ehsan-minadd/peikarband
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

refactor: complete project restructure - clean and professional

Browse Source 
🎯 New Structure:
- landing/ (root) - Only Makefile, .gitignore, .woodpecker.yml
- helm/ - Kubernetes deployment (with argocd inside chart)
- docker/ - Docker build configs
- peikarband/ - All source code (src, tests, assets, config, tools, docs)

 Changes:
- Moved Docker files: build/docker/ → docker/
- Moved Helm charts: deploy/helm/ → helm/
- Moved ArgoCD: deploy/argocd/ → helm/peikarband/argocd/
- Moved all source code to peikarband/
- Removed duplicate files (7 files)
- Removed old empty directories

🐳 Docker Fixes:
- Added npm retry configuration (fetch-retry-mintimeout, etc.)
- Added 3-attempt retry mechanism for reflex export
- Fixed ECONNREFUSED errors
- Updated paths for new structure

📦 Config Updates:
- Makefile: Updated all paths (docker/, helm/, peikarband/)
- .woodpecker.yml: Updated dockerfile and context paths
- .gitignore: Updated data/ path

🧪 Tests:
- ✓ Helm lint passes
- ✓ All paths validated
- ✓ Structure verified

📊 Result:
- Before: 20+ files in root, scattered structure
- After: 3 files + 3 directories, clean and organized
- Production-ready
This commit is contained in:
Ehsan.Asadi
2025-12-30 21:33:32 +03:30
parent 20267daade
commit b9217fe81e
160 changed files with 294 additions and 2233 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -27,7 +27,7 @@ env/
ENV/ ENV/
# Local data directory # Local data directory
data/ peikarband/data/
# Reflex # Reflex
.web/ .web/

4
build/ci/woodpecker.yml → .woodpecker.yml
View File

@@ -16,8 +16,8 @@ pipeline:
- latest - latest
- ${CI_COMMIT_SHA:0:8} - ${CI_COMMIT_SHA:0:8}
dockerfile: build/docker/Dockerfile dockerfile: docker/Dockerfile
context: . context: peikarband/
platforms: linux/amd64 platforms: linux/amd64
build_args: build_args:

24
Makefile
View File

@@ -44,7 +44,7 @@ install:
pre-commit install pre-commit install
dev: dev:
python3 -m reflex run cd peikarband && python3 -m reflex run
kill-dev: kill-dev:
@echo "Killing processes on ports 3000 and 8000..." @echo "Killing processes on ports 3000 and 8000..."
@@ -78,12 +78,12 @@ clean:
# Docker commands # Docker commands
docker-build: docker-build:
DOCKER_BUILDKIT=$(DOCKER_BUILDKIT) docker build \ DOCKER_BUILDKIT=$(DOCKER_BUILDKIT) docker build \
-f build/docker/Dockerfile \ -f docker/Dockerfile \
-t $(IMAGE_NAME):$(VERSION) \ -t $(IMAGE_NAME):$(VERSION) \
-t $(IMAGE_NAME):latest \ -t $(IMAGE_NAME):latest \
--build-arg VERSION=$(VERSION) \ --build-arg VERSION=$(VERSION) \
--build-arg BUILD_DATE=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ') \ --build-arg BUILD_DATE=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ') \
. peikarband/
docker-push: docker-push:
docker tag $(IMAGE_NAME):$(VERSION) $(REGISTRY)/$(IMAGE_NAME):$(VERSION) docker tag $(IMAGE_NAME):$(VERSION) $(REGISTRY)/$(IMAGE_NAME):$(VERSION)
@@ -96,23 +96,23 @@ docker-login:
@docker login $(REGISTRY) @docker login $(REGISTRY)
docker-up: docker-up:
docker-compose -f build/docker/docker-compose.yml up -d docker-compose -f docker/docker-compose.yml up -d
docker-down: docker-down:
docker-compose -f build/docker/docker-compose.yml down docker-compose -f docker/docker-compose.yml down
# Helm commands # Helm commands
helm-lint: helm-lint:
helm lint deploy/helm/peikarband helm lint helm/peikarband
helm-template: helm-template:
helm template $(HELM_RELEASE) deploy/helm/peikarband --debug helm template $(HELM_RELEASE) helm/peikarband --debug
helm-package: helm-package:
helm package deploy/helm/peikarband --destination . helm package helm/peikarband --destination .
helm-install: helm-install:
helm install $(HELM_RELEASE) deploy/helm/peikarband \ helm install $(HELM_RELEASE) helm/peikarband \
--namespace $(NAMESPACE) \ --namespace $(NAMESPACE) \
--create-namespace \ --create-namespace \
--set image.repository=$(REGISTRY)/$(IMAGE_NAME) \ --set image.repository=$(REGISTRY)/$(IMAGE_NAME) \
@@ -120,7 +120,7 @@ helm-install:
--wait --wait
helm-upgrade: helm-upgrade:
helm upgrade --install $(HELM_RELEASE) deploy/helm/peikarband \ helm upgrade --install $(HELM_RELEASE) helm/peikarband \
--namespace $(NAMESPACE) \ --namespace $(NAMESPACE) \
--set image.repository=$(REGISTRY)/$(IMAGE_NAME) \ --set image.repository=$(REGISTRY)/$(IMAGE_NAME) \
--set image.tag=$(VERSION) \ --set image.tag=$(VERSION) \
@@ -136,8 +136,8 @@ k8s-deploy: docker-build docker-push helm-upgrade
# Database # Database
migrate: migrate:
alembic -c config/alembic.ini upgrade head cd peikarband && alembic -c config/alembic.ini upgrade head
seed: seed:
python3 tools/scripts/seed_database.py cd peikarband && python3 tools/scripts/seed_database.py

