mCaptcha/docs/DEPLOYMENT.md

# Deployment instructions:

See [CONFIGURATION.md](./CONFIGURATION.md) for configuration instructions 

There are three ways to deploy mCaptcha:

1. Docker
2. Docker compose
3. Bare metal

## Docker

NOTE: We'll publish pre-built images once we reach `alpha`.

1. Build image:

```bash
$ cd mcaptcha && docker build -t mcaptcha/mcaptcha:latest .
```

2. Set configuration in [configuration file](../config/default.toml)

3. Run image:

If you have already have a Postgres instance running, then:

```bash
docker run -p <host-machine-port>:<port-in-configuration-file> \
	--add-host=database:<database-ip-addrss> \
	-e RUST_LOG=debug \
	-e DATABASE_URL="postgres://<db-user>:<db-password>@database:<db-port>/<db-name>" \
	mcaptcha/mcaptcha:latest
```

If you don't have a Postgres instance running, you can either install
one using a package manager or launch one with docker. A [docker-compose
configuration]('../docker-compose.yml) is available that will launch both
a database instance mcaptcha instance.

## With docker-compose

1. Follow steps above to build docker image.

2. Set database password [docker-compose configuration]('../docker-compose.yml).

3. Launch network:

```bash
$ docker-compose up -d
```

## Bare metal:

The process is tedious, most of this will be automated with a script in
the future.

### 1. Install postgres if you don't have it already.

### 2. Create new user for running `mcaptcha`:

```bash
$ sudo useradd -b /srv -m -s /usr/bin/zsh mcaptcha
```

### 3. Create new user in Postgres

```bash
$ sudo -iu postgres # switch to `postgres` user
$ psql
postgres=#  CREATE USER mcaptcha WITH PASSWORD 'my super long password and yes you need single quote`;
$  createdb -O mcaptcha mcaptcha # create db 'mcaptcha' with 'mcaptcha' as owner
```

### 4. Build `mcaptcha`:

To build `mcaptcha`, you need the following dependencies:

1. rust
2. node(`v14.16.0`)
3. yarn(JavaScript package manager)
4. make

## How to build

1. Install Cargo using [rustup](https://rustup.rs/) with:

```bash
$ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
```

2. Install node(`v14.16.0`)

3. Install yarn(JavaScript package manager)

4. Build with make:

```bash
$ make dev-env && \
	make release
```

### 5. Install package:

```bash
$ sudo cp ./target/release/mcaptcha /usr/bin/ && \
	mkdir sudo /etc/mcaptcha && \
	sudo cp config/default.toml /etc/mcaptcha/config.toml
```

### 6. Systemd service configuration:

1. Copy the following to `/etc/systemd/system/mcaptcha.service`:

```systemd
[Unit]
Description=mCaptcha: a CAPTCHA system that gives attackers a run for their money

[Service]
Type=simple
User=mcaptcha
ExecStart=/usr/bin/mcaptcha
Restart=on-failure
RestartSec=1
SuccessExitStatus=3 4
RestartForceExitStatus=3 4
SystemCallArchitectures=native
MemoryDenyWriteExecute=true
NoNewPrivileges=true
Environment="RUST_LOG=info"

[Unit]
After=sound.target
Wants=network-online.target
Wants=network-online.target
Requires=postgresql.service
After=syslog.target

[Install]
WantedBy=multi-user.target
```

2. Enable service:
```bash
$ sudo systemctl daemon-reload && \
	sudo systemctl enable mcaptcha && \ # Auto startup during boot
	sudo systemctl start mcaptcha
``
deployment instructions 2021-05-30 14:23:53 +00:00			`# Deployment instructions:`

configuration instructions 2021-05-30 14:36:13 +00:00			`See [CONFIGURATION.md](./CONFIGURATION.md) for configuration instructions`

deployment instructions 2021-05-30 14:23:53 +00:00			`There are three ways to deploy mCaptcha:`

			`1. Docker`
			`2. Docker compose`
			`3. Bare metal`

			`## Docker`

			NOTE: We'll publish pre-built images once we reach `alpha`.

			`1. Build image:`

			```bash
rename guard -> mcaptcha 2021-06-01 12:03:47 +00:00			`$ cd mcaptcha && docker build -t mcaptcha/mcaptcha:latest .`
deployment instructions 2021-05-30 14:23:53 +00:00			```

