Life ConnectLife Connect
Wiki index
Architecture
Services
Concepts
Runbooks
Infra
Swagger Docs
GitHub
Wiki index
Architecture
Services
Concepts
Runbooks
Infra
Swagger Docs
GitHub
  • Archive
  • Data Dictionary
  • Functional Epics

    • DICTIONARY OF ATTRIBUTES
    • Search Condos
    • Display

      • DisplayAll

        • Display all - Contracts
        • Display all - invoices
        • Display all - parts
        • Display all - Persons Relationships
        • Display all - Persons
        • Display tickets
      • DisplayContract

        • Display bank account Contract
        • Display Condo Member Contract
        • Display contact contract
        • Display Employee Contract
        • Display Generic Contract
        • Display Insurance Contract
        • Display Legal Represent Contract
        • Display Oral Contract
        • Display Owner Contract
        • Display Condo Regulation Contract
        • Display rental Contract
        • Display Supplier Contract
        • Display Trustee Contract
      • DisplayDelegate

        • Display Delegate
      • DisplayHistory

        • Display history
      • DisplayPerson

        • Display Company Person
        • Display Condo Person
        • Display Division Person
        • Display Group Person
        • Display Indivision Person
        • Display Natural Person
        • Display Union Person
        • Display Unknown Person
      • DisplayPersonsContracts

        • Display all Interventions
      • DisplayProperty

        • Display part
        • Display part
      • UiPerson

        • Display "mini" Persons
    • Process

      • Create

        • Create property & condo
      • Delete

        • Delete objects according to state machine
      • RC Renewal

        • RC RESIDENTIAL - automatic renewal
      • Review

        • rent amount review - RC residential - creation
        • rent amount review - RC residential - take-over
      • Sell

        • Sell a unit
    • Reporting

      • GRR

        • GLOBAL RENT REPORT
    • Search

      • Search
    • StateMachine

      • CreatingContract

        • State machine - creating a rental contract
        • State machine - creating a rental delegate contract
        • State machine - Referencing a abstract part contract
        • State machine - Referencing a bank contract
        • State machine - Referencing a condo regulation contract
        • State machine - Referencing a contact contract
        • State machine - Referencing an employee contract
        • State machine - Referencing a generic contract
        • State machine - Referencing a legal represent contract
        • State machine - Referencing a owner contract
        • State machine - Referencing a rental contract
        • State machine - Referencing a supplier contract
        • State machine - Referencing a trustee contract
      • CreatingIntervention

        • State machine - creating a ticket
        • State machine - Referencing a message
      • CreatingInvoice

        • State machine - creating a incoming (supplier) invoice
      • CreatingPayments

        • State machine - creating an incoming payment
      • EncodingPart

        • CreatingPart

          • State machine - Referencing part relationships
          • State machine - Referencing a part
      • EncodingPerson

        • CreatingAddresses

          • State machine - Creating email address
          • State machine - Creating phone address
          • State machine - Creating postal address
          • State machine - Creating web address
        • CreatingPerson

          • State machine - Referencing a company person
          • State machine - Referencing a condo person
          • State machine - Referencing a division person
          • State machine - Referencing an group person
          • State machine - Referencing an indivision person
          • State machine - Referencing a natural person
          • State machine - Referencing a union person
        • CreatingShareHolders

          • State machine - valuing a shareholder
      • Scanning

        • State machine scanning - analyze a document
        • State machine scanning - matching a document
        • State machine scanning - encoding a document : related information
    • Utility

      • Allocation keys
      • Company settings
      • Document data & file
      • Revision Index
    • Validations

      • Shareholders validation
  • Implicit

    • Callback

      • Logging In
  • ProductBoard

    • Rental Process

      • Rental delegate process
    • Ticketing

      • Create a ticket - link a ticket in Outlook add-in - add a call - display a ticket
      • Display Person Info in Outlook add-in
  • Technical Epics

    • Indexation Feature Documentation
    • Rent Amount Management Feature Documentation
    • I have an API
    • I can store the balance of an account
    • I Have Person Notifications
    • 🧩 System Process Diagrams
    • The Team has a DEV environment
    • The Team is organized
    • Accounting

      • Re-generation of Invoices
      • I can call the rent for my Rental Contract
      • Payment Creation Strategy Feature Documentation
      • I Can Revese

        • Payment Reversal
      • I Have Invoices

        • I have direction on invoice's item level
      • I Have Subsidies

        • I Can Receive Family Allowance Payments - Technical Documentation
        • Subsidies + Direct Debit Documentation
    • Communication Module

      • Communication module
    • Contracts

      • I can have contract guarantors
      • API Models
      • I Have Call For Rent Process