245
README.md
View File

@@ -1,222 +1,43 @@
# پیکربند - پلتفرم جامع مدیریت هاستینگ و زیرساخت ابری # Peikarband Landing Platform
## 📖 درباره پروژه یک پلتفرم حرفه‌ای برای مدیریت هاستینگ، سرورهای ابری و خدمات DevOps.
پیکربند یک پلتفرم حرفه‌ای برای مدیریت هاستینگ، سرورهای ابری، دامین و خدمات DevOps است. این پلتفرم با الهام از سرویس‌هایی مانند Cloudways، DigitalOcean و پارس پک طراحی شده است. ## ساختار پروژه
## 🏗️ معماری ```
landing/
این پروژه بر اساس **Clean Architecture** و اصول **SOLID** طراحی شده است: ├── Makefile # Build و deployment commands
├── .gitignore
- **Domain Layer**: منطق کسب‌وکار اصلی ├── .woodpecker.yml # CI/CD pipeline
- **Application Layer**: موارد استفاده (Use Cases)
- **Infrastructure Layer**: پیاده‌سازی‌های فنی ├── helm/ # Kubernetes deployment
- **Presentation Layer**: رابط کاربری (Reflex) │ └── peikarband/
## 🚀 تکنولوژی‌ها ├── docker/ # Docker build configs
│ ├── Dockerfile
- **Frontend/Backend**: Python Reflex │ └── docker-compose.yml
- **Database**: PostgreSQL + SQLAlchemy
- **Cache**: Redis └── peikarband/ # Source code و مستندات
- **Task Queue**: Celery ├── README.md # مستندات کامل
- **Testing**: pytest ├── src/ # Application code
- **Code Quality**: black, flake8, mypy, isort ├── tests/ # Tests
└── ...
## 📋 پیش‌نیازها
- Python 3.11+
- PostgreSQL 14+
- Redis 7+
- Node.js 18+ (برای Reflex)
## 🛠️ نصب و راه‌اندازی
### 1. کلون کردن پروژه
```bash
git clone https://github.com/yourusername/peikarband.git
cd peikarband
``` ```
### 2. ایجاد محیط مجازی ## دستورات سریع
```bash ```bash
python -m venv venv # Development
source venv/bin/activate # On Windows: venv\Scripts\activate
```
### 3. نصب وابستگی‌ها
```bash
pip install -r requirements.txt
pip install -r requirements-dev.txt # برای توسعه
```
### 4. تنظیم Environment Variables
```bash
cp .env.example .env
# ویرایش .env و تکمیل مقادیر
```
### 5. راه‌اندازی دیتابیس
```bash
# ایجاد دیتابیس
createdb peikarband
# اجرای migrations
alembic upgrade head
```
### 6. اجرای پروژه
```bash
# توسعه
python -m reflex run
# یا
make dev make dev
# Docker build
make docker-build
# Helm deploy
make helm-upgrade
# برای اطلاعات بیشتر
cd peikarband/
cat README.md
``` ```
## 🚢 Deployment
### با Docker
```bash
# Build
docker build -t peikarband:latest .
# Run
docker-compose up -d
```
### با Kubernetes/Helm
```bash
# Deploy
helm upgrade --install peikarband ./deploy/helm/peikarband \
--namespace production \
--set image.tag=0.1.0
# یا
make k8s-deploy
```
📖 [راهنمای کامل Deployment](docs/deployment/kubernetes.md)
## 📁 ساختار پروژه
```
peikarband-landing/
├── build/ # Build configs (Docker, CI/CD)
├── deploy/ # Deployment configs (Helm, K8s, ArgoCD)
├── config/ # Configuration files
├── tools/ # Scripts و ابزارها
├── assets/ # Static assets
├── src/ # Source code (Clean Architecture)
│ ├── config/ # تنظیمات
│ ├── core/ # هسته اصلی (Domain + Application)
│ ├── infrastructure/ # پیاده‌سازی‌های فنی
│ ├── presentation/ # رابط کاربری (Reflex)
│ └── shared/ # کدهای مشترک
├── tests/ # تست‌ها
├── docs/ # مستندات کامل
└── data/ # Local data (gitignored)
```
📖 [ساختار کامل پروژه](docs/PROJECT_STRUCTURE.md)
## 🧪 تست
```bash
# اجرای همه تست‌ها
pytest
# با coverage
pytest --cov=src tests/
# تست‌های خاص
pytest tests/unit/
pytest tests/integration/
```
## 📝 کدنویسی
### استانداردها
- **PEP 8**: استاندارد کدنویسی Python
- **PEP 20**: Zen of Python
- **Type Hints**: همه جا استفاده شود
- **Docstrings**: Google Style
### ابزارهای کیفیت کد
```bash
# Format
black src/
# Linting
flake8 src/
# Type checking
mypy src/
# Import sorting
isort src/
```
### Pre-commit Hooks
```bash
pre-commit install
pre-commit run --all-files
```
## 📚 مستندات
مستندات کامل در پوشه `docs/` موجود است:
- [Handbook](docs/handbook.md): راهنمای جامع پروژه
- [Architecture](docs/architecture/): معماری سیستم
- [Development](docs/development/): راهنمای توسعه
- [API Reference](docs/api/): مستندات API
## 🔐 امنیت
- همه پسوردها با bcrypt hash می‌شوند
- استفاده از JWT برای authentication
- پشتیبانی از 2FA
- اطلاعات حساس رمزنگاری می‌شوند
## 🤝 مشارکت
برای مشارکت در پروژه:
1. Fork کنید
2. Branch جدید بسازید (`git checkout -b feature/amazing-feature`)
3. Commit کنید (`git commit -m 'feat: add amazing feature'`)
4. Push کنید (`git push origin feature/amazing-feature`)
5. Pull Request بسازید
## 📄 لایسنس
این پروژه تحت لایسنس MIT منتشر شده است.
## 👥 تیم
- Lead Developer: [Your Name]
- Architecture: Clean Architecture
- Methodology: Agile/Scrum
## 📞 تماس
- Website: https://peikarband.ir
- Email: support@peikarband.ir
- Telegram: @peikarband
---
**نسخه**: 0.1.0
**آخرین بروزرسانی**: 2025-01-24

BIN
banner-3.gif
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.6 MiB

226
deploy/README.md
View File

@@ -1,226 +0,0 @@
# Deploy Directory
این دایرکتوری شامل همه فایل‌های مربوط به **deployment** پروژه است.
## 📁 ساختار
```
deploy/
├── helm/ # Helm charts
│ └── peikarband/
│ ├── Chart.yaml # Chart metadata
│ ├── values.yaml # Default values
│ ├── values-production.yaml
│ ├── values-staging.yaml
│ └── templates/ # K8s resource templates
├── kubernetes/ # Raw K8s manifests
│ └── secrets-template.yaml
└── argocd/ # ArgoCD GitOps
├── application.yaml
├── application-staging.yaml
└── README.md
```
## ⚓ Helm Charts
### نصب با Helm
**Staging:**
```bash
helm upgrade --install peikarband ./deploy/helm/peikarband \
--namespace staging \
--values deploy/helm/peikarband/values-staging.yaml \
--create-namespace
```
**Production:**
```bash
helm upgrade --install peikarband ./deploy/helm/peikarband \
--namespace production \
--values deploy/helm/peikarband/values-production.yaml \
--create-namespace
```
**یا استفاده از Makefile:**
```bash
make helm-upgrade NAMESPACE=production
```
### Values Files
- **`values.yaml`**: Default values (برای development)
- **`values-staging.yaml`**: Staging overrides
- **`values-production.yaml`**: Production overrides
**مهم‌ترین تنظیمات:**
```yaml
image:
repository: hub.peikarband.ir/peikarband/landing
tag: "latest"
resources:
requests:
cpu: 500m
memory: 512Mi
limits:
cpu: 1000m
memory: 1Gi
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
```
## ☸️ Kubernetes Manifests
### Secrets
Template برای secrets:
```bash
kubectl create secret generic peikarband-secrets \
--from-file=deploy/kubernetes/secrets-template.yaml \
--namespace production
```
## 🔄 ArgoCD GitOps
### Setup ArgoCD Application
**Staging:**
```bash
kubectl apply -f deploy/argocd/application-staging.yaml
```
**Production:**
```bash
kubectl apply -f deploy/argocd/application.yaml
```
### Sync Policy
- **Auto-sync**: Enabled برای staging
- **Manual sync**: Required برای production
### مانیتورینگ
```bash
argocd app get peikarband
argocd app sync peikarband
argocd app logs peikarband
```
## 🎯 Deployment Flow
```mermaid
graph LR
A[Code Push] --> B[CI Build]
B --> C[Push Image]
C --> D{Environment}
D -->|Staging| E[ArgoCD Auto-Sync]
D -->|Production| F[Manual ArgoCD Sync]
E --> G[Deploy]
F --> G
```
### Staging Deployment
1. Push به branch `main`
2. CI builds & pushes image
3. ArgoCD auto-sync
4. Rolling update
### Production Deployment
1. Tag release (e.g., `v1.0.0`)
2. CI builds & pushes image با tag
3. Update `values-production.yaml` با tag جدید
4. Manual ArgoCD sync یا `make helm-upgrade`
5. Rolling update با health checks
## 🔍 Troubleshooting
### Check Pod Status
```bash
kubectl get pods -n production
kubectl logs -f deployment/peikarband -n production
kubectl describe pod <pod-name> -n production
```
### Check Helm Release
```bash
helm list -n production
helm status peikarband -n production
helm history peikarband -n production
```
### Rollback
```bash
helm rollback peikarband <revision> -n production
# یا
kubectl rollout undo deployment/peikarband -n production
```
## 📊 Monitoring & Observability
### Health Checks
- **Liveness**: `/ping` endpoint
- **Readiness**: `/health` endpoint
- **Startup**: 60s timeout
### Metrics
- Prometheus metrics exposed on `/metrics`
- Grafana dashboards
- Alert rules
### Logs
- Centralized logging with Loki
- Log aggregation
- Search & filtering
## 🔐 Security
### Secrets Management
- Kubernetes Secrets
- Sealed Secrets (recommended)
- External Secrets Operator
### Network Policies
- Ingress rules defined
- Egress restrictions
- Service mesh (optional)
### RBAC
- ServiceAccount per namespace
- Minimal permissions
- Pod Security Standards
## 🎯 Best Practices
1. **Versioning**
- Semantic versioning
- Tag images با versions
- Lock Helm chart versions
2. **Resources**
- Set requests & limits
- Monitor usage
- Right-size pods
3. **Autoscaling**
- HPA based on CPU/memory
- VPA for recommendations
- Cluster autoscaling
4. **High Availability**
- Multiple replicas (min 2)
- Pod disruption budgets
- Anti-affinity rules
5. **Updates**
- Rolling updates
- Health checks
- Gradual rollout
## 📚 مستندات بیشتر
- [Deployment Checklist](../docs/deployment/DEPLOYMENT_CHECKLIST.md)
- [Production Deployment Guide](../docs/deployment/PRODUCTION_DEPLOYMENT.md)
- [Quick Start](../docs/deployment/DEPLOYMENT_QUICK_START.md)
- [Kubernetes Guide](../docs/deployment/kubernetes.md)

