Add a first draft of user documentation (#30)

---------

Co-authored-by: Copilot <[email protected]>

Author: codingjoe

.dtop.yml

@@ -0,0 +1,3 @@
+hosts:
+  - host: local
+    dozzle: https://logs.localhost/

.github/workflows/pg-backup.yml renamed to .github/workflows/backup.yml

@@ -1,4 +1,4 @@
-name: PostgreSQL Backup
+name: Backup
 on:
   schedule:
     - cron: '0 0 * * *' # Sync daily at midnight
@@ -9,7 +9,7 @@ concurrency:
 jobs:
   pg_dump:
     if: vars.SSH_HOSTNAME != ''
-    name: Capture and store backup
+    name: PostgreSQL
     runs-on: ubuntu-latest
     environment:
       name: production

bin/pg_backup.sh renamed to bin/backup_capture.sh

@@ -0,0 +1,10 @@
+#!/usr/bin/env sh
+
+# Download the database dump from the latest GitHub workflow
+# Usage: ./backup_download.sh [workflow_id]
+
+set -eux
+
+workflow_id="${1:-$(gh api "repos/{owner}/{repo}/actions/runs" | jq -r '.workflow_runs[] | select(.name == "Backup" and .conclusion == "success") | .id'  | sed 's/"//g' | head -n 1)}"
+
+gh run download "$workflow_id" -n backup.dump

bin/backup_download.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env sh
+
+# Restore the PostgreSQL database from a dump file
+# Usage: ./backup_restore.sh [dump_file] [database_name] [num_jobs]
+
+set -eux
+
+dump_file="${1:-backup.dump}"
+database_name="${2:-postgres}"
+num_jobs="${3:-$(getconf _NPROCESSORS_ONLN)}"
+
+pg_restore "$dump_file" -d "$database_name" --no-acl --no-owner --no-privileges -j "$num_jobs" --disable-triggers

bin/backup_restore.sh

@@ -1,5 +1,6 @@
 include:
   - path:
+      - containers/web/compose.yml
       - containers/web/python/compose.yml
       - containers/compose.smtp.yml
       - containers/compose.postgres.yml

compose.yml

@@ -0,0 +1,10 @@
+services:
+  web:
+    memswap_limit: 1g # Limit total memory usage (RAM + swap) to 1GB
+    deploy:
+      mode: replicated
+      replicas: 2
+      resources:
+        limits:
+          cpus: '0.25' # Limit to 25% of a CPU
+          memory: 512M # Limit to 512MB of RAM

containers/web/compose.yml

@@ -0,0 +1,21 @@
+# freePaaS
+
+freePaaS is an open-source platform-as-a-service (PaaS) solution that enables developers to easily deploy, manage, and scale applications in a cloud environment. It provides a user-friendly interface and a variety of tools to streamline the application lifecycle, from development to production.
+
+## Features
+
+- [Easy Deployment](deployment.md): Deploy applications with just a few clicks.
+- [Scalability](scaling.md): Automatically scale applications based on demand.
+- [Monitoring](monitoring.md): Keep track of application performance and health.
+- [Environment Management](enviroment.md): Manage configuration and environment variables effectively.
+- [Backups](backups.md): Schedule and manage database backups with ease.
+- [File Storage](storage.md): Handle file uploads and storage seamlessly.
+
+## Why and How
+
+freePaaS aims to provide a zero touch CD pipeline for developers, allowing them to focus on writing code rather than managing infrastructure.
+
+It is built around best practices to provide simplicity and security, while providing you the freedom to customize anything you want.
+
+freePaaS uses technologies most developers are already familiar with to lower the learning curve and speed up adoption.
+No PhD in Kubernetes is required to deploy and manage applications, since we don't use it.

docs/README.md

@@ -0,0 +1,34 @@
+# Backups
+
+## Database backups
+
+PostgreSQL backups are captured daily using [pg_dump](https://www.postgresql.org/docs/current/app-pgdump.html) and stored as repository artifacts in GitHub Actions.
+
+### Durability
+
+By default, GitHub retains workflow artifacts for 90 days. You can [adjust the retention period](https://docs.github.com/en/organizations/managing-organization-settings/configuring-the-retention-period-for-github-actions-artifacts-and-logs-in-your-organization) up to a maximum of 400 days.
+
+Importantly, artifacts are stored independently of your application server, ensuring that backups remain safe even if your server fails.
+
+The backup frequency may be altered in the [`.github/workflows/backup.yml`](../.github/workflows/backup.yml) file. Here you may also configure additional backup targets, such as cloud storage providers.
+
+### Restoration
+
+To restore a backup, download the desired artifact from the GitHub Actions workflow run history. The artifact will be a compressed file containing the SQL dump.
+
+You can restore the database using the built-in database scripts:
+
+```bash
+bin/backup_download.sh
+bin/backup_restore.sh
+```
+
+> [!NOTE]
+> Backups are stored in PostgreSQL's [custom format](https://www.postgresql.org/docs/current/app-pgdump.html) which is compressed and allows for more flexible restoration options.
+
+### Privacy
+
+With backups being stored on GitHub, it's crucial to consider the sensitivity of your data. Ensure that your repository is private to prevent unauthorized access to your backups. Additionally, consider encrypting your database dumps before uploading them as artifacts for an added layer of security.
+
+> [!IMPORTANT]
+> If you are serving customers in the EU, ensure that you add GitHub as a data processor in your privacy policy to comply with GDPR regulations.

docs/backups.md

@@ -0,0 +1,34 @@
+# Deployment
+
+Deploying your application with freePaaS is a streamlined process that involves running an installation script and leveraging GitHub Actions for continuous deployment.
+
+## Initial Setup
+
+The primary setup is handled by an interactive script. To start the installation wizard, run the following command from the root of the repository:
+
+```bash
+./bin/install.sh
+```
+
+This script will guide you through the following steps:
+
+1. **Domain Configuration**: You will be prompted to enter your domain name.
+1. **Server Access**: The script will verify SSH access to your server.
+1. **GitHub Integration**: It will help you create a GitHub OAuth App for secure authentication.
+1. **Repository Configuration**: The script will set up the necessary GitHub repository secrets and variables to enable automated deployments. These include:
+   - `SSH_HOSTNAME`: Your server's hostname or IP address.
+   - `SSH_PRIVATE_KEY`: A private SSH key for accessing the server.
+   - `SSH_KNOWN_HOSTS`: Your server's SSH host key.
+
+## Continuous Deployment
+
+Once the initial setup is complete, your application will be automatically deployed whenever you push changes to the `main` branch. This is handled by the [`.github/workflows/deploy.yml`](../.github/workflows/deploy.yml) GitHub Actions workflow.
+
+The deployment workflow performs the following steps:
+
+1. **Trigger**: The workflow is triggered by a push to the `main` branch (after the `ci` workflow succeeds) or can be triggered manually.
+1. **Environment Setup**: It sets up an SSH connection to your production server using the configured secrets.
+1. **Remote Deployment**: It establishes a remote Docker context to your server.
+1. **Application Start**: It uses `docker compose` to pull the latest images and start the application containers.
+
+Your application will be served via a Caddy reverse proxy, which also handles automatic SSL certificate provisioning.