Overview

The rocken_deploy script is designed to simplify the procedure for deploying applications (api, crm, talent, ui-lib and rockenjobs) from GitLab to a sandbox environment. The script comes with a help command to guide users through available options. Below is a step-by-step guide.

Step 1: Log In to the Droplet

• Use SSH to connect to the droplet. Ensure you are connected to the corporate VPN.

  ssh root@<YouSandboxHostName>

  change <YouSandboxHostName to the IP or Host Name sent by DevOps engineer.

Step 2: Display Help

Run the script with the -h or --help option to display all available commands and their descriptions:

rocken_deploy --help

Step 3: Execute Commands

Below are common use cases for the script:

• Deploy All Applications with empty DB:

  rocken_deploy -d

  This command removes all the apps and their conf files and deploys all applications on the droplet.

• Restore DB backup:

  rocken_deploy -i

  This command imports one of the existing backups into the database

• Backup DB:

  rocken_deploy -e

  This command takes a dump of an existing database

• Update One Application

  rocken_deploy -u

  This command updates one specific application

• Delete All:

  rocken_deploy -r

  This command deletes all application folders and docker containers

• Display Available Application Links:

  rocken_deploy -s

Run the Setup Script:

Start the script execution. The following prompts will appear:

• Token Input: The token can be retrieved securely from your password manager, which ensures the script operates with the correct credentials.

• Branch Name Inputs: For each application (api, crm, talent, ui-lib, rockenjobs), the script will ask for the branch name. Enter the name of the branch, or simply press Enter to use the main branch as the default.

• Import Database: you will see a list of existing database dumps. Select the desired dump by typing its name in the appropriate line and pressing the Enter button.

• Export Database: when executed, the dump will be saved with a filename based on the current date, ensuring easy identification and organization of backups.

Link to a page describing the sandbox settings can be found here – Setting up SandBox

• Sandbox: How to Deploy a new Sandbox
• Sandbox: How to Use the rocken_deploy script
• Sandbox: How to Connect to Database
• Sandbox: Synchronization Script

This guide provides step-by-step instructions for connecting to MySQL and PostgreSQL via DBeaver using an SSH tunnel.

Prerequisites

• DBeaver or a similar database management tool installed on your local machine.

• VPN access to the network where Sandbox is located.

• SSH private key for authentication.

• MySQL and PostgreSQL are running inside Docker on Sandbox with ports exposed to the host machine.

Connection Process

Step 1: Connect to VPN

Step 2: Prepare Connection Details

• Linux Address: the address of the Sandbox you want to connect to

• SSH Private Key Path: path to your private key

Step 3: Configure SSH Tunnel in DBeaver or Similar Tool

1. Open DBeaver.

2. Go to Database > New Database Connection.

3. Select either MySQL or PostgreSQL and click Next.

4. In the Main tab, enter the following:

   • Host: 127.0.0.1 or localhost

   • Port:

     • for Rocken Jobs MySQL: 3306

     • for CRM PostgreSQL: 5432

   • Database:

     • for Rocken Jobs MySQL: rockenjobs_wordpress

     • for CRM PostgreSQL: talent-ecosystem

   • Username:

     • for Rocken Jobs MySQL: rockenjobs_user_name

     • for CRM PostgreSQL: talent_user_name

   • Password:

     • for Rocken Jobs MySQL: in /home/rockenadmin/rocken/rockenjobs/.env in the Sandbox

     • for CRM PostgreSQL: /home/rockenadmin/rocken/api/.env in the Sandbox

5. Go to the SSH tab and enable Use SSH Tunnel

6. Configure SSH tunnel:

   • Host: test.sandbox.rockengroup.com

   • Port: 22

   • User Name: rockenadmin

   • Authentication method: Public Key

   • Private Key: Select your SSH private key file (~/.ssh/id_rsa)

7. Click Test tunnel configuration to verify connection via SSH.

8. Click Test Connection to verify connection to the Database.

9. If all tests passed, go to the Main tab, press Connection details (name, type, …) and type Connection name:

   • for Rocken Jobs MySQL: sandbox-test-rockenjobs_wordpress

   • for CRM PostgreSQL: sandbox-test-talent-ecosystem
     pattern: <env_name>-<host_owner>-<db_name>

10. Click Finish to save the connection.

Step 4: Verify the Connection

Once connected, the tool should display the database structure. You can now query and manage MySQL and PostgreSQL databases securely via the SSH tunnel.

Troubleshooting

• Ensure VPN is connected before attempting SSH connection.

• Verify that MySQL and PostgreSQL containers are running and listening on the expected ports (run docker ps command inside the Sandbox).

For hosting the websites rocken.jobs and de.rocken.jobs, we use the Cloud Hosting service from Trendhosting.

Control Panel Access

Trendhosting provides a control panel for managing hosting services:

• URL: https://app.trendhosting.cloud/

• Login: cloud_rockengroup@trendhosting.ch

• Password: Stored in 1Password

Infrastructure Overview

Project Structure

For multi-domain support, we have installed the Multisite Plugin.