154
deploy/argocd/README.md
View File

@@ -1,154 +0,0 @@
# ArgoCD Deployment
This directory contains ArgoCD Application manifests for deploying Peikarband to Kubernetes.
## Files
- `application.yaml`: Production deployment (main branch → peikarband namespace)
- `application-staging.yaml`: Staging deployment (develop branch → peikarband-staging namespace)
## Prerequisites
1. ArgoCD installed in your cluster
2. Git repository access configured in ArgoCD
3. Docker registry credentials (if using private registry)
## Deployment
### 1. Add Git Repository to ArgoCD
```bash
# For HTTPS with token
argocd repo add https://git.peikarband.ir/ehsan-minadd/peikarband.git \
--username YOUR_USERNAME \
--password YOUR_ACCESS_TOKEN
# Or using argocd UI: Settings → Repositories → Connect Repo
```
### 2. Deploy Production
```bash
kubectl apply -f argocd/application.yaml
```
### 3. Deploy Staging
```bash
kubectl apply -f argocd/application-staging.yaml
```
## Sync Policy
Both applications use **automatic sync** with:
- **Auto-prune**: Remove resources deleted from Git
- **Self-heal**: Automatically sync when cluster state differs from Git
- **Retry logic**: 5 attempts with exponential backoff
## Monitoring
```bash
# Check application status
argocd app get peikarband
argocd app get peikarband-staging
# Watch sync progress
argocd app sync peikarband --watch
# View logs
argocd app logs peikarband
```
## Manual Sync
```bash
# Force sync
argocd app sync peikarband --force
# Sync with prune
argocd app sync peikarband --prune
```
## Rollback
```bash
# List history
argocd app history peikarband
# Rollback to specific revision
argocd app rollback peikarband <REVISION>
```
## Architecture
```
┌─────────────────────────────────────────────────┐
│ ArgoCD │
│ ┌───────────────────┐ ┌──────────────────┐ │
│ │ Production App │ │ Staging App │ │
│ │ (main branch) │ │ (develop branch) │ │
│ └─────────┬─────────┘ └────────┬─────────┘ │
└────────────┼─────────────────────┼──────────────┘
│ │
▼ ▼
┌────────────────┐ ┌─────────────────┐
│ namespace: │ │ namespace: │
│ peikarband │ │ peikarband-stg │
└────────────────┘ └─────────────────┘
```
## Environment Variables
Override via Helm values:
```yaml
# In values-production.yaml or values-staging.yaml
env:
- name: DATABASE_URL
value: "postgresql://..."
- name: REDIS_URL
value: "redis://..."
```
## Secrets Management
Secrets should be managed outside Git:
```bash
# Using kubectl
kubectl create secret generic peikarband-secrets \
--from-literal=database-password=xxx \
--namespace=peikarband
# Or using Sealed Secrets, External Secrets Operator, etc.
```
## Troubleshooting
### Application Out of Sync
```bash
argocd app sync peikarband --force
```
### Image Pull Errors
Check registry credentials:
```bash
kubectl get secret regcred -n peikarband -o yaml
```
### Health Check Failing
View pod logs:
```bash
kubectl logs -n peikarband -l app=peikarband --tail=100
```
### Helm Values Override Not Working
Verify values file path in Application manifest:
```bash
argocd app manifests peikarband | grep valueFiles
```

58
deploy/argocd/application-staging.yaml
View File

@@ -1,58 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: peikarband-staging
namespace: argocd
annotations:
notifications.argoproj.io/subscribe.on-deployed.telegram: ""
notifications.argoproj.io/subscribe.on-sync-failed.telegram: ""
finalizers:
- resources-finalizer.argocd.argoproj.io
labels:
app: peikarband
environment: staging
spec:
project: default
source:
repoURL: https://git.peikarband.ir/ehsan-minadd/peikarband.git
targetRevision: develop
path: helm/peikarband
helm:
releaseName: peikarband-staging
valueFiles:
- values-staging.yaml
parameters:
- name: image.repository
value: harbor.peikarband.ir/peikarband/landing
- name: image.tag
value: develop
destination:
server: https://kubernetes.default.svc
namespace: peikarband-staging
syncPolicy:
automated:
prune: true
selfHeal: true
allowEmpty: false
syncOptions:
- CreateNamespace=true
- PrunePropagationPolicy=foreground
- PruneLast=true
retry:
limit: 5
backoff:
duration: 5s
factor: 2
maxDuration: 3m
revisionHistoryLimit: 10
ignoreDifferences:
- group: apps
kind: Deployment
jsonPointers:
- /spec/replicas

64
deploy/argocd/application.yaml
View File

@@ -1,64 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: peikarband
namespace: argocd
annotations:
notifications.argoproj.io/subscribe.on-deployed.telegram: ""
notifications.argoproj.io/subscribe.on-health-degraded.telegram: ""
notifications.argoproj.io/subscribe.on-sync-failed.telegram: ""
finalizers:
- resources-finalizer.argocd.argoproj.io
labels:
app: peikarband
environment: production
spec:
project: default
source:
repoURL: https://git.peikarband.ir/ehsan-minadd/peikarband.git
targetRevision: main
path: helm/peikarband
helm:
releaseName: peikarband
valueFiles:
- values-production.yaml
parameters:
- name: image.repository
value: harbor.peikarband.ir/peikarband/landing
- name: image.tag
value: latest # This will be updated by CI/CD
destination:
server: https://kubernetes.default.svc
namespace: peikarband
syncPolicy:
automated:
prune: true
selfHeal: true
allowEmpty: false
syncOptions:
- CreateNamespace=true
- PrunePropagationPolicy=foreground
- PruneLast=true
- ApplyOutOfSyncOnly=true
retry:
limit: 5
backoff:
duration: 5s
factor: 2
maxDuration: 3m
revisionHistoryLimit: 10
ignoreDifferences:
- group: apps
kind: Deployment
jsonPointers:
- /spec/replicas
- group: apps
kind: StatefulSet
jsonPointers:
- /spec/replicas

24
deploy/helm/peikarband/.helmignore
View File

@@ -1,24 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

26
build/docker/Dockerfile → docker/Dockerfile
View File

@@ -39,7 +39,12 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
# Install Node.js (required for Reflex) # Install Node.js (required for Reflex)
RUN curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash - \ RUN curl -fsSL https://deb.nodesource.com/setup_${NODE_VERSION}.x | bash - \
&& apt-get install -y --no-install-recommends nodejs \ && apt-get install -y --no-install-recommends nodejs \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/* \
&& npm config set fetch-retry-mintimeout 20000 \
&& npm config set fetch-retry-maxtimeout 120000 \
&& npm config set fetch-retries 5 \
&& npm config set fetch-timeout 300000 \
&& npm config set registry https://registry.npmjs.org/
# Install bun (required by Reflex for frontend build) # Install bun (required by Reflex for frontend build)
# Retry mechanism for network issues # Retry mechanism for network issues
@@ -65,8 +70,22 @@ COPY --chown=root:root . .
# Build and export Reflex app for production # Build and export Reflex app for production
# Note: API_URL will be updated at runtime from environment variable # Note: API_URL will be updated at runtime from environment variable
# Export creates .web directory with frontend static files # Export creates .web directory with frontend static files
# bun is now pre-installed, so reflex export won't try to download it # Retry mechanism for network issues
RUN python -m reflex export --no-zip RUN set -ex && \
echo "Starting Reflex export (attempt 1)..." && \
python -m reflex export --no-zip --loglevel debug || \
(echo "Attempt 1 failed, cleaning cache..." && \
npm cache clean --force && \
rm -rf node_modules .web && \
sleep 15 && \
echo "Retrying (attempt 2)..." && \
python -m reflex export --no-zip --loglevel debug) || \
(echo "Attempt 2 failed, final retry..." && \
npm cache clean --force && \
rm -rf node_modules .web && \
sleep 20 && \
echo "Final attempt (3)..." && \
python -m reflex export --no-zip --loglevel debug)
# Aggressive cleanup to reduce layer size # Aggressive cleanup to reduce layer size
# NOTE: Keep .web directory - it contains frontend static files # NOTE: Keep .web directory - it contains frontend static files
@@ -130,6 +149,7 @@ COPY --from=builder /root/.local /home/peikarband/.local
COPY --from=builder /build /app COPY --from=builder /build /app
# Copy and set up runtime script # Copy and set up runtime script
# Context is peikarband/, so paths are relative to that
COPY --chown=peikarband:peikarband tools/scripts/update-env-json.sh /app/tools/scripts/update-env-json.sh COPY --chown=peikarband:peikarband tools/scripts/update-env-json.sh /app/tools/scripts/update-env-json.sh
RUN chmod +x /app/tools/scripts/update-env-json.sh RUN chmod +x /app/tools/scripts/update-env-json.sh

