diff --git a/.gitignore b/.gitignore
index 4b62fb310de784722bd76a57a016324110e62cbc..a66bd4658c76aae75f1398b0c59c950b154b41c1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,12 +4,6 @@ docs/tech/architecture/definitions.md
docs/tech/architecture/CHANGELOG.md
docs/tech/api/openapi.yml
-docs/tech/installation/TROUBLESHOOTING.md
-files-from-repos/USERS.md
-files-from-repos/base-setup.md
-files-from-repos/owncert.md
-docs/tech/installation/setup.md
-
# python
.python-version
diff --git a/.gitmodules b/.gitmodules
index 18d80623e4d1692782db5b60c99f9deeff2667b1..7e7a6d578b1fc909fe1624614ea62fdf65fa24b4 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -2,16 +2,9 @@
path = backend
url = ../backend
branch = main
-[submodule "frontend"]
- path = frontend
- url = ../frontend
- branch = main
[submodule "showcase-definition"]
path = showcase-definition
url = ../definitions/showcase-definition
[submodule "introductory-definition"]
path = introductory-definition
- url = ../definitions/introductory-definition
-[submodule "docker-deployment"]
- path = docker-deployment
- url = ../docker-deployment
+ url = ../definitions/introductory-definition
\ No newline at end of file
diff --git a/docker-deployment b/docker-deployment
deleted file mode 160000
index 7f2bd5491fb02f9a040989db40b4adb63190a656..0000000000000000000000000000000000000000
--- a/docker-deployment
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 7f2bd5491fb02f9a040989db40b4adb63190a656
diff --git a/docs/tech/installation/USERS.md b/docs/tech/installation/USERS.md
deleted file mode 100644
index 894700f92ca23a32c0762a6e550c218f176c4864..0000000000000000000000000000000000000000
--- a/docs/tech/installation/USERS.md
+++ /dev/null
@@ -1,5 +0,0 @@
-{%
-include-markdown "../../../files-from-repos/USERS.md"
-%}
-
-If you need to create normal users, then please refer to the [User Onboarding](./../security.md#user-onboarding).
\ No newline at end of file
diff --git a/docs/tech/installation/https/base-setup.md b/docs/tech/installation/https/base-setup.md
index 942eec5b5a18b1befdf76f4f33f95fe1394d6e80..2f5663d986aa12907eec1a4f9e0dc14760e24b2b 100644
--- a/docs/tech/installation/https/base-setup.md
+++ b/docs/tech/installation/https/base-setup.md
@@ -1,5 +1,30 @@
For version 2.0.0 of IXP, download [Compose preset folder for HTTPS deployment using Let's Encrypt](https://gitlab.fi.muni.cz/inject/docker-deployment/-/package_files/221/download) and follow instructions below.
-{%
-include-markdown "../../../../files-from-repos/base-setup.md"
-%}
\ No newline at end of file
+## HTTPS Deployment
+
+For HTTPS deployment, before executing `docker compose up` (see [installation](../overview.md) guide),
+you need to generate HTTPS certificates.
+In this configuration these certificates are generated via [Certbot](https://certbot.eff.org/) by Lets Encrypt.
+
+This can be done via `./cert_script.sh` script which automatically generates the certificate in the current directory.
+Invoke the script like so, substituting the placeholders for their respective values:
+```bash
+./cert_script.sh <email-address> <domain>
+```
+After the certificate has been generated,
+an email will be sent to the provided address with additional information about the certificate.
+
+Example usage:
+```bash
+./cert_script.sh admin@inject.fi.muni.cz inject.fi.muni.cz
+```
+
+Please note that by executing this script you're agreeing to Certbot's TOS and Privacy Policy,
+and your email will be used for essential communication about expiration notices.
+
+After generating the certificates, please ensure that:
+- `INJECT_DOMAIN` is setup to your desired hostname in the `.env` file enclosed in the `docker/nginx/https` directory
+- `INJECT_SECRET_KEY` is changed to a truly random string of characters of at least 50 characters long
+- `01-substitute-env.sh` is executable via `chmod +x 01-substitute-env.sh`.
