From cc7685ec2cdabba1dab38da35546e5c9cbfb8008 Mon Sep 17 00:00:00 2001
From: Farrel Nikoson <farrelnikoson@gmail.com>
Date: Mon, 8 Jun 2026 15:26:13 +0700
Subject: [PATCH] Create end-to-end-deploy-setup.md

---
 docs/end-to-end-deploy-setup.md | 258 ++++++++++++++++++++++++++++++++
 1 file changed, 258 insertions(+)
 create mode 100644 docs/end-to-end-deploy-setup.md

diff --git a/docs/end-to-end-deploy-setup.md b/docs/end-to-end-deploy-setup.md
new file mode 100644
index 0000000..bc6d637
--- /dev/null
+++ b/docs/end-to-end-deploy-setup.md
@@ -0,0 +1,258 @@
+## Minimal App Setup
+
+```bash
+scripts/setup-dcmtk.sh --archive-url https://devone.aplikasi.web.id/gitea/farrel/dicom-iso/releases/download/1/dcmtk-bin.tar.gz
+scripts/setup-microdicom.sh --archive-url https://devone.aplikasi.web.id/gitea/farrel/dicom-iso/releases/download/1/microdicom.zip
+```
+
+Create a local config file from the template:
+
+```bash
+cp config.example.yaml config.yaml
+```
+
+Then adjust the paths, hosts, ports, and tokens for your environment.
+For local staging via the setup scripts, point config at `.local/dcmtk-bin/` and `.local/microdicom/`.
+
+## Build
+A normal Go build is enough in a friendly environment:
+
+```bash
+go build -o mkiso-server .
+```
+
+## Run
+You can run the service directly:
+
+```bash
+./mkiso-server
+```
+
+Or pass a config path explicitly:
+
+```bash
+./mkiso-server /path/to/config.yaml
+```
+
+By default, the app looks for `./config.yaml`.
+
+## Health check
+After startup, check:
+
+```bash
+curl http://127.0.0.1:8080/api/health
+```
+
+## Config
+Use `config.example.yaml` as the starting point.
+Keep real `config.yaml` local and untracked.
+
+## Scp to VPS
+
+```bash
+scp ./mkiso-server <user-ssh>@<server-ip>:/opt/dicom-iso/
+```
+
+## Minimal Setup VPS + DCM4CHE
+ 
+ ```bash
+   # SSH to server
+   ssh <user-ssh>@<server-ip>
+
+   # Create user 'one'
+   sudo useradd -m -s /bin/bash one
+   echo 'one:sasone102938' | sudo chpasswd
+   sudo usermod -aG sudo one
+
+   # Install base packages
+   sudo apt update
+   sudo apt install -y zsh git curl wget vim ca-certificates gnupg lsb-release util-linux docker.io docker-compose-plugin
+ fail2ban
+
+   # Enable docker and add user to docker group
+   sudo systemctl enable --now docker
+   sudo usermod -aG docker one
+
+   # Switch to user 'one'
+   sudo -iu one
+
+   # Install zsh + Oh My Zsh
+   chsh -s /usr/bin/zsh
+   export RUNZSH=no
+   export CHSH=no
+   sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)"
+
+   # Set theme
+   sed -i 's/^ZSH_THEME=.*/ZSH_THEME="tjkirch"/' ~/.zshrc
+
+   # Install Oh My Zsh plugins
+   git clone https://github.com/zsh-users/zsh-autosuggestions
+ ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-autosuggestions
+   git clone https://github.com/zsh-users/zsh-syntax-highlighting
+ ${ZSH_CUSTOM:-~/.oh-my-zsh/custom}/plugins/zsh-syntax-highlighting
+
+   # Enable plugins
+   sed -i 's/^plugins=.*/plugins=(git zsh-autosuggestions zsh-syntax-highlighting)/' ~/.zshrc
+
+   # Add aliases and history config
+   cat >> ~/.zshrc <<'EOF'
+
+   # Custom aliases
+   alias lh='ls -lh'
+   alias lah='ls -lah'
+
+   # History settings
+   HISTFILE=~/.zsh_history
+   HISTSIZE=100000
+   SAVEHIST=100000
+   setopt APPEND_HISTORY
+   setopt INC_APPEND_HISTORY
+   setopt SHARE_HISTORY
+   setopt EXTENDED_HISTORY
+   setopt HIST_IGNORE_DUPS
+   setopt HIST_IGNORE_ALL_DUPS
+   setopt HIST_EXPIRE_DUPS_FIRST
+   setopt HIST_IGNORE_SPACE
+   setopt HIST_REDUCE_BLANKS
+   EOF
+
+   # Install fzf
+   git clone --depth 1 https://github.com/junegunn/fzf.git ~/.fzf
+   ~/.fzf/install --all
+
+   # Reload shell
+   source ~/.zshrc
+
+   # Prepare dcm4chee directories
