David/veylant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
410ae18d2d
veylant/web/src/pages/docs/deployment/DockerPage.tsx
David 410ae18d2d fix doc
2026-02-27 23:33:07 +01:00

72 lines
2.4 KiB
XML
Raw Blame History

import { CodeBlock } from "../components/CodeBlock";
import { Callout } from "../components/Callout";
export function DockerPage() {
return (
<div>
<h1 id="docker-deployment">Docker Compose Deployment</h1>
<p>
For small to medium deployments (single server, staging), Docker Compose is the recommended
approach. The production configuration uses the same services as local development with
hardened settings.
</p>
<h2 id="production-config">Production Configuration</h2>
<Callout type="warning" title="Before production deployment">
Ensure you have set: <code>server.env=production</code>, a strong <code>crypto.key</code>,
TLS certificates for all services, PostgreSQL with TLS, and proper secrets management
(HashiCorp Vault recommended).
</Callout>
<CodeBlock
language="bash"
code={`# Production environment variables (set via secrets manager, not .env)
VEYLANT_SERVER_ENV=production
VEYLANT_SERVER_PORT=8090
VEYLANT_CRYPTO_KEY=$(openssl rand -base64 32)
VEYLANT_DATABASE_URL=postgres://veylant_app:STRONG_PASSWORD@postgres:5432/veylant?sslmode=require
VEYLANT_REDIS_URL=redis://:REDIS_PASSWORD@redis:6379
VEYLANT_CLICKHOUSE_DSN=clickhouse://clickhouse:9000/veylant?dial_timeout=5s
VEYLANT_KEYCLOAK_BASE_URL=https://keycloak.yourdomain.com
VEYLANT_PROVIDERS_OPENAI_API_KEY=sk-...
VEYLANT_PII_FAIL_OPEN=false`}
/>
<h2 id="build">Building the Production Image</h2>
<CodeBlock
language="bash"
code={`# Build multi-arch image (amd64 + arm64)
docker buildx build \\
--platform linux/amd64,linux/arm64 \\
--tag ghcr.io/veylant/ia-gateway:1.0.0 \\
--push .
# Run with production config
docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d`}
/>
<h2 id="health-check">Health Checks</h2>
<CodeBlock
language="bash"
code={`# Check all services
make health # curl localhost:8090/healthz
# Check individual services
curl http://localhost:8090/healthz
curl http://localhost:8091/healthz # PII service`}
/>
<h2 id="backup">Database Backup</h2>
<CodeBlock
language="bash"
code={`# PostgreSQL backup (runs daily at 02:00 UTC via CronJob in Kubernetes)
pg_dump -h postgres -U veylant -d veylant \\
| gzip > backup-$(date +%Y%m%d).sql.gz
# Restore
gunzip -c backup-20260115.sql.gz | psql -h postgres -U veylant -d veylant`}
/>
</div>
);
}
Reference in New Issue View Git Blame Copy Permalink