+
+Then you may execute `docker compose up -d` and your deployment is up and running
diff --git a/docs/tech/installation/https/owncert.md b/docs/tech/installation/https/owncert.md
index c98c9d84b7dceb7d9b3a42738eaa93d0bdcf774d..adac42ac7eb55ec424cca1da1723bdd3812de30b 100644
--- a/docs/tech/installation/https/owncert.md
+++ b/docs/tech/installation/https/owncert.md
@@ -1,5 +1,20 @@
For version 2.0.0 of IXP, download Compose preset folder for HTTPS Deployment with your own certificates from [here](https://gitlab.fi.muni.cz/inject/docker-deployment/-/package_files/222/download).
-{%
-include-markdown "../../../../files-from-repos/owncert.md"
-%}
\ No newline at end of file
+## HTTPS Deployment with your own certificates (advanced)
+
+For HTTPS deployment with your own certificates,
+include `fullchain.pem` and `privkey.pem` into the `docker/nginx/https-owncert/certificates/` directory.
+If the format of the keys or selection of keys does not suffice,
+it's advised to modify the `nginx.conf.template` file and change the related configuration in line `:32-33`.
+Docker compose mounts the `./certificates` folder as `/etc/nginx/certificates/` in the Nginx container.
+All of this has to be done before executing step 5 listed in the main [installation](../overview.md) guide.
+
+Name of the nginx configuration file is intentionally named as such due to `01-substitute-env.sh` script,
+which substitutes `INJECT_DOMAIN` variable with environment variable value.
+
+Please ensure that:
+- `INJECT_DOMAIN` is setup to your desired hostname in the `.env` file enclosed in the `docker/nginx/https-owncert` directory
+- `INJECT_SECRET_KEY` is changed to a truly random string of characters of at least 50 characters long
+- `01-substitute-env.sh` is executable via `chmod +x 01-substitute-env.sh`.
+
+Then you may execute `docker compose up -d` and your deployment is up and running
diff --git a/docs/tech/installation/overview.md b/docs/tech/installation/overview.md
index 31719295a63125b28e7de87c4ba110d739a55545..156ede67229c7873c6041bfab9c08abc6d71d000 100644
--- a/docs/tech/installation/overview.md
+++ b/docs/tech/installation/overview.md
@@ -48,7 +48,7 @@ E.g. `v2.0.0` of the frontend is fully compatible with `v2.0.0` of the backend.
1. Rename the unzipped directories to `frontend` and `backend` respectively.
1. Ensure that the `.env` file in the root directory is set up correctly as per the [setup guide](./setup.md).
1. Run `docker compose up`, if any errors occur please refer to the troubleshooting guides.
-1. Add admin (superuser) account by following [these instructions](./USERS.md).
+1. Add admin (superuser) account by following [these instructions](./users.md).
## Conclusion
diff --git a/docs/tech/installation/setup.md b/docs/tech/installation/setup.md
new file mode 100644
index 0000000000000000000000000000000000000000..be9b69f583b1987e0e56250f899de28d1c6462c9
--- /dev/null
+++ b/docs/tech/installation/setup.md
@@ -0,0 +1,135 @@
+## Deployment using Docker/Nginx
+
+INJECT Exercise Platform provides a simplified deployment method via Docker Compose.
+This method simplifies the deployment by creating necessary settings and pairings between the frontend and backend.
+It also creates a singular endpoint for accessing INJECT Exercise Platform.
+
+### Docker Setup
+
+This solution consists of 4 containers: frontend, backend, database and reverse proxy server.
+
+Frontend and Backend are set up to communicate under a single endpoint handled by the reverse-proxy server (Nginx).
+PostgresSQL database handles management of user/exercise data.
+User-uploaded files, images and definition relevant content is stored on the Backend.
