The saasmvp Project

Appearance

Deployment

Your SaaS MVP can be deployed to any IaaS by editing the GitHub Actions Workflow Files. The saasmvp Project out-of-the-box deployment uses a DigitalOcean Docker Droplet configured on an Ubuntu 22.04 Server.

GitHub Actions

GitHub Actions is a continuous integration and continuous delivery (CI/CD) platform that allows you to automate your build, test, and deployment pipeline. The saasmvp Project and the saasmvp-framework uses GitHub Actions for CI/CD deployment to the DigitalOcean Docker droplet.

GitHub Actions Secrets

GitHub Actions Secrets allow you to store sensitive information in your GitHub repository. You will need to create the following GitHub Actions Secrets in your repository to allow the automation of the GitHub CI/CD deployment to DigitalOcean to function properly.

  1. DIGITALOCEAN_ACCESS_TOKEN. Get a Digital Ocean Personal Access Token. Be sure to create the token with both read and write access. Copy the token for use later in the GitHub Actions Secrets variable DIGITALOCEAN_ACCESS_TOKEN.

  2. SAASMVP_SSH_KEY_PUB (SSH Public Key). Generate a SSH key pair. Do not create a password for use with the SSH key pair. Copy the public key for use in the GitHub Actions Secrets variable SAASMVP_SSH_KEY_PUB.

  3. SAASMVP_SSH_KEY. (SSH Private Key). Using the private key generated in the step above, copy the private key for use in the GitHub Actions Secrets variable SAASMVP_SSH_KEY.

  4. SAASMVP_SSH_PASSWORD. The SAASMVP_SSH_PASSWORD is used by the DigitalOcean Docker droplet when setting up SSH Authentication for the first time. This is not the same as specifying a password when creating a SSH key pair, which is NOT required. You will need to create an at least eight (8) character password of your choice and place a copy of the password in the GitHub Actions Secrets variable SAASMVP_SSH_KEY.

Create Your SaaS MVP

Use the following steps to create your SaaS MVP for deployment to an IaaS:

  1. Run the saasmvp-create-droplet.yaml script manually from your GitHub Repository to create your DigitalOcean Docker Droplet.
  2. You will receive an email from DigitalOcean with the temporary password and IP Address needed to access your DigitalOcean droplet.

Build your SaaS MVP Docker Repository Images

Edit your ./nginx/nginx-ssl file BEFORE Proceeding

Make sure that you have edited your ./nginx/nginx-ssl file with your domain name(s) before proceeding.

You will need to build your production SaaS MVP Docker Images using the ./compose-repo.yaml script and store them in your Docker Hub Repository. To build your Docker Images, execute the following command from your local console:

sh
docker compose -f ./compose-repo.yaml up --build -d

Once your Docker SaaS MVP production images are built on your local PC, push them to your Docker Hub Repository from your Docker Desktop.

Edit your ./saasmvp.config/compose-prod.yaml file BEFORE Proceeding

Make sure that you have edited your ./saasmvp.config/compose-prod.yaml file with the SaaS MVP Image names that you pushed to the Docker Hub Repository.

Your SaaS MVP Docker Images will be subsequently pulled by your IaaS when the ./saasmvp.config/saasmvp.sh script executes the ./saasmvp.config/compose-prod.yaml script to build your SaaS MVP Docker Containers from your Docker Hub Repository Images for use in production.

Begin Setting Up SSH

Once you have received the email from DigitalOcean you can proceed with setting up SSH.

Begin Setting Up SSH

  1. From your local console, run the following command (xxx.xxx.xxx.xxx is the IP Address from the DigitalOcean email):
sh
ssh root@xxx.xxx.xxx.xxx
  1. Respond yes to the following question:
txt
The authenticity of host 'xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx)' can't be established. ECDSA key fingerprint is SHA256:6dxaPzrnnx6WyL8VpytbPaAl+Sfx1TdfvcIBlBJ+BKQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

  1. You will now be asked to provide the temporary password from the DigitalOcean email. Copy the temporary password from the email using a mouse. Paste the temporary password into the password prompt shown on the local console. This is a hidden field, so the results of the paste won’t be displayed. Paste by right clicking the mouse in the cursor of the password field.

