Merge branch 'master' of https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding

# Conflicts:
#	README.md
#	package.json

README.md

@@ -1,6 +1,6 @@
 # Wir.Social Deploys And Rebrands Ocelot.Social
 
-This repository is used to rebrand, configure, and deploy the [wir.social](https://wir.social) networks.
+This repository is an in use template to rebrand, configure, and deploy [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) networks.
 The forked original repository is [Ocelot-Social-Deploy-Rebranding](https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding).
 
 <!-- [![Build Status](https://travis-ci.com/Human-Connection/Human-Connection.svg?branch=master)](https://travis-ci.com/Human-Connection/Human-Connection) -->
@@ -27,17 +27,77 @@ Logins:
 | `admin@example.org` | 1234 | admin |
 -->
 
-<!--
 ## Usage
 
-Fork this repository and configure as well as rebrand it for your own [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) network.
+Fork this repository to configure and rebrand it for your own [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) network.
 
-- [Configure And Rebrand](https://github.com/Ocelot-Social-Community/Ocelot-Social-Deploy-Rebranding/tree/master/branding)
+### Package.Json And DockerHub Organisation
 
-Afterwards you can [deploy](deployment/README.md) it on your server:
+Write your own data into the main configuration file:
 
-- [Kubernetes with Helm](deployment/kubernetes/README.md)
--->
+- [package.json](/package.json)
+
+Since all deployment methods described here depend on [Docker](https://docker.com) and [DockerHub](https://hub.docker.com), you need to create your own organisation on DockerHub and put its name in the [package.json](/package.json) file as your `dockerOrganisation`.
+
+### Configure And Branding
+
+The next step is:
+
+- [Configure And Branding](/branding/README.md)
+
+### Optional: Proof Configuration And Branding Locally
+
+Just in case you have Docker installed and run the following, you can check your branding locally:
+
+```bash
+# in main folder
+$ docker-compose up
+# fill the database with an initial admin
+$ docker-compose exec backend yarn run prod:migrate init
+```
+
+The database is then initialised with the default administrator:
+
+- E-mail: admin@example.org
+- Password: 1234
+
+For login or registration have a look in your browser at `http://localhost:3000/`.  
+For the maintenance page have a look in your browser at `http://localhost:5000/`.
+
+### Push Changes To GitHub
+
+Before merging these changes into the "master" branch on your GitHub fork repository, you need to configure the GitHub repository secrets.  This is necessary to [publish](/.github/workflows/publish.yml) the Docker images by pushing them via GitHub actions to repositories belonging to your DockerHub organisation.
+
+First, go to your DockerHub profile under `Account Settings` and click on the `Security` tab. There you create an access token called `<your-organisation>-access-token` and copy the token to a safe place.
+
+Secondly, in your GitHub repository, click on the 'Settings' tab and go to the 'Secrets' tab.  There you create two secrets by clicking on `New repository secret`:
+
+1. Named `DOCKERHUB_TOKEN` with the newly created DockerHub token (only the code, not the token name).
+2. Named `DOCKERHUB_USERNAME` with your DockerHub username.
+
+### Optional: Proof DockerHub Images Locally
+
+Just in case you like to check your pushed Docker images in your organisation's DockerHub repositories locally:
+
+- rename the file `docker-compose.ocelotsocial-branded.yml` with your network name
+- in the file, rename the ocelot.social DockerHub organisation `ocelotsocialnetwork` to your organisations name
+
+Remove any local Docker images if necessary and do the following:
+
+```bash
+# in main folder
+$ docker-compose -f docker-compose.<your-organisation>-branded.yml up
+# fill the database with an initial admin
+$ docker-compose exec backend yarn run prod:migrate init
+```
+
+See the login details and browser addresses above.
+
+### Deployment
+
+Afterwards you can [deploy](/deployment/README.md) it on your server:
+
+- [Kubernetes with Helm](/deployment/kubernetes/README.md)
 
 ## Developer Chat
 
@@ -50,9 +110,9 @@ We give write permissions to every developer who asks for it. Just text us on
 
 ## Technology Stack
 
+- [Docker](https://www.docker.com)
 - [Kubernetes](https://kubernetes.io)
 - [Helm](https://helm.sh)
-- [Docker](https://www.docker.com)
 
 <!--
 ## Attributions
@@ -66,4 +126,4 @@ Browser compatibility testing with [BrowserStack](https://www.browserstack.com/)
 
 ## License
 
-See the [LICENSE](LICENSE.md) file for license rights and limitations (MIT).
+See the [LICENSE](/LICENSE.md) file for license rights and limitations (MIT).

