.gitignore

@@ -2,5 +2,4 @@ volumes
 apps/proxy
 .DS_Store
 apps/administration/*
-apps/tools/app/*
+apps/tools/app/*
-env/secrets.env

Jenkinsfile

@@ -1,34 +0,0 @@
-
-
-pipeline {
-    agent any
-
-    stages {
-        stage('Checkout Code & Submodules') {
-            steps {
-                git branch: 'main', url: 'git@github.com:your-org/my-main-repo.git', credentialsId: 'git-credentials'
-                sh 'git submodule update --init --recursive'
-            }
-        }
-
-        stage('Run Backend Pipeline') {
-            steps {
-                build job: 'backend-pipeline', wait: true
-            }
-        }
-
-        stage('Run Frontend Pipeline') {
-            steps {
-                build job: 'frontend-pipeline', wait: true
-            }
-        }
-
-        stage('Deploy Infrastructure') {
-            steps {
-                sshagent(['jenkins-ssh-key']) {
-                    sh "ssh user@server 'cd /opt/myapp && git pull origin main && docker compose up -d'"
-                }
-            }
-        }
-    }
-}

apps/develop/jenkins/docker-compose.yml

@@ -1,4 +1,5 @@
-### Jenkins (./apps/frontend/docker-compose.yml)
+version: '3.8'
+
 services:
   jenkins:
     image: jenkins/jenkins:lts
@@ -6,10 +7,7 @@ services:
     ports:
       - "50000:50000" # Jenkins Agent Port
     volumes:
-      - ../../../volumes/develop/jenkins:/var/jenkins_home
+      - jenkins_home:/var/jenkins_home
-      - ./plugins.yml:/usr/share/jenkins/ref/plugins.yml
-    depends_on:
-      - jenkins-plugins
     environment:
       - JAVA_OPTS=-Djenkins.install.runSetupWizard=false
     networks:
@@ -23,14 +21,6 @@ services:
       - "traefik.http.services.jenkins.loadbalancer.server.port=8080" # interner Port von Jenkins
       - "traefik.docker.network=proxy"
 
-  jenkins-plugins:
-    image: jenkins/jenkins:lts-jdk17
-    command: >
-      jenkins-plugin-cli -f /usr/share/jenkins/ref/plugins.yml --available-updates --output txt > /usr/share/jenkins/ref/plugins.yml
-    volumes:
-      - ./plugins.yml:/usr/share/jenkins/ref/plugins.yml
-    restart: "no"
-
 volumes:
   jenkins_home:
     driver: local

env/development/.env.backend

@@ -6,7 +6,6 @@
 REDIS_PASSWORD=laravel-redis-passwort
 REDIS_PORT=6379
 SERVER_IP=${SERVER_IP:-localhost}
-
 # ----------------------------------
 # Laravel Backend
 # ----------------------------------
@@ -15,7 +14,7 @@ APP_NAME="mindboost backend - Compose Deployment"
 APP_URL=https://backend.local
 LARAVEL_PORT=8000
 LARAVEL_VITE_PORT=5173
-DB_HOST=${MARIADB_HOST:-database}
+DB_HOST=${MARIADB_HOST:-mariadb}
 DB_PORT=${MARIADB_PORT:-3306}
 DB_PASSWORD=${MARIADB_PASSWORD:-default}
 DB_USERNAME=${MARIADB_USER:-default}
@@ -23,4 +22,7 @@ DB_DATABASE=${MARIADB_DATABASE:-default}
 
 JWT_SECRET=zMtO8sgsnc4UixWSsYWE1pK9EdpNLzxNSoIPlUpTe6dDlarM3bu4cwM80tH3jA0F
 
-
+# ----------------------------------
+# Adminer
+# ----------------------------------
+ADMINER_PORT=8080

env/development/.env.database

@@ -4,11 +4,7 @@
 MARIADB_USER=${INFRASTRUCTURE_LABEL:-default}_${ENVIRONMENT:-development}
 MARIADB_DATABASE=${INFRASTRUCTURE_LABEL:-default}_${ENVIRONMENT:-development}
 MARIADB_PASSWORD=1stronges-mindboostdb-passwort
-MARIADB_RANDOM_ROOT_PASSWORD=1
+MARIADB_ROOT_PASSWORD=1stronges-passwort-fuer-diedb
-MARIADB_PORT=3306
-MARIADB_HOST=database
 
-# ----------------------------------
+MARIADB_PORT=3306
-# Adminer
+MARIADB_HOST=${INFRASTRUCTURE_LABEL:-default}_database_${ENVIRONMENT:-development}
-# ----------------------------------
-ADMINER_PORT=8082

env/development/.env.proxy

@@ -19,7 +19,6 @@ LIMESURVEY_DOMAIN=survey.local
 LINKSTACK_DOMAIN=linkstack.local
 TRAEFIK_DOMAIN=traefik.local
 CLOUD_DOMAIN=cloud.local
-KILLBILL_DOMAIN=killbill.local
 
