.ir
---
## 🎯 Next Steps
بعد از دیپلوی موفق:
1. ✅ تنظیم monitoring و alerting
2. ✅ پیکربندی backup strategy
3. ✅ تست load testing
4. ✅ تنظیم CI/CD برای سایر برنچ‌ها
5. ✅ مستندسازی runbooks
---
**Happy Deploying! 🚀**

26
rxconfig.py
View File

@@ -1,26 +1,10 @@
"""Reflex configuration file. """Reflex configuration loader.
This file configures the Reflex application settings. This file imports the actual configuration from config/reflex.config.py.
Reflex requires rxconfig.py to be in the project root.
""" """
import os from config.reflex.config import config
import reflex as rx
# Environment-aware configuration __all__ = ["config"]
API_URL = os.getenv("API_URL", "http://localhost:8000")
FRONTEND_PORT = int(os.getenv("FRONTEND_PORT", "3000"))
BACKEND_PORT = int(os.getenv("BACKEND_PORT", "8000"))
DB_URL = os.getenv("DATABASE_URL", "sqlite:///reflex.db")
config = rx.Config(
app_name="peikarband",
api_url=API_URL,
frontend_port=FRONTEND_PORT,
backend_port=BACKEND_PORT,
db_url=DB_URL,
disable_plugins=["reflex.plugins.sitemap.SitemapPlugin"],
stylesheets=[
"https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800;900&display=swap",
"https://cdn.jsdelivr.net/gh/rastikerdar/vazirmatn@v33.003/Vazirmatn-font-face.css",
],
)

BIN
src/presentation/web/assets/banner-3.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.6 MiB

227
src/presentation/web/assets/custom.css
View File

@@ -1,227 +0,0 @@
@import url('https://fonts.googleapis.com/css2?family=Vazirmatn:wght@100..900&display=swap');
body {
font-family: 'Vazirmatn', sans-serif;
-webkit-font-smoothing: antialiased;
-moz-osx-font-smoothing: grayscale;
}
@keyframes gradientShift {
0% { background-position: 0% 50%; }
50% { background-position: 100% 50%; }
100% { background-position: 0% 50%; }
}
@keyframes glow {
0% { box-shadow: 0 12px 40px rgba(27, 75, 127, 0.6), inset 0 1px 0 rgba(255, 255, 255, 0.2); }
50% { box-shadow: 0 18px 50px rgba(27, 75, 127, 0.8), inset 0 1px 0 rgba(255, 255, 255, 0.3); }
100% { box-shadow: 0 12px 40px rgba(27, 75, 127, 0.6), inset 0 1px 0 rgba(255, 255, 255, 0.2); }
}
@keyframes pulse {
0% { transform: scale(1); opacity: 1; }
50% { transform: scale(1.05); opacity: 0.8; }
100% { transform: scale(1); opacity: 1; }
}
@keyframes float {
0%, 100% { transform: translateY(0px); }
50% { transform: translateY(-20px); }
}
@keyframes floatSlow {
0%, 100% { transform: translateY(0px) translateX(0px); }
25% { transform: translateY(-15px) translateX(10px); }
50% { transform: translateY(-30px) translateX(0px); }
75% { transform: translateY(-15px) translateX(-10px); }
}
@keyframes rotate {
0% { transform: rotate(0deg); }
100% { transform: rotate(360deg); }
}
@keyframes scaleFloat {
0%, 100% { transform: scale(1) translateY(0px); }
50% { transform: scale(1.05) translateY(-15px); }
}
@keyframes fadeInUp {
0% {
opacity: 0;
transform: translateY(60px) scale(0.9);
}
100% {
