* remove unnecessary submodules

* move files from submodules to this repo

.gitignore

@@ -4,12 +4,6 @@ docs/tech/architecture/definitions.md
 docs/tech/architecture/CHANGELOG.md
 docs/tech/api/openapi.yml
 
-docs/tech/installation/TROUBLESHOOTING.md
-files-from-repos/USERS.md
-files-from-repos/base-setup.md
-files-from-repos/owncert.md
-docs/tech/installation/setup.md
-
 # python
 .python-version
 

.gitmodules

@@ -2,16 +2,9 @@
 	path = backend
 	url = ../backend
 	branch = main
-[submodule "frontend"]
-	path = frontend
-	url = ../frontend
-	branch = main
 [submodule "showcase-definition"]
 	path = showcase-definition
 	url = ../definitions/showcase-definition
 [submodule "introductory-definition"]
 	path = introductory-definition
-	url = ../definitions/introductory-definition
-[submodule "docker-deployment"]
-	path = docker-deployment
-	url = ../docker-deployment
+	url = ../definitions/introductory-definition
\ No newline at end of file

docker-deployment @ 7f2bd549

-Subproject commit 7f2bd5491fb02f9a040989db40b4adb63190a656

docs/tech/installation/USERS.md

-{%
-include-markdown "../../../files-from-repos/USERS.md"
-%}
-
-If you need to create normal users, then please refer to the [User Onboarding](./../security.md#user-onboarding).
\ No newline at end of file

docs/tech/installation/https/base-setup.md

 For version 2.0.0 of IXP, download [Compose preset folder for HTTPS deployment using Let's Encrypt](https://gitlab.fi.muni.cz/inject/docker-deployment/-/package_files/221/download) and follow instructions below.
 
-{%
-include-markdown "../../../../files-from-repos/base-setup.md"
-%}
\ No newline at end of file
+## HTTPS Deployment
+
+For HTTPS deployment, before executing `docker compose up` (see [installation](../overview.md) guide),
+you need to generate HTTPS certificates.
+In this configuration these certificates are generated via [Certbot](https://certbot.eff.org/) by Lets Encrypt.
+
+This can be done via `./cert_script.sh` script which automatically generates the certificate in the current directory.
+Invoke the script like so, substituting the placeholders for their respective values:
+```bash
+./cert_script.sh <email-address> <domain>
+```
+After the certificate has been generated,
+an email will be sent to the provided address with additional information about the certificate.
+
+Example usage:
+```bash
+./cert_script.sh admin@inject.fi.muni.cz inject.fi.muni.cz
+```
+
+Please note that by executing this script you're agreeing to Certbot's TOS and Privacy Policy,
+and your email will be used for essential communication about expiration notices.
+
+After generating the certificates, please ensure that:
+- `INJECT_DOMAIN` is setup to your desired hostname in the `.env` file enclosed in the `docker/nginx/https` directory
+- `INJECT_SECRET_KEY` is changed to a truly random string of characters of at least 50 characters long
+- `01-substitute-env.sh` is executable via `chmod +x 01-substitute-env.sh`.
+
+Then you may execute `docker compose up -d` and your deployment is up and running

docs/tech/installation/https/owncert.md

 For version 2.0.0 of IXP, download Compose preset folder for HTTPS Deployment with your own certificates from [here](https://gitlab.fi.muni.cz/inject/docker-deployment/-/package_files/222/download).
 
-{%
-include-markdown "../../../../files-from-repos/owncert.md"
-%}
\ No newline at end of file
+## HTTPS Deployment with your own certificates (advanced)
+
+For HTTPS deployment with your own certificates,
+include `fullchain.pem` and `privkey.pem` into the `docker/nginx/https-owncert/certificates/` directory. 
+If the format of the keys or selection of keys does not suffice,
+it's advised to modify the `nginx.conf.template` file and change the related configuration in line `:32-33`.
+Docker compose mounts the `./certificates` folder as `/etc/nginx/certificates/` in the Nginx container.
+All of this has to be done before executing step 5 listed in the main [installation](../overview.md) guide.
+
+Name of the nginx configuration file is intentionally named as such due to `01-substitute-env.sh` script,
+which substitutes `INJECT_DOMAIN` variable with environment variable value.
+
+Please ensure that:
+- `INJECT_DOMAIN` is setup to your desired hostname in the `.env` file enclosed in the `docker/nginx/https-owncert` directory
+- `INJECT_SECRET_KEY` is changed to a truly random string of characters of at least 50 characters long
+- `01-substitute-env.sh` is executable via `chmod +x 01-substitute-env.sh`.
+
+Then you may execute `docker compose up -d` and your deployment is up and running