 ###              TLS for Domains
 
@@ -33,7 +32,6 @@ LIMESURVEY_TLS_DOMAIN_MAIN=${LIMESURVEY_DOMAIN}
 LINKSTACK_TLS_DOMAIN_MAIN=${LINKSTACK_DOMAIN}
 TRAEFIK_TLS_DOMAIN_MAIN=${TRAEFIK_DOMAIN}
 CLOUD_TLS_DOMAIN_MAIN=${CLOUD_DOMAIN}
-KILLBILL_TLS_DOMAIN_MAIN=${KILLBILL_DOMAIN}
 
 
 ##                      MIDDLEWARES

env/development/.env.tools

@@ -19,11 +19,3 @@ OVERWRITECLIURL=https://${CLOUD_DOMAIN:-cloud}
 OVERWRITEHOST=${CLOUD_DOMAIN:-cloud}
 REDIS_HOST=nextcloud-redis
 REDIS_HOST_PASSWORD=redis-mindboost-passwort
-
-# ----------------------------------
-#  KILLBILL PAYMENT
-# ----------------------------------
-
-KILLBILL_DAO_URL=jdbc:mysql://db:3306/killbill
-KILLBILL_DAO_USER=${ADMIN_USER:-root}
-KILLBILL_DAO_PASSWORD=${ADMIN_PASSWORD_HASH}

scripts/deploy-administration.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # Pfad zur .env.all Datei
-ENV_FILE="../../env/.env.all"
+ENV_FILE="../env/.env.all"
 
 # Funktion zum Überprüfen der Existenz einer Datei
 check_file_exists() {
@@ -12,7 +12,7 @@ check_file_exists() {
 }
 
 # Überprüfe die Existenz von .env.all
-check_file_exists "../../env/.env.all"
+check_file_exists "../env/.env.all"
 
 # Funktion zum Auslesen von Variablen aus der .env.all Datei
 get_env_var() {
@@ -25,8 +25,8 @@ ENVIRONMENT=$(get_env_var "ENVIRONMENT")
 
 # Load environment variables from the .env files
 set -o allexport
-source ../../env/.env.all
+source ../env/.env.all
-source ../../env/${ENVIRONMENT:-development}/.env.administration
+source ../env/${ENVIRONMENT}/.env.administration
 set +o allexport
 
 # Liste Stacks 
@@ -39,14 +39,14 @@ ENVIRONMENTS=("development" "staging" "production")
 # Überprüfe die Existenz aller Stack-spezifischen .env Dateien
 missing_files=0
 for stack in "${STACKS[@]}"; do
-    env_file="../../env/${ENVIRONMENT:-development}/.env.${stack}"
+    env_file="../env/${ENVIRONMENT}/.env.${stack}"
     if ! check_file_exists "$env_file"; then
         missing_files=$((missing_files + 1))
     fi
 done
 
 if [ $missing_files -eq 0 ]; then
-    echo "Alle erforderlichen .env Dateien für das ${ENVIRONMENT:-development}-Environment sind vorhanden."
+    echo "Alle erforderlichen .env Dateien für das ${ENVIRONMENT}-Environment sind vorhanden."
 else
     echo "Warnung: $missing_files .env Datei(en) fehlen. Einige Stacks könnten nicht korrekt funktionieren."
 fi
@@ -55,7 +55,7 @@ fi
 for env in "${ENVIRONMENTS[@]}"; do
     if [ "$env" != "$ENVIRONMENT" ]; then
         for stack in "${STACKS[@]}"; do
-            env_file="../../env/${env}/.env.${stack}"
+            env_file="../env/${env}/.env.${stack}"
             if ! check_file_exists "$env_file"; then
                 echo "Warnung: Die Datei $env_file fehlt für das Environment $env."
             fi
@@ -72,4 +72,4 @@ echo "ENVIRONMENT: ${ENVIRONMENT:-Not set}"
 echo "-----------------------------------"
 
 # Ausführen des Docker Compose Befehls
-docker compose -f ../apps/docker-compose.all.yml --env-file ../../env/.env.all --env-file ../../env/${ENVIRONMENT:-development}/.env.proxy --profile administration up --remove-orphans
+docker compose -f ../apps/docker-compose.all.yml --env-file ../env/.env.all --env-file ../env/${ENVIRONMENT}/.env.proxy --profile administration up --remove-orphans

scripts/deploy-all.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # Pfad zur .env.all Datei
-ENV_FILE="../../env/.env.all"
+ENV_FILE="../env/.env.all"
 # Funktion zum Auslesen von Variablen aus der .env.all Datei
 get_env_var() {
     grep "^$1=" "$ENV_FILE" | cut -d '=' -f2
@@ -25,6 +25,7 @@ check_file_exists() {
         return 1
     fi
 }
+#!/bin/bash
 
 # Prüfe, ob das Skript nur in der Entwicklungsumgebung ausgeführt wird
 if [ "$ENVIRONMENT" == "development" ]; then
@@ -42,7 +43,7 @@ if [ "$ENVIRONMENT" == "development" ]; then
   echo "🔹 ENVIRONMENT ist 'development' – Hosts aus .env.proxy werden hinzugefügt und Container gestartet."
 