        • Call For Rent (CFR) Process Documentation
      • Occupancy Compensation

        • **OCCUPANCY COMPENSATION Documentation**
      • State Machine

        • I can have the Rental Contract state machine
    • Database

      • Database Indexes
    • E2e Testing

      • I can create an E2E dataset
    • Env Setup

      • Adapt env to stateless UI build
      • Blockhound
      • Table of Environments and Their Specifications
      • Environment How-To
      • Java Flight Recorder Management Documentation
      • Local Environment Setup
      • Kubernetes Logs Retrieval Documentation
      • Monitoring
      • I can create a new organisation
      • Production Environment Configuration
      • Remote Environment Setup
      • Set up of separate DB for env
      • Terraform Aws S3 Buckets
      • adb-ui Service Version Update
    • Files

      • I can have tags for files
    • Globals

      • boundaries
      • boundaries
      • boundaries
      • boundaries
    • Messaging

      • MongoDB Trigger Model Documentation
    • Open Api

      • Swagger Documentation Guide
      • Swagger
    • Parts

      • I Have A Forecast And Actuals Module
      • I can have part equipments
    • Process

      • Pre-Meeting Questionnaire
      • I Can Release My Feature
    • Security

      • I can create and provision an organisation
      • a user is granted access to the application
    • Stress Test

      • Introduction
      • Reports

        • Introduction
        • Introduction
        • Introduction
        • Introduction
        • Introduction
        • Table of contents
    • Tickets

      • Ticket Details Functionality
    • Troubleshooting

      • Prometheus Memory Issue Handling
Last updated 2025-03-11⚠️ 1 year 3 months old — verify against current code before relying on details.

Remote Environment Setup

Prerequisites

Ensure the following prerequisites are met before proceeding with the setup:

  • The $HOME/.aws directory exists and contains valid AWS user credentials.
  • A reverse proxy Docker container is configured and running on the VPS (covered in this document).
  • The acl, jq Debian packages are installed.
  • A MongoDB Atlas cluster is created and populated with the necessary databases.
  • MongoDB required trigger functions are manually created.
  • The Keycloak UI client has its Valid Redirect URIs and Web Origins properties set to the environment's Fully Qualified Domain Name (FQDN).

Steps

1. Create an AWS Secrets Manager Secret

Create a secret in the eu-west-3 region.

2. Access the VPS

SSH into the VPS where the environment will be set up.

3. Create a New Directory

Create a directory under /opt/devops/$ENV, replacing $ENV with the environment name (e.g., athena).

ENV='athena'
mkdir /opt/devops/$ENV

Set the directory permissions:

# all files created within the directory inherit the group ownership of the directory
sudo chmod g+s /opt/devops/$ENV/

# new files are created with group write permissions
GROUP_ID=$(cat /etc/group | grep devops | cut -d: -f3)
sudo setfacl -d -m "g:$GROUP_ID:rwX" /opt/devops/$ENV/

# all existing files and directories in the shared directory have the correct group and permissions
sudo chmod g+rwX /opt/devops/$ENV/

Note: If the directory /opt/devops/$ENV already exists, ensure the correct group ownership and permissions are set by running the following commands:

sudo chown -R :devops /opt/devops/$ENV
sudo find /opt/devops/$ENV/ -type d -exec chmod g+s {} +
GROUP_ID=$(cat /etc/group | grep devops | cut -d: -f3)
sudo setfacl -d -m "g:$GROUP_ID:rwX" /opt/devops/$ENV
sudo find /opt/devops/$ENV -exec chmod g+rwX {} +

This ensures all files created within the directory inherit the correct group ownership and permissions.

4. Clone the Charts Repository

Clone the necessary repository into the shared environment working directory:

git clone -b develop git@bitbucket.org:lifeconnectsas/adb-charts.git /opt/devops/$ENV

5. Navigate to the Target Directory

Change to the directory where Terraform commands will be executed:

cd /opt/devops/$ENV/charts/terraform/envs/kind

6. Initialize Terraform

Initialize the working directory and backend for Terraform state storage:

terraform init -reconfigure \
    -backend-config='bucket=tf-states.life-connect.fr' \
    -backend-config="key=envs/$ENV/terraform.tfstate" \
    -backend-config='region=eu-west-3' \
    -backend-config='encrypt=true'

7. Configure Environment Variables

In variables.tfvars, specify the environment name and AWS secret region:

env               = "athena"
aws_secret_region = "eu-west-3"

8. Define Service Versions

Set the appropriate service versions in the values.yaml file:

accountingTag: 0.31.0-SNAPSHOT-DEV-2051
aggregatesTag: 0.29.0-SNAPSHOT-DEV-1296
contractsTag: 0.34.0-SNAPSHOT-DEV-2332
filesTag: 0.20.0-SNAPSHOT-DEV-644
partsTag: 0.22.0-SNAPSHOT-DEV-879
personsTag: 0.22.0-SNAPSHOT-DEV-1278
reportsTag: 0.13.0-SNAPSHOT-DEV-650
ticketsTag: 0.11.0-SNAPSHOT-FEA-345
uiTag: 0.48.0-SNAPSHOT-DEV-7986
utilitiesTag: 0.29.0-SNAPSHOT-DEV-1215
viewsTag: 0.23.0-SNAPSHOT-DEV-665

