admin/freealberta
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated config.sh and new workflow for getting online.

Browse Source
This commit is contained in:
admin 2025-06-29 15:50:32 -06:00
parent 93088f823a
commit 5a7d38ec71
29 changed files with 6109 additions and 291 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -1,6 +1,6 @@
# Changemaker Lite
Changemaker Lite is a streamlined documentation and development platform featuring essential self-hosted services for creating, managing, and automating content workflows.
Changemaker Lite is a streamlined documentation and development platform featuring essential self-hosted services for creating, managing, and automating political campaign workflows.
## Features

391
config.sh
View File

@ -20,7 +20,7 @@ EOF
# Get the absolute path of the script directory
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
ENV_FILE="$SCRIPT_DIR/.env"
MKDOCS_YML="$SCRIPT_DIR/mkdocs/docs/mkdocs.yml"
MKDOCS_YML="$SCRIPT_DIR/mkdocs/mkdocs.yml" # Fixed path - removed extra 'docs' directory
TUNNEL_CONFIG_DIR="$SCRIPT_DIR/configs/cloudflare"
TUNNEL_CONFIG_FILE="$TUNNEL_CONFIG_DIR/tunnel-config.yml"
SERVICES_YAML="$SCRIPT_DIR/configs/homepage/services.yaml"
@ -322,11 +322,11 @@ update_mkdocs_yml() {
cp "$MKDOCS_YML" "$backup_file"
echo "Created backup of mkdocs.yml at $backup_file"
# Update the site_url value
# Update the site_url value - handle both http and https
sed -i "s|^site_url:.*|site_url: https://$new_domain|" "$MKDOCS_YML"
if grep -q "site_url: https://$new_domain" "$MKDOCS_YML"; then
echo "Updated site_url in mkdocs.yml to: https://$new_domain"
echo "Updated site_url in mkdocs.yml to: https://$new_domain"
return 0
else
echo "Warning: Failed to update site_url in mkdocs.yml"
@ -351,18 +351,25 @@ update_services_yaml() {
cp "$SERVICES_YAML" "$backup_file"
echo "Created backup of services.yaml at $backup_file"
# Update the commented URLs to use the new domain
sed -i "s|# href: \"https://code\.changeme\.org\"|# href: \"https://code.$new_domain\"|g" "$SERVICES_YAML"
sed -i "s|# href: \"https://listmonk\.changeme\.org\"|# href: \"https://listmonk.$new_domain\"|g" "$SERVICES_YAML"
sed -i "s|# href: \"https://db\.changeme\.org\"|# href: \"https://db.$new_domain\"|g" "$SERVICES_YAML"
sed -i "s|# href: \"https://docs\.changeme\.org\"|# href: \"https://docs.$new_domain\"|g" "$SERVICES_YAML"
sed -i "s|# href: \"https://n8n\.changeme\.org\"|# href: \"https://n8n.$new_domain\"|g" "$SERVICES_YAML"
sed -i "s|# href: \"https://test\.com\"|# href: \"https://$new_domain\"|g" "$SERVICES_YAML"
# Update all domain references - handle the current domain (albertademocracytaskforce.org)
# First, update any existing domain to the new domain
sed -i "s|albertademocracytaskforce\.org|$new_domain|g" "$SERVICES_YAML"
# Also update any remaining changeme.org references
# Also update any changeme.org references that might exist
sed -i "s|changeme\.org|$new_domain|g" "$SERVICES_YAML"
echo "Updated service URLs in services.yaml to use domain: $new_domain"
# Update specific service URLs with proper formatting
sed -i "s|# href: \"https://code\.[^\"]*\"|# href: \"https://code.$new_domain\"|g" "$SERVICES_YAML"
sed -i "s|# href: \"https://listmonk\.[^\"]*\"|# href: \"https://listmonk.$new_domain\"|g" "$SERVICES_YAML"
sed -i "s|# href: \"https://db\.[^\"]*\"|# href: \"https://db.$new_domain\"|g" "$SERVICES_YAML"
sed -i "s|# href: \"https://git\.[^\"]*\"|# href: \"https://git.$new_domain\"|g" "$SERVICES_YAML"
sed -i "s|# href: \"https://docs\.[^\"]*\"|# href: \"https://docs.$new_domain\"|g" "$SERVICES_YAML"
sed -i "s|# href: \"https://n8n\.[^\"]*\"|# href: \"https://n8n.$new_domain\"|g" "$SERVICES_YAML"
# Update root domain reference
sed -i "s|# href: \"https://[^/\"]*\"|# href: \"https://$new_domain\"|g" "$SERVICES_YAML" | tail -1
echo "✅ Updated service URLs in services.yaml to use domain: $new_domain"
return 0
}
@ -383,227 +390,99 @@ update_main_html() {
cp "$MAIN_HTML" "$backup_file"
echo "Created backup of main.html at $backup_file"
# Update the login button href to use the new domain
sed -i "s|href=\"https://homepage\.test\.com\"|href=\"https://homepage.$new_domain\"|g" "$MAIN_HTML"
# Update the login button href - handle current domain
sed -i "s|href=\"https://homepage\.[^\"]*\"|href=\"https://homepage.$new_domain\"|g" "$MAIN_HTML"
# Also update any other test.com references
sed -i "s|homepage\.test\.com|homepage.$new_domain|g" "$MAIN_HTML"
# Also update any albertademocracytaskforce.org references
sed -i "s|albertademocracytaskforce\.org|$new_domain|g" "$MAIN_HTML"
echo "Updated login URL in main.html to: https://homepage.$new_domain"
# Update any test.com or changeme.org references
sed -i "s|test\.com|$new_domain|g" "$MAIN_HTML"
sed -i "s|changeme\.org|$new_domain|g" "$MAIN_HTML"
echo "✅ Updated login URL in main.html to: https://homepage.$new_domain"
return 0
}
# Function to check if a port is in use
check_port() {
local port=$1
if command -v ss >/dev/null 2>&1; then
ss -tuln | grep -q ":$port "
elif command -v netstat >/dev/null 2>&1; then
netstat -tuln | grep -q ":$port "
else
# Fallback to lsof if available
if command -v lsof >/dev/null 2>&1; then
lsof -i ":$port" >/dev/null 2>&1
else
echo "Warning: Cannot check port availability. Please ensure ports are free manually."
return 1
fi
fi
}
# Function to check all service ports for conflicts
check_port_conflicts() {
echo "Checking for port conflicts..."
# Function to update the tunnel configuration file with new domain
update_tunnel_config() {
local new_domain=$1
local ports_to_check=(
"${CODE_SERVER_PORT:-8888}:Code Server"
"${LISTMONK_PORT:-9000}:Listmonk"
"${LISTMONK_DB_PORT:-5432}:Listmonk Database"
"${MKDOCS_PORT:-4000}:MkDocs"
"${MKDOCS_SITE_SERVER_PORT:-4001}:MkDocs Site Server"
"${N8N_PORT:-5678}:N8N"
"${NOCODB_PORT:-8090}:NocoDB"
"${HOMEPAGE_PORT:-3010}:Homepage"
"${GITEA_WEB_PORT:-3030}:Gitea Web"
"${GITEA_SSH_PORT:-2222}:Gitea SSH"
)
local conflicts_found=false
for port_info in "${ports_to_check[@]}"; do
local port=$(echo "$port_info" | cut -d: -f1)
local service=$(echo "$port_info" | cut -d: -f2)
if [ ! -f "$TUNNEL_CONFIG_FILE" ]; then
echo "Warning: tunnel-config.yml not found at $TUNNEL_CONFIG_FILE"
echo "Creating new tunnel configuration file..."
if check_port "$port"; then
echo "⚠️ Port conflict detected: $port is already in use (assigned to $service)"
conflicts_found=true
else
echo "✅ Port $port is available for $service"
fi
done
if [ "$conflicts_found" = true ]; then
echo ""
echo "Port conflicts detected! Please choose alternative ports or stop conflicting services."
read -p "Do you want to configure alternative ports? [Y/n]: " configure_ports
if [[ "$configure_ports" =~ ^[Nn]$ ]]; then
echo "Configuration cancelled. Please resolve port conflicts and try again."
exit 1
else
configure_alternative_ports
fi
else
echo "✅ All ports are available!"
fi
}
# Function to configure alternative ports
configure_alternative_ports() {
echo ""
echo "---- Port Configuration ----"
# Code Server
if check_port "${CODE_SERVER_PORT:-8888}"; then
read -p "Enter alternative port for Code Server [current: ${CODE_SERVER_PORT:-8888}]: " new_code_port
if [ ! -z "$new_code_port" ]; then
update_env_var "CODE_SERVER_PORT" "$new_code_port"
fi
# Create the file if it doesn't exist
create_tunnel_config "$new_domain" "${CF_TUNNEL_ID:-\${CF_TUNNEL_ID}}"
return $?
fi
# Listmonk
if check_port "${LISTMONK_PORT:-9000}"; then
read -p "Enter alternative port for Listmonk [current: ${LISTMONK_PORT:-9000}]: " new_listmonk_port
if [ ! -z "$new_listmonk_port" ]; then
update_env_var "LISTMONK_PORT" "$new_listmonk_port"
fi
fi
echo "Updating tunnel configuration with new domain..."
# Listmonk DB
if check_port "${LISTMONK_DB_PORT:-5432}"; then
read -p "Enter alternative port for Listmonk Database [current: ${LISTMONK_DB_PORT:-5432}]: " new_db_port
if [ ! -z "$new_db_port" ]; then
update_env_var "LISTMONK_DB_PORT" "$new_db_port"
fi
fi
# Create a backup of the tunnel-config.yml file
local timestamp=$(date +"%Y%m%d_%H%M%S")
local backup_file="${TUNNEL_CONFIG_FILE}.backup_${timestamp}"
cp "$TUNNEL_CONFIG_FILE" "$backup_file"
echo "Created backup of tunnel-config.yml at $backup_file"
# MkDocs
if check_port "${MKDOCS_PORT:-4000}"; then
read -p "Enter alternative port for MkDocs [current: ${MKDOCS_PORT:-4000}]: " new_mkdocs_port
if [ ! -z "$new_mkdocs_port" ]; then
update_env_var "MKDOCS_PORT" "$new_mkdocs_port"
fi
fi
# Since the current file has all entries as cmlite.org pointing to port 3010,
# we need to recreate it with the proper configuration
echo "Regenerating tunnel configuration with correct service mappings..."
# MkDocs Site Server
if check_port "${MKDOCS_SITE_SERVER_PORT:-4001}"; then
read -p "Enter alternative port for MkDocs Site Server [current: ${MKDOCS_SITE_SERVER_PORT:-4001}]: " new_site_port
if [ ! -z "$new_site_port" ]; then
update_env_var "MKDOCS_SITE_SERVER_PORT" "$new_site_port"
fi
fi
# Load current environment variables to get port numbers
load_env_vars
# N8N
if check_port "${N8N_PORT:-5678}"; then
read -p "Enter alternative port for N8N [current: ${N8N_PORT:-5678}]: " new_n8n_port
if [ ! -z "$new_n8n_port" ]; then
update_env_var "N8N_PORT" "$new_n8n_port"
fi
fi
# NocoDB
if check_port "${NOCODB_PORT:-8090}"; then
read -p "Enter alternative port for NocoDB [current: ${NOCODB_PORT:-8090}]: " new_nocodb_port
if [ ! -z "$new_nocodb_port" ]; then
update_env_var "NOCODB_PORT" "$new_nocodb_port"
fi
fi
# Homepage
if check_port "${HOMEPAGE_PORT:-3010}"; then
read -p "Enter alternative port for Homepage [current: ${HOMEPAGE_PORT:-3010}]: " new_homepage_port
if [ ! -z "$new_homepage_port" ]; then
update_env_var "HOMEPAGE_PORT" "$new_homepage_port"
fi
fi
# Gitea Web
if check_port "${GITEA_WEB_PORT:-3030}"; then
read -p "Enter alternative port for Gitea Web [current: ${GITEA_WEB_PORT:-3030}]: " new_gitea_web_port
if [ ! -z "$new_gitea_web_port" ]; then
update_env_var "GITEA_WEB_PORT" "$new_gitea_web_port"
fi
fi
# Gitea SSH
if check_port "${GITEA_SSH_PORT:-2222}"; then
read -p "Enter alternative port for Gitea SSH [current: ${GITEA_SSH_PORT:-2222}]: " new_gitea_ssh_port
if [ ! -z "$new_gitea_ssh_port" ]; then
update_env_var "GITEA_SSH_PORT" "$new_gitea_ssh_port"
fi
fi
echo "Port configuration completed."
}
# Function to create Cloudflare tunnel configuration file
create_tunnel_config() {
local domain=$1
local tunnel_id=$2
# Ensure the tunnel config directory exists
if [ ! -d "$TUNNEL_CONFIG_DIR" ]; then
echo "Creating Cloudflare tunnel config directory at $TUNNEL_CONFIG_DIR"
mkdir -p "$TUNNEL_CONFIG_DIR"
fi
echo "Creating Cloudflare tunnel configuration file..."
# Generate the tunnel configuration file with simpler format
# Recreate the tunnel configuration with proper mappings
cat > "$TUNNEL_CONFIG_FILE" << EOL
# filepath: /home/bunker-admin/changemaker.lite/configs/cloudflare/tunnel-config.yml
# Cloudflare Tunnel Configuration
# Auto-generated by Changemaker Configuration Wizard
tunnel: $tunnel_id # e.g. 1234567890abcdef
credentials-file: /home/coder/.cloudflared/$tunnel_id.json # e.g. /home/coder/.cloudflared/[insert tunnel number].json
tunnel: ${CF_TUNNEL_ID:-\${CF_TUNNEL_ID}} # e.g. 1234567890abcdef
credentials-file: /home/coder/.cloudflared/${CF_TUNNEL_ID:-\${CF_TUNNEL_ID}}.json # e.g. /home/coder/.cloudflared/[insert tunnel number].json
ingress:
- hostname: homepage.$domain
- hostname: homepage.$new_domain
service: http://localhost:${HOMEPAGE_PORT:-3010}
- hostname: code.$domain
- hostname: code.$new_domain
service: http://localhost:${CODE_SERVER_PORT:-8888}
- hostname: listmonk.$domain
- hostname: listmonk.$new_domain
service: http://localhost:${LISTMONK_PORT:-9000}
- hostname: docs.$domain
- hostname: docs.$new_domain
service: http://localhost:${MKDOCS_PORT:-4000}
- hostname: $domain
- hostname: $new_domain
service: http://localhost:${MKDOCS_SITE_SERVER_PORT:-4001}
- hostname: n8n.$domain
- hostname: n8n.$new_domain
service: http://localhost:${N8N_PORT:-5678}
- hostname: db.$domain
- hostname: db.$new_domain
service: http://localhost:${NOCODB_PORT:-8090}
- hostname: git.$domain
- hostname: git.$new_domain
service: http://localhost:${GITEA_WEB_PORT:-3030}
# Catch-all rule (required)
- service: http_status:404
EOL
echo "✅ Tunnel configuration file created at: $TUNNEL_CONFIG_FILE"
# If the tunnel ID is a placeholder, provide instructions
if [[ "$tunnel_id" == "\${CF_TUNNEL_ID}" ]]; then
echo "NOTE: You need to replace ${CF_TUNNEL_ID} with your actual Cloudflare Tunnel ID"
echo " once you create a tunnel in the Cloudflare Zero Trust dashboard."
fi
echo "✅ Regenerated tunnel configuration with correct service mappings for domain: $new_domain"
return 0
}
# Function to get Cloudflare API Token and Zone ID
get_cloudflare_credentials() {
echo ""
echo "To use the DNS setup script, you'll need Cloudflare credentials."
echo "You can find these values in your Cloudflare dashboard:"
echo " - API Token: https://dash.cloudflare.com/profile/api-tokens"
echo " (Create a token with Zone:DNS:Edit and Access:Apps:Edit permissions)"
echo " - Zone ID: On your domain's overview page"
echo ""
}
# Function to show tunnel setup instructions
@ -704,88 +583,40 @@ echo "Domain settings updated successfully!"
# Cloudflare Configuration
echo -e "\n---- Cloudflare Configuration ----"
echo "To use the DNS setup script, you'll need Cloudflare credentials."
echo "You can find these values in your Cloudflare dashboard:"
echo " - API Token: https://dash.cloudflare.com/profile/api-tokens"
echo " (Create a token with Zone:DNS:Edit and Access:Apps:Edit permissions)"
echo " - Zone ID: On your domain's overview page"
echo " - Tunnel ID: In the Zero Trust dashboard under Access > Tunnels"
echo ""
get_cloudflare_credentials
read -p "Do you want to configure Cloudflare settings now? [Y/n]: " configure_cf
if [[ ! "$configure_cf" =~ ^[Nn]$ ]]; then
echo ""
echo "Please enter your Cloudflare credentials:"
# CF API Token
# Get Cloudflare API Token
read -p "Enter your Cloudflare API Token: " cf_api_token
if [ ! -z "$cf_api_token" ]; then
# Basic validation for API token format
if [[ "$cf_api_token" =~ ^[A-Za-z0-9_-]{40}$ ]]; then
update_env_var "CF_API_TOKEN" "$cf_api_token"
echo "✅ Cloudflare API Token updated"
else
echo "⚠️ Warning: API Token format seems incorrect (should be 40 characters)"
update_env_var "CF_API_TOKEN" "$cf_api_token"
fi
else
echo "⚠️ Cloudflare API Token left unchanged"
fi
while [ -z "$cf_api_token" ] || [ "$cf_api_token" == "your_cloudflare_api_token" ]; do
echo "API Token is required. Please enter a valid token."
read -p "Enter your Cloudflare API Token: " cf_api_token
done
# CF Zone ID
# Get Cloudflare Zone ID
read -p "Enter your Cloudflare Zone ID: " cf_zone_id
if [ ! -z "$cf_zone_id" ]; then
# Basic validation for Zone ID format
if [[ "$cf_zone_id" =~ ^[a-f0-9]{32}$ ]]; then
update_env_var "CF_ZONE_ID" "$cf_zone_id"
echo "✅ Cloudflare Zone ID updated"
else
echo "⚠️ Warning: Zone ID format seems incorrect (should be 32 hex characters)"
update_env_var "CF_ZONE_ID" "$cf_zone_id"
fi
else
echo "⚠️ Cloudflare Zone ID left unchanged"
while [ -z "$cf_zone_id" ] || [ "$cf_zone_id" == "your_cloudflare_zone_id" ]; do
echo "Zone ID is required. Please enter a valid Zone ID."
read -p "Enter your Cloudflare Zone ID: " cf_zone_id
done
# Optional: Get Account ID now
read -p "Enter your Cloudflare Account ID (optional, can be added later): " cf_account_id
# Update .env file with Cloudflare credentials
update_env_var "CF_API_TOKEN" "$cf_api_token"
update_env_var "CF_ZONE_ID" "$cf_zone_id"
update_env_var "CF_DOMAIN" "$domain_name"
if [ ! -z "$cf_account_id" ]; then
update_env_var "CF_ACCOUNT_ID" "$cf_account_id"
fi
# CF Tunnel ID
read -p "Enter your Cloudflare Tunnel ID: " cf_tunnel_id
if [ ! -z "$cf_tunnel_id" ]; then
# Basic validation for Tunnel ID format (UUID)
if [[ "$cf_tunnel_id" =~ ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$ ]]; then
update_env_var "CF_TUNNEL_ID" "$cf_tunnel_id"
echo "✅ Cloudflare Tunnel ID updated"
# Create tunnel configuration with the provided tunnel ID
create_tunnel_config "$domain_name" "$cf_tunnel_id"
else
echo "⚠️ Warning: Tunnel ID format seems incorrect (should be UUID format)"
update_env_var "CF_TUNNEL_ID" "$cf_tunnel_id"
# Still create the config file even with potentially incorrect format
create_tunnel_config "$domain_name" "$cf_tunnel_id"
fi
else
echo "⚠️ Cloudflare Tunnel ID left unchanged"
# Create template config without tunnel ID
create_tunnel_config "$domain_name" "\${CF_TUNNEL_ID}"
fi
echo ""
echo "Cloudflare configuration completed!"
echo "You can now run './add-cname-records.sh' to set up DNS records."
# Show tunnel setup instructions
show_tunnel_instructions "$domain_name"
echo "Cloudflare credentials saved successfully!"
else
echo "Skipping Cloudflare configuration. You can run this script again later to configure it."
# Still create a template tunnel config
echo ""
read -p "Do you want to create a template tunnel configuration anyway? [Y/n]: " create_template
if [[ ! "$create_template" =~ ^[Nn]$ ]]; then
create_tunnel_config "$domain_name" "\${CF_TUNNEL_ID}"
echo "Template tunnel configuration created. Update CF_TUNNEL_ID in .env and regenerate if needed."
fi
echo "Skipping Cloudflare configuration. You can configure it later by editing the .env file."
fi
# Update the site_url in mkdocs.yml
@ -800,6 +631,10 @@ update_services_yaml "$domain_name"
echo -e "\nUpdating login URL in main.html..."
update_main_html "$domain_name"
# Update the tunnel configuration file
echo -e "\nUpdating tunnel configuration..."
update_tunnel_config "$domain_name"
# Listmonk Admin Credentials configuration
echo -e "\n---- Listmonk Admin Credentials ----"
read -p "Enter Listmonk admin email/username [default: admin@example.com]: " listmonk_user
@ -877,8 +712,24 @@ if [[ ! "$configure_cf" =~ ^[Nn]$ ]]; then
fi
echo -e "\nYour .env file is located at: $ENV_FILE"
echo "A backup of your original .env file was created before modifications."
echo -e "\nNext steps:"
echo "1. Run 'docker-compose up -d' to start your services"
if [[ ! "$configure_cf" =~ ^[Nn]$ ]]; then
echo "2. Run './add-cname-records.sh' to set up DNS records and access policies"
fi
echo ""
echo "======================================"
echo "Next Steps:"
echo "======================================"
echo ""
echo "1. Start services locally:"
echo " docker compose up -d"
echo ""
echo "2. Test all services at:"
echo " - Homepage: http://localhost:${HOMEPAGE_PORT:-3010}"
echo " - Code Server: http://localhost:${CODE_SERVER_PORT:-8888}"
echo " - Listmonk: http://localhost:${LISTMONK_PORT:-9000}"
echo " - Documentation: http://localhost:${MKDOCS_PORT:-4000}"
echo " - n8n: http://localhost:${N8N_PORT:-5678}"
echo " - NocoDB: http://localhost:${NOCODB_PORT:-8090}"
echo " - Gitea: http://localhost:${GITEA_WEB_PORT:-3030}"
echo ""
echo "3. When ready for production:"
echo " ./start-production.sh"
echo ""
echo "======================================"

