# DAL License Server — Setup i Deployment ## Preduslovi - Go 1.22+ - MySQL 8.0 - OpenSSL (za generisanje RSA kljuceva) ## Instalacija ### 1. Kloniraj projekat ```bash cd /root/projects git clone http://localhost:3000/dal/dal-license-server.git cd dal-license-server ``` ### 2. Instaliraj Go zavisnosti ```bash go mod download ``` ### 3. Kreiraj MySQL bazu ```sql CREATE DATABASE dal_license_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; CREATE USER 'license'@'localhost' IDENTIFIED BY 'TVOJA_LOZINKA'; GRANT ALL PRIVILEGES ON dal_license_db.* TO 'license'@'localhost'; FLUSH PRIVILEGES; ``` ### 4. Generiši RSA kljuceve ```bash mkdir -p crypto openssl genrsa -out crypto/private.pem 2048 openssl rsa -in crypto/private.pem -pubout -out crypto/public.pem chmod 600 crypto/private.pem ``` **Vazno:** `private.pem` nikad ne sme uci u git. `public.pem` se deli sa klijentskim aplikacijama. ### 5. Konfiguracija ```bash cp .env.example .env ``` Uredi `.env`: ```env APP_PORT=8090 APP_ENV=production DB_HOST=localhost DB_PORT=3306 DB_NAME=dal_license_db DB_USER=license DB_PASS=tvoja_lozinka ADMIN_API_KEY=generisi-min-32-char-kljuc ADMIN_PASSWORD=jaka_lozinka SESSION_SECRET=random-32-char-string RSA_PRIVATE_KEY_PATH=./crypto/private.pem RATE_LIMIT_ACTIVATE=10 RATE_LIMIT_VALIDATE=60 LOG_LEVEL=info ``` ### 6. Pokretanje ```bash go run cmd/server/main.go ``` Server se pokrece na `http://localhost:8090`. Migracije se izvrsavaju automatski pri prvom pokretanju. ## Produkcijski deployment ### Build ```bash go build -o dal-license-server cmd/server/main.go ``` ### Systemd servis Kreiraj `/etc/systemd/system/dal-license-server.service`: ```ini [Unit] Description=DAL License Server After=network.target mysql.service [Service] Type=simple User=root WorkingDirectory=/root/projects/dal-license-server ExecStart=/root/projects/dal-license-server/dal-license-server Restart=always RestartSec=5 EnvironmentFile=/root/projects/dal-license-server/.env [Install] WantedBy=multi-user.target ``` ```bash systemctl daemon-reload systemctl enable dal-license-server systemctl start dal-license-server ``` ### HTTPS (reverse proxy) Preporuceno: Caddy ili Nginx kao reverse proxy sa TLS: ``` # Caddy primer license.dal.rs { reverse_proxy localhost:8090 } ``` ## Backup ### MySQL backup ```bash mysqldump -u license -p dal_license_db > backup_$(date +%Y%m%d).sql ``` ### RSA kljucevi Obavezno backup-ovati `crypto/private.pem` na sigurno mesto. Gubitak private key-a znaci da nijedna postojeca licenca ne moze biti verifikovana. ## Testiranje ```bash # Svi testovi go test ./... -v -count=1 # Health check curl http://localhost:8090/api/v1/health ``` ## Pristup | Interfejs | URL | Auth | |-----------|-----|------| | Dashboard | http://localhost:8090/dashboard | Username + password iz .env | | Admin API | http://localhost:8090/api/v1/admin/* | X-API-Key header | | Klijentski API | http://localhost:8090/api/v1/* | Bez auth-a | --- *Mart 2026*