0
build/docker/Dockerfile.base → docker/Dockerfile.base
View File

0
build/README.md → docker/README.md
View File

0
build/docker/docker-compose.yml → docker/docker-compose.yml
View File

239
docs/deployment/CHANGELOG-DEPLOYMENT.md
View File

@@ -1,239 +0,0 @@
# Changelog - Production Deployment Setup
تمام تغییرات مربوط به آماده‌سازی دیپلوی Production در این فایل ثبت می‌شود.
## [1.0.0] - 2025-12-26 - ApprovalToken:PROD-001
### ✅ Added
#### CI/CD Pipeline
- **woodpecker.yml**: پایپلاین کامل CI/CD با 11 stage
- Linting (Python & YAML)
- Unit & Integration Tests
- Security Scanning (Safety, Bandit, Trivy, Trufflehog)
- Docker Build & Push
- Helm Validation
- Database Migration Check
- Automated Deployment (Staging & Production)
- Post-Deployment Verification
- Notifications (Telegram & Slack)
#### Docker & Registry
- **.dockerignore**: بهینه‌سازی Docker build با exclude کردن فایل‌های غیرضروری
- **Dockerfile** (بهبود یافته):
- Multi-stage build برای کاهش حجم image
- Security hardening (non-root user, tini init, minimal runtime)
- Build arguments برای versioning
- Health checks بهبود یافته
- Labels و metadata کامل
#### Kubernetes & Helm
- **k8s/secrets-template.yaml**: Template کامل برای Kubernetes secrets
- Harbor registry credentials
- Application secrets (DB, Redis, JWT, etc.)
- External provider credentials
- CI/CD secrets
- مثال‌های External Secrets Operator
#### Configuration Files
- **.env.example**: Template کامل environment variables (200+ configs)
- Application settings
- Database & Redis
- Security & JWT
- Cloud providers (DigitalOcean, Hetzner, OVH)
- Payment gateways (Zarinpal, IDPay)
- Notification services (Email, SMS, Telegram)
- Monitoring & logging
- Feature flags
- **.yamllint.yml**: پیکربندی YAML linter برای validation
#### Health Checks
- **src/presentation/api/routes/health.py**: Endpoints کامل health checking
- `/ping`: Basic health check
- `/health`: Detailed health with dependencies
- `/ready`: Readiness probe برای Kubernetes
- `/live`: Liveness probe
- `/metrics`: Basic metrics endpoint
#### Documentation
- **docs/deployment/PRODUCTION_DEPLOYMENT.md**: راهنمای کامل 50+ صفحه‌ای
- تنظیمات Harbor Registry
- پیکربندی Kubernetes
- راه‌اندازی ArgoCD
- تنظیمات Woodpecker CI
- مراحل دیپلوی اولیه
- مانیتورینگ و logging
- عیب‌یابی مشکلات متداول
- **DEPLOYMENT_QUICK_START.md**: راهنمای سریع 10 دقیقه‌ای
- Setup سریع در 5 مرحله
- Checklist production-ready
- دستورات مفید
- Pipeline flow diagram
### 🔄 Modified
#### Build & Deploy
- **Makefile**: آپدیت برای Harbor registry
- تغییر REGISTRY به `harbor.peikarband.ir`
- اضافه شدن DOCKER_BUILDKIT flag
- بهبود docker-build با build arguments
- اضافه شدن docker-login command
#### Helm Charts
- **helm/peikarband/values.yaml**:
- آپدیت image repository به Harbor
- اضافه شدن imagePullSecrets
#### ArgoCD Applications
- **argocd/application.yaml** (Production):
- اضافه شدن annotations برای notifications
- اضافه شدن labels
- تعیین targetRevision به `main`
- اضافه شدن Helm parameters برای image
- بهبود syncOptions
- **argocd/application-staging.yaml** (Staging):
- اضافه شدن annotations و labels
- targetRevision: `develop`
- Helm parameters برای staging
### 🏗️ Infrastructure Changes
#### Registry Strategy
- **Before**: `registry.example.com`
- **After**: `harbor.peikarband.ir/peikarband/landing`
- **Authentication**: Robot account با محدودیت دسترسی
#### Deployment Strategy
- **GitOps**: ArgoCD برای automated sync
- **CI/CD**: Woodpecker برای build و test
- **Environments**:
- Production: `main` branch → `peikarband.ir`
- Staging: `develop` branch → `staging.peikarband.ir`
#### Security Improvements
- Image scanning با Trivy
- Secret scanning با Trufflehog
- Dependency scanning با Safety
- Code security با Bandit
- Non-root containers
- Network policies enabled
- Pod security contexts configured
### 📊 Pipeline Metrics
- **Total Stages**: 11
- **Estimated Time**: 10-15 minutes
- **Parallelization**: Services (PostgreSQL, Redis)
- **Matrix Build**: Multi-arch support (amd64, arm64)
### 🔐 Security Checklist
- [x] Non-root user در Docker
- [x] Image vulnerability scanning
- [x] Secret management با Kubernetes
- [x] TLS/SSL با cert-manager
- [x] Network policies
- [x] Resource limits
- [x] Pod security contexts
- [x] Image pull secrets
### 📝 Configuration Files Summary
| File | Purpose | Status |
|------|---------|--------|
| woodpecker.yml | CI/CD Pipeline | ✅ Created |
| .dockerignore | Build optimization | ✅ Created |
| .env.example | Config template | ✅ Created |
| .yamllint.yml | YAML validation | ✅ Created |
| Dockerfile | Container image | ✅ Enhanced |
| Makefile | Build commands | ✅ Updated |
| k8s/secrets-template.yaml | K8s secrets | ✅ Created |
| argocd/application.yaml | Production GitOps | ✅ Updated |
| argocd/application-staging.yaml | Staging GitOps | ✅ Updated |
| helm/peikarband/values.yaml | Helm values | ✅ Updated |
### 🎯 Prerequisites for Production
1. **Kubernetes Cluster**
- Version: 1.24+
- Nodes: 3+ workers
- Resources: 6 CPU cores, 6GB RAM minimum
2. **External Services**
- Harbor Registry
- ArgoCD
- Woodpecker CI
- PostgreSQL 14+
- Redis 7+
3. **DNS Configuration**
- peikarband.ir
- staging.peikarband.ir
- harbor.peikarband.ir
- argocd.peikarband.ir
4. **Secrets Required**
- Harbor robot account
- Database credentials
- Redis password
- JWT secrets
- Cloud provider tokens
- Payment gateway keys
- Notification service tokens
### 🚀 Deployment Steps
1. Setup Harbor registry and create robot account
2. Create Kubernetes secrets
3. Install and configure ArgoCD
4. Configure Woodpecker CI secrets
5. Push code to trigger pipeline
6. Verify deployment with health checks
### 📚 Documentation Structure
```
docs/
├── deployment/
│ ├── PRODUCTION_DEPLOYMENT.md (50+ pages, complete guide)
│ └── kubernetes.md (existing)
├── DEPLOYMENT_QUICK_START.md (Quick reference)
└── CHANGELOG-DEPLOYMENT.md (This file)
```
### 🔗 References
- Harbor: https://goharbor.io
- ArgoCD: https://argo-cd.readthedocs.io
- Woodpecker: https://woodpecker-ci.org
- Kubernetes: https://kubernetes.io
### ⚠️ Breaking Changes
- Image repository path changed from `registry.example.com` to `harbor.peikarband.ir`
- Harbor authentication required
- Kubernetes secrets must be created before deployment
- Environment variables significantly expanded
### 🎉 Impact
این تغییرات پروژه را **کاملاً آماده برای دیپلوی Production** می‌کند با:
- ✅ Automated CI/CD pipeline
- ✅ Security scanning
- ✅ GitOps deployment
- ✅ Health monitoring
- ✅ Comprehensive documentation
- ✅ Production-grade Docker images
- ✅ Scalability support
- ✅ High availability configuration
---
**Approved By**: #اکسپت ApprovalToken:PROD-001
**Implementation Date**: 2025-12-26
**Status**: ✅ Complete
**Next Steps**: Follow DEPLOYMENT_QUICK_START.md for deployment