  2. If your temporary password has been entered correctly, you will be directed to the remote droplet console. You will be asked to enter your temporary password again. This is a hidden field, so the results of the paste won’t be displayed. Paste by right clicking the mouse in the cursor of the password field.

  3. If your temporary password has been entered correctly, you will be prompted to change the password to one of your choosing. Use the SAASMVP_SSH_PASSWORD. You will confirm the password by re-entering the SAASMVP_SSH_PASSWORD password.

The SAASMVP_SSH_PASSWORD is used by the DigitalOcean Docker droplet when setting up SSH Authentication for the first time. This is not the same as specifying a password when creating a SSH key pair, which is NOT required. You will create a password of your choice and place a copy of the password in the GitHub Actions Secrets variable SAASMVP_SSH_KEY.

  1. You should see the following prompt in the DigitalOcean remote console:
txt
root@saasmvp:~#

Enter the exit command at the prompt to return to your local terminal console.

Set Up DNS

You will need to update your domain’s DNSNS” and "A" Records with the DigitalOcean nameservers and DigitalOcean Docker Droplet IP Address.

Set Up DNS

  1. Create the following three DNS "NS"" Records. Use the following nameservers:
txt
ns1.digitalocean.com
ns2.digitalocean.com  
ns3.digitalocean.com

  1. Create a DNS “A” Record to point the droplet IP Address to your domain name. Refer to your DigitalOcean email for your droplet’s IP Address.

  2. DNS records can take up to 48 hours to update on the Internet. When you can successfully run a ping command from your local console using your domain address move on to the next step.

sh
ping -c5 your-domain.name

A successful ping should appear in the console similarly as follows where xxx.xxx.xxx.xxx is your DigitalOcean Docker Droplet IP Address:

txt
PING your-domain.name (xxx.xxx.xxx.xxx) 56(84) bytes of data.
64 bytes from xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx): icmp_seq=1 ttl=49 time=42.6 ms
64 bytes from xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx): icmp_seq=2 ttl=49 time=43.6 ms
64 bytes from xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx): icmp_seq=3 ttl=49 time=43.8 ms
64 bytes from xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx): icmp_seq=4 ttl=49 time=57.4 ms

--- demo.saasmvp.org ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4257ms
rtt min/avg/max/mdev = 48.839/49.515/50.133/0.458 ms

Finish Setting Up SSH

Once DNS has been setup for your SaaS MVP DigitalOcean Docker Droplet, you can finish setting up SSH.

Finish Setting up SSH

  1. Use SSH to log into the remote DigitalOcean Docker Droplet console from your local console using your domain name (for example ssh root@your-domain.name):
sh
ssh root@your-domain.name
  1. Since you are now using a domain name instead of an IP Address, you will need to answer yes again to the following prompt. You should see a similar message on your local console from the remote DigitalOcean Docker Droplet:
sh
The authenticity of host 'your-domain.name (xxx.xxx.xxx.xxx)' can't be established. ECDSA key fingerprint is SHA256:6dxaPzrnnx6WyL8VpytbPaAl+Sfx1TdfvcIBlBJ+BKQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
  1. You will now be asked to enter your chosen password. Enter the password you created for the GitHub Actions secrets variable SAASMVP_SSH_PASSWORD.
sh
Warning: Permanently added 'your-domain.name' (ECDSA) to the list of known hosts.
root@your-domain.name's password:[Use your SAASMVP_SSH_PASSWORD]

TIP

Congratulations! You are now ready to configure your SaaS MVP. Looking for a NO ASSEMBLY REQUIRED experience? Click here.