docs/tech/installation/overview.md

@@ -48,7 +48,7 @@ E.g. `v2.0.0` of the frontend is fully compatible with `v2.0.0` of the backend.
 1. Rename the unzipped directories to `frontend` and `backend` respectively.
 1. Ensure that the `.env` file in the root directory is set up correctly as per the [setup guide](./setup.md).
 1. Run `docker compose up`, if any errors occur please refer to the troubleshooting guides.
-1. Add admin (superuser) account by following [these instructions](./USERS.md).
+1. Add admin (superuser) account by following [these instructions](./users.md).
 
 ## Conclusion
 

docs/tech/installation/setup.md

+## Deployment using Docker/Nginx
+
+INJECT Exercise Platform provides a simplified deployment method via Docker Compose. 
+This method simplifies the deployment by creating necessary settings and pairings between the frontend and backend.
+It also creates a singular endpoint for accessing INJECT Exercise Platform.
+
+### Docker Setup
+
+This solution consists of 4 containers: frontend, backend, database and reverse proxy server.
+
+Frontend and Backend are set up to communicate under a single endpoint handled by the reverse-proxy server (Nginx). 
+PostgresSQL database handles management of user/exercise data.
+User-uploaded files, images and definition relevant content is stored on the Backend.
+The reverse-proxy forwards requests either to Frontend or Backend.
+
+Deployment is set up with persistent storage under two Docker Compose volumes called `inject-data` and `inject-pgdata`.
+This volume contains any data generated by INJECT and current configuration of the platform.
+At current state the platform can be effectively backed up assuming you back both volumes and `INJECT_SECRET_KEY` environment variable.
+
+For HTTPS deployment it's needed to have HTTPS certificates.
+At current state, there is a prepared configuration and script for deployment via Let's Encrypt certificates.
+This script necessitates downtime of IXP to fully refresh or instantiate new SSL certificates.
+
+### Environment Variables
+
+All the technical configuration is done with environment variables.
+These are prefixed under `INJECT_`.
+Some additional variables are included, however these are inferred from the `INJECT_` prefixed environment variables,
+which means that these do not have to be changed manually.
+
+#### General Configuration
+
+```
+# sets up an appropriate hostname for the Nginx server
+INJECT_DOMAIN=inject.localhost
+
+# Secret key for cryptographic signing
+INJECT_SECRET_KEY=your-at-least-fifty-or-more-characters-long-secret-key
+```
+
+
+- INJECT_DOMAIN: Defines the hostname for the Nginx server. This should be set to the **domain name** that points to your server's IP address.
+- INJECT_SECRET_KEY: Used to provide cryptographic signing. Must be at least 50 characters long. Can be anything.
+- INJECT_HOMEPAGE: The URL (link) of the deployed instance fo the INJECT platform. 
+  The following URL is an example: _https://my-inject-domain.com_.
+  This link is used in the welcome email.
+- INJECT_MAX_UPLOAD_SIZE: Specifies the maximum body size of requests, including definition and file uploads. 
+  The unit of this variable is bytes.
+  The default value is set to 10MB (10485760 bytes).
+
+#### Authentication, Authorization and Identification (AAI)
+
+AAI modules ensures user authentication and sending of user credentials via email invitations. 
+The emails are sent out using an external SMTP server.
+
+The settings for sending emails is configured via the following environment variables. 
+
+```
