This commit is contained in:
VPN SaaS Dev
111
DEPLOY.md
Normal file
111
DEPLOY.md
Normal file
@@ -0,0 +1,111 @@
|
||||
# CarPass Deploy
|
||||
|
||||
## First Install
|
||||
|
||||
```bash
|
||||
sudo mkdir -p /opt/carpass
|
||||
sudo chown "$USER":"$USER" /opt/carpass
|
||||
git clone <repo-url> /opt/carpass/app
|
||||
cd /opt/carpass/app
|
||||
cp .env.example .env
|
||||
```
|
||||
|
||||
Edit `.env` and set real secrets:
|
||||
|
||||
- `BOT_TOKEN`
|
||||
- `BOT_USERNAME`
|
||||
- `PUBLIC_WEBAPP_URL`
|
||||
- `CORS_ORIGINS`
|
||||
- `INTERNAL_API_TOKEN`
|
||||
- `SECRET_KEY`
|
||||
- `REDIS_URL` if Redis is external
|
||||
- `VAPID_PUBLIC_KEY` / `VAPID_PRIVATE_KEY` when browser push is enabled
|
||||
- `ADMIN_TELEGRAM_IDS`
|
||||
|
||||
Production must use public HTTPS URLs and `ALLOW_DEV_AUTH=false`.
|
||||
|
||||
## Start
|
||||
|
||||
```bash
|
||||
docker compose up -d --build
|
||||
docker compose exec api alembic upgrade head
|
||||
python -m scripts.bootstrap_admin
|
||||
curl -fsS http://127.0.0.1:8000/ready
|
||||
```
|
||||
|
||||
The default compose stack includes Postgres, Redis, API and bot services with health checks, restart policies and log rotation.
|
||||
|
||||
## Git-Based Update
|
||||
|
||||
The server directory must remain a git clone. The main update path is:
|
||||
|
||||
```bash
|
||||
APP_DIR=/opt/carpass/app DEPLOY_BRANCH=main ./scripts/deploy.sh
|
||||
```
|
||||
|
||||
The script runs:
|
||||
|
||||
- `git fetch`
|
||||
- `git pull --ff-only`
|
||||
- optional DB backup with `BACKUP_BEFORE_DEPLOY=true`
|
||||
- Docker build/up
|
||||
- `alembic upgrade head`
|
||||
- Python smoke compile
|
||||
- `/ready` health check
|
||||
|
||||
Do not use rsync as the primary deploy mechanism.
|
||||
|
||||
## Rollback
|
||||
|
||||
```bash
|
||||
cd /opt/carpass/app
|
||||
git log --oneline -20
|
||||
git checkout <previous_commit>
|
||||
docker compose up -d --build
|
||||
curl -fsS http://127.0.0.1:8000/ready
|
||||
```
|
||||
|
||||
Be careful with database migrations: code rollback does not automatically downgrade data.
|
||||
|
||||
## Backups
|
||||
|
||||
Create a compressed custom-format dump before risky deploys:
|
||||
|
||||
```bash
|
||||
BACKUP_DIR=/opt/carpass/backups ./scripts/backup_db.sh
|
||||
```
|
||||
|
||||
Restore only during a maintenance window:
|
||||
|
||||
```bash
|
||||
./scripts/restore_db.sh /opt/carpass/backups/carpass-drivers-YYYYMMDDTHHMMSSZ.dump
|
||||
```
|
||||
|
||||
For volume-level recovery, back up the Docker named volumes `pgdata` and `redisdata` according to the host backup policy.
|
||||
|
||||
## Logs
|
||||
|
||||
```bash
|
||||
docker compose ps
|
||||
docker compose logs -f api
|
||||
docker compose logs -f bot
|
||||
docker compose logs -f db
|
||||
```
|
||||
|
||||
## Migration Smoke Check
|
||||
|
||||
For a configured Postgres database:
|
||||
|
||||
```bash
|
||||
./scripts/check_migrations.sh
|
||||
```
|
||||
|
||||
## Cleanup Jobs
|
||||
|
||||
Run periodic cleanup from cron or systemd timer:
|
||||
|
||||
```bash
|
||||
docker compose exec -T api python scripts/cleanup_jobs.py
|
||||
```
|
||||
|
||||
It expires stale employee invites, marks exhausted notifications as abandoned, removes old abandoned notifications and clears old draft work orders.
|
||||
Reference in New Issue
Block a user