20
configs/cloudflare/tunnel-config.yml
View File

@ -2,32 +2,32 @@
# Cloudflare Tunnel Configuration
# Auto-generated by Changemaker Configuration Wizard
tunnel: ${CF_TUNNEL_ID} # e.g. 1234567890abcdef
credentials-file: /home/coder/.cloudflared/${CF_TUNNEL_ID}.json # e.g. /home/coder/.cloudflared/[insert tunnel number].json
tunnel: your_cloudflared_tunnel_id} # e.g. 1234567890abcdef
credentials-file: /home/coder/.cloudflared/your_cloudflared_tunnel_id}.json # e.g. /home/coder/.cloudflared/[insert tunnel number].json
ingress:
- hostname: homepage.test.com
- hostname: homepage.cmlite.org
service: http://localhost:3010
- hostname: code.test.com
- hostname: code.cmlite.org
service: http://localhost:8888
- hostname: listmonk.test.com
- hostname: listmonk.cmlite.org
service: http://localhost:9001
- hostname: docs.test.com
- hostname: docs.cmlite.org
service: http://localhost:4000
- hostname: test.com
- hostname: cmlite.org
service: http://localhost:4002
- hostname: n8n.test.com
- hostname: n8n.cmlite.org
service: http://localhost:5678
- hostname: db.test.com
- hostname: db.cmlite.org
service: http://localhost:8090
- hostname: git.test.com
- hostname: git.cmlite.org
service: http://localhost:3030
# Catch-all rule (required)

34
configs/cloudflare/tunnel-config.yml.backup_20250629_154241 Normal file
View File

@ -0,0 +1,34 @@
# filepath: /home/bunker-admin/changemaker.lite/configs/cloudflare/tunnel-config.yml
# Cloudflare Tunnel Configuration
# Auto-generated by Changemaker Configuration Wizard
tunnel: ${CF_TUNNEL_ID} # e.g. 1234567890abcdef
credentials-file: /home/coder/.cloudflared/${CF_TUNNEL_ID}.json # e.g. /home/coder/.cloudflared/[insert tunnel number].json
ingress:
- hostname: homepage.test.com
service: http://localhost:3010
- hostname: code.test.com
service: http://localhost:8888
- hostname: listmonk.test.com
service: http://localhost:9001
- hostname: docs.test.com
service: http://localhost:4000
- hostname: test.com
service: http://localhost:4002
- hostname: n8n.test.com
service: http://localhost:5678
- hostname: db.test.com
service: http://localhost:8090
- hostname: git.test.com
service: http://localhost:3030
# Catch-all rule (required)
- service: http_status:404

34
configs/cloudflare/tunnel-config.yml.backup_20250629_154929 Normal file
View File

@ -0,0 +1,34 @@
# filepath: /home/bunker-admin/changemaker.lite/configs/cloudflare/tunnel-config.yml
# Cloudflare Tunnel Configuration
# Auto-generated by Changemaker Configuration Wizard
tunnel: ${CF_TUNNEL_ID} # e.g. 1234567890abcdef
credentials-file: /home/coder/.cloudflared/${CF_TUNNEL_ID}.json # e.g. /home/coder/.cloudflared/[insert tunnel number].json
ingress:
- hostname: cmlite.org
service: http://localhost:3010
- hostname: cmlite.org
service: http://localhost:3010
- hostname: cmlite.org
service: http://localhost:3010
- hostname: cmlite.org
service: http://localhost:3010
- hostname: cmlite.org
service: http://localhost:3010
- hostname: cmlite.org
service: http://localhost:3010
- hostname: cmlite.org
service: http://localhost:3010
- hostname: cmlite.org
service: http://localhost:3010
# Catch-all rule (required)
- service: http_status:404