+# uncomment and set appropriate values email to enable sending of AAI mails
+# INJECT_EMAIL_HOST=
+# INJECT_EMAIL_PORT=
+# INJECT_EMAIL_HOST_USER=
+# INJECT_EMAIL_HOST_PASSWORD=
+# INJECT_EMAIL_SENDER_ADDRESS=
+# INJECT_EMAIL_PROTOCOL=
+```
+
+
+- INJECT_EMAIL_HOST: SMTP server address for sending emails.
+- INJECT_EMAIL_PORT: Port for the SMTP server. Port must be always set.
+- INJECT_EMAIL_HOST_USER: Username for the SMTP server.
+- INJECT_EMAIL_HOST_PASSWORD: Password for the SMTP server.
+- INJECT_EMAIL_SENDER_ADDRESS: Email address used as the sender for outgoing emails.
+- INJECT_EMAIL_PROTOCOL: Preferred protocol for communication with SMTP server.
+  The choices (values) can be _ssl_ or _tls_ (case-insensitive).
+  This variable can also be left undefined - no encryption will be used.
+  Please note, that setting of `INJECT_EMAIL_PROTOCOL` does not automatically set the port and port must be always set.
+- INJECT_EMAIL_TIMEOUT: Specifies a timeout in seconds for blocking operations tied to emails like the connection attempt to SMTP.
+  The default value is 10 seconds.
+
+#### Logging and Debugging
+
+The backend logs various actions and possible errors in a special log file.
+The location of the logfile can be changed by setting the `INJECT_LOGS` variable to a new path to a _file_.
+This path is relative from the `/backend` directory in the Docker container.
+
+```
+# enable logging to a specific file
+# INJECT_LOGS=data/backend-logs.log
+```
+
+- INJECT_LOGS: Path to the log file. Set to `backend-logs.log` by default.
+
+#### Host and Connection Settings
+
+These parameters are set up by default in the `.env` file, it's advised to not modify them,
+unless you want to specifically modify how IXP interacts with Frontend and Backend.
+Individual Docker compose setups these settings setup accordingly to the set level of communication. 
+
+```
+# host parameters that should be set up for the client and server to interact correctly
+INJECT_HOST_ADDRESSES=$INJECT_DOMAIN
+VITE_HTTPS_HOST=$INJECT_DOMAIN
+CORS_ALLOWED_ORIGINS=https://$INJECT_DOMAIN
+```
+
+- INJECT_HOST_ADDRESSES: Comma-separated list of addresses where the backend can be reached.
+  Misconfiguration may lead to an inaccessible Backend instance.
+- VITE_HTTPS_HOST: Defines the HTTP/S host for which the frontend application should connect to,
+  the hostname should point to an instance of Backend application.
+- CORS_ALLOWED_ORIGINS: Comma-separated list of origins allowed for Cross-Origin Resource Sharing (CORS).
+  Example value: `https://inject.muni.cz,https://alternative-inject.muni.cz`. 
+  Implicitly set-up values by backend include: `http://localhost:5173`, `http://127.0.0.1:5173`, `http://localhost:8000`, `http://127.0.0.1:8000`.
+  Misconfiguration may lead to issues stemming from CORS policies setup in the web browser.
+
+#### Database settings
+
+```
+INJECT_DB_PASS=a-reasonably-secure-and-long-password
+INJECT_DB_USER=inject
+```
+
+- INJECT_DB_PASS: PostgresSQL user password for which the IXP Backend has to log in to
+- INJECT_DB_USER: PostgresSQL username for which the IXP Backend has to log in to
+
+## Good practices
+
+At current state it's advised:
+- to back up data located in `inject-data` and `inject-pgdata` volume
+- to back up `INJECT_SECRET_KEY`, this key is critical to ensure proper functioning of AAI,
+  if the same database is used with a different key, users will not be able to log in
+
+<div class="navigation" markdown>
+  [&larr; Installation overview](./overview.md){ .md-button }
+</div>
\ No newline at end of file