branding/README.md

@@ -0,0 +1,5 @@
+# Configure And Branding
+
+In this folder you will find all configuration files and logo images to customise the configuration and branding of the [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) network code to your own needs.
+
+Please change these and they will be used automatically as part of the [deployment](/deployment/README.md) process.

branding/locales/html/de/code-of-conduct.html

@@ -1,4 +1,5 @@
 <!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
 
 <p>Ich bin der Inhalt vom Verhaltenskodex</p>
 <br>

branding/locales/html/de/data-privacy.html

@@ -1,4 +1,5 @@
 <!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
 
 <p>Das hier wäre der Inhalt der Datenschutzbestimmungen</p>
 <br>

branding/locales/html/de/faq.html

@@ -1,4 +1,5 @@
 <!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
 
 <p>Hier stehen die FAQs</p>
 <br>

branding/locales/html/de/imprint.html

@@ -1,4 +1,5 @@
 <!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
 
 <p>Ich bin das Impressum</p>
 <br>

branding/locales/html/de/terms-and-conditions.html

@@ -1,4 +1,5 @@
 <!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
 
 <p>Ich bin der Inhalt der Seite "Nutzungsbedingungen"</p>
 <br>

branding/locales/html/en/code-of-conduct.html

@@ -1,4 +1,5 @@
 <!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
 
 <p>I am the content of the code of conduct</p>
 <br>

branding/locales/html/en/data-privacy.html

@@ -1,4 +1,5 @@
 <!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
 
 <p>This would be our data privacy section</p>
 <br>

branding/locales/html/en/faq.html

@@ -1,4 +1,5 @@
 <!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
 
 <p>Here are the FAQs</p>
 <br>

branding/locales/html/en/imprint.html

@@ -1,4 +1,5 @@
 <!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
 
 <p>I am the imprint</p>
 <br>

branding/locales/html/en/terms-and-conditions.html

@@ -1,4 +1,5 @@
 <!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
 
 <p>I am the content of the page "terms and conditions"<p>
 <br>

branding/templates/locales/html/de/code-of-conduct.html

@@ -0,0 +1,68 @@
+<!-- this file is replaced on rebranding -->
+<!-- templates see folder '/branding/templates/' -->
+
+<!-- template for the 'Code Of Conduct' from the old HC network. in the old repo you will find other languages as well -->
+
+<br>
+<p>
+  Wir sind ein gemeinnütziges soziales Wissens- und Aktionsnetzwerk der nächsten Generation.
+  Von Menschen – für Menschen. Open Source, fair und transparent.
+  Für positiven lokalen und globalen Wandel in allen Lebensbereichen.
+  Wir gestalten den öffentlichen Austausch von Wissen, Ideen und Projekten völlig neu.
+  Unsere Funktionen bringen die Menschen zusammen – offline und online – so dass wir die Welt zu einem besseren Ort machen können.<br>
+</p>
+<p>
+  Mit diesen Verhaltensregeln regeln wir die wesentlichen Grundsätze für das Verhalten in unserem sozialen Netzwerk.
+  Dabei bildet die  Menschenrechtscharta der Vereinten Nationen das Herz unseres Werteverständnisses und dient uns als Orientierung.
