daarion-admin/microdao-daarion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
61573d97f5c1c216db95eb7654ca2806832542ed
microdao-daarion/site/DEPLOY_ON_SERVER/index.html
Apple ef3473db21 snapshot: NODE1 production state 2026-02-09 
Complete snapshot of /opt/microdao-daarion/ from NODE1 (144.76.224.179).
This represents the actual running production code that has diverged
significantly from the previous main branch.

Key changes from old main:
- Gateway (http_api.py): expanded from ~40KB to 164KB with full agent support
- Router: new /v1/agents/{id}/infer endpoint with vision + DeepSeek routing
- Behavior Policy: SOWA v2.2 (3-level: FULL/ACK/SILENT)
- Agent Registry: config/agent_registry.yml as single source of truth
- 13 agents configured (was 3)
- Memory service integration
- CrewAI teams and roles

Excluded from snapshot: venv/, .env, data/, backups, .tgz archives

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-09 08:46:46 -08:00

1524 lines
61 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="canonical" href="https://IvanTytar.github.io/microdao-daarion/DEPLOY_ON_SERVER/">
<link rel="icon" href="../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.5.3, mkdocs-material-9.5.18">
<title>Deploy DAARION on Server - DAARION Documentation</title>
<link rel="stylesheet" href="../assets/stylesheets/main.66ac8b77.min.css">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback">
<style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
<script>__md_scope=new URL("..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr">
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#deploy-daarion-on-server" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
</div>
<header class="md-header md-header--shadow" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href=".." title="DAARION Documentation" class="md-header__button md-logo" aria-label="DAARION Documentation" data-md-component="logo">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54Z"/></svg>
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
DAARION Documentation
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Deploy DAARION on Server
</span>
</div>
</div>
</div>
<script>var media,input,key,value,palette=__md_get("__palette");if(palette&&palette.color){"(prefers-color-scheme)"===palette.color.media&&(media=matchMedia("(prefers-color-scheme: light)"),input=document.querySelector(media.matches?"[data-md-color-media='(prefers-color-scheme: light)']":"[data-md-color-media='(prefers-color-scheme: dark)']"),palette.color.media=input.getAttribute("data-md-color-media"),palette.color.scheme=input.getAttribute("data-md-color-scheme"),palette.color.primary=input.getAttribute("data-md-color-primary"),palette.color.accent=input.getAttribute("data-md-color-accent"));for([key,value]of Object.entries(palette.color))document.body.setAttribute("data-md-color-"+key,value)}</script>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list" role="presentation"></ol>
</div>
</div>
</div>
</div>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href=".." title="DAARION Documentation" class="md-nav__button md-logo" aria-label="DAARION Documentation" data-md-component="logo">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54Z"/></svg>
</a>
DAARION Documentation
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../public/" class="md-nav__link">
<span class="md-ellipsis">
Home
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../public/getting-started/" class="md-nav__link">
<span class="md-ellipsis">
Getting Started
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../public/architecture-overview/" class="md-nav__link">
<span class="md-ellipsis">
Architecture
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../public/daiS_daos_overview/" class="md-nav__link">
<span class="md-ellipsis">
DAIS & DAOS
</span>
</a>
</li>
<li class="md-nav__item md-nav__item--section md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5" >
<label class="md-nav__link" for="__nav_5" id="__nav_5_label" tabindex="">
<span class="md-ellipsis">
Internal
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="1" aria-labelledby="__nav_5_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_5">
<span class="md-nav__icon md-icon"></span>
Internal
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5_1" >
<label class="md-nav__link" for="__nav_5_1" id="__nav_5_1_label" tabindex="0">
<span class="md-ellipsis">
Infra
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_5_1_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_5_1">
<span class="md-nav__icon md-icon"></span>
Infra
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../internal/infra/INFRA_AUTOMATION_PACK_V1/" class="md-nav__link">
<span class="md-ellipsis">
Infra Automation Pack v1
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../internal/infra/monitoring_overview/" class="md-nav__link">
