diff --git a/.gitignore b/.gitignore index e43b0f98..7c163bd7 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,9 @@ .DS_Store + +# Sensitive configuration files with real credentials +kite.toml +kite-service/.env + +# Keep example files - these should be committed +!kite.toml.example +!kite-service/.env.example diff --git a/README.md b/README.md index b511e686..6bc4e571 100644 --- a/README.md +++ b/README.md @@ -23,20 +23,39 @@ To run Kite you will also need to run a [Postgres](https://www.postgresql.org/) ### Configure the server -To configure the server you can create a file called `kite.toml` with the following fields: - -```toml -[discord] -client_id = "..." # Your Discord client ID used for Oauth2 -client_secret = "..." # Your Discord client secret used for Oauth2 - -[encryption] -token_encryption_key = "..." # HEX encoded AES key for encrypting Discord tokens +**IMPORTANT: You must configure your credentials before running Kite!** + +1. **Copy the example configuration files:** + ```bash + cp kite.toml.example kite.toml + cp kite-service/.env.example kite-service/.env + ``` + +2. **Edit `kite.toml` with your credentials:** + - Set your Discord application **Client ID** + - Set your Discord application **Client Secret** + - Set your generated **encryption key** + + ```toml + [discord] + client_id = "YOUR_DISCORD_CLIENT_ID" + client_secret = "YOUR_DISCORD_CLIENT_SECRET" + + [encryption] + token_encryption_key = "YOUR_GENERATED_ENCRYPTION_KEY" + ``` + +3. **Edit `kite-service/.env` if running locally** (not needed for Docker): + - Fill in the same Discord credentials + - Configure local database settings if needed + +**To generate an encryption key:** +```bash +openssl enc -aes-256-cbc -k secret -P -md sha1 ``` +Copy the **key** value (64 character hex string). -To generate an encryption key for tokens you can use `openssl enc -aes-256-cbc -k secret -P -md sha1`. - -You can also set the config values using environment variables. For example `KITE_DISCORD__CLIENT_ID` will set the discord client id. +You can also set config values using environment variables. For example `KITE_DISCORD__CLIENT_ID` will set the discord client id. ### Using Docker (docker-compose) diff --git a/docker-compose.yaml b/docker-compose.yaml index d2895178..3dc485e4 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,37 +1,66 @@ services: postgres: - image: postgres + image: postgres:16 restart: always ports: - - "${PG_HOST_PORT:-5432}:5432" - volumes: - - kite-local-postgres:/var/lib/postgresql/data + - "5434:5432" environment: POSTGRES_USER: postgres + POSTGRES_HOST_AUTH_METHOD: trust POSTGRES_DB: kite - PGUSER: postgres PGDATA: /var/lib/postgresql/data/pgdata - POSTGRES_HOST_AUTH_METHOD: trust + volumes: + - kite-local-postgres:/var/lib/postgresql/data + healthcheck: + test: ["CMD", "pg_isready", "-U", "postgres"] + interval: 5s + timeout: 5s + retries: 5 minio: image: quay.io/minio/minio command: server --console-address ":9001" /data + restart: always ports: - "9000:9000" - "9001:9001" environment: - MINIO_ROOT_USER: kite - MINIO_ROOT_PASSWORD: 1234567890 + MINIO_ROOT_USER: "kite" + MINIO_ROOT_PASSWORD: "1234567890" volumes: - kite-local-minio:/data - nirn-proxy: - image: ghcr.io/germanoeich/nirn-proxy:main + kite: + build: + context: . + dockerfile: Dockerfile + restart: always ports: - - "8888:8080" + - "8080:8080" environment: - - ENABLE_METRICS=false - - REQUEST_TIMEOUT=10000 + - KITE_API__HOST=0.0.0.0 + - KITE_DATABASE__POSTGRES__HOST=postgres + - KITE_DATABASE__POSTGRES__PORT=5432 + - KITE_DATABASE__POSTGRES__USER=postgres + - KITE_DATABASE__POSTGRES__DB_NAME=kite + - KITE_DATABASE__S3__ENDPOINT=minio:9000 + - KITE_DATABASE__S3__ACCESS_KEY=kite + - KITE_DATABASE__S3__SECRET_KEY=1234567890 + - KITE_DATABASE__S3__BUCKET=kite + - KITE_APP__PUBLIC_BASE_URL=http://localhost:8080 + - KITE_API__PUBLIC_BASE_URL=http://localhost:8080 + - KITE_STORAGE__S3__ENDPOINT=minio:9000 + - KITE_STORAGE__S3__ACCESS_KEY=kite + - KITE_STORAGE__S3__SECRET_KEY=1234567890 + - KITE_STORAGE__S3__BUCKET=kite + - KITE_STORAGE__S3__PUBLIC_BASE_URL=http://localhost:9000 + volumes: + - ./kite.toml:/root/kite.toml:ro + depends_on: + postgres: + condition: service_healthy + minio: + condition: service_started volumes: kite-local-postgres: diff --git a/kite-service/.env.example b/kite-service/.env.example new file mode 100644 index 00000000..3923dd7f --- /dev/null +++ b/kite-service/.env.example @@ -0,0 +1,20 @@ +KITE_API__HOST=0.0.0.0 +KITE_DATABASE__POSTGRES__HOST=localhost +KITE_DATABASE__POSTGRES__PORT=5434 +KITE_DATABASE__POSTGRES__USER=postgres +KITE_DATABASE__POSTGRES__DB_NAME=kite +# If using Docker with 'trust', this might be ignored. If using local Postgres, set your password here. +KITE_DATABASE__POSTGRES__PASSWORD=kite + +KITE_APP__PUBLIC_BASE_URL=http://localhost:8080 +KITE_API__PUBLIC_BASE_URL=http://localhost:8080 + +KITE_DISCORD__CLIENT_ID=YOUR_DISCORD_CLIENT_ID +KITE_DISCORD__CLIENT_SECRET=YOUR_DISCORD_CLIENT_SECRET +KITE_ENCRYPTION__TOKEN_ENCRYPTION_KEY=YOUR_GENERATED_ENCRYPTION_KEY + +KITE_STORAGE__S3__ENDPOINT=http://localhost:9000 +KITE_STORAGE__S3__ACCESS_KEY=kite +KITE_STORAGE__S3__SECRET_KEY=1234567890 +KITE_STORAGE__S3__BUCKET=kite +KITE_STORAGE__S3__PUBLIC_BASE_URL=http://localhost:9000 diff --git a/kite-service/internal/config/default.toml b/kite-service/internal/config/default.toml index 0bb29a3d..8273bdea 100644 --- a/kite-service/internal/config/default.toml +++ b/kite-service/internal/config/default.toml @@ -1,4 +1,3 @@ - [api] host = "127.0.0.1" port = 8080 diff --git a/kite-web/package-lock.json b/kite-web/package-lock.json index c0443e8b..3bffeacf 100644 --- a/kite-web/package-lock.json +++ b/kite-web/package-lock.json @@ -10714,4 +10714,4 @@ } } } -} +} \ No newline at end of file diff --git a/kite.toml.example b/kite.toml.example new file mode 100644 index 00000000..26f07774 --- /dev/null +++ b/kite.toml.example @@ -0,0 +1,6 @@ +[discord] +client_id = "YOUR_DISCORD_CLIENT_ID" +client_secret = "YOUR_DISCORD_CLIENT_SECRET" + +[encryption] +token_encryption_key = "YOUR_GENERATED_ENCRYPTION_KEY"