+  Die Verhaltensregeln dienen als Leitsätze für den persönlichen Auftritt und den Umgang untereinander.
+  Wer als Nutzer bei uns aktiv ist, Beiträge verfasst, kommentiert oder mit anderen Nutzern, auch außerhalb des Netzwerkes, Kontakt aufnimmt, erkennt diese Verhaltensregeln als verbindlich an.<br>
+</p>
+<br>
+<h3 style="margin-top: 8px; margin-bottom: 0px;">
+  Erwartetes Verhalten
+</h3>
+<br>
+<p style="margin-top: 0px; margin-bottom: 8px;">
+  Die folgenden Verhaltensweisen werden von allen Community-Mitgliedern erwartet und gefordert:<br>
+  <br>
+  - Sei rücksichtsvoll und respektvoll, bei dem, was Du schreibst und tust.<br>
+  - Versuche auf andere zuzugehen, bevor ein Konflikt entsteht.<br>
+  - Vermeide erniedrigende, diskriminierende oder belästigende Verhaltensweisen und Ausdrücke.<br>
+  - Achte Dein Umfeld und Deine Mitmenschen. Warne die Verantwortlichen der Community, falls Du eine gefährliche Situation, jemanden in Not oder Verstöße gegen diesen Verhaltenskodex bemerkst, auch wenn diese unbedeutend erscheinen.<br>
+</p>
+<br>
+<h3 style="margin-top: 8px; margin-bottom: 0px;">
+  Nichtakzeptables Verhalten
+</h3>
+<br>
+<p style="margin-top: 0px; margin-bottom: 8px;">
+  Die folgenden Verhaltensweisen sind in unserer Community inakzeptabel:<br>
+  <br>
+  - Diskriminierende Beiträge, Kommentare, Äußerungen oder Beleidigungen, insbesondere solche, die sich auf Geschlecht, sexuelle Orientierung, Rasse, Religion, politische oder weltanschauliche Ausrichtung oder Behinderung beziehen.<br>
+  - Das Senden oder Verlinken eindeutig pornografischen Materials.<br>
+  - Verherrlichung oder Verharmlosung grausamer oder unmenschlicher Gewalttätigkeiten.<br>
+  - Das Veröffentlichen von personenbezogenen Daten anderer ohne deren Einverständnis oder das Androhen dessen („Doxing“)."<br>
+  - Absichtliche Einschüchterung, Stalking oder Verfolgung.<br>
+  - Bewerben von Produkten und Dienstleistungen mit kommerzieller Absicht.<br>
+  - Strafbares Verhalten bzw. Verstoß gegen deutsches Recht.<br>
+  - Befürwortung oder Ermutigung zu diesen Verhaltensweisen.<br>
+</p>
+<br>
+<h3 style="margin-top: 8px; margin-bottom: 0px;">
+  Konsequenzen inakzeptablen Verhaltens
+</h3>
+<br>
+<p style="margin-top: 0px; margin-bottom: 8px;">
+  Wenn ein Gemeinschaftsmitglied inakzeptables Verhalten an den Tag legt, können die verantwortlichen Betreiber, Moderatoren und Administratoren des Netzwerks angemessene Maßnahmen ergreifen, u.a.:<br>
+  <br>
+  - Aufforderung zum sofortigen Abstellen des inakzeptablen Verhaltens<br>
+  - Sperren oder Löschen von Kommentaren<br>
+  - Vorübergehender Ausschluss aus dem jeweiligen Beitrag<br>
+  - Sperren bzw. Löschen von Inhalten<br>
+  - Vorübergehender Entzug von Schreibrechten<br>
+  - Vorübergehender Ausschluss aus dem Netzwerk<br>
+  - Endgültiger Ausschluss aus dem Netzwerk<br>
+  - Verstöße gegen deutsches Recht können zur Anzeige gebracht werden.<br>
+  <br>
+  Wenn Du einem inakzeptablen Verhalten ausgesetzt bist, es miterlebst oder andere Bedenken hast, melde bitte so schnell wie möglich den oder die entsprechenden Inhalte an die Moderatoren.<br>
+</p>

