PermisosQR ships with two shell scripts —Documentation Index
Fetch the complete documentation index at: https://mintlify.com/edgar2420/QrPermision/llms.txt
Use this file to discover all available pages before exploring further.
setup.sh and start.sh — that automate the entire Ubuntu deployment process. setup.sh provisions every dependency from scratch (Node.js, PostgreSQL, the database, and an SSL certificate), while start.sh launches both the backend and frontend in a single command with a clean URL summary. Together they take a bare Ubuntu machine from zero to a running, SSL-enabled instance in a few minutes.
Clone the repository and run setup.sh
setup.sh performs the following steps automatically:- Node.js 20 — Checks whether Node is already installed; if not, adds the NodeSource repository and installs
nodejsviaapt. - PostgreSQL — Installs
postgresqlandpostgresql-contribifpsqlis not found, then starts and enables the service so it survives reboots. - Database — Sets the
postgresuser password toroot, creates thepermisosqrdatabase, and appliesdatabase/schema.sqlto build the three core tables (users,qr_codes,permissions). Note:setup.shand thedb:migrate/db:seednpm scripts both reference thedatabase/path, but the SQL files actually live in thebase/directory of the repository. When running SQL manually outside of these scripts, usebase/schema.sqlandbase/seed.sql. - Backend dependencies — Creates
.envfrom.env.exampleif it does not already exist, then runsnpm installinsidebackend/. - Frontend + SSL — Runs
npm installandnpm run buildinsidefrontend/, then generates a 10-year self-signed certificate (cert.pem/key.pem) scoped to the machine’s local IP address usingopenssl.
Start all services with start.sh
start.sh does four things:- Generates the SSL certificate pair if it is missing (using the same
opensslcommand assetup.sh). - Spawns
node backend/src/index.jsin the background on port 4000. - Spawns
npm run preview --prefix frontendin the background on port 3000, serving the pre-built Vite output over HTTPS. - Detects the machine’s local IP via
hostname -Iand prints the direct access URLs to the terminal.
Ctrl+C to stop both processes gracefully; the trap handler kills both PIDs before exiting.Access the application
Once
The network URL (with your machine’s LAN IP) is the one to share with mobile devices on the same Wi-Fi network for QR scanning. Accept the self-signed certificate warning on first visit, and the app will behave like a normal HTTPS site from that point on.
start.sh reports that both processes are running, open the following URLs:| Surface | URL |
|---|---|
| Backend API | http://localhost:4000 |
| Health check | http://localhost:4000/api/health |
| Frontend (local) | https://localhost:3000 |
| Frontend (network) | https://<local-ip>:3000 |
Manual Setup
If you prefer to run each service independently — or if you are deploying to a server wheresetup.sh is not appropriate — follow the steps below.
- Backend
- Frontend
.env. Make sure the file exists and contains valid PostgreSQL credentials before starting. The process listens on 0.0.0.0:4000, so it is reachable from any network interface.For long-running deployments, consider wrapping the process with a process manager such as pm2 or a systemd service unit to handle restarts on failure.Port Reference
| Service | Default Port |
|---|---|
| Backend API | 4000 |
| Frontend | 3000 |
| PostgreSQL | 5432 |
PORT in .env; the frontend preview port can be overridden with --port in the Vite config; PostgreSQL’s port is set in DB_PORT in .env.
Production reminder: Before exposing PermisosQR to the internet, open
backend/.env and replace the placeholder JWT_SECRET value with a securely generated random string (at least 32 characters). You can generate one with openssl rand -hex 32. Leaving the default value in place means any attacker who reads the source code can sign arbitrary tokens.