14
configs/homepage/services.yaml
View File

@ -4,7 +4,7 @@
- Essential Tools:
- Code Server:
href: "http://localhost:8888"
# href: "https://code.albertademocracytaskforce.org" # Uncomment for public access
# href: "https://cmlite.org" # Uncomment for public access
description: VS Code in the browser
icon: mdi-code-braces
widget:
@ -13,7 +13,7 @@
server: my-docker
- Listmonk:
href: "http://localhost:9000"
# href: "https://listmonk.albertademocracytaskforce.org" # Uncomment for public access
# href: "https://cmlite.org" # Uncomment for public access
description: Newsletter & mailing list manager
icon: mdi-email-newsletter
widget:
@ -22,7 +22,7 @@
server: my-docker
- NocoDB:
href: "http://localhost:8090"
# href: "https://db.albertademocracytaskforce.org" # Uncomment for public access
# href: "https://cmlite.org" # Uncomment for public access
description: No-code database platform
icon: mdi-database
widget:
@ -31,7 +31,7 @@
server: my-docker
- Gitea:
href: "http://localhost:3030"
# href: "https://git.albertademocracytaskforce.org" # Uncomment for public access
# href: "https://cmlite.org" # Uncomment for public access
description: Git repository hosting
icon: mdi-git
widget:
@ -42,7 +42,7 @@
- Content & Documentation:
- MkDocs (Live):
href: "http://localhost:4000"
# href: "https://docs.albertademocracytaskforce.org" # Uncomment for public access
# href: "https://cmlite.org" # Uncomment for public access
description: Live documentation server with hot reload
icon: mdi-book-open-page-variant
widget:
@ -51,7 +51,7 @@
server: my-docker
- Static Site:
href: "http://localhost:4001"
# href: "https://albertademocracytaskforce.org" # Uncomment for public access
# href: "https://cmlite.org" # Uncomment for public access
description: Built documentation hosting
icon: mdi-web
widget:
@ -62,7 +62,7 @@
- Automation & Infrastructure:
- n8n:
href: "http://localhost:5678"
# href: "https://n8n.albertademocracytaskforce.org" # Uncomment for public access
# href: "https://cmlite.org" # Uncomment for public access
description: Workflow automation platform
icon: mdi-workflow
widget:

0
configs/homepage/services.yaml.backup_20250602_184336 → configs/homepage/services.yaml.backup_20250629_154241
View File

87
configs/homepage/services.yaml.backup_20250629_154929 Normal file
View File

@ -0,0 +1,87 @@
---
# For public access, replace "http://localhost" with your subdomain URLs
- Essential Tools:
- Code Server:
href: "http://localhost:8888"
# href: "https://code.albertademocracytaskforce.org" # Uncomment for public access
description: VS Code in the browser
icon: mdi-code-braces
widget:
type: docker
container: code-server-changemaker
server: my-docker
- Listmonk:
href: "http://localhost:9000"
# href: "https://listmonk.albertademocracytaskforce.org" # Uncomment for public access
description: Newsletter & mailing list manager
icon: mdi-email-newsletter
widget:
type: docker
container: listmonk_app
server: my-docker
- NocoDB:
href: "http://localhost:8090"
# href: "https://db.albertademocracytaskforce.org" # Uncomment for public access
description: No-code database platform
icon: mdi-database
widget:
type: docker
container: changemakerlite-nocodb-1
server: my-docker
- Gitea:
href: "http://localhost:3030"
# href: "https://git.albertademocracytaskforce.org" # Uncomment for public access
description: Git repository hosting
icon: mdi-git
widget:
type: docker
container: gitea_changemaker
server: my-docker
- Content & Documentation:
- MkDocs (Live):
href: "http://localhost:4000"
# href: "https://docs.albertademocracytaskforce.org" # Uncomment for public access
description: Live documentation server with hot reload
icon: mdi-book-open-page-variant
widget:
type: docker
container: mkdocs-changemaker
server: my-docker
- Static Site:
href: "http://localhost:4001"
# href: "https://albertademocracytaskforce.org" # Uncomment for public access
description: Built documentation hosting
icon: mdi-web
widget:
type: docker
container: mkdocs-site-server-changemaker
server: my-docker
- Automation & Infrastructure:
- n8n:
href: "http://localhost:5678"
# href: "https://n8n.albertademocracytaskforce.org" # Uncomment for public access
description: Workflow automation platform
icon: mdi-workflow
widget:
type: docker
container: n8n-changemaker
server: my-docker
- PostgreSQL (Listmonk):
href: "#"
description: Database for Listmonk
icon: mdi-database-outline
widget:
type: docker
container: listmonk_db
server: my-docker
- PostgreSQL (NocoDB):
href: "#"
description: Database for NocoDB
icon: mdi-database-outline
widget:
type: docker
container: changemakerlite-root_db-1
server: my-docker

22
docker-compose.yml
View File

@ -83,7 +83,7 @@ services:
- "${MKDOCS_PORT:-4000}:8000"
environment:
- SITE_URL=${BASE_DOMAIN:-https://changeme.org}
command: serve --dev-addr=0.0.0.0:8000 --watch-theme --livereload
command: serve --dev-addr=0.0.0.0:8000 --watch-theme --livereload --dirty
networks:
- changemaker-lite
restart: unless-stopped
@ -230,6 +230,26 @@ services:
timeout: 5s
retries: 5
# Cloudflare Tunnel (uncommented by start-production.sh)
# cloudflared:
# image: cloudflare/cloudflared:latest
# container_name: cloudflared-changemaker
# restart: unless-stopped
# command: tunnel run
# environment:
# - TUNNEL_TOKEN=${CF_TUNNEL_TOKEN}
# networks:
# - changemaker-lite
# depends_on:
# - homepage-changemaker
# - code-server
# - listmonk-app
# - mkdocs
# - mkdocs-site-server
# - n8n
# - nocodb
# - gitea-app
networks:
changemaker-lite:
driver: bridge

29
map/.gitignore vendored Normal file
View File

@ -0,0 +1,29 @@
# Dependencies
node_modules/
npm-debug.log*
yarn-debug.log*
yarn-error.log*
# Environment files
.env
.env.local
.env.*.local
# IDE files
.vscode/
.idea/
*.swp
*.swo
*~
# OS files
.DS_Store
Thumbs.db
# Logs
logs/
*.log
# Build outputs
dist/
build/

142
map/README.md Normal file
View File

@ -0,0 +1,142 @@
# NocoDB Map Viewer
A containerized web application that visualizes geographic data from NocoDB on an interactive map using Leaflet.js.
## Features
- 🗺️ Interactive map visualization with OpenStreetMap
- 📍 Real-time geolocation support
- Add new locations directly from the map
- 🔄 Auto-refresh every 30 seconds
- 📱 Responsive design for mobile devices
- 🔒 Secure API proxy to protect credentials
- 🐳 Docker containerization for easy deployment
- 🆓 100% open source (no proprietary dependencies)
## Quick Start
### Prerequisites
- Docker and Docker Compose
- NocoDB instance with a table containing location data
- NocoDB API token
### NocoDB Table Setup
1. Create a table in NocoDB with these required columns:
- `geodata` (Text): Format "latitude;longitude"
- `latitude` (Decimal): Precision 10, Scale 8
- `longitude` (Decimal): Precision 11, Scale 8
2. Optional recommended columns:
- `title` (Text): Location name
- `description` (Long Text): Details
- `category` (Single Select): Classification
### Installation
1. Clone this repository or create the file structure as shown
2. Copy the environment template:
```bash
cp .env.example .env
```
3. Edit `.env` with your NocoDB details:
```env
NOCODB_API_URL=https://db.lindalindsay.org/api/v1
NOCODB_API_TOKEN=your-token-here
NOCODB_VIEW_URL=https://db.lindalindsay.org/dashboard/#/nc/p406kno3lbq4zmq/mvtryxrvze6td79
```
4. Start the application:
```bash
docker-compose up -d
```
5. Access the map at: http://localhost:3000
## Finding NocoDB IDs
### API Token
1. Click user icon → Account Settings
2. Go to "API Tokens" tab
3. Create new token with read/write permissions
### Project and Table IDs
- Simply provide the full NocoDB view URL in `NOCODB_VIEW_URL`
- The system will automatically extract the project and table IDs
## API Endpoints
- `GET /api/locations` - Fetch all locations
- `POST /api/locations` - Create new location
- `GET /api/locations/:id` - Get single location
- `PUT /api/locations/:id` - Update location
- `DELETE /api/locations/:id` - Delete location
- `GET /health` - Health check
## Configuration
All configuration is done via environment variables:
| Variable | Description | Default |
|----------|-------------|---------|
| `NOCODB_API_URL` | NocoDB API base URL | Required |
| `NOCODB_API_TOKEN` | API authentication token | Required |
| `NOCODB_VIEW_URL` | Full NocoDB view URL | Required |
| `PORT` | Server port | 3000 |
| `DEFAULT_LAT` | Default map latitude | 53.5461 |
| `DEFAULT_LNG` | Default map longitude | -113.4938 |
| `DEFAULT_ZOOM` | Default map zoom level | 11 |
## Development
To run in development mode:
1. Install dependencies:
```bash
cd app
npm install
```
2. Start with hot reload:
```bash
npm run dev
```
## Security Considerations
- API tokens are kept server-side only
- CORS is configured for security
- Rate limiting prevents abuse
- Input validation on all endpoints
- Helmet.js for security headers
## Troubleshooting
### Locations not showing
- Verify table has `geodata`, `latitude`, and `longitude` columns
- Check that coordinates are valid numbers
- Ensure API token has read permissions
### Cannot add locations
- Verify API token has write permissions
- Check browser console for errors
- Ensure coordinates are within valid ranges
### Connection errors
- Verify NocoDB instance is accessible
- Check API URL format
- Confirm network connectivity
## License
MIT License - See LICENSE file for details
## Support
For issues or questions:
1. Check the troubleshooting section
2. Review NocoDB documentation
3. Open an issue on GitHub

41
map/app/Dockerfile Normal file
View File

@ -0,0 +1,41 @@
# Build stage
FROM node:18-alpine AS builder
WORKDIR /app
# Copy package files
COPY package*.json ./
# Install dependencies
RUN npm ci --only=production && npm cache clean --force
# Runtime stage
FROM node:18-alpine
# Install wget for healthcheck
RUN apk add --no-cache wget
WORKDIR /app
# Copy dependencies from builder
COPY --from=builder /app/node_modules ./node_modules
# Copy application files
COPY package*.json ./
COPY server.js ./
COPY public ./public
COPY routes ./routes
COPY services ./services
# Create non-root user
RUN addgroup -g 1001 -S nodejs && \
adduser -S nodejs -u 1001
# Change ownership
RUN chown -R nodejs:nodejs /app
USER nodejs
EXPOSE 3000
CMD ["node", "server.js"]

1732
map/app/package-lock.json generated Normal file
View File

File diff suppressed because it is too large Load Diff

37
map/app/package.json Normal file
View File

@ -0,0 +1,37 @@
{
"name": "nocodb-map-viewer",
"version": "1.0.0",
"description": "Interactive map viewer for NocoDB geographic data",
"main": "server.js",
"scripts": {
"start": "node server.js",
"dev": "nodemon server.js",
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [
"nocodb",
"map",
"leaflet",
"gis",
"location"
],
"author": "",
"license": "MIT",
"dependencies": {
"axios": "^1.6.0",
"cookie-parser": "^1.4.7",
"cors": "^2.8.5",
"dotenv": "^16.3.1",
"express": "^4.18.2",
"express-rate-limit": "^7.1.4",
"express-session": "^1.18.1",
"helmet": "^7.1.0",
"winston": "^3.11.0"
},
"devDependencies": {
"nodemon": "^3.0.1"
},
"engines": {
"node": ">=18.0.0"
}
}