451
docs/deployment/DEPLOYMENT_CHECKLIST.md
View File

@@ -1,451 +0,0 @@
# ✅ Deployment Readiness Checklist - Peikarband
تاریخ بررسی: 2025-12-27
وضعیت: **READY FOR DEPLOYMENT** 🚀
---
## 📊 خلاصه بررسی
| Category | Status | Details |
|----------|--------|---------|
| Assets & Static Files | ✅ FIXED | `.dockerignore` اصلاح شد |
| Health Endpoints | ✅ FIXED | Endpoints متصل شدند |
| Dependencies | ✅ COMPLETE | `psutil` اضافه شد |
| Docker Build | ✅ READY | Multi-stage build optimized |
| CI/CD Pipeline | ✅ READY | Woodpecker configured |
| Kubernetes | ✅ READY | Helm charts + ArgoCD |
| Documentation | ✅ COMPLETE | راهنماهای کامل |
---
## 🔧 مشکلات برطرف شده
### 1⃣ Assets در Docker Image (CRITICAL) ✅
**مشکل**: فایل‌های استاتیک (logo.png, banner-3.gif, custom.css) در `.dockerignore` exclude شده بودند.
**راه‌حل**:
```diff
# Before
*.gif
*.png
*.svg
!assets/logo.png
# After
# Keep assets directory
!assets/
!src/presentation/web/assets/
```
**تاثیر**: بدون این تغییر، صفحه landing بدون تصاویر نمایش داده می‌شد.
---
### 2⃣ psutil Dependency (MEDIUM) ✅
**مشکل**: `psutil` برای metrics endpoint نیاز بود ولی در `requirements.txt` نبود.
**راه‌حل**: اضافه شد به requirements:
```python
psutil==5.9.6
```
**تاثیر**: بدون این، `/metrics` endpoint crash می‌کرد.
---
### 3⃣ Health Endpoints Integration (MEDIUM) ✅
**مشکل**: Health check endpoints تعریف شده بودند ولی به Reflex app متصل نبودند.
**راه‌حل**: `peikarband/peikarband.py` اصلاح شد:
```python
@rx.page(route="/ping")
def ping():
data = ping_endpoint()
return rx.box(rx.text(str(data)))
# + /health, /ready, /live
```
**تاثیر**: Kubernetes probes حالا کار می‌کنند.
---
## ✅ تایید شده
### Assets & Static Files ✅
-`/logo.png` - در navbar
-`/banner-3.gif` - در hero section
-`/custom.css` - استایل‌های سفارشی
-`assets/` directory شامل می‌شود
-`src/presentation/web/assets/` شامل می‌شود
### Reflex Configuration ✅
-`rxconfig.py` صحیح است
- ✅ Stylesheets (Vazirmatn, Inter) لود می‌شوند
- ✅ Ports: Frontend 3000, Backend 8000
### Docker Build ✅
- ✅ Multi-stage build (Builder + Runtime)
- ✅ Non-root user (peikarband:1000)
- ✅ Security hardening (tini, minimal runtime)
- ✅ Health checks configured
- ✅ Labels و metadata کامل
- ✅ BuildKit enabled
### Dependencies ✅
**Core:**
- ✅ reflex==0.4.0
- ✅ sqlalchemy==2.0.23
- ✅ psycopg2-binary==2.9.9
- ✅ redis==5.0.1
- ✅ psutil==5.9.6 ⭐ (اضافه شد)
**Security:**
- ✅ pyjwt==2.8.0
- ✅ cryptography==41.0.7
- ✅ passlib[bcrypt]==1.7.4
**Monitoring:**
- ✅ sentry-sdk==1.38.0
- ✅ prometheus-client==0.19.0
- ✅ structlog==23.2.0
### Health Checks ✅
-`/ping` - Basic health check
-`/health` - Detailed with dependencies
-`/ready` - Readiness probe
-`/live` - Liveness probe
-`/metrics` - System metrics (با psutil)
### Woodpecker CI Pipeline ✅
**Active Stages:**
- ✅ Lint (Python + YAML)
- ✅ Docker Build
- ✅ Helm Validation
- ✅ Migration Check
- ✅ ArgoCD Deployment
- ✅ Health Verification
- ✅ Notifications
**Temporarily Disabled** (برای سرعت اولیه):
- ⏸️ Unit Tests (commented)
- ⏸️ Integration Tests (commented)
- ⏸️ Security Scans (commented)
**توصیه**: بعد از اولین deploy موفق، uncomment کنید.
### Harbor Registry ✅
- ✅ URL: `harbor.peikarband.ir`
- ✅ Project: `peikarband`
- ✅ Image pull secrets configured
- ✅ Makefile updated
### Kubernetes & Helm ✅
- ✅ Helm chart validated
- ✅ values.yaml با Harbor registry
- ✅ values-production.yaml configured
- ✅ Resource limits defined
- ✅ HPA enabled (2-20 replicas)
- ✅ PDB enabled
- ✅ Network policies configured
### ArgoCD ✅
- ✅ Production app: `argocd/application.yaml`
- ✅ Staging app: `argocd/application-staging.yaml`
- ✅ Auto-sync enabled
- ✅ Notifications configured
- ✅ Image parameters set
### Documentation ✅
-`PRODUCTION_DEPLOYMENT.md` (50+ pages)
-`DEPLOYMENT_QUICK_START.md` (10 minutes)
-`CHANGELOG-DEPLOYMENT.md` (complete history)
- ✅ This checklist
---
## 🧪 Pre-Deployment Tests
### Local Testing:
```bash
# 1. Install dependencies
pip install -r requirements.txt
# 2. Run app locally
make dev
# OR
python3 -m reflex run
# 3. Test endpoints
curl http://localhost:8000/ping
curl http://localhost:8000/health
# 4. Kill processes
make kill-dev
```
### Docker Testing:
```bash
# 1. Build image
make docker-build
# 2. Run container
docker run -p 3000:3000 -p 8000:8000 peikarband/landing:latest
# 3. Test health
curl http://localhost:8000/ping
# 4. Check logs
docker logs <container_id>
```
### Helm Testing:
```bash
# 1. Lint chart
helm lint helm/peikarband
# 2. Dry run
helm template peikarband helm/peikarband \
--set image.tag=latest \
--debug
# 3. Validate
helm install peikarband helm/peikarband --dry-run
```
---
## 🚀 Deployment Steps
### Quick Deploy (از commit تا production):
1. **Push to Git**
```bash
git add .
git commit -m "feat: production-ready deployment"
git push origin main
```
2. **Woodpecker CI** (Automatic)
- ✅ Lint code
- ✅ Build Docker image
- ✅ Push to Harbor
- ✅ Update ArgoCD
- ⏱️ ~5-8 minutes
3. **ArgoCD** (Automatic)
- ✅ Sync Helm chart
- ✅ Deploy to Kubernetes
- ✅ Rolling update
- ⏱️ ~2-3 minutes
4. **Verify**
```bash
# Check pods
kubectl get pods -n peikarband
# Test endpoint
curl https://peikarband.ir/ping
# Check ArgoCD
argocd app get peikarband
```
**Total Time**: ~10 minutes از push تا production! 🎉
---
## ⚠️ Known Issues & Notes
### 1. Tests Temporarily Disabled
تست‌ها در woodpecker.yml موقتاً comment شدند برای سرعت بیشتر.
**برای فعال‌سازی**:
- Uncomment کردن test stages در `woodpecker.yml`
- اطمینان از PostgreSQL و Redis در CI environment
### 2. Reflex Export در Dockerfile
```dockerfile
RUN python -m reflex init --template blank && \
python -m reflex export --frontend-only --no-zip || true
```
`|| true` اضافه شده تا در صورت fail شدن export، build متوقف نشود.
**نکته**: Reflex در runtime mode اجرا می‌شود، نه export mode.
### 3. Database در Production
در حال حاضر از SQLite استفاده می‌شود. برای production:
```bash
# Update rxconfig.py
db_url="postgresql://USER:PASS@HOST:5432/peikarband"
# Run migrations
kubectl exec -it POD_NAME -n peikarband -- alembic upgrade head
```
---
## 📈 Performance Expectations
### Resource Usage:
- **Memory**: 512MB - 1GB per pod
- **CPU**: 0.5 - 1 core per pod
- **Startup Time**: 30-60 seconds
- **Response Time**: < 200ms
### Scaling:
- **Min Replicas**: 2 (production), 1 (staging)
- **Max Replicas**: 20 (production), 5 (staging)
- **Target CPU**: 60% (production), 70% (staging)
### Availability:
- **SLA Target**: 99.9% uptime
- **RTO**: < 5 minutes (Recovery Time Objective)
- **RPO**: < 1 hour (Recovery Point Objective)
---
## 🎯 Post-Deployment Tasks
### Immediate (Day 1):
- [ ] Verify all endpoints responding
- [ ] Check logs for errors
- [ ] Monitor resource usage
- [ ] Test domain and SSL
- [ ] Verify database connectivity
### Short-term (Week 1):
- [ ] Enable monitoring (Prometheus/Grafana)
- [ ] Set up alerting
- [ ] Configure backup strategy
- [ ] Enable security scans in CI
- [ ] Uncomment tests in pipeline
- [ ] Load testing
### Long-term (Month 1):
- [ ] Performance optimization
- [ ] Cost optimization
- [ ] Disaster recovery testing
- [ ] Security audit
- [ ] Documentation updates
---
## 🔐 Security Checklist
- [x] Non-root containers
- [x] Image pull secrets configured
- [x] TLS/SSL ready (cert-manager)
- [x] Network policies enabled
- [x] Resource limits set
- [x] Pod security contexts
- [x] Secrets in Kubernetes
- [ ] Vulnerability scanning (enable after deploy)
- [ ] RBAC configured
- [ ] Audit logging enabled
---
## 📚 Quick References
### Essential Commands:
```bash
# Logs
kubectl logs -f deployment/peikarband -n peikarband
# Scale
kubectl scale deployment peikarband --replicas=5 -n peikarband
# Restart
kubectl rollout restart deployment/peikarband -n peikarband
# Status
kubectl get all -n peikarband
# Describe
kubectl describe deployment peikarband -n peikarband
```
### Troubleshooting:
- **Pod CrashLoopBackOff**: Check logs with `--previous` flag
- **ImagePullError**: Verify Harbor credentials
- **Ingress 404**: Check DNS and ingress configuration
- **Database Error**: Verify secrets and connectivity
---
## ✅ Final Status
```
🎉 پروژه پیکربند آماده دیپلوی در Production است!
✅ Assets: FIXED
✅ Dependencies: COMPLETE
✅ Health Checks: WORKING
✅ Docker: OPTIMIZED
✅ CI/CD: CONFIGURED
✅ Kubernetes: READY
✅ Documentation: COMPLETE
📝 تغییرات اعمال شده:
1. .dockerignore اصلاح شد (assets شامل می‌شوند)
2. psutil به requirements اضافه شد
3. Health endpoints به Reflex متصل شدند
4. peikarband.py بروز شد
🚀 آماده برای: git push origin main
```
---
**تایید شده توسط**: AI Code Review
**تاریخ**: 2025-12-27
**نسخه**: 1.0.0
**Status**: ✅ PRODUCTION READY
---
## 🎁 Bonus
### VS Code Tasks (اختیاری):
ایجاد فایل `.vscode/tasks.json`:
```json
{
"version": "2.0.0",
"tasks": [
{
"label": "Dev Server",
"type": "shell",
"command": "make dev",
"problemMatcher": []
},
{
"label": "Kill Dev Server",
"type": "shell",
"command": "make kill-dev"
},
{
"label": "Docker Build",
"type": "shell",
"command": "make docker-build"
},
{
"label": "Test Health",
"type": "shell",
"command": "curl http://localhost:8000/ping"
}
]
}
```
---
**Happy Deploying! 🚀🎉**