<span class="md-ellipsis">
Monitoring Overview
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../internal/infra/nodes_registry_v0/" class="md-nav__link">
<span class="md-ellipsis">
Nodes Registry v0
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " type="checkbox" id="__nav_5_2" >
<label class="md-nav__link" for="__nav_5_2" id="__nav_5_2_label" tabindex="0">
<span class="md-ellipsis">
Specs
</span>
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" data-md-level="2" aria-labelledby="__nav_5_2_label" aria-expanded="false">
<label class="md-nav__title" for="__nav_5_2">
<span class="md-nav__icon md-icon"></span>
Specs
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../internal/specs/matrix_presence_aggregator/" class="md-nav__link">
<span class="md-ellipsis">
Matrix Presence Aggregator
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../internal/specs/city_map_spec/" class="md-nav__link">
<span class="md-ellipsis">
City Map Spec
</span>
</a>
</li>
<li class="md-nav__item">
<a href="../internal/specs/node_join_protocol_draft/" class="md-nav__link">
<span class="md-ellipsis">
Node Join Protocol (Draft)
</span>
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#overview" class="md-nav__link">
<span class="md-ellipsis">
🎯 Overview
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#prerequisites" class="md-nav__link">
<span class="md-ellipsis">
📋 Prerequisites
</span>
</a>
<nav class="md-nav" aria-label="📋 Prerequisites">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#server-requirements" class="md-nav__link">
<span class="md-ellipsis">
Server Requirements
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#domain-setup" class="md-nav__link">
<span class="md-ellipsis">
Domain Setup
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#installation-steps" class="md-nav__link">
<span class="md-ellipsis">
🚀 Installation Steps
</span>
</a>
<nav class="md-nav" aria-label="🚀 Installation Steps">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-install-docker-docker-compose" class="md-nav__link">
<span class="md-ellipsis">
1. Install Docker &amp; Docker Compose
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-install-additional-tools" class="md-nav__link">
<span class="md-ellipsis">
2. Install Additional Tools
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-clone-repository" class="md-nav__link">
<span class="md-ellipsis">
3. Clone Repository
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#4-configure-environment" class="md-nav__link">
<span class="md-ellipsis">
4. Configure Environment
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#5-build-frontend" class="md-nav__link">
<span class="md-ellipsis">
5. Build Frontend
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#6-apply-database-migrations" class="md-nav__link">
<span class="md-ellipsis">
6. Apply Database Migrations
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#7-start-all-services" class="md-nav__link">
<span class="md-ellipsis">
7. Start All Services
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#ssltls-setup" class="md-nav__link">
<span class="md-ellipsis">
🔒 SSL/TLS Setup
</span>
</a>
<nav class="md-nav" aria-label="🔒 SSL/TLS Setup">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#option-1-lets-encrypt-recommended" class="md-nav__link">
<span class="md-ellipsis">
Option 1: Let's Encrypt (Recommended)
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#option-2-self-signed-development-only" class="md-nav__link">
<span class="md-ellipsis">
Option 2: Self-signed (Development only)
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#production-configuration" class="md-nav__link">
<span class="md-ellipsis">
🔧 Production Configuration
</span>
</a>
<nav class="md-nav" aria-label="🔧 Production Configuration">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-update-docker-compose-for-production" class="md-nav__link">
<span class="md-ellipsis">
1. Update docker-compose for Production
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-firewall-configuration" class="md-nav__link">
<span class="md-ellipsis">
2. Firewall Configuration
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#3-resource-limits" class="md-nav__link">
<span class="md-ellipsis">
3. Resource Limits
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#monitoring" class="md-nav__link">
<span class="md-ellipsis">
📊 Monitoring
</span>
</a>
<nav class="md-nav" aria-label="📊 Monitoring">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#logs" class="md-nav__link">
<span class="md-ellipsis">
Logs
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#health-checks" class="md-nav__link">
<span class="md-ellipsis">
Health Checks
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#monitoring-stack" class="md-nav__link">
<span class="md-ellipsis">