   # Pfad zur Proxy-Env-Datei
-  ENV_PROXY_FILE="../../env/development/.env.proxy"
+  ENV_PROXY_FILE="../env/development/.env.proxy"
 
   # Hosts-Datei Pfad (Linux/macOS)
   HOSTS_FILE="/etc/hosts"
@@ -71,12 +72,12 @@ else
 fi
 
 # Überprüfe die Existenz von .env.all
-check_file_exists "../../env/.env.all"
+check_file_exists "../env/.env.all"
 
 # Überprüfe die Existenz aller Stack-spezifischen .env Dateien
 missing_files=0
 for stack in "${STACKS[@]}"; do
-    env_file="../../env/${ENVIRONMENT:-development}/.env.${stack}"
+    env_file="../env/${ENVIRONMENT}/.env.${stack}"
     if ! check_file_exists "$env_file"; then
         missing_files=$((missing_files + 1))
     fi
@@ -101,4 +102,4 @@ if [[ "$1" == "--build" ]]; then
 fi
 
 # Ausführen des Docker Compose Befehls
-docker compose -f ../../apps/docker-compose.all.yml -p ${INFRASTRUCTURE:-my} --env-file ../../env/.env.all --env-file ../../env/${ENVIRONMENT:-development}/.env.proxy --profile backend up --remove-orphans $BUILD_OPTION
+docker compose -f ../apps/docker-compose.all.yml -p ${INFRASTRUCTURE:-my} --env-file ../env/.env.all --env-file ../env/${ENVIRONMENT}/.env.proxy --profile backend up --remove-orphans $BUILD_OPTION

scripts/deploy-app.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # Pfad zur .env.all Datei
-ENV_FILE="../../env/.env.all"
+ENV_FILE="../env/.env.all"
 # Funktion zum Auslesen von Variablen aus der .env.all Datei
 get_env_var() {
     grep "^$1=" "$ENV_FILE" | cut -d '=' -f2
@@ -13,7 +13,7 @@ ENVIRONMENT=$(get_env_var "ENVIRONMENT")
 SERVER_IP=$(curl -s https://api.ipify.org)
 
 # Liste aller Stacks
-STACKS=("frontend" "database" "backend")
+STACKS=("administration" "frontend" "develop" "database" "proxy" "tools" "website" "backend")
 
 # Liste aller Environments
 ENVIRONMENTS=("development" "staging" "production")
@@ -26,12 +26,12 @@ check_file_exists() {
     fi
 }
 # Überprüfe die Existenz von .env.all
-check_file_exists "../../env/.env.all"
+check_file_exists "../env/.env.all"
 
 # Überprüfe die Existenz aller Stack-spezifischen .env Dateien
 missing_files=0
 for stack in "${STACKS[@]}"; do
-    env_file="../../env/${ENVIRONMENT:-development}/.env.${stack}"
+    env_file="../env/${ENVIRONMENT}/.env.${stack}"
     if ! check_file_exists "$env_file"; then
         missing_files=$((missing_files + 1))
     fi
@@ -55,7 +55,5 @@ if [[ "$1" == "--build" ]]; then
     BUILD_OPTION="--build"
 fi
 
-
 # Ausführen des Docker Compose Befehls
-docker compose -f ../../apps/docker-compose.all.yml --env-file ../../env/.env.all -p ${INFRASTRUCTURE:-my} --profile app up --remove-orphans $BUILD_OPTION
+docker compose -f ../apps/docker-compose.all.yml -p ${INFRASTRUCTURE:-my} --env-file ../env/.env.all --env-file ../env/${ENVIRONMENT}/.env.proxy --profile app up --remove-orphans $BUILD_OPTION
-

scripts/deploy-proxy.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # Pfad zur .env.all Datei
-ENV_FILE="../../env/.env.all"
+ENV_FILE="../env/.env.all"
 
 # Funktion zum Auslesen von Variablen aus der .env.all Datei
 get_env_var() {
@@ -27,12 +27,12 @@ check_file_exists() {
 }
 