9. Create and Apply Terraform Modules

Each module should be created and applied sequentially.

a. Cluster Module

Create and apply the Terraform plan for cluster resources:

terraform plan -target='module.cluster' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

b. AWS Module

Due to the aws_sns_topic_subscription resource issue, resources are created in two phases:

Phase 1: Create resources necessary for AWS SNS topic subscriptions:

terraform plan -target='module.aws.aws_sqs_queue.file_uploaded_queue' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

Phase 2: Create the remaining AWS module resources:

terraform plan -target='module.aws' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

c. Messaging Module

This module is also created in two phases:

Phase 1:

terraform plan -target='module.messaging.aws_cloudwatch_event_target.targets' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

Phase 2:

terraform plan -target='module.messaging' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

d. Services Module

Create and apply the Terraform plan for the services module:

terraform plan -target='module.services' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

Feature Development Workflow

Directory Structure

Every development environment has its own dedicated working directory on the server. For example, athena directory is /opt/devops/athena/adb-charts.

Development Environments (as of 11/02/2025)

New AWS Secret Configuration:

  • dev
  • odin
  • achilles
  • athena
  • hephaestus

Obsolete Configuration:

  • dev-nikita
  • dev-sergey
  • dev-filatov

Steps

For feature development, follow these steps to change service versions or introduce infrastructure changes:

1. Access the VPS

SSH into the VPS where the environment resides.

2. Change Directory

Navigate to the shared environment directory:

cd /opt/devops/$ENV/adb-charts/terraform/envs/kind

3. Destroy Existing Resources

terraform plan -destroy -var-file="./variables.tfvars" -out="./destroy.tfplan"
terraform apply "./destroy.tfplan"

4. Create Feature Branch

Create a new git branch named after the corresponding Jira issue.

Modify $HOME/.gitconfig if needed:

[safe]
    directory = /opt/devops/athena/adb-charts

5. Apply Required Infrastructure Changes

Make necessary updates (e.g., adding a new trigger configuration in messaging.tf).

6. Recreate Environment with New Configuration

terraform plan -target='module.cluster' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

terraform plan -target='module.aws.aws_sqs_queue.file_uploaded_queue' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

terraform plan -target='module.aws' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

terraform plan -target='module.messaging.aws_cloudwatch_event_target.targets' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

terraform plan -target='module.messaging' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

terraform plan -target='module.services' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

7. Deploy New Service Versions

Get current service versions:

terraform show -json \
    | jq '.values.root_module.child_modules[].resources[] | select(.address=="module.services.helm_release.adb-services") | .values.values[]' \
    | sed -e 's/\\n/\n/g' -e 's/"//g' \
    | head -n -1 > values.yaml

Note: To access the Kubernetes cluster you may need to set

export KUBE_CONFIG_PATH=~/.kube/config

or in case the cluster was destroyed and recreated by other users to export kubeconfig

kind export kubeconfig --name $ENV

To use the kubectl command don't forget to switch the context to a proper cluster:

kubectl config use-cluster "kind-$ENV"

Update versions in values.yaml and apply changes:

terraform plan -target='module.services.helm_release.adb-services' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

If more resources were changed complete destroying and creation of the services module may be required:

terraform plan -destroy -target='module.services' -var-file="./variables.tfvars" -out="./destroy.tfplan"
terraform apply "./destroy.tfplan"

terraform plan -target='module.services' -var-file="./variables.tfvars" -out="./main.tfplan"
terraform apply "./main.tfplan"

8. Apply New Configuration to Other Environments

  • Destroy resources (see step 3)
  • Merge the feature branch into develop
  • Check out develop and provision resources again (see step 6)

Proxy

Running multiple Kind (Kubernetes in Docker) clusters on a single machine causes port conflicts. This issue can be resolved by configuring an Nginx reverse proxy and implementing port mapping. With this setup, each cluster is assigned unique ports while exposing its services to the Internet through the standard port 443, enabling seamless and simultaneous operation.

Configure proxy/nginx.conf

Update the domain names in the configuration file to match your development environments. Ensure the HTTP and HTTPS port settings match the corresponding Terraform variables host_http_port and host_https_port for each environment.

Create docker image

cd proxy/
docker build -t vps-reverse-proxy ./

Run docker image

docker run --rm -it -p 80:80 -p 443:443 --name adb-vps-reverse-proxy vps-reverse-proxy
Edit this page
Last Updated:
Contributors: Yevhenii Khudolii
Prev
Production Environment Configuration
Next
Set up of separate DB for env