bonamin/xenia-pos-local
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: deployment readiness — correct registry/cloud URLs, fix install.sh

Browse Source 
- .env.example: set REGISTRY=registry.bonamin.gr, CLOUD_URL=https://xenia-admin.bonamin.gr, DATA_PATH=/opt/xenia/data
- install.sh: auto-create .env from example, prompt for SITE_ID/SITE_KEY/SECRET_KEY,
  clarify DNS subdomain requirements, add backend API proxy block to nginx config

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Vasileios Kousaridas
2026-05-20 14:36:43 +03:00
parent 8ba8c95ecd
commit 0d21b7f20b
2 changed files with 97 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
.env.example
View File

@@ -1,14 +1,14 @@
# Registry
REGISTRY=registry.yourdomain.com
REGISTRY=registry.bonamin.gr
VERSION=1.0.0
# Backend runtime secrets (get SITE_ID and SITE_KEY from sysadmin panel)
# Backend runtime secrets (get SITE_ID and SITE_KEY from the sysadmin panel)
SITE_ID=your-site-id
SITE_KEY=your-site-key
CLOUD_URL=https://api.yourdomain.com
CLOUD_URL=https://xenia-admin.bonamin.gr
SECRET_KEY=generate-with-openssl-rand-hex-32
LICENSE_GRACE_HOURS=24
# Volumes — absolute paths recommended on client machines
DATA_PATH=/home/user/appdata/pos/data
LOGO_PATH=/home/user/appdata/pos/logo.png
# Volumes — absolute paths on the client machine
DATA_PATH=/opt/xenia/data
LOGO_PATH=/opt/xenia/logo.png