628
map/app/public/css/style.css Normal file
View File

@ -0,0 +1,628 @@
/* CSS Variables for theming */
:root {
--primary-color: #2c5aa0;
--success-color: #27ae60;
--danger-color: #e74c3c;
--warning-color: #f39c12;
--secondary-color: #95a5a6;
--dark-color: #2c3e50;
--light-color: #ecf0f1;
--border-radius: 4px;
--transition: all 0.3s ease;
--header-height: 60px;
}
/* Reset and base styles */
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif;
font-size: 16px;
line-height: 1.5;
color: var(--dark-color);
background-color: var(--light-color);
}
/* App container */
#app {
display: flex;
flex-direction: column;
height: 100vh;
position: relative;
}
/* Header */
.header {
height: var(--header-height);
background-color: var(--dark-color);
color: white;
display: flex;
align-items: center;
justify-content: space-between;
padding: 0 20px;
box-shadow: 0 2px 4px rgba(0,0,0,0.1);
z-index: 1000;
}
.header h1 {
font-size: 24px;
font-weight: 600;
}
.header-actions {
display: flex;
align-items: center;
gap: 15px;
}
.location-count {
background-color: rgba(255,255,255,0.1);
padding: 5px 15px;
border-radius: 20px;
font-size: 14px;
}
/* User info in header */
.user-info {
display: flex;
align-items: center;
gap: 15px;
padding: 0 15px;
border-right: 1px solid rgba(255,255,255,0.2);
margin-right: 15px;
}
.user-email {
font-size: 14px;
color: rgba(255,255,255,0.9);
}
/* Map container */
#map-container {
flex: 1;
position: relative;
overflow: hidden;
}
#map {
width: 100%;
height: 100%;
background-color: #f0f0f0;
}
/* Map controls */
.map-controls {
position: absolute;
top: 20px;
right: 20px;
display: flex;
flex-direction: column;
gap: 10px;
z-index: 1000;
}
/* Buttons */
.btn {
padding: 10px 16px;
border: none;
border-radius: var(--border-radius);
font-size: 14px;
font-weight: 500;
cursor: pointer;
transition: var(--transition);
display: inline-flex;
align-items: center;
gap: 5px;
white-space: nowrap;
outline: none;
}
.btn:hover {
transform: translateY(-1px);
box-shadow: 0 4px 8px rgba(0,0,0,0.15);
}
.btn:active {
transform: translateY(0);
}
.btn-primary {
background-color: var(--primary-color);
color: white;
}
.btn-primary:hover {
background-color: #2471a3;
}
.btn-success {
background-color: var(--success-color);
color: white;
}
.btn-success:hover {
background-color: #229954;
}
.btn-secondary {
background-color: var(--secondary-color);
color: white;
}
.btn-secondary:hover {
background-color: #7f8c8d;
}
.btn-sm {
padding: 6px 12px;
font-size: 13px;
}
.btn-danger {
background-color: var(--danger-color);
color: white;
}
.btn-danger:hover {
background-color: #c0392b;
}
/* Crosshair for location selection */
.crosshair {
position: absolute;
top: 50%;
left: 50%;
transform: translate(-50%, -50%);
pointer-events: none;
z-index: 999;
}
.crosshair.hidden {
display: none;
}
.crosshair-x,
.crosshair-y {
position: absolute;
background-color: rgba(44, 90, 160, 0.8);
}
.crosshair-x {
width: 40px;
height: 2px;
left: -20px;
top: -1px;
}
.crosshair-y {
width: 2px;
height: 40px;
left: -1px;
top: -20px;
}
.crosshair-info {
position: absolute;
top: 30px;
left: 50%;
transform: translateX(-50%);
background-color: rgba(44, 62, 80, 0.9);
color: white;
padding: 5px 10px;
border-radius: var(--border-radius);
font-size: 12px;
white-space: nowrap;
}
/* Status messages */
.status-container {
position: fixed;
top: calc(var(--header-height) + 20px);
left: 50%;
transform: translateX(-50%);
z-index: 2000;
max-width: 400px;
width: 90%;
}
.status-message {
padding: 12px 20px;
border-radius: var(--border-radius);
margin-bottom: 10px;
display: flex;
align-items: center;
gap: 10px;
animation: slideIn 0.3s ease;
box-shadow: 0 2px 8px rgba(0,0,0,0.1);
}
@keyframes slideIn {
from {
opacity: 0;
transform: translateY(-20px);
}
to {
opacity: 1;
transform: translateY(0);
}
}
.status-message.success {
background-color: var(--success-color);
color: white;
}
.status-message.error {
background-color: var(--danger-color);
color: white;
}
.status-message.warning {
background-color: var(--warning-color);
color: white;
}
.status-message.info {
background-color: var(--primary-color);
color: white;
}
/* Modal */
.modal {
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-color: rgba(0,0,0,0.5);
display: flex;
align-items: center;
justify-content: center;
z-index: 3000;
animation: fadeIn 0.3s ease;
}
.modal.hidden {
display: none;
}
@keyframes fadeIn {
from { opacity: 0; }
to { opacity: 1; }
}
.modal-content {
background-color: white;
border-radius: var(--border-radius);
width: 90%;
max-width: 500px;
max-height: 90vh;
overflow: auto;
box-shadow: 0 4px 20px rgba(0,0,0,0.15);
animation: slideUp 0.3s ease;
}
@keyframes slideUp {
from {
opacity: 0;
transform: translateY(50px);
}
to {
opacity: 1;
transform: translateY(0);
}
}
.modal-header {
padding: 20px;
border-bottom: 1px solid #e0e0e0;
display: flex;
justify-content: space-between;
align-items: center;
}
.modal-header h2 {
font-size: 20px;
font-weight: 600;
color: var(--dark-color);
}
.modal-close {
background: none;
border: none;
font-size: 24px;
cursor: pointer;
color: var(--secondary-color);
width: 30px;
height: 30px;
display: flex;
align-items: center;
justify-content: center;
border-radius: 50%;
transition: var(--transition);
}
.modal-close:hover {
background-color: var(--light-color);
color: var(--dark-color);
}
.modal-body {
padding: 20px;
}
/* Edit Footer Form */
.edit-footer {
position: fixed;
bottom: 0;
left: 0;
right: 0;
background-color: white;
border-top: 2px solid var(--primary-color);
box-shadow: 0 -2px 10px rgba(0,0,0,0.1);
z-index: 1500;
transition: transform 0.3s ease;
max-height: 60vh;
overflow-y: auto;
}
.edit-footer.hidden {
transform: translateY(100%);
}
.edit-footer-content {
padding: 20px;
max-width: 800px;
margin: 0 auto;
}
.edit-footer-header {
display: flex;
justify-content: space-between;
align-items: center;
margin-bottom: 20px;
padding-bottom: 15px;
border-bottom: 1px solid #e0e0e0;
}
.edit-footer-header h2 {
margin: 0;
font-size: 20px;
color: var(--dark-color);
}
/* Form styles */
.form-group {
margin-bottom: 15px;
}
.form-row {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 15px;
}
.form-group label {
display: block;
margin-bottom: 5px;
font-weight: 500;
color: var(--dark-color);
font-size: 14px;
}
.form-group input,
.form-group textarea {
width: 100%;
padding: 8px 12px;
border: 1px solid #ddd;
border-radius: var(--border-radius);
font-size: 14px;
transition: var(--transition);
}
.form-group input:focus,
.form-group textarea:focus {
outline: none;
border-color: var(--primary-color);
box-shadow: 0 0 0 2px rgba(44, 90, 160, 0.1);
}
.form-group input.valid {
border-color: var(--success-color);
}
.form-group input.invalid {
border-color: var(--danger-color);
}
.form-group input[readonly] {
background-color: #f5f5f5;
cursor: not-allowed;
}
.form-group select {
width: 100%;
padding: 8px 12px;
border: 1px solid #ddd;
border-radius: var(--border-radius);
font-size: 14px;
transition: var(--transition);
background-color: white;
cursor: pointer;
}
.form-group select:focus {
outline: none;
border-color: var(--primary-color);
box-shadow: 0 0 0 2px rgba(44, 90, 160, 0.1);
}
.form-group input[type="checkbox"] {
width: auto;
margin-right: 8px;
cursor: pointer;
}
.form-group label input[type="checkbox"] {
vertical-align: middle;
}
.form-actions {
display: flex;
gap: 10px;
justify-content: flex-end;
margin-top: 20px;
padding-top: 20px;
border-top: 1px solid #e0e0e0;
}
/* Loading overlay */
.loading-overlay {
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-color: rgba(255,255,255,0.9);
display: flex;
flex-direction: column;
align-items: center;
justify-content: center;
z-index: 4000;
}
.loading-overlay.hidden {
display: none;
}
.spinner {
width: 50px;
height: 50px;
border: 3px solid var(--light-color);
border-top-color: var(--primary-color);
border-radius: 50%;
animation: spin 1s linear infinite;
}
@keyframes spin {
to { transform: rotate(360deg); }
}
.loading-overlay p {
margin-top: 20px;
color: var(--dark-color);
font-size: 16px;
}
/* Leaflet customizations */
.leaflet-popup-content-wrapper {
border-radius: var(--border-radius);
box-shadow: 0 3px 10px rgba(0,0,0,0.2);
}
.leaflet-popup-content {
margin: 13px 19px;
line-height: 1.5;
}
.popup-content h3 {
margin: 0 0 10px 0;
color: var(--dark-color);
font-size: 16px;
}
.popup-content p {
margin: 5px 0;
color: #666;
font-size: 14px;
}
.popup-content .popup-meta {
font-size: 12px;
color: #999;
margin-top: 10px;
padding-top: 10px;
border-top: 1px solid #eee;
}
/* Responsive design */
@media (max-width: 768px) {
.header h1 {
font-size: 20px;
}
.map-controls {
top: 10px;
right: 10px;
}
.btn {
padding: 8px 12px;
font-size: 13px;
}
/* Hide button text on mobile, show only icons */
.btn span.btn-text {
display: none;
}
/* Hide user info on mobile to save space */
.user-info {
display: none;
}
.btn {
padding: 10px;
min-width: 40px;
min-height: 40px;
justify-content: center;
}
.modal-content {
width: 95%;
margin: 10px;
}
.form-row {
grid-template-columns: 1fr;
}
}
/* Add text spans for desktop that can be hidden on mobile */
@media (min-width: 769px) {
.btn span.btn-icon {
margin-right: 5px;
}
}
/* Fullscreen styles */
.fullscreen #map-container {
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
z-index: 5000;
}
.fullscreen .header {
display: none;
}
/* Print styles */
@media print {
.header,
.map-controls,
.status-container,
.modal {
display: none !important;
}
#map-container {
height: 100vh;
}
}

276
map/app/public/index.html Normal file
View File

@ -0,0 +1,276 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="Interactive map viewer for NocoDB location data">
<title>NocoDB Map Viewer</title>
<!-- Leaflet CSS -->
<link rel="stylesheet" href="https://unpkg.com/leaflet@1.9.4/dist/leaflet.css"
integrity="sha256-p4NxAoJBhIIN+hmNHrzRCf9tD/miZyoHS5obTRR9BMY="
crossorigin="" />
<!-- Custom CSS -->
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div id="app">
<!-- Header -->
<header class="header">
<h1>Location Map Viewer</h1>
<div class="header-actions">
<button id="refresh-btn" class="btn btn-secondary" title="Refresh locations">
🔄 Refresh
</button>
<span id="location-count" class="location-count">Loading...</span>
</div>
</header>
<!-- Map Container -->
<div id="map-container">
<div id="map"></div>
<!-- Map Controls -->
<div class="map-controls">
<button id="geolocate-btn" class="btn btn-primary" title="Find my location">
<span class="btn-icon">📍</span><span class="btn-text">My Location</span>
</button>
<button id="add-location-btn" class="btn btn-success" title="Add location at map center">
<span class="btn-icon"></span><span class="btn-text">Add Location Here</span>
</button>
<button id="fullscreen-btn" class="btn btn-secondary" title="Toggle fullscreen">
<span class="btn-icon"></span><span class="btn-text">Fullscreen</span>
</button>
</div>
<!-- Crosshair for adding locations -->
<div id="crosshair" class="crosshair hidden">
<div class="crosshair-x"></div>
<div class="crosshair-y"></div>
<div class="crosshair-info">Click "Add Location Here" to save this point</div>
</div>
</div>
<!-- Status Messages -->
<div id="status-container" class="status-container"></div>
<!-- Edit Location Footer Form -->
<div id="edit-footer" class="edit-footer hidden">
<div class="edit-footer-content">
<div class="edit-footer-header">
<h2>Edit Location</h2>
<button class="btn btn-secondary btn-sm" id="close-edit-footer-btn">✕ Close</button>
</div>
<form id="edit-location-form">
<input type="hidden" id="edit-location-id" name="id">
<div class="form-row">
<div class="form-group">
<label for="edit-first-name">First Name</label>
<input type="text" id="edit-first-name" name="First Name">
</div>
<div class="form-group">
<label for="edit-last-name">Last Name</label>
<input type="text" id="edit-last-name" name="Last Name">
</div>
</div>
<div class="form-group">
<label for="edit-location-email">Email</label>
<input type="email" id="edit-location-email" name="Email">
</div>
<div class="form-row">
<div class="form-group">
<label for="edit-location-unit">Unit Number</label>
<input type="text" id="edit-location-unit" name="Unit Number">
</div>
<div class="form-group">
<label for="edit-support-level">Support Level</label>
<select id="edit-support-level" name="Support Level">
<option value="">-- Select --</option>
<option value="1">1 - Strong Support (Green)</option>
<option value="2">2 - Moderate Support (Yellow)</option>
<option value="3">3 - Low Support (Orange)</option>
<option value="4">4 - No Support (Red)</option>
</select>
</div>
</div>
<div class="form-group">
<label for="edit-location-address">Address</label>
<div style="display: flex; gap: 10px;">
<input type="text" id="edit-location-address" name="Address" style="flex: 1;">
<button type="button" class="btn btn-secondary btn-sm" id="lookup-address-edit-btn">
🔍 Lookup
</button>
</div>
</div>
<div class="form-row">
<div class="form-group">
<label>
<input type="checkbox" id="edit-sign" name="Sign" value="true">
Has Campaign Sign
</label>
</div>
<div class="form-group">
<label for="edit-sign-size">Sign Size</label>
<select id="edit-sign-size" name="Sign Size">
<option value="">-- Select --</option>
<option value="Small">Small</option>
<option value="Medium">Medium</option>
<option value="Large">Large</option>
</select>
</div>
</div>
<div class="form-row">
<div class="form-group">
<label for="edit-location-lat">Latitude</label>
<input type="number" id="edit-location-lat" name="latitude" step="0.00000001">
</div>
<div class="form-group">
<label for="edit-location-lng">Longitude</label>
<input type="number" id="edit-location-lng" name="longitude" step="0.00000001">
</div>
</div>
<div class="form-group">
<label for="edit-geo-location">Geo-Location</label>
<input type="text" id="edit-geo-location" name="Geo-Location"
placeholder="e.g., 53.5461;-113.4938">
</div>
<div class="form-actions">
<button type="button" class="btn btn-danger" id="delete-location-btn">Delete</button>
<button type="submit" class="btn btn-primary">Save Changes</button>
</div>
</form>
</div>
</div>
<!-- Add Location Modal -->
<div id="add-modal" class="modal hidden">
<div class="modal-content">
<div class="modal-header">
<h2>Add New Location</h2>
<button class="modal-close" id="close-modal-btn">&times;</button>
</div>
<div class="modal-body">
<form id="location-form">
<div class="form-row">
<div class="form-group">
<label for="first-name">First Name</label>
<input type="text" id="first-name" name="First Name"
placeholder="Enter first name">
</div>
<div class="form-group">
<label for="last-name">Last Name</label>
<input type="text" id="last-name" name="Last Name"
placeholder="Enter last name">
</div>
</div>
<div class="form-group">
<label for="location-email">Email</label>
<input type="email" id="location-email" name="Email"
placeholder="Enter email address">
</div>
<div class="form-row">
<div class="form-group">
<label for="location-unit">Unit Number</label>
<input type="text" id="location-unit" name="Unit Number"
placeholder="Enter unit number">
</div>
<div class="form-group">
<label for="support-level">Support Level</label>
<select id="support-level" name="Support Level">
<option value="">-- Select --</option>
<option value="1">1 - Strong Support (Green)</option>
<option value="2">2 - Moderate Support (Yellow)</option>
<option value="3">3 - Low Support (Orange)</option>
<option value="4">4 - No Support (Red)</option>
</select>
</div>
</div>
<div class="form-group">
<label for="location-address">Address</label>
<div style="display: flex; gap: 10px;">
<input type="text" id="location-address" name="Address"
placeholder="Enter address" style="flex: 1;">
<button type="button" class="btn btn-secondary btn-sm" id="lookup-address-add-btn">
🔍 Lookup
</button>
</div>
</div>
<div class="form-row">
<div class="form-group">
<label>
<input type="checkbox" id="sign" name="Sign" value="true">
Has Campaign Sign
</label>
</div>
<div class="form-group">
<label for="sign-size">Sign Size</label>
<select id="sign-size" name="Sign Size">
<option value="">-- Select --</option>
<option value="Small">Small</option>
<option value="Medium">Medium</option>
<option value="Large">Large</option>
</select>
</div>
</div>
<div class="form-row">
<div class="form-group">
<label for="location-lat">Latitude</label>
<input type="number" id="location-lat" name="latitude"
step="0.00000001" readonly>
</div>
<div class="form-group">
<label for="location-lng">Longitude</label>
<input type="number" id="location-lng" name="longitude"
step="0.00000001" readonly>
</div>
</div>
<div class="form-group">
<label for="geo-location">Geo-Location</label>
<input type="text" id="geo-location" name="Geo-Location"
placeholder="e.g., 53.5461;-113.4938"
title="Enter as 'latitude;longitude' or 'latitude, longitude'">
</div>
<div class="form-actions">
<button type="button" class="btn btn-secondary" id="cancel-modal-btn">
Cancel
</button>
<button type="submit" class="btn btn-primary">
Save Location
</button>
</div>
</form>
</div>
</div>
</div>
<!-- Loading Overlay -->
<div id="loading" class="loading-overlay">
<div class="spinner"></div>
<p>Loading map...</p>
</div>
</div>
<!-- Leaflet JS -->
<script src="https://unpkg.com/leaflet@1.9.4/dist/leaflet.js"
integrity="sha256-20nQCchB9co0qIjJZRGuk2/Z9VM+kNiyxNV1lvTlZBo="
crossorigin=""></script>
<!-- Application JavaScript -->
<script src="js/map.js"></script>
</body>
</html>