			`2. Set configuration in [configuration file](../config/default.toml)`

			`3. Run image:`

			`If you have already have a Postgres instance running, then:`

			```bash
			`docker run -p <host-machine-port>:<port-in-configuration-file> \`
			`--add-host=database:<database-ip-addrss> \`
			`-e RUST_LOG=debug \`
			`-e DATABASE_URL="postgres://<db-user>:<db-password>@database:<db-port>/<db-name>" \`
rename guard -> mcaptcha 2021-06-01 12:03:47 +00:00			`mcaptcha/mcaptcha:latest`
deployment instructions 2021-05-30 14:23:53 +00:00			```

			`If you don't have a Postgres instance running, you can either install`
			`one using a package manager or launch one with docker. A [docker-compose`
			`configuration]('../docker-compose.yml) is available that will launch both`
rename guard -> mcaptcha 2021-06-01 12:03:47 +00:00			`a database instance mcaptcha instance.`
deployment instructions 2021-05-30 14:23:53 +00:00
			`## With docker-compose`

			`1. Follow steps above to build docker image.`

			`2. Set database password [docker-compose configuration]('../docker-compose.yml).`

			`3. Launch network:`

			```bash
			`$ docker-compose up -d`
			```

			`## Bare metal:`

			`The process is tedious, most of this will be automated with a script in`
			`the future.`

			`### 1. Install postgres if you don't have it already.`

rename guard -> mcaptcha 2021-06-01 12:03:47 +00:00			### 2. Create new user for running `mcaptcha`:
deployment instructions 2021-05-30 14:23:53 +00:00
			```bash
			`$ sudo useradd -b /srv -m -s /usr/bin/zsh mcaptcha`
			```

			`### 3. Create new user in Postgres`

			```bash
			$ sudo -iu postgres # switch to `postgres` user
			`$ psql`
			postgres=# CREATE USER mcaptcha WITH PASSWORD 'my super long password and yes you need single quote`;
			`$ createdb -O mcaptcha mcaptcha # create db 'mcaptcha' with 'mcaptcha' as owner`
			```

rename guard -> mcaptcha 2021-06-01 12:03:47 +00:00			### 4. Build `mcaptcha`:
deployment instructions 2021-05-30 14:23:53 +00:00
rename guard -> mcaptcha 2021-06-01 12:03:47 +00:00			To build `mcaptcha`, you need the following dependencies:
deployment instructions 2021-05-30 14:23:53 +00:00
			`1. rust`
			2. node(`v14.16.0`)
			`3. yarn(JavaScript package manager)`
			`4. make`

			`## How to build`

			`1. Install Cargo using [rustup](https://rustup.rs/) with:`

			```bash
			`$ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs \| sh`
			```

			2. Install node(`v14.16.0`)

			`3. Install yarn(JavaScript package manager)`

			`4. Build with make:`

			```bash
			`$ make dev-env && \`
			`make release`
			```

			`### 5. Install package:`

			```bash
rename guard -> mcaptcha 2021-06-01 12:03:47 +00:00			`$ sudo cp ./target/release/mcaptcha /usr/bin/ && \`
			`mkdir sudo /etc/mcaptcha && \`
			`sudo cp config/default.toml /etc/mcaptcha/config.toml`
deployment instructions 2021-05-30 14:23:53 +00:00			```

			`### 6. Systemd service configuration:`

rename guard -> mcaptcha 2021-06-01 12:03:47 +00:00			1. Copy the following to `/etc/systemd/system/mcaptcha.service`:
deployment instructions 2021-05-30 14:23:53 +00:00
			```systemd
			`[Unit]`
			`Description=mCaptcha: a CAPTCHA system that gives attackers a run for their money`

			`[Service]`
			`Type=simple`
			`User=mcaptcha`
rename guard -> mcaptcha 2021-06-01 12:03:47 +00:00			`ExecStart=/usr/bin/mcaptcha`
deployment instructions 2021-05-30 14:23:53 +00:00			`Restart=on-failure`
			`RestartSec=1`
			`SuccessExitStatus=3 4`
			`RestartForceExitStatus=3 4`
			`SystemCallArchitectures=native`
			`MemoryDenyWriteExecute=true`
			`NoNewPrivileges=true`
			`Environment="RUST_LOG=info"`

			`[Unit]`
			`After=sound.target`
			`Wants=network-online.target`
			`Wants=network-online.target`
			`Requires=postgresql.service`
			`After=syslog.target`

			`[Install]`
			`WantedBy=multi-user.target`
			```

			`2. Enable service:`
			```bash
			`$ sudo systemctl daemon-reload && \`
rename guard -> mcaptcha 2021-06-01 12:03:47 +00:00			`sudo systemctl enable mcaptcha && \ # Auto startup during boot`
			`sudo systemctl start mcaptcha`
deployment instructions 2021-05-30 14:23:53 +00:00			``