 # Überprüfe die Existenz von .env.all
-check_file_exists "../../env/.env.all"
+check_file_exists "../env/.env.all"
 
 # Überprüfe die Existenz aller Stack-spezifischen .env Dateien
 missing_files=0
 for stack in "${STACKS[@]}"; do
-    env_file="../../env/${ENVIRONMENT:-development}/.env.${stack}"
+    env_file="../env/${ENVIRONMENT}/.env.${stack}"
     if ! check_file_exists "$env_file"; then
         missing_files=$((missing_files + 1))
     fi
@@ -51,4 +51,4 @@ echo "ENVIRONMENT: ${ENVIRONMENT:-Not set}"
 echo "-----------------------------------"
 
 # Ausführen des Docker Compose Befehls
-docker compose -f ../../apps/docker-compose.all.yml --env-file ../../env/.env.all --env-file ../../env/${ENVIRONMENT:-development}/.env.proxy --profile proxy up --remove-orphans
+docker compose -f ../apps/docker-compose.all.yml --env-file ../env/.env.all --env-file ../env/${ENVIRONMENT}/.env.proxy --profile proxy up --remove-orphans

scripts/maintain/generate_secrets.sh

@@ -1,81 +0,0 @@
-#!/bin/bash
-
-# 🚀 Script to Generate Secure Secrets for Deployment
-
-# Define root directory relative to the script location
-ROOT_DIR="$(cd "$(dirname "$0")/.." && pwd)"
-SECRET_FILE="$ROOT_DIR/env/secrets.env"
-GITIGNORE_FILE="$ROOT_DIR/.gitignore"
-
-# ✅ Function to check if a command is installed
-check_dependency() {
-    command -v "$1" >/dev/null 2>&1
-}
-
-# 🔍 Check for OpenSSL, and prompt user to install if missing
-if ! check_dependency "openssl"; then
-    echo "⚠️  OpenSSL is not installed. It is required to generate secure secrets."
-    echo "Would you like to install OpenSSL now? (yes/no)"
-    read -r install_choice
-    if [[ "$install_choice" == "yes" ]]; then
-        if [[ "$OSTYPE" == "linux-gnu"* ]]; then
-            sudo apt update && sudo apt install -y openssl
-        elif [[ "$OSTYPE" == "darwin"* ]]; then
-            brew install openssl
-        else
-            echo "❌ Unsupported OS. Please install OpenSSL manually."
-            exit 1
-        fi
-    else
-        echo "❌ OpenSSL is required but was not installed. Exiting."
-        exit 1
-    fi
-fi
-
-# ✅ Securely generate random values
-generate_secret() {
-    openssl rand -base64 32
-}
-
-# 🔄 Check if the secret file already exists
-if [ -f "$SECRET_FILE" ]; then
-    echo "⚠️  $SECRET_FILE already exists. Overwrite? (yes/no)"
-    read -r response
-    if [[ "$response" != "yes" ]]; then
-        echo "❌ Secret file creation canceled."
-        exit 1
-    fi
-fi
-
-# ✏️ Write secrets to file
-echo "🔐 Generating $SECRET_FILE ..."
-mkdir -p "$(dirname "$SECRET_FILE")"  # Ensure the env directory exists
-> "$SECRET_FILE"  # Clear file if it exists
-
-# 🔑 Define and write secrets
-echo "ADMIN_PASSWORD_HASH=$(openssl passwd -6 admin)" >> "$SECRET_FILE"
-echo "JWT_SECRET=$(generate_secret)" >> "$SECRET_FILE"
-echo "MARIADB_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
-echo "MARIADB_ROOT_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
-echo "REDIS_HOST_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
-echo "TRAEFIK_BASIC_AUTH_USERS=admin:$(openssl passwd -6 traefikpass)" >> "$SECRET_FILE"
-echo "GITEA_MYSQL_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
-echo "NEXTCLOUD_ADMIN_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
-echo "MAIL_PASSWORD=$(generate_secret)" >> "$SECRET_FILE"
-
-# 🛑 Ensure secrets.env is ignored by Git **without overwriting last line**
-if [ -f "$SECRET_FILE" ]; then
-    # Check if the last line is missing a newline and fix it
-    if [ -s "$GITIGNORE_FILE" ] && [ "$(tail -c1 "$GITIGNORE_FILE")" != "" ]; then
-        echo "" >> "$GITIGNORE_FILE"
-    fi
-
-    # Append 'env/secrets.env' only if it's not already in .gitignore
-    if ! grep -q "^env/secrets.env$" "$GITIGNORE_FILE"; then
-        echo "env/secrets.env" >> "$GITIGNORE_FILE"
-        echo "✅ Added 'env/secrets.env' to .gitignore"
-    fi
-fi
-
-echo "✅ Secrets have been generated and stored in $SECRET_FILE."
-echo "⚠️  Keep this file secure and do NOT commit it to Git!"