1051
map/app/public/js/map.js Normal file
View File

File diff suppressed because it is too large Load Diff

254
map/app/public/login.html Normal file
View File

@ -0,0 +1,254 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="Login to NocoDB Map Viewer">
<title>Login - NocoDB Map Viewer</title>
<!-- Custom CSS -->
<link rel="stylesheet" href="css/style.css">
<style>
.login-container {
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
background-color: var(--light-color);
padding: 20px;
}
.login-card {
background-color: white;
border-radius: 8px;
box-shadow: 0 4px 20px rgba(0,0,0,0.1);
padding: 40px;
width: 100%;
max-width: 400px;
}
.login-header {
text-align: center;
margin-bottom: 30px;
}
.login-header h1 {
color: var(--dark-color);
font-size: 28px;
margin-bottom: 10px;
}
.login-header p {
color: var(--secondary-color);
font-size: 16px;
}
.login-form {
margin-top: 30px;
}
.form-group {
margin-bottom: 20px;
}
.form-group label {
display: block;
margin-bottom: 8px;
font-weight: 500;
color: var(--dark-color);
}
.form-group input {
width: 100%;
padding: 12px 16px;
border: 1px solid #ddd;
border-radius: var(--border-radius);
font-size: 16px;
transition: var(--transition);
}
.form-group input:focus {
outline: none;
border-color: var(--primary-color);
box-shadow: 0 0 0 3px rgba(44, 90, 160, 0.1);
}
.login-button {
width: 100%;
padding: 12px 16px;
background-color: var(--primary-color);
color: white;
border: none;
border-radius: var(--border-radius);
font-size: 16px;
font-weight: 500;
cursor: pointer;
transition: var(--transition);
}
.login-button:hover {
background-color: #2471a3;
transform: translateY(-1px);
box-shadow: 0 4px 8px rgba(0,0,0,0.15);
}
.login-button:active {
transform: translateY(0);
}
.login-button:disabled {
background-color: var(--secondary-color);
cursor: not-allowed;
transform: none;
}
.error-message {
background-color: #fee;
color: var(--danger-color);
padding: 12px;
border-radius: var(--border-radius);
margin-bottom: 20px;
font-size: 14px;
display: none;
}
.error-message.show {
display: block;
}
.success-message {
background-color: #efe;
color: var(--success-color);
padding: 12px;
border-radius: var(--border-radius);
margin-bottom: 20px;
font-size: 14px;
display: none;
}
.success-message.show {
display: block;
}
.login-footer {
margin-top: 30px;
text-align: center;
color: var(--secondary-color);
font-size: 14px;
}
</style>
</head>
<body>
<div class="login-container">
<div class="login-card">
<div class="login-header">
<h1>Location Map Viewer</h1>
<p>Please sign in to continue</p>
</div>
<div id="error-message" class="error-message"></div>
<div id="success-message" class="success-message"></div>
<form id="login-form" class="login-form">
<div class="form-group">
<label for="email">Email Address</label>
<input
type="email"
id="email"
name="email"
placeholder="Enter your email address"
required
autocomplete="email"
autofocus
>
</div>
<button type="submit" class="login-button" id="login-button">
Sign In
</button>
</form>
<div class="login-footer">
<p>Access is restricted to authorized users only.</p>
</div>
</div>
</div>
<script>
// Handle login form submission
document.getElementById('login-form').addEventListener('submit', async (e) => {
e.preventDefault();
const email = document.getElementById('email').value;
const button = document.getElementById('login-button');
const errorMessage = document.getElementById('error-message');
const successMessage = document.getElementById('success-message');
// Clear previous messages
errorMessage.classList.remove('show');
successMessage.classList.remove('show');
// Disable button and show loading state
button.disabled = true;
button.textContent = 'Signing in...';
try {
const response = await fetch('/api/auth/login', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({ email }),
credentials: 'include'
});
// Get response text first
const responseText = await response.text();
let data;
try {
// Try to parse as JSON
data = JSON.parse(responseText);
} catch (parseError) {
// If not JSON, handle as text
console.error('Response is not JSON:', responseText);
if (response.status === 429) {
throw new Error('Too many login attempts. Please try again in a few minutes.');
} else {
throw new Error(responseText || `Server error (${response.status})`);
}
}
if (response.ok && data.success) {
console.log('Login successful, redirecting...');
successMessage.textContent = 'Login successful! Redirecting...';
successMessage.classList.add('show');
setTimeout(() => {
window.location.replace('/');
}, 500);
} else {
throw new Error(data.error || 'Login failed');
}
} catch (error) {
console.error('Login error:', error);
errorMessage.textContent = error.message;
errorMessage.classList.add('show');
button.disabled = false;
button.textContent = 'Sign In';
}
});
// Check if already logged in
fetch('/api/auth/check')
.then(response => response.json())
.then(data => {
if (data.authenticated) {
window.location.href = '/';
}
})
.catch(console.error);
</script>
</body>
</html>

113
map/app/routes/geocoding.js Normal file
View File

@ -0,0 +1,113 @@
const express = require('express');
const router = express.Router();
const rateLimit = require('express-rate-limit');
const { reverseGeocode, forwardGeocode, getCacheStats } = require('../services/geocoding');
// Rate limiter specifically for geocoding endpoints
const geocodeLimiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 30, // limit each IP to 30 requests per windowMs
message: 'Too many geocoding requests, please try again later.'
});
/**
* Reverse geocode endpoint
* GET /api/geocode/reverse?lat=<latitude>&lng=<longitude>
*/
router.get('/reverse', geocodeLimiter, async (req, res) => {
try {
const { lat, lng } = req.query;
// Validate input
if (!lat || !lng) {
return res.status(400).json({
success: false,
error: 'Latitude and longitude are required'
});
}
const latitude = parseFloat(lat);
const longitude = parseFloat(lng);
if (isNaN(latitude) || isNaN(longitude)) {
return res.status(400).json({
success: false,
error: 'Invalid latitude or longitude'
});
}
if (latitude < -90 || latitude > 90 || longitude < -180 || longitude > 180) {
return res.status(400).json({
success: false,
error: 'Coordinates out of range'
});
}
// Perform reverse geocoding
const result = await reverseGeocode(latitude, longitude);
res.json({
success: true,
data: result
});
} catch (error) {
console.error('Reverse geocoding error:', error);
const statusCode = error.message.includes('Rate limit') ? 429 : 500;
res.status(statusCode).json({
success: false,
error: error.message
});
}
});
/**
* Forward geocode endpoint
* GET /api/geocode/forward?address=<address>
*/
router.get('/forward', geocodeLimiter, async (req, res) => {
try {
const { address } = req.query;
// Validate input
if (!address || address.trim().length === 0) {
return res.status(400).json({
success: false,
error: 'Address is required'
});
}
// Perform forward geocoding
const result = await forwardGeocode(address);
res.json({
success: true,
data: result
});
} catch (error) {
console.error('Forward geocoding error:', error);
const statusCode = error.message.includes('Rate limit') ? 429 : 500;
res.status(statusCode).json({
success: false,
error: error.message
});
}
});
/**
* Get geocoding cache statistics (admin endpoint)
* GET /api/geocode/cache/stats
*/
router.get('/cache/stats', (req, res) => {
res.json({
success: true,
data: getCacheStats()
});
});
module.exports = router;