Monitoring Stack
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#backup-strategy" class="md-nav__link">
<span class="md-ellipsis">
💾 Backup Strategy
</span>
</a>
<nav class="md-nav" aria-label="💾 Backup Strategy">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#1-database-backup" class="md-nav__link">
<span class="md-ellipsis">
1. Database Backup
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#2-volume-backup" class="md-nav__link">
<span class="md-ellipsis">
2. Volume Backup
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#updates-maintenance" class="md-nav__link">
<span class="md-ellipsis">
🔄 Updates &amp; Maintenance
</span>
</a>
<nav class="md-nav" aria-label="🔄 Updates & Maintenance">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#docker-compose-postgres-city-service-node1" class="md-nav__link">
<span class="md-ellipsis">
Docker Compose для Postgres та City-Service (NODE1)
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#update-daarion" class="md-nav__link">
<span class="md-ellipsis">
Update DAARION
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#zero-downtime-updates-advanced" class="md-nav__link">
<span class="md-ellipsis">
Zero-downtime Updates (Advanced)
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#troubleshooting" class="md-nav__link">
<span class="md-ellipsis">
🐛 Troubleshooting
</span>
</a>
<nav class="md-nav" aria-label="🐛 Troubleshooting">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#services-not-starting" class="md-nav__link">
<span class="md-ellipsis">
Services not starting
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#database-connection-issues" class="md-nav__link">
<span class="md-ellipsis">
Database connection issues
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#high-memory-usage" class="md-nav__link">
<span class="md-ellipsis">
High memory usage
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#performance-tuning" class="md-nav__link">
<span class="md-ellipsis">
📈 Performance Tuning
</span>
</a>
<nav class="md-nav" aria-label="📈 Performance Tuning">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#postgresql" class="md-nav__link">
<span class="md-ellipsis">
PostgreSQL
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#nginx-cache" class="md-nav__link">
<span class="md-ellipsis">
NGINX Cache
</span>
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="#security-checklist" class="md-nav__link">
<span class="md-ellipsis">
🔐 Security Checklist
</span>
</a>
</li>
<li class="md-nav__item">
<a href="#related-documentation" class="md-nav__link">
<span class="md-ellipsis">
📚 Related Documentation
</span>
</a>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1 id="deploy-daarion-on-server">Deploy DAARION on Server<a class="headerlink" href="#deploy-daarion-on-server" title="Permanent link">&para;</a></h1>
<p><strong>Version:</strong> 1.0.0<br />
<strong>Phase:</strong> INFRA — Production Deployment<br />
<strong>Last Updated:</strong> 24 листопада 2025</p>
<hr />
<h2 id="overview">🎯 Overview<a class="headerlink" href="#overview" title="Permanent link">&para;</a></h2>
<p>This guide covers deploying DAARION on a production server (VPS/dedicated server) with:
- Single domain entry point
- SSL/TLS certificates
- Production-ready configuration
- Monitoring &amp; backups</p>
<hr />
<h2 id="prerequisites">📋 Prerequisites<a class="headerlink" href="#prerequisites" title="Permanent link">&para;</a></h2>
<h3 id="server-requirements">Server Requirements<a class="headerlink" href="#server-requirements" title="Permanent link">&para;</a></h3>
<p><strong>Minimum:</strong>
- 4 CPU cores
- 8GB RAM
- 50GB SSD storage
- Ubuntu 22.04 LTS (or similar)</p>
<p><strong>Recommended:</strong>
- 8 CPU cores
- 16GB RAM
- 100GB SSD storage
- Ubuntu 22.04 LTS</p>
<h3 id="domain-setup">Domain Setup<a class="headerlink" href="#domain-setup" title="Permanent link">&para;</a></h3>
<ul>
<li>Domain pointing to server IP (e.g., <code>daarion.example.com</code>)</li>
<li>DNS A record configured</li>
<li>Port 80/443 accessible</li>
</ul>
<hr />
<h2 id="installation-steps">🚀 Installation Steps<a class="headerlink" href="#installation-steps" title="Permanent link">&para;</a></h2>
<h3 id="1-install-docker-docker-compose">1. Install Docker &amp; Docker Compose<a class="headerlink" href="#1-install-docker-docker-compose" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Update system</span>
sudo<span class="w"> </span>apt<span class="w"> </span>update<span class="w"> </span><span class="o">&amp;&amp;</span><span class="w"> </span>sudo<span class="w"> </span>apt<span class="w"> </span>upgrade<span class="w"> </span>-y
<span class="c1"># Install Docker</span>
curl<span class="w"> </span>-fsSL<span class="w"> </span>https://get.docker.com<span class="w"> </span>-o<span class="w"> </span>get-docker.sh