deployment/README.md

@@ -1,5 +1,14 @@
 # Deployment
 
+Before you start the deployment you have to do preparations.
+
+## Deployment Preparations
+
+Since all deployment methods described here depend on [Docker](https://docker.com) and [DockerHub](https://hub.docker.com), you need to create your own organisation on DockerHub and put its name in the [package.json](/package.json) file as your `dockerOrganisation`.  
+Read more details in the [main README](/README.md) under [Usage](/README.md#usage).
+
+## Deployment Methods
+
 You have the following options for a deployment:
 
 - [Kubernetes with Helm](./kubernetes/README.md)
@@ -11,4 +20,4 @@ After the first deployment of the new network on your server, the database is in
 - E-mail: admin@example.org
 - Password: 1234
 
-TODO: When you are logged in for the first time, please change your (the admin's) e-mail to an existing one and change your password to a secure one !!!
+***ATTENTION:*** When you are logged in for the first time, please change your (the admin's) e-mail to an existing one and change your password to a secure one !!!

deployment/kubernetes/DigitalOcean.md

@@ -0,0 +1,78 @@
+# DigitalOcean
+
+If you want to set up a [Kubernetes](https://kubernetes.io) cluster on [DigitalOcean](https://www.digitalocean.com), follow this guide.
+
+## Create Account
+
+Create an account with DigitalOcean.
+
+## Add Project
+
+On the left side you will see a menu. Click on `New Project`. Enter a name and click `Create Project`.  
+Skip moving resources, probably.
+
+## Create Kubernetes Cluster
+
+On the right top you find the button `Create`. Click on it and choose `Kubernetes - Create Kubernetes Cluster`.
+
+- use the latest Kubernetes version
+- choose your datacenter region
+- name your node pool: e.g. `pool-<your-network-name>`
+- 2 `Basic node` with a total of 4GB and 2 shared CPUs are enough to start with
+- no tags necessary
+- set your cluster name: e.g. `cluster-<your-network-name>`
+- select your project
+
+## Getting Started
+
+After your cluster is set up, see progress bar above, click on `Getting started`. Please install the following management tools:
+
+- [kubectl](https://kubernetes.io/docs/tasks/tools/)
+- [doctl](https://github.com/digitalocean/doctl)
+
+Install the tools as described on the tab or see the links here.
+
+After the installation, click on `Continue`.
+
+### Download Configuration File
+
+Follow the steps to download the configuration file.
+
+You can skip this step if necessary, as you can download the file later. You can then do this by clicking on `Kubernetes` in the left menu. In the menu to the right of the cluster name in the cluster list, click on `More` and select `Download Config`.
+
+### Patch & Minor Version Upgrades
+
+Skip `Patch & Minor Version Upgrades` for now.
+
+### Install 1-Click Apps
+
+You don't need a 1-click app. Our helmet script will install the required NGINXs.
+Therefore, skip this step as well.
+
+## DNS Configuration
+
+There are the following two ways to set up the DNS.
+
+### Manage DNS With A Different Domain Provider
+
+If you have registered your domain or subdomain with another domain provider, add an `A` record there with one of the IP addresses from one of the cluster droplets in the DNS.
+
+To find the correct IP address to set in the DNS `A` record, click `Droplets` in the left main menu.
+A list of all your droplets will be displayed.
+Take one of the IPs of perhaps two or more droplets in your cluster from the list and enter it into the `A` record.
+
+### Manage DNS With DigitalOcean
+
+***TODO:** How to configure the DigitalOcean DNS management service …*
+
+To understand what makes sense to do when managing your DNS with DigitalOcean, you need to know how DNS works:
+
+DNS means `Domain Name System`. It resolves domains like `example.com` into an IP like `123.123.123`.
+DigitalOcean is not a domain registrar, but provides a DNS management service. If you use DigitalOcean's DNS management service, you can configure [your cluster](/deployment/kubernetes/README.md#dns) to always resolve the domain to the correct IP and automatically update it for that.  
+The IPs of the DigitalOcean machines are not necessarily stable, so the cluster's DNS service will update the DNS records managed by DigitalOcean to the new IP as needed.
+
+***CAUTION:** If you are using an external DNS, you currently have to do this manually, which can cause downtime.*
+
+## Deploy
+
+Yeah, you're done here. Back to [Deployment with Helm for Kubernetes](deployment/kubernetes/README.md).

deployment/kubernetes/README.md

@@ -1,12 +1,21 @@
-# Helm Installation Of Ocelot.Social
+# Kubernetes Helm Installation Of Ocelot.Social
 
-Deploying *ocelot.social* with Helm is very straight forward. All you have to do is to change certain parameters, like domain names and API keys, then you just install our provided Helm chart to your cluster.
+Deploying [ocelot.social](https://github.com/Ocelot-Social-Community/Ocelot-Social) with [Helm](https://helm.sh) for [Kubernetes](https://kubernetes.io) is very straight forward. All you have to do is to change certain parameters, like domain names and API keys, then you just install our provided Helm chart to your cluster.
+
+## Kubernetes Cloud Hosting
+
+There are various ways to set up your own or a managed Kubernetes cluster. We will extend the following lists over time.  
+Please contact us if you are interested in options not listed below.
+
+Managed Kubernetes:
+
+- [DigitalOcean](/deployment/kubernetes/DigitalOcean.md)
 
 ## Configuration
 
-You can customize the network with your configuration by duplicate the `values.template.yaml` to a new `values.yaml` file and change it to your need. All included variables will be available as environment variables in your deployed kubernetes pods.
+You can customize the network server with your configuration by duplicate the `values.template.yaml` to a new `values.yaml` file and change it to your need. All included variables will be available as environment variables in your deployed kubernetes pods.
 
-Besides the `values.template.yaml` file we provide a `nginx.values.template.yaml` and `dns.values.template.yaml` for a similar procedure. The new `nginx.values.yaml` is the configuration for the ingress-nginx Helm chart, while the `dns.values.yaml` file is for automatically updating the dns values on digital ocean and therefore optional.
+Besides the `values.template.yaml` file we provide a `nginx.values.template.yaml` and `dns.values.template.yaml` for a similar procedure. The new `nginx.values.yaml` is the configuration for the ingress-nginx Helm chart, while the `dns.values.yaml` file is for automatically updating the dns values on DigitalOcean and therefore optional.
 