801
map/app/server.js Normal file
View File

@ -0,0 +1,801 @@
const express = require('express');
const axios = require('axios');
const cors = require('cors');
const helmet = require('helmet');
const rateLimit = require('express-rate-limit');
const winston = require('winston');
const path = require('path');
const session = require('express-session');
const cookieParser = require('cookie-parser');
require('dotenv').config();
// Import geocoding routes
const geocodingRoutes = require('./routes/geocoding');
// Parse project and table IDs from view URL
function parseNocoDBUrl(url) {
if (!url) return { projectId: null, tableId: null };
// Pattern to match NocoDB URLs
const patterns = [
/#\/nc\/([^\/]+)\/([^\/\?#]+)/, // matches #/nc/PROJECT_ID/TABLE_ID (dashboard URLs)
/\/nc\/([^\/]+)\/([^\/\?#]+)/, // matches /nc/PROJECT_ID/TABLE_ID
/project\/([^\/]+)\/table\/([^\/\?#]+)/, // alternative pattern
];
for (const pattern of patterns) {
const match = url.match(pattern);
if (match) {
return {
projectId: match[1],
tableId: match[2]
};
}
}
return { projectId: null, tableId: null };
}
// Add this helper function near the top of the file after the parseNocoDBUrl function
function syncGeoFields(data) {
// If we have latitude and longitude but no Geo-Location, create it
if (data.latitude && data.longitude && !data['Geo-Location']) {
const lat = parseFloat(data.latitude);
const lng = parseFloat(data.longitude);
if (!isNaN(lat) && !isNaN(lng)) {
data['Geo-Location'] = `${lat};${lng}`; // Use semicolon format for NocoDB GeoData
data.geodata = `${lat};${lng}`; // Also update geodata for compatibility
}
}
// If we have Geo-Location but no lat/lng, parse it
else if (data['Geo-Location'] && (!data.latitude || !data.longitude)) {
const geoLocation = data['Geo-Location'].toString();
// Try semicolon-separated first
let parts = geoLocation.split(';');
if (parts.length === 2) {
const lat = parseFloat(parts[0].trim());
const lng = parseFloat(parts[1].trim());
if (!isNaN(lat) && !isNaN(lng)) {
data.latitude = lat;
data.longitude = lng;
data.geodata = `${lat};${lng}`;
return data;
}
}
// Try comma-separated
parts = geoLocation.split(',');
if (parts.length === 2) {
const lat = parseFloat(parts[0].trim());
const lng = parseFloat(parts[1].trim());
if (!isNaN(lat) && !isNaN(lng)) {
data.latitude = lat;
data.longitude = lng;
data.geodata = `${lat};${lng}`;
// Normalize Geo-Location to semicolon format for NocoDB GeoData
data['Geo-Location'] = `${lat};${lng}`;
}
}
}
return data;
}
// Auto-parse IDs if view URL is provided
if (process.env.NOCODB_VIEW_URL && (!process.env.NOCODB_PROJECT_ID || !process.env.NOCODB_TABLE_ID)) {
const { projectId, tableId } = parseNocoDBUrl(process.env.NOCODB_VIEW_URL);
if (projectId && tableId) {
process.env.NOCODB_PROJECT_ID = projectId;
process.env.NOCODB_TABLE_ID = tableId;
console.log(`Auto-parsed from URL - Project ID: ${projectId}, Table ID: ${tableId}`);
}
}
// Auto-parse login sheet ID if URL is provided
let LOGIN_SHEET_ID = null;
if (process.env.NOCODB_LOGIN_SHEET) {
// Check if it's a URL or just an ID
if (process.env.NOCODB_LOGIN_SHEET.startsWith('http')) {
const { projectId, tableId } = parseNocoDBUrl(process.env.NOCODB_LOGIN_SHEET);
if (projectId && tableId) {
LOGIN_SHEET_ID = tableId;
console.log(`Auto-parsed login sheet ID from URL: ${LOGIN_SHEET_ID}`);
} else {
console.error('Could not parse login sheet URL');
}
} else {
// Assume it's already just the ID
LOGIN_SHEET_ID = process.env.NOCODB_LOGIN_SHEET;
console.log(`Using login sheet ID: ${LOGIN_SHEET_ID}`);
}
}
// Configure logger
const logger = winston.createLogger({
level: process.env.NODE_ENV === 'production' ? 'info' : 'debug',
format: winston.format.combine(
winston.format.timestamp(),
winston.format.json()
),
transports: [
new winston.transports.Console({
format: winston.format.simple()
})
]
});
// Initialize Express app
const app = express();
const PORT = process.env.PORT || 3000;
// Session configuration
app.use(cookieParser());
// Determine if we should use secure cookies based on environment and request
const isProduction = process.env.NODE_ENV === 'production';
// Cookie configuration function
const getCookieConfig = (req) => {
const host = req?.get('host') || '';
const isLocalhost = host.includes('localhost') || host.includes('127.0.0.1') || host.match(/^\d+\.\d+\.\d+\.\d+/);
const config = {
httpOnly: true,
maxAge: 24 * 60 * 60 * 1000, // 24 hours
sameSite: 'lax',
secure: false, // Default to false
domain: undefined // Default to no domain restriction
};
// Only set domain and secure for production non-localhost access
if (isProduction && !isLocalhost && process.env.COOKIE_DOMAIN) {
// Check if the request is coming from a subdomain of COOKIE_DOMAIN
const cookieDomain = process.env.COOKIE_DOMAIN.replace(/^\./, ''); // Remove leading dot
if (host.includes(cookieDomain)) {
config.domain = process.env.COOKIE_DOMAIN;
config.secure = true;
}
}
return config;
};
app.use(session({
secret: process.env.SESSION_SECRET || 'your-secret-key-change-in-production',
resave: false,
saveUninitialized: false,
cookie: getCookieConfig(),
name: 'nocodb-map-session',
genid: (req) => {
// Use a custom session ID generator to avoid conflicts
return require('crypto').randomBytes(16).toString('hex');
}
}));
// Security middleware
app.use(helmet({
contentSecurityPolicy: {
directives: {
defaultSrc: ["'self'"],
styleSrc: ["'self'", "'unsafe-inline'", "https://unpkg.com"],
scriptSrc: ["'self'", "'unsafe-inline'", "https://unpkg.com"],
imgSrc: ["'self'", "data:", "https://*.tile.openstreetmap.org"],
connectSrc: ["'self'"]
}
}
}));
// CORS configuration
app.use(cors({
origin: function(origin, callback) {
// Allow requests with no origin (like mobile apps or curl requests)
if (!origin) return callback(null, true);
const allowedOrigins = process.env.ALLOWED_ORIGINS?.split(',') || [];
if (allowedOrigins.includes(origin) || allowedOrigins.includes('*')) {
callback(null, true);
} else {
callback(new Error('Not allowed by CORS'));
}
},
credentials: true,
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
allowedHeaders: ['Content-Type', 'Authorization']
}));
// Trust proxy for Cloudflare
app.set('trust proxy', true);
// Rate limiting with Cloudflare support
const limiter = rateLimit({
windowMs: 15 * 60 * 1000,
max: 100,
keyGenerator: (req) => {
// Use CF-Connecting-IP header if available (Cloudflare)
return req.headers['cf-connecting-ip'] ||
req.headers['x-forwarded-for']?.split(',')[0] ||
req.ip;
},
standardHeaders: true,
legacyHeaders: false,
});
const strictLimiter = rateLimit({
windowMs: 15 * 60 * 1000,
max: 20,
keyGenerator: (req) => {
return req.headers['cf-connecting-ip'] ||
req.headers['x-forwarded-for']?.split(',')[0] ||
req.ip;
}
});
const authLimiter = rateLimit({
windowMs: 15 * 60 * 1000,
max: process.env.NODE_ENV === 'production' ? 10 : 50, // Increase limit slightly
message: 'Too many login attempts, please try again later.',
keyGenerator: (req) => {
return req.headers['cf-connecting-ip'] ||
req.headers['x-forwarded-for']?.split(',')[0] ||
req.ip;
},
standardHeaders: true,
legacyHeaders: false,
});
// Middleware
app.use(express.json({ limit: '10mb' }));
// Authentication middleware
const requireAuth = (req, res, next) => {
if (req.session && req.session.authenticated) {
next();
} else {
if (req.xhr || req.headers.accept?.indexOf('json') > -1) {
res.status(401).json({ success: false, error: 'Authentication required' });
} else {
res.redirect('/login.html');
}
}
};
// Serve login page without authentication
app.get('/login.html', (req, res) => {
res.sendFile(path.join(__dirname, 'public', 'login.html'));
});
// Auth routes (no authentication required)
app.post('/api/auth/login', authLimiter, async (req, res) => {
try {
// Log request details for debugging
logger.info('Login attempt:', {
email: req.body.email,
ip: req.ip,
cfIp: req.headers['cf-connecting-ip'],
forwardedFor: req.headers['x-forwarded-for'],
userAgent: req.headers['user-agent']
});
const { email } = req.body;
if (!email) {
return res.status(400).json({
success: false,
error: 'Email is required'
});
}
// Validate email format
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
if (!emailRegex.test(email)) {
return res.status(400).json({
success: false,
error: 'Invalid email format'
});
}
// Check if login sheet is configured
if (!LOGIN_SHEET_ID) {
logger.error('NOCODB_LOGIN_SHEET not configured or could not be parsed');
return res.status(500).json({
success: false,
error: 'Authentication system not properly configured'
});
}
// Fetch authorized emails from NocoDB
const url = `${process.env.NOCODB_API_URL}/db/data/v1/${process.env.NOCODB_PROJECT_ID}/${LOGIN_SHEET_ID}`;
logger.info(`Checking authentication for email: ${email}`);
logger.debug(`Using login sheet API: ${url}`);
const response = await axios.get(url, {
headers: {
'xc-token': process.env.NOCODB_API_TOKEN,
'Content-Type': 'application/json'
},
params: {
limit: 1000 // Adjust if you have more authorized users
}
});
const users = response.data.list || [];
// Check if email exists in the authorized users list
const authorizedUser = users.find(user =>
user.Email && user.Email.toLowerCase() === email.toLowerCase()
);
if (authorizedUser) {
// Set session
req.session.authenticated = true;
req.session.userEmail = email;
req.session.userName = authorizedUser.Name || email;
// Force session save before sending response
req.session.save((err) => {
if (err) {
logger.error('Session save error:', err);
return res.status(500).json({
success: false,
error: 'Session error. Please try again.'
});
}
logger.info(`User authenticated: ${email}`);
res.json({
success: true,
message: 'Login successful',
user: {
email: email,
name: req.session.userName
}
});
});
} else {
logger.warn(`Authentication failed for email: ${email}`);
res.status(401).json({
success: false,
error: 'Email not authorized. Please contact an administrator.'
});
}
} catch (error) {
logger.error('Login error:', error.message);
res.status(500).json({
success: false,
error: 'Authentication service error. Please try again later.'
});
}
});
app.get('/api/auth/check', (req, res) => {
res.json({
authenticated: req.session?.authenticated || false,
user: req.session?.authenticated ? {
email: req.session.userEmail,
name: req.session.userName
} : null
});
});
app.post('/api/auth/logout', (req, res) => {
req.session.destroy((err) => {
if (err) {
logger.error('Logout error:', err);
return res.status(500).json({
success: false,
error: 'Logout failed'
});
}
res.json({
success: true,
message: 'Logged out successfully'
});
});
});
// Add this after the /api/auth/check route
app.get('/api/debug/session', (req, res) => {
res.json({
sessionID: req.sessionID,
session: req.session,
cookies: req.cookies,
authenticated: req.session?.authenticated || false
});
});
// Serve static files with authentication for main app
app.use(express.static(path.join(__dirname, 'public'), {
index: false // Don't serve index.html automatically
}));
// Protect main app routes
app.get('/', requireAuth, (req, res) => {
res.sendFile(path.join(__dirname, 'public', 'index.html'));
});
// Add geocoding routes (protected)
app.use('/api/geocode', requireAuth, geocodingRoutes);
// Apply rate limiting to API routes
app.use('/api/', limiter);
// Health check endpoint (no auth required)
app.get('/health', (req, res) => {
res.json({
status: 'healthy',
timestamp: new Date().toISOString(),
version: process.env.npm_package_version || '1.0.0'
});
});
// Configuration validation endpoint (protected)
app.get('/api/config-check', requireAuth, (req, res) => {
const config = {
hasApiUrl: !!process.env.NOCODB_API_URL,
hasApiToken: !!process.env.NOCODB_API_TOKEN,
hasProjectId: !!process.env.NOCODB_PROJECT_ID,
hasTableId: !!process.env.NOCODB_TABLE_ID,
hasLoginSheet: !!LOGIN_SHEET_ID,
projectId: process.env.NOCODB_PROJECT_ID,
tableId: process.env.NOCODB_TABLE_ID,
loginSheet: LOGIN_SHEET_ID,
loginSheetConfigured: process.env.NOCODB_LOGIN_SHEET,
nodeEnv: process.env.NODE_ENV
};
const isConfigured = config.hasApiUrl && config.hasApiToken && config.hasProjectId && config.hasTableId;
res.json({
configured: isConfigured,
...config
});
});
// All other API routes require authentication
app.use('/api/*', requireAuth);
// Get all locations from NocoDB
app.get('/api/locations', async (req, res) => {
try {
const { limit = 1000, offset = 0, where } = req.query;
const url = `${process.env.NOCODB_API_URL}/db/data/v1/${process.env.NOCODB_PROJECT_ID}/${process.env.NOCODB_TABLE_ID}`;
const params = new URLSearchParams({
limit,
offset
});
if (where) {
params.append('where', where);
}
logger.info(`Fetching locations from NocoDB: ${url}`);
const response = await axios.get(`${url}?${params}`, {
headers: {
'xc-token': process.env.NOCODB_API_TOKEN,
'Content-Type': 'application/json'
},
timeout: 10000 // 10 second timeout
});
// Process locations to ensure they have required fields
const locations = response.data.list || [];
const validLocations = locations.filter(loc => {
// Apply geo field synchronization to each location
loc = syncGeoFields(loc);
// Check if location has valid coordinates
if (loc.latitude && loc.longitude) {
return true;
}
// Try to parse from geodata column (semicolon-separated)
if (loc.geodata && typeof loc.geodata === 'string') {
const parts = loc.geodata.split(';');
if (parts.length === 2) {
loc.latitude = parseFloat(parts[0]);
loc.longitude = parseFloat(parts[1]);
return !isNaN(loc.latitude) && !isNaN(loc.longitude);
}
}
// Try to parse from Geo-Location column (semicolon-separated first, then comma)
if (loc['Geo-Location'] && typeof loc['Geo-Location'] === 'string') {
// Try semicolon first (as we see in the data)
let parts = loc['Geo-Location'].split(';');
if (parts.length === 2) {
loc.latitude = parseFloat(parts[0].trim());
loc.longitude = parseFloat(parts[1].trim());
if (!isNaN(loc.latitude) && !isNaN(loc.longitude)) {
return true;
}
}
// Fallback to comma-separated
parts = loc['Geo-Location'].split(',');
if (parts.length === 2) {
loc.latitude = parseFloat(parts[0].trim());
loc.longitude = parseFloat(parts[1].trim());
return !isNaN(loc.latitude) && !isNaN(loc.longitude);
}
}
return false;
});
logger.info(`Retrieved ${validLocations.length} valid locations out of ${locations.length} total`);
res.json({
success: true,
count: validLocations.length,
total: response.data.pageInfo?.totalRows || validLocations.length,
locations: validLocations
});
} catch (error) {
logger.error('Error fetching locations:', error.message);
if (error.response) {
// NocoDB API error
res.status(error.response.status).json({
success: false,
error: 'Failed to fetch data from NocoDB',
details: error.response.data
});
} else if (error.code === 'ECONNABORTED') {
// Timeout
res.status(504).json({
success: false,
error: 'Request timeout'
});
} else {
// Other errors
res.status(500).json({
success: false,
error: 'Internal server error'
});
}
}
});
// Get single location by ID
app.get('/api/locations/:id', async (req, res) => {
try {
const url = `${process.env.NOCODB_API_URL}/db/data/v1/${process.env.NOCODB_PROJECT_ID}/${process.env.NOCODB_TABLE_ID}/${req.params.id}`;
const response = await axios.get(url, {
headers: {
'xc-token': process.env.NOCODB_API_TOKEN
}
});
res.json({
success: true,
location: response.data
});
} catch (error) {
logger.error(`Error fetching location ${req.params.id}:`, error.message);
res.status(error.response?.status || 500).json({
success: false,
error: 'Failed to fetch location'
});
}
});
// Create new location
app.post('/api/locations', strictLimiter, async (req, res) => {
try {
let locationData = { ...req.body };
// Sync geo fields before validation
locationData = syncGeoFields(locationData);
const { latitude, longitude, ...additionalData } = locationData;
// Validate coordinates
if (!latitude || !longitude) {
return res.status(400).json({
success: false,
error: 'Latitude and longitude are required'
});
}
const lat = parseFloat(latitude);
const lng = parseFloat(longitude);
if (isNaN(lat) || isNaN(lng)) {
return res.status(400).json({
success: false,
error: 'Invalid coordinate values'
});
}
if (lat < -90 || lat > 90) {
return res.status(400).json({
success: false,
error: 'Latitude must be between -90 and 90'
});
}
if (lng < -180 || lng > 180) {
return res.status(400).json({
success: false,
error: 'Longitude must be between -180 and 180'
});
}
// Check bounds if configured
if (process.env.BOUND_NORTH) {
const bounds = {
north: parseFloat(process.env.BOUND_NORTH),
south: parseFloat(process.env.BOUND_SOUTH),
east: parseFloat(process.env.BOUND_EAST),
west: parseFloat(process.env.BOUND_WEST)
};
if (lat > bounds.north || lat < bounds.south ||
lng > bounds.east || lng < bounds.west) {
return res.status(400).json({
success: false,
error: 'Location is outside allowed bounds'
});
}
}
// Format geodata in both formats for compatibility
const geodata = `${lat};${lng}`;
const geoLocation = `${lat};${lng}`; // Use semicolon format for NocoDB GeoData column
// Prepare data for NocoDB
const finalData = {
geodata,
'Geo-Location': geoLocation,
latitude: lat,
longitude: lng,
...additionalData,
created_at: new Date().toISOString(),
created_by: req.session.userEmail // Track who created the location
};
const url = `${process.env.NOCODB_API_URL}/db/data/v1/${process.env.NOCODB_PROJECT_ID}/${process.env.NOCODB_TABLE_ID}`;
logger.info('Creating new location:', { lat, lng });
const response = await axios.post(url, finalData, {
headers: {
'xc-token': process.env.NOCODB_API_TOKEN,
'Content-Type': 'application/json'
}
});
logger.info('Location created successfully:', response.data.id);
res.status(201).json({
success: true,
location: response.data
});
} catch (error) {
logger.error('Error creating location:', error.message);
if (error.response) {
res.status(error.response.status).json({
success: false,
error: 'Failed to save location to NocoDB',
details: error.response.data
});
} else {
res.status(500).json({
success: false,
error: 'Internal server error'
});
}
}
});
// Update location
app.put('/api/locations/:id', strictLimiter, async (req, res) => {
try {
let updateData = { ...req.body };
// Sync geo fields
updateData = syncGeoFields(updateData);
updateData.updated_at = new Date().toISOString();
updateData.updated_by = req.session.userEmail; // Track who updated
const url = `${process.env.NOCODB_API_URL}/db/data/v1/${process.env.NOCODB_PROJECT_ID}/${process.env.NOCODB_TABLE_ID}/${req.params.id}`;
const response = await axios.patch(url, updateData, {
headers: {
'xc-token': process.env.NOCODB_API_TOKEN,
'Content-Type': 'application/json'
}
});
res.json({
success: true,
location: response.data
});
} catch (error) {
logger.error(`Error updating location ${req.params.id}:`, error.message);
res.status(error.response?.status || 500).json({
success: false,
error: 'Failed to update location'
});
}
});
// Delete location
app.delete('/api/locations/:id', strictLimiter, async (req, res) => {
try {
const url = `${process.env.NOCODB_API_URL}/db/data/v1/${process.env.NOCODB_PROJECT_ID}/${process.env.NOCODB_TABLE_ID}/${req.params.id}`;
await axios.delete(url, {
headers: {
'xc-token': process.env.NOCODB_API_TOKEN
}
});
logger.info(`Location ${req.params.id} deleted by ${req.session.userEmail}`);
res.json({
success: true,
message: 'Location deleted successfully'
});
} catch (error) {
logger.error(`Error deleting location ${req.params.id}:`, error.message);
res.status(error.response?.status || 500).json({
success: false,
error: 'Failed to delete location'
});
}
});
// Error handling middleware
app.use((err, req, res, next) => {
logger.error('Unhandled error:', err);
res.status(500).json({
success: false,
error: 'Internal server error'
});
});
// Start server
app.listen(PORT, () => {
logger.info(`
NocoDB Map Viewer Server
Status: Running
Port: ${PORT}
Environment: ${process.env.NODE_ENV || 'development'}
Project ID: ${process.env.NOCODB_PROJECT_ID}
Table ID: ${process.env.NOCODB_TABLE_ID}
Login Sheet: ${LOGIN_SHEET_ID || 'Not Configured'}
Time: ${new Date().toISOString()}
`);
});
// Graceful shutdown
process.on('SIGTERM', () => {
logger.info('SIGTERM signal received: closing HTTP server');
app.close(() => {
logger.info('HTTP server closed');
process.exit(0);
});
});

