Setup Instructions for KYC Portal ================================ Prerequisites ------------- - Ubuntu 22.04 LTS VPS (e.g., DigitalOcean Droplet, 2GB RAM, 50GB SSD, $12/month) - SSH access with sudo privileges - Domain: signup.telooze.com (A record pointing to server IP) - SMTP credentials for each company (e.g., Telooze, WAINS Solutions, SIPIFICATION, DialerZone) Setup Steps ----------- 1. Set Up Server - Create a DigitalOcean Droplet (Ubuntu 22.04, 2GB RAM, 50GB SSD). - SSH as non-root user (e.g., telooze): `ssh telooze@your_server_ip`. - Configure DNS: Set A record for signup.telooze.com to the server’s IP. 2. Update Scripts - Replace placeholders in scripts/install_kyc.sh and scripts/cleanup.sh: - `your_mysql_root_password`: Your MySQL root password. - `secure_kyc_password`: A secure password for the kyc_user MySQL user. - Example: ```bash sed -i 's/your_mysql_root_password/my_root_pass123/g' scripts/install_kyc.sh sed -i 's/secure_kyc_password/my_kyc_pass456/g' scripts/install_kyc.sh sed -i 's/your_mysql_root_password/my_root_pass123/g' scripts/cleanup.sh ``` 3. Run Scripts - Make scripts executable: ```bash chmod +x scripts/*.sh ``` - Install dependencies: ```bash ./scripts/install_deps.sh ``` - Configure SSL: ```bash ./scripts/install_ssl.sh ``` - Deploy KYC portal: ```bash ./scripts/install_kyc.sh ``` 4. Extract Artifact - Copy the kyc-portal/ directory to /tmp/kyc-portal: ```bash sudo mkdir /tmp/kyc-portal sudo cp -r kyc-portal/* /tmp/kyc-portal ``` - The install_kyc.sh script will handle deployment from /tmp/kyc-portal. 5. Add Companies - Log in to https://signup.telooze.com/admin (default: admin/admin_password). - Navigate to "Manage Forms" and add companies (e.g., Telooze, WAINS Solutions) with their logos and SMTP settings. - Optionally, clone existing forms to create new ones for additional companies. 6. Test the Portal - Access https://signup.telooze.com, select a company, and submit a KYC form. - Verify that submissions appear in the database (/var/www/kyc-portal/public/uploads). - Check that admin emails are sent using company-specific SMTP settings. - Test admin features: manage forms, fields, submissions, and verification checklist. Cleanup ------- If installation fails, reset the server: ```bash ./scripts/cleanup.sh ``` Security Notes ------------- - Use HTTPS for all access. - Restrict access to /var/www/uploads (chmod 750). - Implement rate limiting in Phase 2. - Encrypt smtp_password in production (e.g., using sodium_crypto_secretbox). - Change default admin password after setup. - Set up backups (e.g., DigitalOcean Snapshots or cron-based MySQL/file backups). Next Steps ---------- - Phase 2: Add location-based fields and validation. - Phase 3: Implement selfie verification with facial recognition. - Phase 4: Add comments section and duplicate submission detection.