How to deploy a self-hold account book service

Posted on 2024-09-07 Edited on 2024-09-08 In tutorial Views: Word count in article: 5.4k Reading time ≈ 5 mins.

As now I study aboard, I want to keep accounts so when graduation I would know how much money I have spent and how them spent. I know there are lots of such service provided by internet companies. However, I do not want them have my shopping data, so this post comes.

And I want to disable ip+port way to access my service. And takes a long time to achieve this goal. At first, I just use iptables to do this. However, it is a little bit complicated as docker will create their own iptable rule. At last, I found a much simpler way. Why not just reflect 127.0.0.1 to docker container.

Before, I just use apt install docker-io to install docker, now I found this is not the official version of docker, and I know how to install official docker.

How to deploy

You will need 3 domain for this service.

for PC usage, ```m.bill.com``` for mobile usage, and ```php.bill.com``` for database management.


Log into your server as root.

```bash
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo   "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
apt install nginx python3-certbot-nginx certbot
ln -s /etc/nginx/sites-available/bill.com /etc/nginx/sites-enabled/
vim /etc/nginx/sites-available/bill.com

server {
    listen 80;
    server_name bill.com;

    # Redirect HTTP to HTTPS
    location / {
        return 301 https://$host$request_uri;
    }
}
server {
    listen 443 ssl;
    server_name bill.com;

    # SSL Configuration
    ssl_certificate /etc/letsencrypt/live/bill.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/bill.com/privkey.pem;

    error_log /var/log/nginx/bill_error.log;
    access_log /var/log/nginx/bill_access.log combined;

    # general proxy support
    location / {
        proxy_pass http://127.0.0.1:43743;
    }
}

1 2	ln -s /etc/nginx/sites-available/m.bill.com /etc/nginx/sites-enabled/ vim /etc/nginx/sites-available/m.bill.com

server {
    listen 80;
    server_name m.bill.com;

    # Redirect HTTP to HTTPS
    location / {
        return 301 https://$host$request_uri;
    }
}
server {
    listen 443 ssl;
    server_name m.bill.com;

    # SSL Configuration
    ssl_certificate /etc/letsencrypt/live/m.bill.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/m.bill.com/privkey.pem;

    error_log /var/log/nginx/bill_error.log;
    access_log /var/log/nginx/bill_access.log combined;

    # general proxy support
    location / {
        proxy_pass http://127.0.0.1:43744;
    }
}

1 2	ln -s /etc/nginx/sites-available/php.bill.com /etc/nginx/sites-enabled/ vim /etc/nginx/sites-available/php.bill.com

server {
    listen 80;
    server_name php.bill.com;

    # Redirect HTTP to HTTPS
    location / {
        return 301 https://$host$request_uri;
    }
}
server {
    listen 443 ssl;
    server_name php.bill.com;

    # SSL Configuration
    ssl_certificate /etc/letsencrypt/live/php.bill.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/php.bill.com/privkey.pem;

    error_log /var/log/nginx/bill_error.log;
    access_log /var/log/nginx/bill_access.log combined;

    # general proxy support
    location / {
        proxy_pass http://127.0.0.1:43741;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

certbot certonly --nginx -d bill.com
certbot certonly --nginx -d m.bill.com
certbot certonly --nginx -d php.bill.com
git clone https://github.com/getmoneynote/docker-compose-moneynote-ali.git && cd docker-compose-moneynote-ali
vim docker-compose.yml

version: '3'

services:
  moneynote:
    container_name: moneynote
    image: registry.cn-hangzhou.aliyuncs.com/moneynote/moneynote-all:latest
    restart: always
    environment:
      - DB_PASSWORD=${DB_PASSWORD:-78p7gkc1}
      - invite_code=${invite_code:-111111}
    volumes:
      - moneynote_mysql_data:/var/lib/mysql
    ports:
      - "127.0.0.1:43740:3306"
      - "127.0.0.1:43741:80"
      - "127.0.0.1:43742:9092"
      - "127.0.0.1:43743:81"
      - "127.0.0.1:43744:82"

volumes:
  moneynote_mysql_data:

1	docker compose up -d

Go to bill.com to register your account. Remember your username can only contain alphabet and digital number, and your password length must between 6-32.

Screenshot 2024-09-04 at 20.34.09

Then go to php.bill.com in order to change the password of your database. The default password is 78p7gkc1, you cannot change this in the docker-compose.yml file as the service would crash. So you must change it after initialization.

Screenshot 2024-09-07 at 21.38.58

Screenshot 2024-09-07 at 21.40.35

Then go to your server as root.

1 2	cd ~/docker-compose-moneynote-ali vim api.env

1 2	DB_PASSWORD=Your_new_password_set_before invite_code=Your_own_invite_code

1 2	docker compose stop docker compose --env-file api.env up -d

Get your app in the mobile phone

Go to github release page to download app installation package and install it on your phone. Then login. The api address is https://bill.com.

How to deploy

Get your app in the mobile phone

Reference