231
map/app/services/geocoding.js Normal file
View File

@ -0,0 +1,231 @@
const axios = require('axios');
const winston = require('winston');
// Configure logger
const logger = winston.createLogger({
level: process.env.NODE_ENV === 'production' ? 'info' : 'debug',
format: winston.format.combine(
winston.format.timestamp(),
winston.format.json()
),
transports: [
new winston.transports.Console({
format: winston.format.simple()
})
]
});
// Cache for geocoding results (simple in-memory cache)
const geocodeCache = new Map();
const CACHE_TTL = 24 * 60 * 60 * 1000; // 24 hours
// Clean up old cache entries periodically
setInterval(() => {
const now = Date.now();
for (const [key, value] of geocodeCache.entries()) {
if (now - value.timestamp > CACHE_TTL) {
geocodeCache.delete(key);
}
}
}, 60 * 60 * 1000); // Run every hour
/**
* Reverse geocode coordinates to get address
* @param {number} lat - Latitude
* @param {number} lng - Longitude
* @returns {Promise<Object>} Geocoding result
*/
async function reverseGeocode(lat, lng) {
// Create cache key
const cacheKey = `${lat.toFixed(6)},${lng.toFixed(6)}`;
// Check cache first
const cached = geocodeCache.get(cacheKey);
if (cached && Date.now() - cached.timestamp < CACHE_TTL) {
logger.debug(`Geocoding cache hit for ${cacheKey}`);
return cached.data;
}
try {
// Add delay to respect Nominatim rate limits (max 1 request per second)
await new Promise(resolve => setTimeout(resolve, 1000));
logger.info(`Reverse geocoding: ${lat}, ${lng}`);
const response = await axios.get('https://nominatim.openstreetmap.org/reverse', {
params: {
format: 'json',
lat: lat,
lon: lng,
zoom: 18,
addressdetails: 1,
'accept-language': 'en'
},
headers: {
'User-Agent': 'NocoDB Map Viewer 1.0 (https://github.com/yourusername/nocodb-map-viewer)'
},
timeout: 10000
});
if (response.data.error) {
throw new Error(response.data.error);
}
// Process the response
const result = processGeocodeResponse(response.data);
// Cache the result
geocodeCache.set(cacheKey, {
data: result,
timestamp: Date.now()
});
return result;
} catch (error) {
logger.error('Reverse geocoding error:', error.message);
if (error.response?.status === 429) {
throw new Error('Rate limit exceeded. Please try again later.');
} else if (error.code === 'ECONNABORTED') {
throw new Error('Geocoding service timeout');
} else {
throw new Error('Geocoding service unavailable');
}
}
}
/**
* Forward geocode address to get coordinates
* @param {string} address - Address to geocode
* @returns {Promise<Object>} Geocoding result
*/
async function forwardGeocode(address) {
// Create cache key
const cacheKey = `addr:${address.toLowerCase()}`;
// Check cache first
const cached = geocodeCache.get(cacheKey);
if (cached && Date.now() - cached.timestamp < CACHE_TTL) {
logger.debug(`Geocoding cache hit for ${cacheKey}`);
return cached.data;
}
try {
// Add delay to respect rate limits
await new Promise(resolve => setTimeout(resolve, 1000));
logger.info(`Forward geocoding: ${address}`);
const response = await axios.get('https://nominatim.openstreetmap.org/search', {
params: {
format: 'json',
q: address,
limit: 1,
addressdetails: 1,
'accept-language': 'en'
},
headers: {
'User-Agent': 'NocoDB Map Viewer 1.0 (https://github.com/yourusername/nocodb-map-viewer)'
},
timeout: 10000
});
if (!response.data || response.data.length === 0) {
throw new Error('No results found');
}
// Process the first result
const result = processGeocodeResponse(response.data[0]);
// Cache the result
geocodeCache.set(cacheKey, {
data: result,
timestamp: Date.now()
});
return result;
} catch (error) {
logger.error('Forward geocoding error:', error.message);
if (error.response?.status === 429) {
throw new Error('Rate limit exceeded. Please try again later.');
} else if (error.code === 'ECONNABORTED') {
throw new Error('Geocoding service timeout');
} else {
throw new Error('Geocoding service unavailable');
}
}
}
/**
* Process geocoding response into standardized format
* @param {Object} data - Raw geocoding response
* @returns {Object} Processed geocoding data
*/
function processGeocodeResponse(data) {
// Extract address components
const addressComponents = {
house_number: data.address?.house_number || '',
road: data.address?.road || '',
suburb: data.address?.suburb || data.address?.neighbourhood || '',
city: data.address?.city || data.address?.town || data.address?.village || '',
state: data.address?.state || data.address?.province || '',
postcode: data.address?.postcode || '',
country: data.address?.country || ''
};
// Create formatted address string
let formattedAddress = '';
if (addressComponents.house_number) formattedAddress += addressComponents.house_number + ' ';
if (addressComponents.road) formattedAddress += addressComponents.road + ', ';
if (addressComponents.suburb) formattedAddress += addressComponents.suburb + ', ';
if (addressComponents.city) formattedAddress += addressComponents.city + ', ';
if (addressComponents.state) formattedAddress += addressComponents.state + ' ';
if (addressComponents.postcode) formattedAddress += addressComponents.postcode;
// Clean up formatting
formattedAddress = formattedAddress.trim().replace(/,$/, '');
return {
fullAddress: data.display_name || '',
formattedAddress: formattedAddress,
components: addressComponents,
coordinates: {
lat: parseFloat(data.lat),
lng: parseFloat(data.lon)
},
boundingBox: data.boundingbox || null,
placeId: data.place_id || null,
osmType: data.osm_type || null,
osmId: data.osm_id || null
};
}
/**
* Get cache statistics
* @returns {Object} Cache statistics
*/
function getCacheStats() {
return {
size: geocodeCache.size,
maxSize: 1000, // Could be made configurable
ttl: CACHE_TTL
};
}
/**
* Clear the geocoding cache
*/
function clearCache() {
geocodeCache.clear();
logger.info('Geocoding cache cleared');
}
module.exports = {
reverseGeocode,
forwardGeocode,
getCacheStats,
clearCache
};

27
map/docker-compose.yml Normal file
View File

@ -0,0 +1,27 @@
version: '3.8'
services:
map-viewer:
build:
context: ./app
dockerfile: Dockerfile
container_name: nocodb-map-viewer
ports:
- "${PORT:-3000}:3000"
environment:
- NODE_ENV=${NODE_ENV:-production}
- PORT=${PORT:-3000}
env_file:
- .env
restart: unless-stopped
healthcheck:
test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://localhost:3000/health"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"

7
mkdocs/docs/cloudflare/index.md Normal file
View File

@ -0,0 +1,7 @@
# Cloudflare
In this section, you will find instructions on how to properly set up Cloudflare for managing a Changemaker-lite.
## Config
When you first run the `./config.sh` it will prompt you for the a api token, zone id, and a tunnel id. A

2
mkdocs/docs/overrides/main.html
View File

@ -4,6 +4,6 @@
{% endblock %}
{% block announce %}
<a href="https://homepage.albertademocracytaskforce.org" class="login-button">Login</a>
<a href="https://homepage.cmlite.org" class="login-button">Login</a>
Changemaker Archive. <a href="https://docs.bnkops.com">Learn more</a>
{% endblock %}

0
mkdocs/docs/overrides/main.html.backup_20250602_184336 → mkdocs/docs/overrides/main.html.backup_20250629_154241
View File

9
mkdocs/docs/overrides/main.html.backup_20250629_154929 Normal file
View File

@ -0,0 +1,9 @@
{% extends "base.html" %}
{% block extrahead %}
{% endblock %}
{% block announce %}
<a href="https://homepage.albertademocracytaskforce.org" class="login-button">Login</a>
Changemaker Archive. <a href="https://docs.bnkops.com">Learn more</a>
{% endblock %}

2
mkdocs/mkdocs.yml
View File

@ -1,6 +1,6 @@
site_name: Changemaker Lite Documentation
site_description: Self-hosted platform for documentation and development
site_url: https://changeme.org
site_url: https://cmlite.org
site_author: Bunker Ops
docs_dir: docs
site_dir: site

