Skip to main content

Docker Deployment Guide for Flo Application

This comprehensive guide outlines the steps to deploy the Flo application using Docker on an Ubuntu server, including proper SSL configuration with Cloudflare.

System Preparation

Begin by updating your system packages to ensure you have the latest security updates and bug fixes:

sudo apt update
sudo apt upgrade -y

Docker Installation

We'll use Docker to containerize and manage the Flo application, making deployment more consistent and isolated.

Install Prerequisites

Add Docker's Official GPG Key

This ensures the authenticity of Docker packages:

sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

Configure Docker Repository

Add the Docker repository to your system's package sources:

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

Install Docker Components

Install Docker Engine and related tools:

sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

GitHub Integration

Install GitHub CLI and authenticate to access private repositories:

sudo apt install -y gh
gh auth login

When prompted, select:

  • Github.com
  • HTTPS
  • Yes to authenticate with GitHub credentials
  • Use a personal access token with permissions: repo, read:org, workflow

Note: Create your token at https://github.com/settings/tokens with a recommended duration of 1 year

Application Setup

Clone the Flo repository and prepare for deployment:

git clone https://github.com/team-ledges/Flo
cd Flo

Environment Configuration

Configure the application by modifying the .env file with your specific settings:

cp .env.example .env  # If an example file exists
nano .env

There will be 4 fields to fill:

  • EMAIL_SENDER_EMAIL_PSW (Optional! Only if you want to send email through Flo)
  • ASPNETCORE_ENVIRONMENT (Set it as "Production" if in prod-env, otherwise "Development")
  • DB_CONNECTION_STRING (Required! Fill in fields as required using DB VPS credentials)

Without SSL, Connection string looks like this (configure it without ssl first, then add SSL on top)

DB_CONNECTION_STRING=Host=<HOST_IP>;Port=<HOST_PORT>;Database=<DB_NAME>;Username=<USER_NAME>;Password=<USER_PSW>;

Cloudflare Origin Certificate Setup

For enhanced security and performance, we'll use Cloudflare's Origin Certificates:

Create Cloudflare Origin Certificate

  1. Log in to Cloudflare Dashboard
  2. Select your domain
  3. Navigate to SSL/TLS > Origin Server
  4. Click "Create Certificate"
  5. Configure these settings:
    • Certificate Validity: 15 years
    • Certificate Hostnames: your domain (e.g., example.com)
    • Key Format: PEM
  6. Click "Create"
  7. Save both generated files:
    • Origin Certificate
    • Private Key

Install Certificate on Server

Create a secure directory for the certificates:

sudo mkdir -p /etc/ssl/cloudflare
sudo chmod 700 /etc/ssl/cloudflare

Create and populate the certificate file:

sudo nano /etc/ssl/cloudflare/origin.pem
# Paste the Origin Certificate content
# Save with Ctrl+X, Y, Enter

Create and populate the private key file:

sudo nano /etc/ssl/cloudflare/origin.key
# Paste the Private Key content
# Save with Ctrl+X, Y, Enter

Set appropriate permissions to protect these sensitive files:

sudo chmod 600 /etc/ssl/cloudflare/origin.pem
sudo chmod 600 /etc/ssl/cloudflare/origin.key

Verify the certificate is valid:

sudo openssl x509 -in /etc/ssl/cloudflare/origin.pem -text -noout

Update Nginx Configuration

This should be already applied if you start from the nginx.conf pre-made

Ensure your nginx.conf includes the correct SSL certificate paths:

ssl_certificate     /etc/ssl/cloudflare/origin.pem;
ssl_certificate_key /etc/ssl/cloudflare/origin.key;

Cloudflare DNS settings

  1. Go to the Cloudflare dashboard
  2. Select the domain you want to configure
  3. Go to DNS
  4. Add a CNAME record as follow:
    • Name: "app"
    • Target: <VPS_BE_DOMAIN>

Deploy Application

Launch the application using Docker Compose:

sudo docker compose up -d

This command builds and starts all services defined in your compose.yml file in detached mode.

Verification

Verify your deployment with these commands:

# Check if containers are running
sudo docker ps

# View application logs
sudo docker compose logs

# Test HTTPS configuration
curl -k https://localhost