Configure Your SaaS MVP

Use the following steps to configure your SaaS MVP for deployment to an IaaS:

  1. Run the saasmvp-configure-droplet.yaml script manually from your GitHub Repository to configure your DigitalOcean Docker Droplet.
  2. Log into the remote DigitalOcean Docker Droplet console from your local console by entering:
sh
ssh root@your-domain.name
  1. From your remote droplet console, run the following command to execute the ./saasmvp.config/saasmvp.sh script to finish the configuration, create, and run your SaaS MVP Docker Containers.
sh
./saasmvp.config/saasmvp.sh

Set Up TLS/SSL

During execution of the ./saasmvp.config/saasmvp.sh script, a FREE TLS/SSL Digital Certificate for your SaaS MVP website is created and installed by certbot. The ./saasmvp.config/saasmvp.sh script will configure a cron job to automatically renew your certbot TLS/SSL Digital Certificate.

Install a certbot TLS/SSL Digital Certificate

  1. The ./saasmvp.config/saasmvp.sh will prompt you to enter your domain name(s). Seperate each domain name by a space.
txt
** Enter Domain Name(s) - Separate Each Domain Name by a Space: your-domain.name www.your-domain.name
** DNS Record for your-domain.name has been confirmed.
** DNS Record for www.your-domain.name has been confirmed.
  1. You must enter your email address to receive a TLS/SSL Digital Certificate from certbot.
txt
** Enter Your Email to Receive Urgent Renewal and Security Notices from Certbot (Required): your-email@your-domain.name
  1. Certbot will then install your TLS/SSL Digital Certificate. The remote droplet console should display a similar notice. A cron job has been set up by the ./saasmvp.config/saasmvp.sh script to automatically renew the Digital Certifcate when it expires.
txt
Account registered.
Requesting a certificate for your-domain.name and www.your-domain.name

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/your-domain.name/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/your-domain.name/privkey.pem
This certificate expires on 2024-02-02.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Finishing Your SaaS MVP Configuration

The ./saasmvp.config/saasmvp.sh script will now proceed to finish the configuration of your SaaS MVP using the following steps:

  1. The saasmvp-mysql database is created, migrated and seeded.

  2. Optionally registers the Developer for FREE Technical Support. You will be prompted to Enter Your Email to Receive FREE TECHNICAL SUPPORT from saasmvp (Press Return to Decline FREE SUPPORT) during deployment configuration. You can decline FREE techincal support if you wish.

  3. Configures a cron job to automatically restart your SaaS MVP Docker Containers on an Ubuntu 22.04 Server restart.

  4. Finally, the ./saasmvp.config/saasmvp.sh script executes the ./saasmvp.config/compose-prod.yaml script to pull your SaaS MVP Docker images from your Docker Repository. Docker will then build your Docker Containers from the images stored in your Docker Repository; and start the Docker Containers and Docker Network saasmvp-net. You should see something similar on the remote console if everything is working correctly.

Docker Droplet Console Display

txt
CONTAINER ID   IMAGE                       COMMAND                  CREATED              STATUS                        PORTS                               NAMES
cc2960279a41   nginx:1.21.6                "/docker-entrypoint.…"   About a minute ago   Up 7 seconds                  0.0.0.0:80->80/tcp                  saasmvp-nginx
2e9747569276   saasmvp-framework-nuxtapp   "docker-entrypoint.s…"   About a minute ago   Up 7 seconds                  0.0.0.0:3000->3000/tcp              saasmvp-nuxtapp
a4c3f62e5f39   adminer:4.8.1               "entrypoint.sh php -…"   About a minute ago   Up About a minute             0.0.0.0:8080->8080/tcp              saasmvp-adminer
c72d98ed4a21   mysql:8.1.0                 "docker-entrypoint.s…"   About a minute ago   Up About a minute (healthy)   0.0.0.0:3306->3306/tcp, 33060/tcp   saasmvp-mysql
  1. Open a browser and navigate to your SaaS MVP Website using your domain name(s). You should see the Website is running successfully and that the lock symbol appears in the browser's address bar indicating the site is protected using a TLS/SSL Digital Certificate.

TIP

Congratulations! You are now deployed to production. Interested in Saving Time? Looking for a NO ASSEMBLY REQUIRED experience? Click here.

Released under the MIT License

Copyright © 2024 The saasmvp Project