 ## Installation
 
@@ -18,7 +27,7 @@ Please refer to [cert-manager.io docs](https://cert-manager.io/docs/installation
 
 ***ATTENTION:*** *Be with the Terminal in your repository in the folder of this README.*
 
-1. Create Namespace
+#### 1. Create Namespace
 
 ```bash
 # kubeconfig.yaml set globaly
@@ -27,14 +36,14 @@ $ kubectl create namespace cert-manager
 $ kubectl --kubeconfig=/../kubeconfig.yaml create namespace cert-manager
 ```
 
-2. Add Helm repository and update
+#### 2. Add Helm repository and update
 
 ```bash
 $ helm repo add jetstack https://charts.jetstack.io
 $ helm repo update
 ```
 
-3. Install Cert-Manager Helm chart
+#### 3. Install Cert-Manager Helm chart
 
 ```bash
 # option 1
@@ -57,14 +66,14 @@ $ helm --kubeconfig=/../kubeconfig.yaml \
 
 ### Ingress-Nginx
 
-1. Add Helm repository and update
+#### 1. Add Helm repository and update
 
 ```bash
 $ helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
 $ helm repo update
 ```
 
-2. Install ingress-nginx
+#### 2. Install ingress-nginx
 
 ```bash
 # kubeconfig.yaml set globaly
@@ -77,7 +86,7 @@ $ helm --kubeconfig=/../kubeconfig.yaml install ingress-nginx ingress-nginx/ingr
 
 This is only necessary if you run DigitalOcean without load balancer ([see here for more info](https://stackoverflow.com/questions/54119399/expose-port-80-on-digital-oceans-managed-kubernetes-without-a-load-balancer/55968709)) .
 
-1. Authenticate towards DO with your local `doctl`
+#### 1. Authenticate towards DO with your local `doctl`
 
 You will need a DO token for that.
 
@@ -90,9 +99,16 @@ $ doctl auth init --context <new-context-name>
 
 You will need an API token, which you can generate in the control panel at <https://cloud.digitalocean.com/account/api/tokens> .
 
-2. Generate DO firewall
+#### 2. Generate DO firewall
 
-Fill in the `CLUSTER_UUID` and `your-domain` (Get the `CLUSTER_UUID` value from the dashboard or the ID column from doctl kubernetes cluster list.):
+ Get the `CLUSTER_UUID` value from the dashboard or from the ID column via `doctl kubernetes cluster list`:
+
+```bash
+# need to apply access token by `doctl auth init` before
+$ doctl kubernetes cluster list
+```
+
+Fill in the `CLUSTER_UUID` and `your-domain`:
 
 ```bash
 # without doctl context
@@ -118,17 +134,19 @@ $ doctl compute firewall get <ID> --context <context-name>
 
 ### DNS
 
+***TODO:** I thought this is necessary if we use the DigitalOcean DNS management service? See [Manage DNS With DigitalOcean](/deployment/kubernetes/DigitalOcean.md#manage-dns-with-digitalocean)*
+
 This chart is only necessary (recommended is more precise) if you run DigitalOcean without load balancer.
 You need to generate an access token with read + write for the `dns.values.yaml` at <https://cloud.digitalocean.com/account/api/tokens> and fill it in.
 
-1. Add Helm repository and update
+#### 1. Add Helm repository and update
 
 ```bash
 $ helm repo add bitnami https://charts.bitnami.com/bitnami
 $ helm repo update
 ```
 
-2. Install DNS
+#### 2. Install DNS
 
 ```bash
 # kubeconfig.yaml set globaly

deployment/kubernetes/values.template.yaml

@@ -14,13 +14,18 @@ BACKEND:
   JWT_SECRET: "b/&&7b78BF&fv/Vd"
   MAPBOX_TOKEN: "pk.eyJ1IjoiYnVzZmFrdG9yIiwiYSI6ImNraDNiM3JxcDBhaWQydG1uczhpZWtpOW4ifQ.7TNRTO-o9aK1Y6MyW_Nd4g"
   PRIVATE_KEY_PASSPHRASE: "a7dsf78sadg87ad87sfagsadg78"
+  # ocelot.social mail dummy
   EMAIL_DEFAULT_SENDER: "devops@ocelot.social"
   SMTP_HOST: "mail.ocelot.social"
   SMTP_USERNAME: "devops@ocelot.social"
   SMTP_PASSWORD: "devops@ocelot.social"
-  SMTP_PORT: "465"
-  SMTP_IGNORE_TLS: 'true'
+  SMTP_PORT: "587"
+  SMTP_IGNORE_TLS: 'false'
   SMTP_SECURE: 'false' # true for 465, false for other ports
+  # or
+  # SMTP_PORT: "465"
+  # SMTP_IGNORE_TLS: 'true'
+  # SMTP_SECURE: 'true' # true for 465, false for other ports
 
   # most likely you don't need to change this
   MIN_READY_SECONDS: "15"