+   sudo mkdir -p /var/local/dcm4chee-arc/{ldap,slapd.d,db,wildfly,storage}
+   sudo chown -R one:one /var/local/dcm4chee-arc
+
+   # Ensure timezone file exists
+   cat /etc/timezone || echo "Asia/Jakarta" | sudo tee /etc/timezone
+
+   # Create working dir
+   mkdir -p ~/dcm4chee
+   cd ~/dcm4chee
+
+   # Record setup session
+   script -aq ~/setup-dcm4chee-$(date +%F-%H%M%S).log
+
+   # Create docker-compose.yml
+   cat > docker-compose.yml <<'EOF'
+   version: "3"
+   services:
+     ldap:
+       image: dcm4che/slapd-dcm4chee:2.6.10-34.2
+       logging:
+         driver: json-file
+         options:
+           max-size: "10m"
+       ports:
+         - "389:389"
+       environment:
+         STORAGE_DIR: /storage/fs1
+       volumes:
+         - /var/local/dcm4chee-arc/ldap:/var/lib/openldap/openldap-data
+         - /var/local/dcm4chee-arc/slapd.d:/etc/openldap/slapd.d
+     db:
+       image: dcm4che/postgres-dcm4chee:17.4-34
+       logging:
+         driver: json-file
+         options:
+           max-size: "10m"
+       ports:
+         - "5432:5432"
+       environment:
+         POSTGRES_DB: pacsdb
+         POSTGRES_USER: pacs
+         POSTGRES_PASSWORD: pacs
+       volumes:
+         - /etc/localtime:/etc/localtime:ro
+         - /etc/timezone:/etc/timezone:ro
+         - /var/local/dcm4chee-arc/db:/var/lib/postgresql/data
+     arc:
+       image: dcm4che/dcm4chee-arc-psql:5.34.2
+       logging:
+         driver: json-file
+         options:
+           max-size: "10m"
+       ports:
+         - "8080:8080"
+         - "8443:8443"
+         - "9990:9990"
+         - "9993:9993"
+         - "11112:11112"
+         - "2762:2762"
+         - "2575:2575"
+         - "12575:12575"
+       environment:
+         POSTGRES_DB: pacsdb
+         POSTGRES_USER: pacs
+         POSTGRES_PASSWORD: pacs
+         WILDFLY_CHOWN: /storage
+         WILDFLY_WAIT_FOR: ldap:389 db:5432
+       depends_on:
+         - ldap
+         - db
+       volumes:
+         - /etc/localtime:/etc/localtime:ro
+         - /etc/timezone:/etc/timezone:ro
+         - /var/local/dcm4chee-arc/wildfly:/opt/wildfly/standalone
+         - /var/local/dcm4chee-arc/storage:/storage
+   EOF
+
+   # Start dcm4chee
+   docker-compose -p dcm4chee up -d
+
+   # Verify
+   docker-compose -p dcm4chee ps
+   ss -tulpn | grep -E '389|5432|8080|8443|9990|9993|11112|2762|2575|12575'
+   tail -f /var/local/dcm4chee-arc/wildfly/log/server.log
+
+   # UI
+   # http://<server-ip>:8080/dcm4chee-arc/ui2
+   # https://<server-ip>:8443/dcm4chee-arc/ui2
+
+   # Basic firewall
+   exit
+   sudo ufw allow OpenSSH
+   sudo ufw allow 8080/tcp
+   sudo ufw allow 8443/tcp
+   sudo ufw allow 11112/tcp
+   sudo ufw allow 2575/tcp
+   sudo ufw allow 2762/tcp
+   sudo ufw allow 12575/tcp
+   sudo ufw enable
+   sudo ufw status verbose
+
+   # Enable fail2ban
+   sudo systemctl enable --now fail2ban
+   sudo fail2ban-client status
+ ```
+
+## PACS Server set up
+in config file, find pacs section
+you can change ae_title: "DCM4CHEE" (default)
+
+## OUR_AE set up
+Create new AET in https://<ip>:8443/dcm4chee-arc/ui2/en/device
+warning: set host to not localhost if you use docker-compose! set to machine's private local ip (ex: 10.0.72.92) or public (not recommend)
+
+in config file, find our_ae section
+you can change ae_title: <created_ae>, port: <set-port>
+
+## Make it service
+
+```bash
+   sudo useradd --system --home /opt/dicom-iso --shell /usr/sbin/nologin mkiso
+   sudo chown -R mkiso:mkiso /opt/dicom-iso
+   sudo systemctl restart mkiso-server
+   sudo systemctl status mkiso-server
+ ```
+
+ If user already exists, just run:
+
+ ```bash
+   sudo chown -R mkiso:mkiso /opt/dicom-iso
+   sudo systemctl restart mkiso-server
+ ```