259
docs/deployment/DEPLOYMENT_QUICK_START.md
View File

@@ -1,259 +0,0 @@
# راهنمای سریع دیپلوی - Peikarband
راهنمای سریع برای راه‌اندازی پروژه پیکربند در Production
## 🚀 دیپلوی سریع در 10 دقیقه
### 1⃣ Harbor Registry Setup (2 دقیقه)
```bash
# لاگین به Harbor
docker login harbor.peikarband.ir
# ساخت project: peikarband
# ساخت robot account: deployer
```
### 2⃣ Kubernetes Secrets (2 دقیقه)
```bash
# Harbor pull secret
kubectl create secret docker-registry harbor-registry-secret \
--docker-server=harbor.peikarband.ir \
--docker-username=robot\$peikarband+deployer \
--docker-password="YOUR_TOKEN" \
--namespace=peikarband
# Application secrets
kubectl create secret generic peikarband-prod-secrets \
--from-literal=db-password=YOUR_DB_PASS \
--from-literal=redis-password=YOUR_REDIS_PASS \
--from-literal=secret-key=YOUR_SECRET_KEY \
--from-literal=jwt-secret-key=YOUR_JWT_KEY \
--namespace=peikarband
```
### 3⃣ ArgoCD Setup (3 دقیقه)
```bash
# نصب ArgoCD
kubectl create namespace argocd
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
# Deploy application
kubectl apply -f argocd/application.yaml
# Sync
argocd app sync peikarband
```
### 4⃣ Woodpecker CI Secrets (2 دقیقه)
در Woodpecker UI یا با CLI:
```bash
woodpecker-cli secret add --name harbor_username --value "robot\$peikarband+deployer"
woodpecker-cli secret add --name harbor_password --value "YOUR_TOKEN"
woodpecker-cli secret add --name argocd_server --value "argocd.peikarband.ir"
woodpecker-cli secret add --name argocd_token --value "YOUR_ARGOCD_TOKEN"
```
### 5⃣ Push & Deploy (1 دقیقه)
```bash
git add .
git commit -m "feat: production deployment setup"
git push origin main
# Woodpecker به صورت خودکار:
# ✅ Tests را اجرا می‌کند
# ✅ Docker image را build می‌کند
# ✅ به Harbor push می‌کند
# ✅ ArgoCD را trigger می‌کند
# ✅ در Kubernetes deploy می‌شود
```
---
## 📋 Checklist قبل از Production
### Infrastructure
- [ ] Kubernetes cluster آماده است (3+ nodes)
- [ ] Harbor registry نصب شده
- [ ] ArgoCD نصب شده
- [ ] Woodpecker CI پیکربندی شده
- [ ] cert-manager برای SSL نصب شده
- [ ] Ingress NGINX نصب شده
### Database & Cache
- [ ] PostgreSQL در دسترس است
- [ ] Redis در دسترس است
- [ ] Backup strategy تعریف شده
### DNS & SSL
- [ ] Domain به cluster اشاره می‌کند
- [ ] SSL certificate صادر شده (Let's Encrypt)
- [ ] HTTPS کار می‌کند
### Secrets & Security
- [ ] Harbor robot account ساخته شده
- [ ] Kubernetes secrets ایجاد شده
- [ ] ArgoCD token ساخته شده
- [ ] Woodpecker secrets تنظیم شده
### Monitoring
- [ ] Prometheus نصب شده (اختیاری)
- [ ] Grafana پیکربندی شده (اختیاری)
- [ ] Telegram/Slack notifications تنظیم شده
---
## 🧪 تست سریع
```bash
# Health check
curl https://peikarband.ir/ping
# Expected: {"status":"ok",...}
# Kubernetes pods
kubectl get pods -n peikarband
# Expected: 3 pods در حالت Running
# ArgoCD status
argocd app get peikarband
# Expected: Health Status: Healthy, Sync Status: Synced
# Logs
kubectl logs -f deployment/peikarband -n peikarband
```
---
## 📊 CI/CD Pipeline Flow
```mermaid
graph LR
A[Git Push] --> B[Woodpecker CI]
B --> C[Run Tests]
C --> D[Build Docker Image]
D --> E[Push to Harbor]
E --> F[Update ArgoCD]
F --> G[Deploy to K8s]
G --> H[Health Check]
H --> I[Notify Team]
```
### Pipeline Stages:
1. **Lint & Test** (2-3 min)
- Python linting (flake8, black)
- Unit tests
- Integration tests
2. **Security Scan** (1-2 min)
- Dependency vulnerabilities
- Secret scanning
- Code security analysis
3. **Build & Push** (3-5 min)
- Docker build (multi-stage)
- Trivy security scan
- Push to Harbor
4. **Deploy** (2-3 min)
- Update ArgoCD app
- Kubernetes rolling update
- Health verification
**Total Pipeline Time**: ~10-15 minutes
---
## 🔧 دستورات مفید
### Development
```bash
# Local development
make dev
# Run tests
make test
# Build Docker image
make docker-build
# Push to Harbor
make docker-login
make docker-push
```
### Deployment
```bash
# Full deploy
make k8s-deploy
# Helm lint
make helm-lint
# Helm upgrade
make helm-upgrade
```
### Monitoring
```bash
# Watch pods
kubectl get pods -n peikarband -w
# Tail logs
kubectl logs -f deployment/peikarband -n peikarband
# Port forward to app
kubectl port-forward svc/peikarband -n peikarband 8000:8000
# Describe deployment
kubectl describe deployment peikarband -n peikarband
```
### Troubleshooting
```bash
# Pod details
kubectl describe pod POD_NAME -n peikarband
# Previous logs (if crashed)
kubectl logs POD_NAME -n peikarband --previous
# Execute in pod
kubectl exec -it POD_NAME -n peikarband -- /bin/bash
# Events
kubectl get events -n peikarband --sort-by='.lastTimestamp'
```
---
## 📞 Support
- **Documentation**: [docs/deployment/PRODUCTION_DEPLOYMENT.md](docs/deployment/PRODUCTION_DEPLOYMENT.md)
- **Issues**: راهنمای کامل عیب‌یابی در مستندات
- **Team**: support@peikarband.ir
---
## 🎯 Next Steps
بعد از دیپلوی موفق:
1. ✅ تنظیم monitoring و alerting
2. ✅ پیکربندی backup strategy
3. ✅ تست load testing
4. ✅ تنظیم CI/CD برای سایر برنچ‌ها
5. ✅ مستندسازی runbooks
---
**Happy Deploying! 🚀**

