11 KiB
11 KiB
Production Deployment Guide
Pre-Deployment Checklist
- Environment variables configured in
.env - PostgreSQL database created and migrated
- Redis running and accessible
- Telegram credentials verified
- SSL certificates prepared (if needed)
- Log rotation configured
- Monitoring and alerts set up
- Backups configured
- Health checks tested
Deployment Methods
1. Docker Compose on VPS
1.1 Prepare Server
# Update system
sudo apt update && sudo apt upgrade -y
# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
# Install Docker Compose
sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
# Create non-root user for Docker
sudo usermod -aG docker $USER
newgrp docker
1.2 Deploy Application
# Clone repository
mkdir -p /home/bot
cd /home/bot
git clone https://github.com/yourusername/TG_autoposter.git
cd TG_autoposter
# Create environment file
nano .env
# Fill in production values
# Start services
docker-compose -f docker-compose.yml -f docker-compose.prod.yml up -d
# Verify services
docker-compose ps
1.3 Database Migrations
# Run migrations
docker-compose exec bot alembic upgrade head
# Verify
docker-compose exec bot alembic current
1.4 Monitoring
# View logs
docker-compose logs -f
# Monitor specific service
docker-compose logs -f bot
docker-compose logs -f celery_worker_send
# Check health
docker-compose ps
2. Kubernetes Deployment
2.1 Create Kubernetes Manifests
# Create namespace
kubectl create namespace telegram-bot
kubectl config set-context --current --namespace=telegram-bot
# Create ConfigMap for environment variables
kubectl create configmap bot-config --from-env-file=.env.prod
# Create Secrets for sensitive data
kubectl create secret generic bot-secrets \
--from-literal=telegram-bot-token=$TELEGRAM_BOT_TOKEN \
--from-literal=db-password=$DB_PASSWORD \
--from-literal=redis-password=$REDIS_PASSWORD
2.2 Deploy Services
See k8s/ directory for manifests:
postgres-deployment.yamlredis-deployment.yamlbot-deployment.yamlcelery-worker-deployment.yamlcelery-beat-deployment.yamlflower-deployment.yaml
# Apply manifests
kubectl apply -f k8s/
# Monitor deployment
kubectl get pods
kubectl logs -f deployment/bot
3. Using Systemd Service
3.1 Create Service File
sudo tee /etc/systemd/system/tg-autoposter.service > /dev/null <<EOF
[Unit]
Description=TG Autoposter Bot
After=network.target docker.service
Requires=docker.service
[Service]
Type=simple
User=bot
WorkingDirectory=/home/bot/TG_autoposter
ExecStart=/usr/local/bin/docker-compose up
ExecStop=/usr/local/bin/docker-compose down
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
EOF
3.2 Enable Service
sudo systemctl daemon-reload
sudo systemctl enable tg-autoposter
sudo systemctl start tg-autoposter
# Check status
sudo systemctl status tg-autoposter
# View logs
sudo journalctl -u tg-autoposter -f
Configuration for Production
1. Environment Variables
Create .env with production values:
# Core
TELEGRAM_BOT_TOKEN=your_production_token
TELEGRAM_API_ID=your_api_id
TELEGRAM_API_HASH=your_api_hash
ADMIN_ID=your_admin_id
# Database (use managed service like RDS, CloudSQL)
DB_HOST=db.example.com
DB_PORT=5432
DB_USER=bot_user
DB_PASSWORD=secure_password_here
DB_NAME=tg_autoposter_prod
DB_SSL_MODE=require
# Redis (use managed service like ElastiCache, Redis Cloud)
REDIS_HOST=redis.example.com
REDIS_PORT=6379
REDIS_DB=0
REDIS_PASSWORD=secure_redis_password
# Logging
LOG_LEVEL=INFO
LOG_FILE=/var/log/tg-autoposter/bot.log
# Security
SECRET_KEY=your_secret_key_here
DEBUG=False
ALLOWED_HOSTS=yourdomain.com,www.yourdomain.com
2. Database Configuration
# docker-compose.prod.yml
services:
postgres:
image: postgres:15-alpine
environment:
POSTGRES_PASSWORD: ${DB_PASSWORD}
POSTGRES_DB: ${DB_NAME}
volumes:
- postgres_data:/var/lib/postgresql/data
ports:
- "5432:5432"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${DB_USER}"]
interval: 10s
timeout: 5s
retries: 5
3. Redis Configuration
# docker-compose.prod.yml
services:
redis:
image: redis:7-alpine
command: redis-server --requirepass ${REDIS_PASSWORD}
volumes:
- redis_data:/data
ports:
- "6379:6379"
healthcheck:
test: ["CMD", "redis-cli", "--raw", "incr", "ping"]
interval: 10s
timeout: 5s
retries: 5
Scaling Considerations
1. Horizontal Scaling
# docker-compose.prod.yml - Multiple workers
services:
celery_worker_send_1:
# ... worker configuration
celery_worker_send_2:
# ... worker configuration
celery_worker_send_3:
# ... worker configuration
# Use load balancer or Docker Swarm for orchestration
2. Performance Tuning
# app/settings.py
CELERY_WORKER_PREFETCH_MULTIPLIER = 1
CELERY_WORKER_MAX_TASKS_PER_CHILD = 1000
CELERY_TASK_TIME_LIMIT = 30 * 60 # 30 minutes
CELERY_TASK_SOFT_TIME_LIMIT = 25 * 60 # 25 minutes
# Database connection pooling
DB_POOL_SIZE = 20
DB_MAX_OVERFLOW = 0
DB_POOL_TIMEOUT = 30
