CI Pipeline:
Backend:
Collect:
Sync:
Frontend:
Proxy:
Web application providing centralized authentication and management using Logto as an Identity Provider with simple Role-Based Access Control.
- frontend/ - Vue.js application for UI
- backend/ - Go REST API with Logto JWT authentication and RBAC
- collect/ - Go REST API with Redis queues to handle inventories
- sync/ - CLI tool for RBAC configuration synchronization
- proxy/ - nginx configuration as load balancer
- Development: Go 1.21+ (backend requires 1.23+), Node.js, Make
- Containers: Docker OR Podman (optional, for full infrastructure)
- External: Logto instance with M2M app and Management API permissions
- Deploy: Render account with GitHub integration
Choose your preferred development approach:
Complete replica of the production environment with all services containerized:
# Start all services (PostgreSQL, Redis, Backend, Collect, Frontend, Proxy)
docker-compose up -d
# OR
podman-compose up -d
# Access the application at: http://localhost:9090All URLs and management commands are documented in the docker-compose.yml header.
Start services individually for targeted development:
# Start shared databases (PostgreSQL + Redis)
cd backend && make dev-up
# Start individual services in separate terminals:
cd backend && make run # Backend API on :8080
cd collect && make run # Collect service on :8081
cd frontend && npm run dev # Frontend on :5173
# Use sync tool as needed:
cd sync && make run-example- RBAC Setup: sync/README.md - Use
sync initfor complete Logto configuration - Frontend Development: frontend/README.md - Vue.js setup and environment configuration
- Backend Development: backend/README.md - Backend setup and environment configuration
- Collect Development: collect/README.md - Collect setup and environment configuration
- Production Deploy: Use
./deploy.shfor automated deployment
- Trigger: Every commit to
mainbranch - Auto-deploy: Immediate deployment via Render
- PR Previews: Temporary environments for pull requests
- Trigger: Manual deployment via
./deploy.shscript - Auto-Deploy: Render automatically deploys when
render.yamlis updated - Manual Control: Deploy only when explicitly triggered
- Security: Private services (Backend, Collect, Frontend) only accessible through Proxy
See individual component documentation for setup:
- Fronted: frontend/README.md - Environment variables and setup for frontend
- Backend: backend/README.md - Environment variables and setup for backend
- Collect: collect/README.md - Environment variables and setup for collect
- sync CLI: sync/README.md - Use
sync initto generate all required variables - proxy: proxy/README.md - nginx configuration and setup for load balancer
- Environment Variables: Configured in Render dashboard
- Service Configuration: Defined in
render.yaml - Deployment: Use
./deploy.shscript for automated deployment
Live User Guide: https://nethserver.github.io/my/
Complete guides for end users and administrators:
- Getting Started - Authentication, login, and profile management
- Organizations - Create and manage business hierarchy
- Users - User creation, roles, and permissions
- User Impersonation - Consent-based impersonation for troubleshooting
- Systems - System creation and monitoring
- Registration - System registration workflow
- Inventory & Heartbeat - Data collection and monitoring
Component-specific technical documentation:
- frontend - UI setup, environment variables, and pages
- backend - Server setup, environment variables, authorization architecture, and consent-based impersonation
- backend OpenAPI - Complete API specification with authentication
- collect - Server setup, environment variables and inventory structure
- sync CLI - RBAC configuration and
sync initsetup - deploy script - Production deployment script for Render
- proxy - Production load balancer configuration with nginx
- DESIGN.md - Architecture decisions and design patterns
Live API Docs: https://bump.sh/nethesis/doc/my - auto-updated on every commit.
To preview the user documentation locally:
# Install MkDocs and dependencies
pip install mkdocs-material mkdocs-minify-plugin
# Serve locally (with hot reload)
mkdocs serve
# Build static site
mkdocs build
# Deploy to GitHub Pages
mkdocs gh-deployThe documentation is automatically deployed to GitHub Pages on every push to the main branch.
git commit -m "feat: new feature"
git push origin main # β qa.my.nethesis.it updatesgit checkout -b feature/new-feature
git push origin feature/new-feature # β Create PR
# β my-proxy-qa-pr-123.onrender.com created# Automated release with quality checks
./release.sh patch # β 0.0.5 β 0.0.6 (bug fixes)
./release.sh minor # β 0.0.5 β 0.1.0 (new features)
./release.sh major # β 0.0.5 β 1.0.0 (breaking changes)
# β Runs tests, formatting, linting β Creates tag β Pushes to GitHubThe release script will:
- Run all quality checks (formatting, linting, tests)
- Bump version in all files
- Create git commit and tag
- Push to GitHub
- Trigger GitHub Actions to build and publish Docker images
# Standard deployment with image verification
./deploy.sh
# Fast deployment without image verification (less safe but faster)
./deploy.sh --skip-verify
# Show help
./deploy.sh --helpThe deployment script will:
- Get the latest git tag automatically
- Show the tag and ask for confirmation
- Verify Docker images exist on ghcr.io (unless
--skip-verify) - Update
render.yamlwith new image tags - Commit changes with your git user info
- Push to main branch
- Render automatically deploys the updated services
Example output:
βΉοΈ Latest git tag: v0.1.5
Do you want to deploy v0.1.5 to production? [y/N] y
β
All Docker images verified successfully
β
render.yaml updated successfully
β
Changes committed and pushed to main branch
β
Deployment initiated successfully!
- Follow existing code patterns and conventions
- Pre-commit: Run
make pre-commitin both directories - Test RBAC changes with
--dry-runbefore applying - Ensure CI tests pass before submitting PRs
See LICENSE file for details.