+The reverse-proxy forwards requests either to Frontend or Backend.
+
+Deployment is set up with persistent storage under two Docker Compose volumes called `inject-data` and `inject-pgdata`.
+This volume contains any data generated by INJECT and current configuration of the platform.
+At current state the platform can be effectively backed up assuming you back both volumes and `INJECT_SECRET_KEY` environment variable.
+
+For HTTPS deployment it's needed to have HTTPS certificates.
+At current state, there is a prepared configuration and script for deployment via Let's Encrypt certificates.
+This script necessitates downtime of IXP to fully refresh or instantiate new SSL certificates.
+
+### Environment Variables
+
+All the technical configuration is done with environment variables.
+These are prefixed under `INJECT_`.
+Some additional variables are included, however these are inferred from the `INJECT_` prefixed environment variables,
+which means that these do not have to be changed manually.
+
+#### General Configuration
+
+```
+# sets up an appropriate hostname for the Nginx server
+INJECT_DOMAIN=inject.localhost
+
+# Secret key for cryptographic signing
+INJECT_SECRET_KEY=your-at-least-fifty-or-more-characters-long-secret-key
+```
+
+
+- INJECT_DOMAIN: Defines the hostname for the Nginx server. This should be set to the **domain name** that points to your server's IP address.
+- INJECT_SECRET_KEY: Used to provide cryptographic signing. Must be at least 50 characters long. Can be anything.
+- INJECT_HOMEPAGE: The URL (link) of the deployed instance fo the INJECT platform.
+ The following URL is an example: _https://my-inject-domain.com_.
+ This link is used in the welcome email.
+- INJECT_MAX_UPLOAD_SIZE: Specifies the maximum body size of requests, including definition and file uploads.
+ The unit of this variable is bytes.
+ The default value is set to 10MB (10485760 bytes).
+
+#### Authentication, Authorization and Identification (AAI)
+
+AAI modules ensures user authentication and sending of user credentials via email invitations.
+The emails are sent out using an external SMTP server.
+
+The settings for sending emails is configured via the following environment variables.
+
+```
+# uncomment and set appropriate values email to enable sending of AAI mails
+# INJECT_EMAIL_HOST=
+# INJECT_EMAIL_PORT=
+# INJECT_EMAIL_HOST_USER=
+# INJECT_EMAIL_HOST_PASSWORD=
+# INJECT_EMAIL_SENDER_ADDRESS=
+# INJECT_EMAIL_PROTOCOL=
+```
+
+
+- INJECT_EMAIL_HOST: SMTP server address for sending emails.
+- INJECT_EMAIL_PORT: Port for the SMTP server. Port must be always set.
+- INJECT_EMAIL_HOST_USER: Username for the SMTP server.
+- INJECT_EMAIL_HOST_PASSWORD: Password for the SMTP server.
+- INJECT_EMAIL_SENDER_ADDRESS: Email address used as the sender for outgoing emails.
+- INJECT_EMAIL_PROTOCOL: Preferred protocol for communication with SMTP server.
+ The choices (values) can be _ssl_ or _tls_ (case-insensitive).
+ This variable can also be left undefined - no encryption will be used.
+ Please note, that setting of `INJECT_EMAIL_PROTOCOL` does not automatically set the port and port must be always set.
+- INJECT_EMAIL_TIMEOUT: Specifies a timeout in seconds for blocking operations tied to emails like the connection attempt to SMTP.
+ The default value is 10 seconds.
+
+#### Logging and Debugging
+
+The backend logs various actions and possible errors in a special log file.
+The location of the logfile can be changed by setting the `INJECT_LOGS` variable to a new path to a _file_.
+This path is relative from the `/backend` directory in the Docker container.
+
+```
+# enable logging to a specific file
+# INJECT_LOGS=data/backend-logs.log
+```
+
+- INJECT_LOGS: Path to the log file. Set to `backend-logs.log` by default.