DB_POOL_RECYCLE = 3600
3. Caching Strategy
# Use Redis for caching
CACHE_TTL = 300 # 5 minutes
BROADCAST_CACHE_TTL = 3600 # 1 hour
MEMBERS_CACHE_TTL = 1800 # 30 minutes
Monitoring & Logging
1. Logging Setup
# Create log directory
sudo mkdir -p /var/log/tg-autoposter
sudo chown bot:bot /var/log/tg-autoposter
# Configure log rotation
sudo tee /etc/logrotate.d/tg-autoposter > /dev/null <<EOF
/var/log/tg-autoposter/*.log {
daily
rotate 14
compress
delaycompress
notifempty
create 0640 bot bot
sharedscripts
postrotate
systemctl reload tg-autoposter > /dev/null 2>&1 || true
endscript
}
EOF
2. Prometheus Metrics
# app/metrics.py
from prometheus_client import Counter, Histogram, Gauge
message_sent = Counter('messages_sent_total', 'Total messages sent')
message_failed = Counter('messages_failed_total', 'Total failed messages')
send_duration = Histogram('message_send_duration_seconds', 'Message send duration')
queue_size = Gauge('celery_queue_size', 'Celery queue size')
3. Monitoring with ELK Stack
# docker-compose.prod.yml
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:8.0.0
kibana:
image: docker.elastic.co/kibana/kibana:8.0.0
ports:
- "5601:5601"
logstash:
image: docker.elastic.co/logstash/logstash:8.0.0
volumes:
- ./logstash.conf:/usr/share/logstash/pipeline/logstash.conf
Backup & Recovery
1. Database Backup
#!/bin/bash
# backup-db.sh
BACKUP_DIR="/backups/postgres"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
BACKUP_FILE="$BACKUP_DIR/tg_autoposter_$TIMESTAMP.sql"
mkdir -p $BACKUP_DIR
# Backup
docker-compose exec -T postgres pg_dump -U $DB_USER $DB_NAME > $BACKUP_FILE
# Compress
gzip $BACKUP_FILE
# Remove old backups (keep 7 days)
find $BACKUP_DIR -name "*.sql.gz" -mtime +7 -delete
echo "Backup completed: $BACKUP_FILE.gz"
2. Redis Snapshot
#!/bin/bash
# backup-redis.sh
BACKUP_DIR="/backups/redis"
TIMESTAMP=$(date +%Y%m%d_%H%M%S)
mkdir -p $BACKUP_DIR
# Create snapshot
docker-compose exec -T redis redis-cli BGSAVE
# Copy snapshot
docker-compose exec -T redis cp /data/dump.rdb /data/dump_$TIMESTAMP.rdb
echo "Redis backup completed"
3. Restore Database
# Drop and recreate database
docker-compose exec -T postgres dropdb -U $DB_USER $DB_NAME
docker-compose exec -T postgres createdb -U $DB_USER $DB_NAME
# Restore from backup
gunzip < /backups/postgres/tg_autoposter_*.sql.gz | \
docker-compose exec -T postgres psql -U $DB_USER $DB_NAME
Security Best Practices
1. Environment Hardening
# Restrict file permissions
chmod 600 .env
chmod 700 /var/log/tg-autoposter
chmod 700 /backups
# Set ownership
sudo chown bot:bot /home/bot/TG_autoposter -R
2. Network Security
# docker-compose.prod.yml
services:
bot:
networks:
- backend
expose:
- 8000
postgres:
networks:
- backend
expose:
- 5432
networks:
backend:
driver: bridge
driver_opts:
com.docker.network.bridge.name: br_backend
3. SSL/TLS
# Generate SSL certificate
certbot certonly --standalone -d yourdomain.com
# Configure in docker-compose.prod.yml
services:
nginx:
image: nginx:latest
volumes:
- /etc/letsencrypt:/etc/letsencrypt
- ./nginx.conf:/etc/nginx/nginx.conf
ports:
- "443:443"
Troubleshooting Production Issues
Issue: Memory Leaks
# Monitor memory usage
docker stats
# Restart worker
docker-compose restart celery_worker_send
# Check logs for errors
docker-compose logs celery_worker_send | grep -i error
Issue: Database Connection Timeouts
# Increase pool size in settings
DB_POOL_SIZE = 30
# Check database status
docker-compose exec postgres psql -U bot -d tg_autoposter -c "SELECT datname, pid FROM pg_stat_activity;"
# Restart database
docker-compose restart postgres
Issue: High CPU Usage
# Identify problematic tasks
docker-compose exec flower curl -s http://localhost:5555/api/stats | python -m json.tool
# Reduce worker concurrency
CELERY_WORKER_CONCURRENCY = 2
CI/CD Integration
GitHub Actions Example
# .github/workflows/deploy.yml
name: Deploy to Production
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Deploy to VPS
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.VPS_HOST }}
username: ${{ secrets.VPS_USER }}
key: ${{ secrets.VPS_SSH_KEY }}
script: |
cd /home/bot/TG_autoposter
git pull origin main
docker-compose -f docker-compose.yml -f docker-compose.prod.yml up -d
docker-compose exec bot alembic upgrade head
Support and Monitoring Links
- Flower Dashboard: http://yourserver.com:5555
- PostgreSQL Monitoring: pgAdmin (if enabled)
- Application Logs:
/var/log/tg-autoposter/ - Health Check Endpoint:
/health(if implemented)
Maintenance Schedule
- Daily: Check logs for errors
- Weekly: Review resource usage
- Monthly: Security updates, dependency updates
- Quarterly: Performance analysis, capacity planning
Contact & Support
For issues or questions:
- Check logs and error messages
- Review GitHub issues
- Contact team lead
- Escalate to DevOps team if needed