Backend Installation

1. Installing the Backend (Self-Hosted, Dockerized NestJS)

1.1 Prerequisites

Before starting, ensure you have:

Server: Ubuntu 22.04+ (minimum 2 vCPU, 4 GB RAM)
Docker: v24+
Docker Compose: v2+
Git: v2.30+
Domain Name: For API access (api.irannation.example.com)
SSL Certificates: Managed via Let’s Encrypt or Cloudflare SSL

1.2 Clone the Repository

git clone https://github.com/IranNetworkState/backend-v2.git
cd irannation-backend

1.3 Environment Configuration

Create a .env file in the root directory with the following environment variables:

# Database Configuration (MySQL)
DB_NAME=iran_nation
DB_USER=non-root-user
DB_PASSWORD="randompassword"
MYSQL_ROOT_PASSWORD=rootpassword

# Application Configuration
NODE_ENV=production
PORT=3000
SESSION_SECRET=your-super-secret-key-change-in-production

# Frontend Configuration
FRONTEND_URL=https://your-frontend-domain.com

# Stripe Configuration
STRIPE_SECRET_KEY=secret_key
STRIPE_PUBLISHABLE_KEY=publishable_key
STRIPE_WEBHOOK_SECRET=whsec_xxx

# Firebase Configuration
FIREBASE_PROJECT_ID=your_firebase_project_id
FIREBASE_PRIVATE_KEY=your_firebase_private_key
FIREBASE_CLIENT_EMAIL=your_firebase_client_email

# Email Configuration (Resend)
RESEND_SECRET=resend_secret
FROM_EMAIL="email@mvpurr.com"

# AWS Configuration
AWS_REGION=us-east-1
AWS_ACCESS_KEY_ID=access_key
AWS_SECRET_ACCESS_KEY=secret_access_key
AWS_BUCKET_NAME=persia-net

# Monitoring
SENTRY_DSN=https://123.ingest.us.sentry.io/456

⚠️ Security Note: The above values are examples. Replace them with your actual production values and never commit sensitive credentials to version control.

1.4 Firebase Credentials Setup

Place your Firebase service account credentials file as firebase-credentials.json in the project root directory. This file will be mounted into the container for Firebase authentication.

1.5 Running the Application

The application uses Docker Compose with multiple services and can be run using the provided Docker scripts:

Architecture Overview

The application consists of:

MySQL 8.0: Primary database (exposed on port 3307)
Redis 7: Queue management with BullMQ (exposed on port 6380)
NestJS Backend: Main application (exposed on port 3001)
Adminer: Database administration tool (exposed on port 8080)

Development Environment

sh docker-dev.sh

This will:

Build the development Docker image
Start all services (MySQL, Redis, NestJS app, Adminer)
Enable hot-reload for development
Mount local directories for uploads and logs
Expose services on development ports

Production Environment

sh docker-prod.sh

This will:

Build the optimized production Docker image
Start all services with production configurations
Apply production optimizations and security settings
Set up proper health checks and restart policies

1.6 Service Access & Verification

After running either script, verify the installation by accessing these services:

Service Endpoints

Service	URL	Purpose
NestJS API	`http://localhost:3001`	Main application API
API Health Check	`http://localhost:3001/health`	Service health status
API Documentation	`http://localhost:3001/api`	Swagger/OpenAPI docs
Database Admin	`http://localhost:3001/adminer`	Adminer database interface

Verification Steps

Health Check: Visit http://localhost:3001/health to ensure all services are running
API Documentation: Access Swagger docs at http://localhost:3001/api
Database Admin: Use Adminer at http://localhost:8080 to verify database connection
- Server: mysql
- Username: Your DB_USER from .env
- Password: Your DB_PASSWORD from .env
- Database: Your DB_NAME from .env
Container Status: Run docker-compose ps to check all containers are healthy
Logs: Check service logs with docker-compose logs backend for any errors

1.7 Post-Installation

SSL Setup: Configure SSL certificates for production domains
Monitoring: Verify Sentry integration for error tracking
Queue Monitoring: Check Redis for BullMQ job processing
Firewall: Configure firewall rules to restrict access to database ports (3307, 6380, 8080) in production