docker-deploy-smoke

DEPLOY.md

@@ -19,7 +19,7 @@ Edit `.env` and set real secrets:
 - `INTERNAL_API_TOKEN`
 - `SECRET_KEY`
 - `REDIS_URL` if Redis is external
-- `VAPID_PUBLIC_KEY` / `VAPID_PRIVATE_KEY` when browser push is enabled
+- `VAPID_PUBLIC_KEY` / `VAPID_PRIVATE_KEY` only when browser push beta is enabled
 - `ADMIN_TELEGRAM_IDS`
 
 Production must use public HTTPS URLs and `ALLOW_DEV_AUTH=false`.
@@ -34,6 +34,7 @@ curl -fsS http://127.0.0.1:8000/ready
 ```
 
 The default compose stack includes Postgres, Redis, API and bot services with health checks, restart policies and log rotation.
+Telegram notifications are the primary pilot notification channel. Browser push currently stores subscriptions and is treated as beta until server-side Web Push delivery is enabled.
 
 ## Git-Based Update
 
@@ -51,7 +52,7 @@ The script runs:
 - Docker build/up
 - `alembic upgrade head`
 - Python smoke compile
-- `/ready` health check
+- `/health`, `/ready` and `/metrics` smoke checks
 
 Do not use rsync as the primary deploy mechanism.
 
@@ -75,12 +76,24 @@ Create a compressed custom-format dump before risky deploys:
 BACKUP_DIR=/opt/carpass/backups ./scripts/backup_db.sh
 ```
 
+Compatibility wrapper:
+
+```bash
+BACKUP_DIR=/opt/carpass/backups ./scripts/backup.sh
+```
+
 Restore only during a maintenance window:
 
 ```bash
 ./scripts/restore_db.sh /opt/carpass/backups/carpass-drivers-YYYYMMDDTHHMMSSZ.dump
 ```
 
+Compatibility wrapper:
+
+```bash
+./scripts/restore.sh /opt/carpass/backups/carpass-drivers-YYYYMMDDTHHMMSSZ.dump
+```
+
 For volume-level recovery, back up the Docker named volumes `pgdata` and `redisdata` according to the host backup policy.
 
 ## Logs