opacity: 1;
transform: translateY(0) scale(1);
}
}
@keyframes fadeInScale {
0% {
opacity: 0;
transform: scale(0.8);
}
100% {
opacity: 1;
transform: scale(1);
}
}
@keyframes slideInRight {
0% {
opacity: 0;
transform: translateX(100px);
}
100% {
opacity: 1;
transform: translateX(0);
}
}
@keyframes floatComplex {
0%, 100% {
transform: translateY(0px) translateX(0px) rotate(0deg);
}
25% {
transform: translateY(-20px) translateX(15px) rotate(5deg);
}
50% {
transform: translateY(-35px) translateX(5px) rotate(-3deg);
}
75% {
transform: translateY(-18px) translateX(-12px) rotate(4deg);
}
}
@keyframes rotateSubtle {
0% {
transform: rotate(0deg);
}
100% {
transform: rotate(360deg);
}
}
@keyframes scaleBreath {
0%, 100% {
transform: scale(1);
opacity: 0.7;
}
50% {
transform: scale(1.1);
opacity: 0.9;
}
}
@keyframes floatDiagonal {
0%, 100% {
transform: translate(0, 0);
}
50% {
transform: translate(-25px, -25px);
}
}
@keyframes bobFloat {
0%, 100% {
transform: translateY(0px) scale(1);
}
50% {
transform: translateY(-25px) scale(1.05);
}
}
/* Smooth scroll behavior */
html {
scroll-behavior: smooth;
}
/* Custom scrollbar */
::-webkit-scrollbar {
width: 12px;
}
::-webkit-scrollbar-track {
background: #0a1428;
}
::-webkit-scrollbar-thumb {
background: linear-gradient(135deg, #1B4B7F, #4DB8C4);
border-radius: 6px;
}
::-webkit-scrollbar-thumb:hover {
background: linear-gradient(135deg, #4DB8C4, #6DD7E5);
}
/* Selection color */
::selection {
background: rgba(77, 184, 196, 0.3);
color: #FFFFFF;
}
::-moz-selection {
background: rgba(77, 184, 196, 0.3);
color: #FFFFFF;
}
@keyframes fadeInRight {
0% {
opacity: 0;
transform: translate3d(100%, 0, 0);
}
100% {
opacity: 1;
transform: translate3d(0, 0, 0);
}
}
@keyframes fadeInDown {
0% {
opacity: 0;
transform: translate3d(0, -100%, 0);
}
100% {
opacity: 1;
transform: translate3d(0, 0, 0);
}
}
/* WordPress Section Floating Icons Animations */
.wp-icon-1 {
animation: fadeInScale 1s ease-out 0.5s backwards, bobFloat 8s ease-in-out 2s infinite;
}
.wp-icon-2 {
animation: fadeInScale 1s ease-out 1s backwards, floatDiagonal 9s ease-in-out 2.5s infinite;
}
.wp-icon-3 {
animation: fadeInScale 1s ease-out 1.5s backwards, float 7s ease-in-out 3s infinite reverse;
}
.wp-icon-4 {
animation: fadeInScale 1s ease-out 2s backwards, scaleBreath 9s ease-in-out 3.5s infinite;
}
.wp-icon-5 {
animation: fadeInScale 1s ease-out 2.5s backwards, floatComplex 10s ease-in-out 4s infinite;
}
.wp-icon-6 {
animation: fadeInScale 1s ease-out 3s backwards, rotateSubtle 40s linear 4s infinite, bobFloat 8s ease-in-out 4.5s infinite;
}
.wp-card-1 {
animation: fadeInScale 1s ease-out 3.5s backwards, float 7s ease-in-out 5s infinite;
}
.wp-card-2 {
animation: fadeInScale 1s ease-out 4s backwards, float 8s ease-in-out 5.5s infinite reverse;
}
.wp-card-3 {
animation: fadeInScale 1s ease-out 4.5s backwards, float 6s ease-in-out 6s infinite;
}