+
+#### Host and Connection Settings
+
+These parameters are set up by default in the `.env` file, it's advised to not modify them,
+unless you want to specifically modify how IXP interacts with Frontend and Backend.
+Individual Docker compose setups these settings setup accordingly to the set level of communication.
+
+```
+# host parameters that should be set up for the client and server to interact correctly
+INJECT_HOST_ADDRESSES=$INJECT_DOMAIN
+VITE_HTTPS_HOST=$INJECT_DOMAIN
+CORS_ALLOWED_ORIGINS=https://$INJECT_DOMAIN
+```
+
+- INJECT_HOST_ADDRESSES: Comma-separated list of addresses where the backend can be reached.
+ Misconfiguration may lead to an inaccessible Backend instance.
+- VITE_HTTPS_HOST: Defines the HTTP/S host for which the frontend application should connect to,
+ the hostname should point to an instance of Backend application.
+- CORS_ALLOWED_ORIGINS: Comma-separated list of origins allowed for Cross-Origin Resource Sharing (CORS).
+ Example value: `https://inject.muni.cz,https://alternative-inject.muni.cz`.
+ Implicitly set-up values by backend include: `http://localhost:5173`, `http://127.0.0.1:5173`, `http://localhost:8000`, `http://127.0.0.1:8000`.
+ Misconfiguration may lead to issues stemming from CORS policies setup in the web browser.
+
+#### Database settings
+
+```
+INJECT_DB_PASS=a-reasonably-secure-and-long-password
+INJECT_DB_USER=inject
+```
+
+- INJECT_DB_PASS: PostgresSQL user password for which the IXP Backend has to log in to
+- INJECT_DB_USER: PostgresSQL username for which the IXP Backend has to log in to
+
+## Good practices
+
+At current state it's advised:
+- to back up data located in `inject-data` and `inject-pgdata` volume
+- to back up `INJECT_SECRET_KEY`, this key is critical to ensure proper functioning of AAI,
+ if the same database is used with a different key, users will not be able to log in
+
+<div class="navigation" markdown>
+ [← Installation overview](./overview.md){ .md-button }
+</div>
\ No newline at end of file
diff --git a/docs/tech/installation/troubleshooting.md b/docs/tech/installation/troubleshooting.md
new file mode 100644
index 0000000000000000000000000000000000000000..c9907d27930b8257cb576eed941cff831b09cd50
--- /dev/null
+++ b/docs/tech/installation/troubleshooting.md
@@ -0,0 +1,17 @@
+## Troubleshooting
+
+If you encounter issues during deployment, consider the following steps:
+
+- **Executable Permissions**: Ensure that the deployment scripts have executable permissions. Run the following command to set the appropriate permissions:
+ ```
+ chmod +x deploy.sh 01-substitute-env.sh
+ chmod +x deploy-with-https.sh generate-cert.sh # If using HTTPS deployment
+ ```
+
+- **INJECT_DOMAIN Setting**: Verify that the INJECT_DOMAIN environment variable is set to a domain name and not a static IP address. The platform requires a domain name to function correctly. For local test deployments please use reserved TLD `.localhost` (example: `inject.localhost`)
+
+- **Backend is not returning any valid response**: Verify that the `INJECT_DOMAIN` and `INJECT_HOST_ADDRESSES` is setup correctly. The platform requires that the addresses are setup to hostnames where the platform is expected to be accessed from.
+
+- **Frontend's error log in Developer Console is reporting mixed-origin connection issues**: Verify that connection settings in the environment varibles are setup correctely. If using HTTP deployment, that they use `http://` and `ws://` protocol, and when using HTTPS, then `https://` and `wss://`.
+
+- **Application is connecting to an incorrect backend instance**: Clean up your cookies and session storage to enforce rebinding of the Frontend client.
