Welcome to the infrastructure repository for the ItsMeh project! This repository uses a modern, layered Infrastructure-as-Code (IaC) approach. It centralizes our deployment architecture, reverse proxy routing, and essential application services.
Our infrastructure is split logically by concern to make it easy for developers to find what they need.
infrastructure/
├── deploy/ # Helper scripts to validate and deploy resources
├── environments/ # Environment-specific configuration maps (e.g., global.env, postgres.env)
├── platform/ # Foundational systems (reverse proxy, database, monitoring)
│ ├── reverse-proxy/ # NGINX reverse proxy
│ ├── postgres/ # PostgreSQL shared database platform
│ └── pgadmin/ # pgAdmin 4 database management UI
├── services/ # Application workloads (backend server, web frontend, microservices)
└── logs/ # Centralized log storage generated by running containers
When navigating this repository or deciding where to place a new piece of infrastructure, use this simple mental model:
"What your product needs to exist"
These are directly part of your product. Without them, your app is fundamentally broken (e.g., your Core API, PostgreSQL database, or specific microservices).
- If this goes down, users will notice immediately.
- Focus: Business continuity, scaling, data integrity, application code.
"What operations need to keep it alive"
These are infrastructure support systems. Without them, your app may still run temporarily, but operations become dangerous, insecure, or unobservable (e.g., NGINX reverse proxy, PostgreSQL shared database, Grafana monitoring, back-up automation).
- If this goes down, users might not notice entirely, but the operations team will panic.
- Focus: Operational safety, observability, network security, automation, data platform.
Are you a newcomer trying to spin up or deploy this code? Follow these steps:
All configuration strings, secrets, and API domains are centralized in the /environments folder.
- Navigate to
/environments/production/. - Copy
global.env.example→global.envand fill in your domains (e.g.,DOMAIN,API_DOMAIN,PLATFORM_SUBDOMAIN). - Copy
postgres.env.example→postgres.envand set your database superuser password. - Copy
pgadmin.env.example→pgadmin.envand set your pgAdmin admin credentials. - See
platform/postgres/README.mdfor full database setup and onboarding. - See
platform/pgadmin/README.mdfor pgAdmin setup. - Create backup dirs:
mkdir -p platform/postgres/backups/{base,wal,logical} - Generate platform services gateway credentials:
htpasswd -c platform/reverse-proxy/nginx/.htpasswd ops_admin
Deployment shouldn't be a manual guessing game mapping docker commands for every container. We leverage helper scripts in the /deploy folder to automate validation and startup.
Example for deploying the production stack:
cd deploy/
./deploy-prod.shMost platform tools and services map their log outputs to the top-level /logs directory (e.g., /logs/nginx/). This makes tailing logs across services easy without having to jump into individual docker containers.
- No Secrets in Git: Never commit
.envfiles. Always use.env.exampleas a template and keep the real configured keys locally on the destination machine. - Test Before Updating: Scripts like
./deploy-prod.shautomatically validate configuration (likenginx -tfor templates) before restating runtime services—always use the scripts instead of raw commands whenever possible to catch configuration errors early!
We welcome contributions! If you have suggestions for improving the architecture, adding new platform tools, or optimizing the reverse proxy, please feel free to:
- Fork this repository
- Create a feature branch (
git checkout -b feature/amazing-improvement) - Commit your changes (
git commit -m 'Add amazing improvement') - Push to the branch (
git push origin feature/amazing-improvement) - Open a Pull Request
This project is open-source and licensed under the MIT License. You are free to use, modify, and distribute this infrastructure configuration for your own projects. See the LICENSE file for more details.