24
helm/.helmignore
View File

@@ -1,24 +0,0 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

0
deploy/helm/peikarband/Chart.yaml → helm/peikarband/Chart.yaml
View File

0
deploy/helm/peikarband/README.md → helm/peikarband/README.md
View File

0
deploy/helm/peikarband/templates/NOTES.txt → helm/peikarband/templates/NOTES.txt
View File

0
deploy/helm/peikarband/templates/_helpers.tpl → helm/peikarband/templates/_helpers.tpl
View File

0
deploy/helm/peikarband/templates/configmap.yaml → helm/peikarband/templates/configmap.yaml
View File

0
deploy/helm/peikarband/templates/deployment.yaml → helm/peikarband/templates/deployment.yaml
View File

0
deploy/helm/peikarband/templates/docker-registry.yaml → helm/peikarband/templates/docker-registry.yaml
View File

0
deploy/helm/peikarband/templates/hpa.yaml → helm/peikarband/templates/hpa.yaml
View File

0
deploy/helm/peikarband/templates/ingress.yaml → helm/peikarband/templates/ingress.yaml
View File

0
deploy/helm/peikarband/templates/networkpolicy.yaml → helm/peikarband/templates/networkpolicy.yaml
View File

0
deploy/helm/peikarband/templates/pdb.yaml → helm/peikarband/templates/pdb.yaml
View File

0
deploy/helm/peikarband/templates/service.yaml → helm/peikarband/templates/service.yaml
View File

0
deploy/helm/peikarband/templates/serviceaccount.yaml → helm/peikarband/templates/serviceaccount.yaml
View File

0
deploy/helm/peikarband/values-production.yaml → helm/peikarband/values-production.yaml
View File

0
deploy/helm/peikarband/values-staging.yaml → helm/peikarband/values-staging.yaml
View File

0
deploy/helm/peikarband/values.yaml → helm/peikarband/values.yaml
View File

BIN
logo.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 796 KiB

222
peikarband/README.md Normal file
View File

@@ -0,0 +1,222 @@
# پیکربند - پلتفرم جامع مدیریت هاستینگ و زیرساخت ابری
## 📖 درباره پروژه
پیکربند یک پلتفرم حرفه‌ای برای مدیریت هاستینگ، سرورهای ابری، دامین و خدمات DevOps است. این پلتفرم با الهام از سرویس‌هایی مانند Cloudways، DigitalOcean و پارس پک طراحی شده است.
## 🏗️ معماری
این پروژه بر اساس **Clean Architecture** و اصول **SOLID** طراحی شده است:
- **Domain Layer**: منطق کسب‌وکار اصلی
- **Application Layer**: موارد استفاده (Use Cases)
- **Infrastructure Layer**: پیاده‌سازی‌های فنی
- **Presentation Layer**: رابط کاربری (Reflex)
## 🚀 تکنولوژی‌ها
- **Frontend/Backend**: Python Reflex
- **Database**: PostgreSQL + SQLAlchemy
- **Cache**: Redis
- **Task Queue**: Celery
- **Testing**: pytest
- **Code Quality**: black, flake8, mypy, isort
## 📋 پیش‌نیازها
- Python 3.11+
- PostgreSQL 14+
- Redis 7+
- Node.js 18+ (برای Reflex)
## 🛠️ نصب و راه‌اندازی
### 1. کلون کردن پروژه
```bash
git clone https://github.com/yourusername/peikarband.git
cd peikarband
```
### 2. ایجاد محیط مجازی
```bash
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
```
### 3. نصب وابستگی‌ها
```bash
pip install -r requirements.txt
pip install -r requirements-dev.txt # برای توسعه
```
### 4. تنظیم Environment Variables
```bash
cp .env.example .env
# ویرایش .env و تکمیل مقادیر
```
### 5. راه‌اندازی دیتابیس
```bash
# ایجاد دیتابیس
createdb peikarband
# اجرای migrations
alembic upgrade head
```
### 6. اجرای پروژه
```bash
# توسعه
python -m reflex run
# یا
make dev
```
## 🚢 Deployment
### با Docker
```bash
# Build
docker build -t peikarband:latest .
# Run
docker-compose up -d
```
### با Kubernetes/Helm
```bash
# Deploy
helm upgrade --install peikarband ./deploy/helm/peikarband \
--namespace production \
--set image.tag=0.1.0
# یا
make k8s-deploy
```
📖 [راهنمای کامل Deployment](docs/deployment/kubernetes.md)
## 📁 ساختار پروژه
```
peikarband-landing/
├── build/ # Build configs (Docker, CI/CD)
├── deploy/ # Deployment configs (Helm, K8s, ArgoCD)
├── config/ # Configuration files
├── tools/ # Scripts و ابزارها
├── assets/ # Static assets
├── src/ # Source code (Clean Architecture)
│ ├── config/ # تنظیمات
│ ├── core/ # هسته اصلی (Domain + Application)
│ ├── infrastructure/ # پیاده‌سازی‌های فنی
│ ├── presentation/ # رابط کاربری (Reflex)
│ └── shared/ # کدهای مشترک
├── tests/ # تست‌ها
├── docs/ # مستندات کامل
└── data/ # Local data (gitignored)
```
📖 [ساختار کامل پروژه](docs/PROJECT_STRUCTURE.md)
## 🧪 تست
```bash
# اجرای همه تست‌ها
pytest
# با coverage
pytest --cov=src tests/
# تست‌های خاص
pytest tests/unit/
pytest tests/integration/
```
## 📝 کدنویسی
### استانداردها
- **PEP 8**: استاندارد کدنویسی Python
- **PEP 20**: Zen of Python
- **Type Hints**: همه جا استفاده شود
- **Docstrings**: Google Style
### ابزارهای کیفیت کد
```bash
# Format
black src/
# Linting
flake8 src/
# Type checking
mypy src/
# Import sorting
isort src/
```
### Pre-commit Hooks
```bash
pre-commit install
pre-commit run --all-files
```
## 📚 مستندات
مستندات کامل در پوشه `docs/` موجود است:
- [Handbook](docs/handbook.md): راهنمای جامع پروژه
- [Architecture](docs/architecture/): معماری سیستم
- [Development](docs/development/): راهنمای توسعه
- [API Reference](docs/api/): مستندات API
## 🔐 امنیت
- همه پسوردها با bcrypt hash می‌شوند
- استفاده از JWT برای authentication
- پشتیبانی از 2FA
- اطلاعات حساس رمزنگاری می‌شوند
## 🤝 مشارکت
برای مشارکت در پروژه:
1. Fork کنید
2. Branch جدید بسازید (`git checkout -b feature/amazing-feature`)
3. Commit کنید (`git commit -m 'feat: add amazing feature'`)
4. Push کنید (`git push origin feature/amazing-feature`)
5. Pull Request بسازید
## 📄 لایسنس
این پروژه تحت لایسنس MIT منتشر شده است.
## 👥 تیم
- Lead Developer: [Your Name]
- Architecture: Clean Architecture
- Methodology: Agile/Scrum
## 📞 تماس
- Website: https://peikarband.ir
- Email: support@peikarband.ir
- Telegram: @peikarband
---
**نسخه**: 0.1.0
**آخرین بروزرسانی**: 2025-01-24