66
mkdocs/mkdocs.yml.backup_20250629_154929 Normal file
View File

@ -0,0 +1,66 @@
site_name: Changemaker Lite Documentation
site_description: Self-hosted platform for documentation and development
site_url: https://changeme.org
site_author: Bunker Ops
docs_dir: docs
site_dir: site
# Theme
theme:
name: material
custom_dir: docs/overrides
palette:
scheme: slate
primary: deep purple
accent: amber
features:
- navigation.tracking
- navigation.indexes
- navigation.collapse
- navigation.path
- content.code.copy
- navigation.top
- navigation.tabs # Added for top-level navigation tabs
extra_css:
- stylesheets/extra.css
markdown_extensions:
- pymdownx.highlight:
anchor_linenums: true
- pymdownx.superfences
- admonition
- pymdownx.details
- attr_list
- md_in_html
- pymdownx.emoji # Simplified emoji config
- footnotes
- toc:
permalink: true
# The specific slugify line was removed to avoid previous tool error,
# you may need to add back your preferred slugify option:
# slugify: !!python/name:pymdownx.slugs.uslugify
copyright: Copyright &copy; 2024 The Bunker Operations - Built with Change Maker
# Plugins
plugins:
- social
- search
- blog
# - tags # Consider adding if you use tags for your blog or docs
# Navigation
nav:
- Home: index.md
- Getting Started: getting-started.md
- Services:
- Overview: services/index.md
- Homepage: services/homepage.md
- Code Server: services/code-server.md
- MkDocs Material: services/mkdocs.md
- Static Site Server: services/static-server.md
- Listmonk: services/listmonk.md
- PostgreSQL: services/postgresql.md
- n8n: services/n8n.md
- NocoDB: services/nocodb.md
- Blog: blog/index.md

348
start-production.sh Normal file
View File

@ -0,0 +1,348 @@
#!/bin/bash
echo "#############################################################"
echo "# "
echo "# Changemaker.lite Production Setup "
echo "# "
echo "# This script will: "
echo "# 1. Create a Cloudflare tunnel "
echo "# 2. Configure DNS records "
echo "# 3. Set up access policies "
echo "# 4. Enable the cloudflared container "
echo "# "
echo "#############################################################"
echo ""
# Get script directory
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
ENV_FILE="$SCRIPT_DIR/.env"
DOCKER_COMPOSE_FILE="$SCRIPT_DIR/docker-compose.yml"
# Source environment variables
if [ -f "$ENV_FILE" ]; then
export $(grep -v '^#' "$ENV_FILE" | xargs)
else
echo "Error: .env file not found. Please run ./config.sh first."
exit 1
fi
# Check if Cloudflare credentials are properly configured
if [ -z "$CF_API_TOKEN" ] || [ "$CF_API_TOKEN" == "your_cloudflare_api_token" ] || \
[ -z "$CF_ZONE_ID" ] || [ "$CF_ZONE_ID" == "your_cloudflare_zone_id" ] || \
[ -z "$CF_DOMAIN" ]; then
echo "Error: Cloudflare credentials not properly configured in .env file."
echo ""
echo "Current values:"
echo " CF_API_TOKEN: ${CF_API_TOKEN:-not set}"
echo " CF_ZONE_ID: ${CF_ZONE_ID:-not set}"
echo " CF_DOMAIN: ${CF_DOMAIN:-not set}"
echo ""
echo "Please run ./config.sh and configure Cloudflare settings, or manually update your .env file."
exit 1
fi
# Check if CF_ACCOUNT_ID exists in .env, if not prompt for it
if [ -z "$CF_ACCOUNT_ID" ]; then
echo "Cloudflare Account ID is required for tunnel creation."
echo "You can find it in your Cloudflare dashboard at the top right."
read -p "Enter your Cloudflare Account ID: " CF_ACCOUNT_ID
# Update .env with account ID
echo "" >> "$ENV_FILE"
echo "# Cloudflare Account ID (added by start-production.sh)" >> "$ENV_FILE"
echo "CF_ACCOUNT_ID=$CF_ACCOUNT_ID" >> "$ENV_FILE"
# Re-export the variable
export CF_ACCOUNT_ID
fi
# Check if required variables are set
if [ -z "$CF_API_TOKEN" ] || [ -z "$CF_ZONE_ID" ] || [ -z "$CF_DOMAIN" ]; then
echo "Error: Cloudflare credentials not found in .env file."
echo "Please run ./config.sh and configure Cloudflare settings."
exit 1
fi
# Check if services are running
echo "Checking if services are running..."
if ! docker compose ps | grep -q "Up"; then
echo "Error: No services are running. Please run 'docker compose up -d' first."
exit 1
fi
echo "✓ Services are running"
echo ""
# Show current service URLs
echo "Current local service URLs:"
echo " - Homepage: http://localhost:${HOMEPAGE_PORT:-3010}"
echo " - Code Server: http://localhost:${CODE_SERVER_PORT:-8888}"
echo " - Listmonk: http://localhost:${LISTMONK_PORT:-9000}"
echo " - Documentation (Dev): http://localhost:${MKDOCS_PORT:-4000}"
echo " - Documentation (Built): http://localhost:${MKDOCS_SITE_SERVER_PORT:-4001}"
echo " - n8n: http://localhost:${N8N_PORT:-5678}"
echo " - NocoDB: http://localhost:${NOCODB_PORT:-8090}"
echo " - Gitea: http://localhost:${GITEA_WEB_PORT:-3030}"
echo ""
read -p "Have you tested all services locally and are ready to go to production? (yes/no): " confirm
if [[ "$confirm" != "yes" ]]; then
echo "Please test all services locally before running production setup."
exit 0
fi
echo ""
echo "Starting production setup..."
# Install jq if not present
if ! command -v jq &> /dev/null; then
echo "Installing jq..."
sudo apt-get update && sudo apt-get install -y jq
fi
# Create Cloudflare tunnel
echo ""
echo "Creating Cloudflare tunnel..."
TUNNEL_NAME="changemaker-${HOSTNAME}-$(date +%s)"
# Create tunnel via API
TUNNEL_RESPONSE=$(curl -s -X POST "https://api.cloudflare.com/client/v4/accounts/${CF_ACCOUNT_ID}/cfd_tunnel" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json" \
--data "{\"name\":\"$TUNNEL_NAME\",\"config_src\":\"cloudflare\"}")
# Check if we need account ID
if echo "$TUNNEL_RESPONSE" | jq -e '.errors[] | select(.code == 0)' > /dev/null 2>&1; then
echo ""
echo "Account ID is required. You can find it in your Cloudflare dashboard."
read -p "Enter your Cloudflare Account ID: " CF_ACCOUNT_ID
# Update .env with account ID
if grep -q "^CF_ACCOUNT_ID=" "$ENV_FILE"; then
sed -i "s/^CF_ACCOUNT_ID=.*/CF_ACCOUNT_ID=$CF_ACCOUNT_ID/" "$ENV_FILE"
else
echo "CF_ACCOUNT_ID=$CF_ACCOUNT_ID" >> "$ENV_FILE"
fi
# Retry with account ID
TUNNEL_RESPONSE=$(curl -s -X POST "https://api.cloudflare.com/client/v4/accounts/$CF_ACCOUNT_ID/cfd_tunnel" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json" \
--data "{\"name\":\"$TUNNEL_NAME\",\"config_src\":\"cloudflare\"}")
fi
TUNNEL_ID=$(echo "$TUNNEL_RESPONSE" | jq -r '.result.id')
TUNNEL_TOKEN=$(echo "$TUNNEL_RESPONSE" | jq -r '.result.token')
if [ -z "$TUNNEL_ID" ] || [ "$TUNNEL_ID" == "null" ]; then
echo "Error: Failed to create tunnel"
echo "$TUNNEL_RESPONSE" | jq .
exit 1
fi
echo "✓ Created tunnel: $TUNNEL_NAME (ID: $TUNNEL_ID)"
# Update .env with tunnel information
echo "CF_TUNNEL_ID=$TUNNEL_ID" >> "$ENV_FILE"
echo "CF_TUNNEL_TOKEN=$TUNNEL_TOKEN" >> "$ENV_FILE"
echo "CF_TUNNEL_NAME=$TUNNEL_NAME" >> "$ENV_FILE"
# Configure tunnel routes
echo ""
echo "Configuring tunnel routes..."
# Define services and their configurations
declare -A SERVICES=(
["dashboard"]="homepage-changemaker:3000"
["code"]="code-server:8080"
["listmonk"]="listmonk-app:9000"
["docs"]="mkdocs:8000"
["n8n"]="n8n:5678"
["db"]="nocodb:8080"
["git"]="gitea-app:3000"
)
# Configure root domain to mkdocs-site-server
echo "Configuring route for root domain..."
ROOT_CONFIG=$(cat <<EOF
{
"tunnel_id": "$TUNNEL_ID",
"hostname": "$CF_DOMAIN",
"service": "http://mkdocs-site-server:80"
}
EOF
)
ROOT_RESPONSE=$(curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$CF_ZONE_ID/tunnels/$TUNNEL_ID/configurations" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json" \
--data "$ROOT_CONFIG")
# Configure subdomain routes
for subdomain in "${!SERVICES[@]}"; do
service="${SERVICES[$subdomain]}"
echo "Configuring route for $subdomain.$CF_DOMAIN -> $service"
CONFIG=$(cat <<EOF
{
"tunnel_id": "$TUNNEL_ID",
"hostname": "$subdomain.$CF_DOMAIN",
"service": "http://$service"
}
EOF
)
RESPONSE=$(curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$CF_ZONE_ID/tunnels/$TUNNEL_ID/configurations" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json" \
--data "$CONFIG")
done
# Create DNS records
echo ""
echo "Creating DNS records..."
# Function to create/update DNS record
create_dns_record() {
local name=$1
local content="$TUNNEL_ID.cfargotunnel.com"
# Check if record exists
EXISTING=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$CF_ZONE_ID/dns_records?name=$name.$CF_DOMAIN&type=CNAME" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json")
RECORD_ID=$(echo "$EXISTING" | jq -r '.result[0].id')
if [ ! -z "$RECORD_ID" ] && [ "$RECORD_ID" != "null" ]; then
# Update existing record
RESPONSE=$(curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$CF_ZONE_ID/dns_records/$RECORD_ID" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json" \
--data "{
\"type\": \"CNAME\",
\"name\": \"$name\",
\"content\": \"$content\",
\"ttl\": 1,
\"proxied\": true
}")
else
# Create new record
RESPONSE=$(curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$CF_ZONE_ID/dns_records" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json" \
--data "{
\"type\": \"CNAME\",
\"name\": \"$name\",
\"content\": \"$content\",
\"ttl\": 1,
\"proxied\": true
}")
fi
if echo "$RESPONSE" | jq -e '.success' > /dev/null; then
echo "✓ DNS record for $name.$CF_DOMAIN configured"
else
echo "✗ Failed to configure DNS record for $name.$CF_DOMAIN"
echo "$RESPONSE" | jq '.errors'
fi
}
# Create DNS records for all subdomains
for subdomain in "${!SERVICES[@]}"; do
create_dns_record "$subdomain"
done
# Create root domain record
create_dns_record "@"
# Set up access policies
echo ""
echo "Setting up access policies..."
read -p "Enter admin email for protected services (dashboard, code): " ADMIN_EMAIL
if [[ "$ADMIN_EMAIL" =~ ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then
# Create access applications for protected services
PROTECTED_SERVICES=("dashboard" "code")
for service in "${PROTECTED_SERVICES[@]}"; do
echo "Creating access policy for $service.$CF_DOMAIN..."
# Create access application
APP_RESPONSE=$(curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$CF_ZONE_ID/access/apps" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json" \
--data "{
\"name\": \"$service.$CF_DOMAIN\",
\"domain\": \"$service.$CF_DOMAIN\",
\"type\": \"self_hosted\",
\"session_duration\": \"24h\"
}")
APP_ID=$(echo "$APP_RESPONSE" | jq -r '.result.id')
if [ ! -z "$APP_ID" ] && [ "$APP_ID" != "null" ]; then
# Create policy
POLICY_RESPONSE=$(curl -s -X POST "https://api.cloudflare.com/client/v4/zones/$CF_ZONE_ID/access/apps/$APP_ID/policies" \
-H "Authorization: Bearer $CF_API_TOKEN" \
-H "Content-Type: application/json" \
--data "{
\"name\": \"Email Policy\",
\"decision\": \"allow\",
\"include\": [{
\"email\": {\"email\": \"$ADMIN_EMAIL\"}
}]
}")
echo "✓ Access policy created for $service.$CF_DOMAIN"
fi
done
else
echo "Invalid email format. Skipping access policy setup."
fi
# Enable cloudflared in docker-compose
echo ""
echo "Enabling cloudflared container..."
# Uncomment cloudflared service in docker-compose.yml
sed -i '/# cloudflared:/,/# gitea-app/s/^ # / /' "$DOCKER_COMPOSE_FILE"
# Start cloudflared container
docker compose up -d cloudflared
echo ""
echo "#############################################################"
echo "# "
echo "# Production Setup Complete! "
echo "# "
echo "#############################################################"
echo ""
echo "Your services are now accessible at:"
echo ""
echo "Public services:"
echo " - Main Site: https://$CF_DOMAIN"
echo " - Listmonk: https://listmonk.$CF_DOMAIN"
echo " - Documentation: https://docs.$CF_DOMAIN"
echo " - n8n: https://n8n.$CF_DOMAIN"
echo " - NocoDB: https://db.$CF_DOMAIN"
echo " - Gitea: https://git.$CF_DOMAIN"
echo ""
if [ ! -z "$ADMIN_EMAIL" ]; then
echo "Protected services (login required with $ADMIN_EMAIL):"
echo " - Dashboard: https://dashboard.$CF_DOMAIN"
echo " - Code Server: https://code.$CF_DOMAIN"
else
echo "Admin services (no protection configured):"
echo " - Dashboard: https://dashboard.$CF_DOMAIN"
echo " - Code Server: https://code.$CF_DOMAIN"
fi
echo ""
echo "Note: DNS propagation may take a few minutes."
echo ""
echo "To stop production mode and return to local-only:"
echo " docker compose stop cloudflared"
echo ""
echo "To fully remove production setup:"
echo " docker compose down cloudflared"