85
src/presentation/web/assets/hero-servers.svg
View File

@@ -1,85 +0,0 @@
<svg width="600" height="500" viewBox="0 0 600 500" fill="none" xmlns="http://www.w3.org/2000/svg">
<!-- Background elements -->
<circle cx="100" cy="80" r="30" fill="#1B4B7F" opacity="0.1"/>
<circle cx="520" cy="120" r="25" fill="#4DB8C4" opacity="0.15"/>
<circle cx="480" cy="420" r="35" fill="#6DD7E5" opacity="0.1"/>
<!-- Server 1 (Top Left) -->
<g transform="translate(80, 60)">
<!-- Server top face -->
<path d="M50 0 L100 25 L50 50 L0 25 Z" fill="#4DB8C4" opacity="0.9"/>
<!-- Server front face -->
<path d="M0 25 L0 85 L50 110 L50 50 Z" fill="#1B4B7F" opacity="0.95"/>
<!-- Server right face -->
<path d="M50 50 L50 110 L100 85 L100 25 Z" fill="#6DD7E5" opacity="0.85"/>
<!-- Server lines -->
<line x1="10" y1="35" x2="40" y2="52" stroke="#7CE3F2" stroke-width="2" opacity="0.6"/>
<line x1="10" y1="45" x2="40" y2="62" stroke="#7CE3F2" stroke-width="2" opacity="0.6"/>
<line x1="10" y1="55" x2="40" y2="72" stroke="#7CE3F2" stroke-width="2" opacity="0.6"/>
</g>
<!-- Server 2 (Top Right) -->
<g transform="translate(420, 40)">
<path d="M50 0 L100 25 L50 50 L0 25 Z" fill="#4DB8C4" opacity="0.9"/>
<path d="M0 25 L0 85 L50 110 L50 50 Z" fill="#1B4B7F" opacity="0.95"/>
<path d="M50 50 L50 110 L100 85 L100 25 Z" fill="#6DD7E5" opacity="0.85"/>
<line x1="10" y1="35" x2="40" y2="52" stroke="#7CE3F2" stroke-width="2" opacity="0.6"/>
<line x1="10" y1="45" x2="40" y2="62" stroke="#7CE3F2" stroke-width="2" opacity="0.6"/>
<line x1="10" y1="55" x2="40" y2="72" stroke="#7CE3F2" stroke-width="2" opacity="0.6"/>
</g>
<!-- Server 3 (Center) - Main/Larger -->
<g transform="translate(230, 80)">
<path d="M70 0 L140 35 L70 70 L0 35 Z" fill="#4DB8C4" opacity="0.95"/>
<path d="M0 35 L0 115 L70 150 L70 70 Z" fill="#1B4B7F"/>
<path d="M70 70 L70 150 L140 115 L140 35 Z" fill="#6DD7E5" opacity="0.9"/>
<line x1="15" y1="50" x2="55" y2="72" stroke="#7CE3F2" stroke-width="2.5" opacity="0.7"/>
<line x1="15" y1="65" x2="55" y2="87" stroke="#7CE3F2" stroke-width="2.5" opacity="0.7"/>
<line x1="15" y1="80" x2="55" y2="102" stroke="#7CE3F2" stroke-width="2.5" opacity="0.7"/>
<line x1="15" y1="95" x2="55" y2="117" stroke="#7CE3F2" stroke-width="2.5" opacity="0.7"/>
</g>
<!-- Platform base -->
<g transform="translate(120, 280)">
<!-- Platform top -->
<path d="M0 30 L180 -20 L360 30 L180 80 Z" fill="#1B4B7F" opacity="0.4"/>
<path d="M180 80 L180 120 L360 70 L360 30 Z" fill="#0a1628" opacity="0.6"/>
<path d="M0 30 L0 70 L180 120 L180 80 Z" fill="#050a14" opacity="0.7"/>
<!-- Network nodes on platform -->
<g transform="translate(70, 50)">
<rect x="0" y="0" width="30" height="20" rx="4" fill="#4DB8C4" opacity="0.7"/>
<rect x="3" y="5" width="24" height="10" fill="#6DD7E5" opacity="0.5"/>
</g>
<g transform="translate(165, 20)">
<rect x="0" y="0" width="30" height="20" rx="4" fill="#4DB8C4" opacity="0.7"/>
<rect x="3" y="5" width="24" height="10" fill="#6DD7E5" opacity="0.5"/>
</g>
<g transform="translate(260, 50)">
<rect x="0" y="0" width="30" height="20" rx="4" fill="#4DB8C4" opacity="0.7"/>
<rect x="3" y="5" width="24" height="10" fill="#6DD7E5" opacity="0.5"/>
</g>
</g>
<!-- Connection lines -->
<line x1="130" y1="170" x2="190" y2="310" stroke="#6DD7E5" stroke-width="1.5" opacity="0.3" stroke-dasharray="5,5"/>
<line x1="300" y1="230" x2="285" y2="300" stroke="#6DD7E5" stroke-width="1.5" opacity="0.3" stroke-dasharray="5,5"/>
<line x1="470" y1="150" x2="380" y2="310" stroke="#6DD7E5" stroke-width="1.5" opacity="0.3" stroke-dasharray="5,5"/>
<!-- Shield icon (bottom right) -->
<g transform="translate(480, 320)">
<path d="M40 10 L40 35 C40 50 30 60 20 65 C10 60 0 50 0 35 L0 10 L20 0 Z" fill="#10B981" opacity="0.7"/>
<path d="M10 25 L17 32 L30 19" stroke="white" stroke-width="2" fill="none" stroke-linecap="round"/>
</g>
<!-- Small dots decoration -->
<circle cx="450" cy="200" r="3" fill="#6DD7E5" opacity="0.4"/>
<circle cx="470" cy="210" r="2" fill="#4DB8C4" opacity="0.4"/>
<circle cx="460" cy="225" r="2.5" fill="#7CE3F2" opacity="0.4"/>
<!-- Left side dots -->
<circle cx="150" cy="300" r="3" fill="#6DD7E5" opacity="0.4"/>
<circle cx="130" cy="310" r="2" fill="#4DB8C4" opacity="0.4"/>
<circle cx="140" cy="325" r="2.5" fill="#7CE3F2" opacity="0.4"/>
</svg>
Side by Side

Before

Width:  |  Height:  |  Size: 4.4 KiB

0
scripts/diagnose-502.sh → tools/scripts/diagnose-502.sh
View File

0
scripts/update-env-json.sh → tools/scripts/update-env-json.sh
View File

0
setup.py → tools/setup.py
View File