docs/tech/installation/troubleshooting.md

+## Troubleshooting
+
+If you encounter issues during deployment, consider the following steps:
+
+- **Executable Permissions**: Ensure that the deployment scripts have executable permissions. Run the following command to set the appropriate permissions:
+    ```
+    chmod +x deploy.sh 01-substitute-env.sh
+    chmod +x deploy-with-https.sh generate-cert.sh  # If using HTTPS deployment
+    ```
+
+- **INJECT_DOMAIN Setting**: Verify that the INJECT_DOMAIN environment variable is set to a domain name and not a static IP address. The platform requires a domain name to function correctly. For local test deployments please use reserved TLD `.localhost` (example: `inject.localhost`)
+
+- **Backend is not returning any valid response**: Verify that the `INJECT_DOMAIN` and `INJECT_HOST_ADDRESSES` is setup correctly. The platform requires that the addresses are setup to hostnames where the platform is expected to be accessed from.
+
+- **Frontend's error log in Developer Console is reporting mixed-origin connection issues**: Verify that connection settings in the environment varibles are setup correctely. If using HTTP deployment, that they use `http://` and `ws://` protocol, and when using HTTPS, then `https://` and `wss://`.
+
+- **Application is connecting to an incorrect backend instance**: Clean up your cookies and session storage to enforce rebinding of the Frontend client.
\ No newline at end of file

docs/tech/installation/users.md

+## Initial user creation
+
+INJECT Exercise Platform without prior setup does not generate any standard admin user, that you may use to login and manage the platform.
+
+There are currently two ways how you may generate said Admin user.
+
+### Direct creation via Docker
+
+After launching the deployment, please wait for all migrations to finish and execute following command. Navigate your shell to the folder of your Docker compose configuration directly and
+
+- Execute a shell session in the backend container, please make sure to navigate your shell to the folder where your Docker compose resides at
+
+    ```
+    docker compose exec backend python manage.py shell
+    ```
+
+- Create a admin using the Django shell. Replace `email@test.com` and `long_and_secure_password` with your desired admin credentials.:
+
+    ``` python
+    from user.models import User
+    User.objects.create_superuser(username="email@test.com", password="long_and_secure_password")
+    ```
+
+- These steps may be further simplified/automized by merging both of these commands accordingly
+
+    ```
+    docker compose exec backend python manage.py shell -c "from user.models import User; User.objects.create_superuser(username="email@test.com", password="long_and_secure_password");"
+    ```
+
+After creation of the user, you may login into the IXP.
+
+
+If you need to create normal users, then please refer to the [User Onboarding](./../security.md#user-onboarding).
\ No newline at end of file

frontend @ 4ae05e52

-Subproject commit 4ae05e52a1c1098971931d634b75bd834b1bf122

mkdocs.yml

@@ -20,8 +20,8 @@ nav:
       - HTTPS presets:
         - Basic setup: tech/installation/https/base-setup.md
         - Setup with your own certificate: tech/installation/https/owncert.md
-      - Troubleshooting: tech/installation/TROUBLESHOOTING.md
-      - Adding users: tech/installation/USERS.md
+      - Troubleshooting: tech/installation/troubleshooting.md
+      - Adding users: tech/installation/users.md
     - System architecture:
       - Overview: tech/architecture/overview.md
       - Definition documentation: 

utilities.sh

@@ -9,8 +9,6 @@ git submodule status
 
 # Create necessary directories
 mkdir -p docs/tech
-mkdir -p docs/tech/installation
-mkdir -p docs/tech/installation/https
 mkdir -p files-from-repos
 
 # Copy files to the respective directories
@@ -18,11 +16,5 @@ cp ./backend/definitions/README.md ./docs/tech/architecture/definitions/README.m
 cp ./backend/definitions/CHANGELOG.md ./docs/tech/architecture/definitions/CHANGELOG.md
 cp ./backend/openapi.yml ./docs/tech/api/openapi.yml
 
-cp ./docker-deployment/README.md ./docs/tech/installation/setup.md
-cp ./docker-deployment/TROUBLESHOOTING.md ./docs/tech/installation/TROUBLESHOOTING.md
-cp ./docker-deployment/USERS.md ./files-from-repos/USERS.md
-cp ./docker-deployment/https-owncert/README.md  ./files-from-repos/owncert.md
-cp ./docker-deployment/https/README.md  ./files-from-repos/base-setup.md
-
 cp ./showcase-definition/assets/definition.zip ./files-from-repos/showcase-definition.zip
 cp ./introductory-definition/assets/definition.zip ./files-from-repos/intro-definition.zip