6
peikarband/__init__.py
View File

@@ -1,6 +0,0 @@
"""Peikarband application package."""
from .peikarband import app
__all__ = ["app"]

0
assets/banner-3.gif → peikarband/assets/banner-3.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.6 MiB

After

Width:  |  Height:  |  Size: 1.6 MiB

0
assets/custom.css → peikarband/assets/custom.css
View File

0
assets/hero-person.svg → peikarband/assets/hero-person.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.3 KiB

After

Width:  |  Height:  |  Size: 2.3 KiB

0
assets/hero-servers.svg → peikarband/assets/hero-servers.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 4.4 KiB

After

Width:  |  Height:  |  Size: 4.4 KiB

0
assets/hero-shield.svg → peikarband/assets/hero-shield.svg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 978 B

After

Width:  |  Height:  |  Size: 978 B

0
assets/logo.png → peikarband/assets/logo.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 796 KiB

After

Width:  |  Height:  |  Size: 796 KiB

0
assets/wordpress-logo.gif → peikarband/assets/wordpress-logo.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 533 KiB

After

Width:  |  Height:  |  Size: 533 KiB

0
assets/wordpress.gif → peikarband/assets/wordpress.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 456 KiB

After

Width:  |  Height:  |  Size: 456 KiB

0
config/alembic.ini → peikarband/config/alembic.ini
View File

0
config/mypy.ini → peikarband/config/mypy.ini
View File

0
config/pytest.ini → peikarband/config/pytest.ini
View File

0
config/reflex.config.py → peikarband/config/reflex.config.py
View File

0
docs/PROJECT_STRUCTURE.md → peikarband/docs/PROJECT_STRUCTURE.md
View File

0
docs/architecture/database-strategy.md → peikarband/docs/architecture/database-strategy.md
View File

0
docs/architecture/overview.md → peikarband/docs/architecture/overview.md
View File

0
docs/changelog/CHANGELOG.md → peikarband/docs/changelog/CHANGELOG.md
View File

0
docs/changelog/known-issues.md → peikarband/docs/changelog/known-issues.md
View File

0
docs/changelog/migrations.md → peikarband/docs/changelog/migrations.md
View File

0
CHANGELOG-DEPLOYMENT.md → peikarband/docs/deployment/CHANGELOG-DEPLOYMENT.md
View File

0
DEPLOYMENT_CHECKLIST.md → peikarband/docs/deployment/DEPLOYMENT_CHECKLIST.md
View File

0
DEPLOYMENT_QUICK_START.md → peikarband/docs/deployment/DEPLOYMENT_QUICK_START.md
View File

0
docs/deployment/PRODUCTION_DEPLOYMENT.md → peikarband/docs/deployment/PRODUCTION_DEPLOYMENT.md
View File

0
docs/deployment/kubernetes.md → peikarband/docs/deployment/kubernetes.md
View File

0
docs/deployment/quickstart.md → peikarband/docs/deployment/quickstart.md
View File

0
docs/development/coding-standards.md → peikarband/docs/development/coding-standards.md
View File

0
docs/development/git-workflow.md → peikarband/docs/development/git-workflow.md
View File

0
docs/development/setup.md → peikarband/docs/development/setup.md
View File

0
docs/handbook.md → peikarband/docs/handbook.md
View File

58
peikarband/peikarband.py
View File

@@ -1,58 +0,0 @@
"""
Peikarband Application Entry Point
This is the main application file that Reflex uses to run the app.
"""
import reflex as rx
from src.presentation.web.pages.landing.index import index
from src.presentation.api.routes.health import (
ping_endpoint,
health_endpoint,
ready_endpoint,
live_endpoint,
)
# Create the app
app = rx.App()
# Add landing page
app.add_page(index, route="/")
# Add health check pages (for Kubernetes probes)
# These return JSON responses for monitoring
@rx.page(route="/ping")
def ping():
"""Basic health check endpoint"""
data = ping_endpoint()
return rx.box(
rx.text(str(data)),
style={"whiteSpace": "pre"}
)
@rx.page(route="/health")
def health():
"""Detailed health check endpoint"""
data = health_endpoint()
return rx.box(
rx.text(str(data)),
style={"whiteSpace": "pre"}
)
@rx.page(route="/ready")
def ready():
"""Readiness probe endpoint"""
data = ready_endpoint()
return rx.box(
rx.text(str(data)),
style={"whiteSpace": "pre"}
)
@rx.page(route="/live")
def live():
"""Liveness probe endpoint"""
data = live_endpoint()
return rx.box(
rx.text(str(data)),
style={"whiteSpace": "pre"}
)

0
requirements-dev.txt → peikarband/requirements-dev.txt
View File

0
requirements.txt → peikarband/requirements.txt
View File

0
rxconfig.py → peikarband/rxconfig.py
View File

0
src/__init__.py → peikarband/src/__init__.py
View File

0
src/config/__init__.py → peikarband/src/config/__init__.py
View File

0
src/config/cache.py → peikarband/src/config/cache.py
View File

0
src/config/database.py → peikarband/src/config/database.py
View File

0
src/config/environments/__init__.py → peikarband/src/config/environments/__init__.py
View File

0
src/config/logging.py → peikarband/src/config/logging.py
View File

0
src/config/settings.py → peikarband/src/config/settings.py
View File

0
src/core/__init__.py → peikarband/src/core/__init__.py
View File

0
src/core/application/__init__.py → peikarband/src/core/application/__init__.py
View File

0
src/core/application/dto/__init__.py → peikarband/src/core/application/dto/__init__.py
View File

0
src/core/application/interfaces/__init__.py → peikarband/src/core/application/interfaces/__init__.py
View File

0
src/core/application/interfaces/providers/__init__.py → peikarband/src/core/application/interfaces/providers/__init__.py
View File

0
src/core/application/interfaces/repositories/__init__.py → peikarband/src/core/application/interfaces/repositories/__init__.py
View File

0
src/core/application/interfaces/services/__init__.py → peikarband/src/core/application/interfaces/services/__init__.py
View File

0
src/core/application/use_cases/__init__.py → peikarband/src/core/application/use_cases/__init__.py
View File

0
src/core/application/use_cases/auth/__init__.py → peikarband/src/core/application/use_cases/auth/__init__.py
View File

0
src/core/application/use_cases/billing/__init__.py → peikarband/src/core/application/use_cases/billing/__init__.py
View File

0
src/core/application/use_cases/servers/__init__.py → peikarband/src/core/application/use_cases/servers/__init__.py
View File

0
src/core/application/use_cases/services/__init__.py → peikarband/src/core/application/use_cases/services/__init__.py
View File

0
src/core/application/validators/__init__.py → peikarband/src/core/application/validators/__init__.py
View File

0
src/core/domain/__init__.py → peikarband/src/core/domain/__init__.py
View File

0
src/core/domain/entities/__init__.py → peikarband/src/core/domain/entities/__init__.py
View File

0
src/core/domain/entities/base.py → peikarband/src/core/domain/entities/base.py
View File

0
src/core/domain/enums/__init__.py → peikarband/src/core/domain/enums/__init__.py
View File

0
src/core/domain/exceptions/__init__.py → peikarband/src/core/domain/exceptions/__init__.py
View File

0
src/core/domain/exceptions/base.py → peikarband/src/core/domain/exceptions/base.py
View File

0
src/core/domain/exceptions/user_exceptions.py → peikarband/src/core/domain/exceptions/user_exceptions.py
View File

0
src/core/domain/value_objects/__init__.py → peikarband/src/core/domain/value_objects/__init__.py
View File

0
src/core/domain/value_objects/email.py → peikarband/src/core/domain/value_objects/email.py
View File

0
src/core/domain/value_objects/money.py → peikarband/src/core/domain/value_objects/money.py
View File

0
src/core/domain/value_objects/phone.py → peikarband/src/core/domain/value_objects/phone.py
View File

Some files were not shown because too many files have changed in this diff Show More