DNS and Traffic Routing

• The A records for rocken.jobs and de.rocken.jobs are configured to point to the Load Balancer (82.199.136.218).

• The Load Balancer forwards traffic to the Application Servers.

• SSL certificate management is also handled at the Load Balancer level.

Infrastructure Changes & Support

If changes to the infrastructure cannot be made via the Trendhosting Web Panel, we can contact Trendhosting Support at: support@trendhosting.ch

Example Nginx Configuration on Load Balancer

File path: /usr/local/nginx/conf/vhosts/ssl.www.rockengroup.ch

server {
    listen       443 ssl http2;
    listen       [::]:443 ssl http2;

    ssl_certificate      /usr/local/nginx/conf/letsencrypt/certs/rockenbalancer.ch.trendhosting.cloud/fullchain.pem;
    ssl_certificate_key  /usr/local/nginx/conf/letsencrypt/certs/rockenbalancer.ch.trendhosting.cloud/privkey.pem;
    keepalive_timeout    75;
    pagespeed off;

    server_name  rockenbalancer.ch.trendhosting.cloud rockengroup.ch www.rockengroup.ch
                 rockengroup.tux31.trendhosting-net.ch rockengroup.com www.rockengroup.com
                 rockengroup.de www.rockengroup.de rockenjobs.com www.rockenjobs.com
                 rockenjobs.de www.rockenjobs.de rockentalent.com www.rockentalent.com
                 rockentalent.de www.rockentalent.de rockenjobs.ch www.rockenjobs.ch
                 rocken.jobs www.rocken.jobs de.rocken.jobs;
}

Manual Changes

We can manually modify configurations, but only if we are certain that these changes will not be overwritten during:

• The next system update

• A server reboot

• A configuration re-sync from the hosting provider

If you need further assistance, feel free to reach out to Trendhosting Support.

Content

General info

When a candidate’s status is changed to offline in Rocken Talent or a vacancy is deactivated, the related processes should be automatically deactivated to prevent any further actions or updates. This ensures that inactive candidates or vacancies do not trigger further updates in the system.

User story

As a user,
I want the processes to be deactivated (set to inactive) when a candidate is set to offline in RT or when a vacancy is deactivated,
So that I can ensure that no further actions or updates occur on inactive processes.

Visual design

Content

General info

This story focuses on the creation and management of user profiles for different markets. The profiles are linked to various markets (e.g., Germany, Switzerland) and should maintain consistent data across applications and changes. The goal is to ensure that when a candidate applies from a particular market, their market and associated currency remain fixed, even if they apply to publications from a different market.

User story

As a CRM user,
I want the candidate’s market and currency to remain consistent across all applications, even if the candidate applies to publications from a different market or makes changes to their profile,
so that the market and currency settings are preserved from the first application and are not reassigned unnecessarily with each new application or profile change.

Visual design:

–

Content

General info

This epic focuses on the creation and management of user profiles for different markets.

Epic ticket:

User stories

• Story 3.1.9.1. RJ old. Application for different markets

Visual design

–

Content

General info

Currently, when downloading the talent profile PDF and cover letter PDF, it takes approximately 30 seconds or more, sometimes leading to errors due to the long rendering time. To improve the user experience, we need to optimize the PDF generation by combining the rendering of all pages into one request. This will significantly reduce the download time and minimize the risk of errors during the process.

Epic ticket:

RT-6801
–
Получение подробных данных проблемы…
СТАТУС

User stories

• Story 1.0.15.2. PDF optimization for Profile PDF and Cover letter. Combine rendering in one request

Visual design

–

Content

General info

Currently, when downloading the talent profile PDF, it takes approximately 30 seconds or more, sometimes leading to errors due to the long rendering time. To improve the user experience, we need to optimize the PDF generation by combining the rendering of all pages into one request. This will significantly reduce the download time and minimize the risk of errors during the process.

User story

As a user,
I want the PDF rendering for the talent profile to be combined into one request,
so that the download time is optimized and errors due to prolonged rendering are minimized.

RT-6799
–
Получение подробных данных проблемы…
СТАТУС

Visual design:

–

	Acceptance criteria
01	Scenario: Combine rendering PDF pages into one request for Profile PDF in RT Given the user is attempting to download the talent Profile PDF in RT, When the system processes the request, Then all pages should be rendered and included in the download as one single request to improve download performance.
02	Scenario: Combine rendering PDF pages into one request for Profile PDF in process by download (in zip) Given the user is attempting to download the talent Profile PDF in process type “by download“, When the system processes the request, Then all pages should be rendered and included in the download as one single request to improve download performance.
03	OOS Scenario: Combine rendering PDF pages into one request for Cover letter in process by download (in zip) Given the user is attempting to download the cover letter PDF in process type “by download“, When the system processes the request, Then all pages should be rendered and included in the download as one single request to improve download performance.
04	Scenario: Optimize PDF download time Given that the PDF rendering for the profile is processed in one request, When the user downloads the PDF, Then the download time should be significantly reduced, and errors due to long rendering times should not occur.

 General info

 What needs to be improved?