\ No newline at end of file
diff --git a/docs/tech/installation/users.md b/docs/tech/installation/users.md
new file mode 100644
index 0000000000000000000000000000000000000000..6ad1acd1346c2f4c2b9138bba1a8984bdd1d03f1
--- /dev/null
+++ b/docs/tech/installation/users.md
@@ -0,0 +1,33 @@
+## Initial user creation
+
+INJECT Exercise Platform without prior setup does not generate any standard admin user, that you may use to login and manage the platform.
+
+There are currently two ways how you may generate said Admin user.
+
+### Direct creation via Docker
+
+After launching the deployment, please wait for all migrations to finish and execute following command. Navigate your shell to the folder of your Docker compose configuration directly and
+
+- Execute a shell session in the backend container, please make sure to navigate your shell to the folder where your Docker compose resides at
+
+ ```
+ docker compose exec backend python manage.py shell
+ ```
+
+- Create a admin using the Django shell. Replace `email@test.com` and `long_and_secure_password` with your desired admin credentials.:
+
+ ``` python
+ from user.models import User
+ User.objects.create_superuser(username="email@test.com", password="long_and_secure_password")
+ ```
+
+- These steps may be further simplified/automized by merging both of these commands accordingly
+
+ ```
+ docker compose exec backend python manage.py shell -c "from user.models import User; User.objects.create_superuser(username="email@test.com", password="long_and_secure_password");"
+ ```
+
+After creation of the user, you may login into the IXP.
+
+
+If you need to create normal users, then please refer to the [User Onboarding](./../security.md#user-onboarding).
\ No newline at end of file
diff --git a/frontend b/frontend
deleted file mode 160000
index 4ae05e52a1c1098971931d634b75bd834b1bf122..0000000000000000000000000000000000000000
--- a/frontend
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit 4ae05e52a1c1098971931d634b75bd834b1bf122
diff --git a/mkdocs.yml b/mkdocs.yml
index 044e335c9f83dd57a5554a3cd97f2f8c0b6c646f..c69113b827939403651bdfc9475d69b10c00ae88 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -20,8 +20,8 @@ nav:
- HTTPS presets:
- Basic setup: tech/installation/https/base-setup.md
- Setup with your own certificate: tech/installation/https/owncert.md
- - Troubleshooting: tech/installation/TROUBLESHOOTING.md
- - Adding users: tech/installation/USERS.md
+ - Troubleshooting: tech/installation/troubleshooting.md
+ - Adding users: tech/installation/users.md
- System architecture:
- Overview: tech/architecture/overview.md
- Definition documentation:
diff --git a/utilities.sh b/utilities.sh
index ff0eef7c54b8b216ad2b8d4aee37a275920f677d..06ed98752fee5c81b434e9f1cf81382145317174 100755
--- a/utilities.sh
+++ b/utilities.sh
@@ -9,8 +9,6 @@ git submodule status
# Create necessary directories
mkdir -p docs/tech
-mkdir -p docs/tech/installation
-mkdir -p docs/tech/installation/https
mkdir -p files-from-repos
# Copy files to the respective directories
@@ -18,11 +16,5 @@ cp ./backend/definitions/README.md ./docs/tech/architecture/definitions/README.m
cp ./backend/definitions/CHANGELOG.md ./docs/tech/architecture/definitions/CHANGELOG.md
cp ./backend/openapi.yml ./docs/tech/api/openapi.yml
-cp ./docker-deployment/README.md ./docs/tech/installation/setup.md
-cp ./docker-deployment/TROUBLESHOOTING.md ./docs/tech/installation/TROUBLESHOOTING.md
-cp ./docker-deployment/USERS.md ./files-from-repos/USERS.md
-cp ./docker-deployment/https-owncert/README.md ./files-from-repos/owncert.md
-cp ./docker-deployment/https/README.md ./files-from-repos/base-setup.md
-
cp ./showcase-definition/assets/definition.zip ./files-from-repos/showcase-definition.zip
cp ./introductory-definition/assets/definition.zip ./files-from-repos/intro-definition.zip