115
install.sh
View File

@@ -1,6 +1,6 @@
#!/bin/bash
# Xenia POS — first-time install script
# Run this on the server machine before starting the stack.
# Run this on the client machine before starting the stack.
# Usage: bash install.sh
set -e
@@ -11,13 +11,48 @@ echo "=== Xenia POS Install ==="
echo ""
# ── 1. Create required directories ───────────────────────────────────────────
echo "[ 1/4 ] Creating directories..."
echo "[ 1/5 ] Creating directories..."
mkdir -p "$SCRIPT_DIR/data"
mkdir -p "$SCRIPT_DIR/certs"
mkdir -p "$SCRIPT_DIR/nginx-proxy"
mkdir -p /opt/xenia/data
touch /opt/xenia/logo.png 2>/dev/null || true
# ── 2. Write nginx-proxy/nginx.conf ──────────────────────────────────────────
echo "[ 2/4 ] Writing nginx proxy config..."
# ── 2. Create .env from .env.example if missing ───────────────────────────────
echo "[ 2/5 ] Configuring environment..."
if [ ! -f "$SCRIPT_DIR/.env" ]; then
cp "$SCRIPT_DIR/.env.example" "$SCRIPT_DIR/.env"
echo ""
echo " A .env file has been created from .env.example."
echo " You must fill in SITE_ID, SITE_KEY, and SECRET_KEY before starting."
echo ""
echo " Get SITE_ID and SITE_KEY from: https://xenia-admin.bonamin.gr"
echo " Generate SECRET_KEY with: openssl rand -hex 32"
echo ""
read -rp " Enter SITE_ID: " INPUT_SITE_ID
read -rp " Enter SITE_KEY: " INPUT_SITE_KEY
read -rp " Enter SECRET_KEY (leave blank to auto-generate): " INPUT_SECRET_KEY
if [ -z "$INPUT_SECRET_KEY" ]; then
INPUT_SECRET_KEY=$(openssl rand -hex 32)
echo " Generated SECRET_KEY: $INPUT_SECRET_KEY"
fi
sed -i "s/^SITE_ID=.*/SITE_ID=${INPUT_SITE_ID}/" "$SCRIPT_DIR/.env"
sed -i "s/^SITE_KEY=.*/SITE_KEY=${INPUT_SITE_KEY}/" "$SCRIPT_DIR/.env"
sed -i "s/^SECRET_KEY=.*/SECRET_KEY=${INPUT_SECRET_KEY}/" "$SCRIPT_DIR/.env"
echo ""
echo " .env written. Review it at: $SCRIPT_DIR/.env"
echo ""
else
echo " .env already exists — skipping."
fi
# ── 3. Write nginx-proxy/nginx.conf ──────────────────────────────────────────
echo "[ 3/5 ] Writing nginx proxy config..."
cat > "$SCRIPT_DIR/nginx-proxy/nginx.conf" << 'EOF'
server {
listen 80;
@@ -26,7 +61,7 @@ server {
server {
listen 443 ssl;
server_name _;
server_name waiter.*;
ssl_certificate /etc/nginx/certs/cert.pem;
ssl_certificate_key /etc/nginx/certs/key.pem;
@@ -43,8 +78,8 @@ server {
}
server {
listen 4443 ssl;
server_name _;
listen 443 ssl;
server_name manager.*;
ssl_certificate /etc/nginx/certs/cert.pem;
ssl_certificate_key /etc/nginx/certs/key.pem;
@@ -59,39 +94,69 @@ server {
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 443 ssl default_server;
ssl_certificate /etc/nginx/certs/cert.pem;
ssl_certificate_key /etc/nginx/certs/key.pem;
location /api/ {
proxy_pass http://backend:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
proxy_pass http://waiter_pwa:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
EOF
# ── 3. SSL certificates ───────────────────────────────────────────────────────
echo "[ 3/4 ] Setting up SSL certificates..."
# ── 4. SSL certificates ───────────────────────────────────────────────────────
echo "[ 4/5 ] Checking SSL certificates..."
if [ -f "$SCRIPT_DIR/certs/cert.pem" ] && [ -f "$SCRIPT_DIR/certs/key.pem" ]; then
echo " Certificates already exist — skipping."
else
echo ""
echo " No certificates found in certs/"
echo " You need a cert for your domain (e.g. xeniapos.yourdomain.com)."
echo ""
echo " Option A — Let's Encrypt (recommended for production):"
echo " DNS requirement:"
echo " Two subdomains must point to this machine's IP:"
echo " waiter.YOURDOMAIN → this machine's IP"
echo " manager.YOURDOMAIN → this machine's IP"
echo " The waiter domain should also be registered in the sysadmin"
echo " panel as the 'Waiter Domain' so phones get the QR code."
echo ""
echo " Option A — Let's Encrypt (recommended):"
echo " sudo apt install certbot"
echo " sudo certbot certonly --manual --preferred-challenges dns -d YOUR_DOMAIN"
echo " sudo cp /etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem certs/cert.pem"
echo " sudo cp /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem certs/key.pem"
echo " sudo certbot certonly --manual --preferred-challenges dns \\"
echo " -d waiter.YOURDOMAIN -d manager.YOURDOMAIN"
echo " sudo cp /etc/letsencrypt/live/waiter.YOURDOMAIN/fullchain.pem certs/cert.pem"
echo " sudo cp /etc/letsencrypt/live/waiter.YOURDOMAIN/privkey.pem certs/key.pem"
echo ""
echo " Option B — Self-signed (local testing only, requires CA install on each device):"
echo " Option B — Self-signed / mkcert (local testing only):"
echo " sudo apt install mkcert libnss3-tools"
echo " mkcert -install"
echo " mkcert -cert-file certs/cert.pem -key-file certs/key.pem YOUR_IP localhost"
echo " mkcert -cert-file certs/cert.pem -key-file certs/key.pem \\"
echo " waiter.YOURDOMAIN manager.YOURDOMAIN"
echo ""
echo " Add certs then re-run this script, or run: docker compose up -d"
echo " Add certs then run: docker compose up -d"
echo ""
fi
# ── 4. Create placeholder logo if missing ────────────────────────────────────
echo "[ 4/4 ] Checking logo..."
if [ ! -f "$SCRIPT_DIR/logo.png" ]; then
echo " WARNING: logo.png not found."
echo " Place your logo at: $SCRIPT_DIR/logo.png"
echo " Creating placeholder so the stack can start..."
# ── 5. Logo ───────────────────────────────────────────────────────────────────
echo "[ 5/5 ] Checking logo..."
if [ ! -s "$SCRIPT_DIR/logo.png" ]; then
echo " WARNING: logo.png not found or is empty."
echo " Place your restaurant logo at: $SCRIPT_DIR/logo.png"
touch "$SCRIPT_DIR/logo.png"
fi
@@ -104,7 +169,9 @@ if [ -f "$SCRIPT_DIR/certs/cert.pem" ] && [ -f "$SCRIPT_DIR/certs/key.pem" ]; th
echo "Starting stack..."
docker compose -f "$SCRIPT_DIR/docker-compose.yml" up -d
echo ""
echo "Done! Services are running."
echo "Done! Services running."
echo " Waiter app: https://waiter.YOURDOMAIN"
echo " Manager app: https://manager.YOURDOMAIN"
else
echo "Add SSL certificates to certs/ then run:"
echo " docker compose up -d"