sudo<span class="w"> </span>sh<span class="w"> </span>get-docker.sh
<span class="c1"># Add current user to docker group</span>
sudo<span class="w"> </span>usermod<span class="w"> </span>-aG<span class="w"> </span>docker<span class="w"> </span><span class="nv">$USER</span>
newgrp<span class="w"> </span>docker
<span class="c1"># Install Docker Compose</span>
sudo<span class="w"> </span>apt<span class="w"> </span>install<span class="w"> </span>docker-compose-plugin<span class="w"> </span>-y
<span class="c1"># Verify</span>
docker<span class="w"> </span>--version
docker<span class="w"> </span>compose<span class="w"> </span>version
</code></pre></div>
<h3 id="2-install-additional-tools">2. Install Additional Tools<a class="headerlink" href="#2-install-additional-tools" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># PostgreSQL client (for migrations)</span>
sudo<span class="w"> </span>apt<span class="w"> </span>install<span class="w"> </span>postgresql-client<span class="w"> </span>-y
<span class="c1"># Node.js (for frontend build)</span>
curl<span class="w"> </span>-fsSL<span class="w"> </span>https://deb.nodesource.com/setup_18.x<span class="w"> </span><span class="p">|</span><span class="w"> </span>sudo<span class="w"> </span>-E<span class="w"> </span>bash<span class="w"> </span>-
sudo<span class="w"> </span>apt<span class="w"> </span>install<span class="w"> </span>-y<span class="w"> </span>nodejs
<span class="c1"># nginx (for SSL termination)</span>
sudo<span class="w"> </span>apt<span class="w"> </span>install<span class="w"> </span>nginx<span class="w"> </span>certbot<span class="w"> </span>python3-certbot-nginx<span class="w"> </span>-y
</code></pre></div>
<h3 id="3-clone-repository">3. Clone Repository<a class="headerlink" href="#3-clone-repository" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Create app directory</span>
sudo<span class="w"> </span>mkdir<span class="w"> </span>-p<span class="w"> </span>/opt/daarion
sudo<span class="w"> </span>chown<span class="w"> </span><span class="nv">$USER</span>:<span class="nv">$USER</span><span class="w"> </span>/opt/daarion
<span class="c1"># Clone</span>
<span class="nb">cd</span><span class="w"> </span>/opt/daarion
git<span class="w"> </span>clone<span class="w"> </span>https://github.com/your-org/daarion.git<span class="w"> </span>.
<span class="c1"># Or download release</span>
<span class="c1"># wget https://github.com/your-org/daarion/archive/v1.0.0.tar.gz</span>
<span class="c1"># tar -xzf v1.0.0.tar.gz</span>
</code></pre></div>
<h3 id="4-configure-environment">4. Configure Environment<a class="headerlink" href="#4-configure-environment" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Create .env file</span>
cp<span class="w"> </span>.env.example<span class="w"> </span>.env
<span class="c1"># Edit with your values</span>
nano<span class="w"> </span>.env
</code></pre></div>
<p><strong>Important variables:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="err">#</span><span class="w"> </span><span class="k">Domain</span>
<span class="k">DOMAIN</span><span class="o">=</span><span class="n">daarion</span><span class="p">.</span><span class="n">example</span><span class="p">.</span><span class="n">com</span>
<span class="err">#</span><span class="w"> </span><span class="k">Database</span>
<span class="n">DATABASE_URL</span><span class="o">=</span><span class="nl">postgresql</span><span class="p">:</span><span class="o">//</span><span class="nl">daarion_user</span><span class="p">:</span><span class="n">STRONG_PASSWORD</span><span class="nv">@postgres</span><span class="err">:</span><span class="mi">5432</span><span class="o">/</span><span class="n">daarion</span>
<span class="err">#</span><span class="w"> </span><span class="n">Redis</span>
<span class="n">REDIS_URL</span><span class="o">=</span><span class="nl">redis</span><span class="p">:</span><span class="o">//</span><span class="nl">redis</span><span class="p">:</span><span class="mi">6379</span><span class="o">/</span><span class="mi">0</span>
<span class="err">#</span><span class="w"> </span><span class="n">NATS</span>
<span class="n">NATS_URL</span><span class="o">=</span><span class="nl">nats</span><span class="p">:</span><span class="o">//</span><span class="nl">nats</span><span class="p">:</span><span class="mi">4222</span>
<span class="err">#</span><span class="w"> </span><span class="n">Secrets</span>
<span class="n">JWT_SECRET</span><span class="o">=</span><span class="n">GENERATE_STRONG_SECRET_HERE</span>
<span class="n">INTERNAL_SECRET</span><span class="o">=</span><span class="n">GENERATE_STRONG_SECRET_HERE</span>
<span class="err">#</span><span class="w"> </span><span class="n">Matrix</span>
<span class="n">MATRIX_HOMESERVER</span><span class="o">=</span><span class="nl">http</span><span class="p">:</span><span class="o">//</span><span class="n">matrix</span><span class="o">-</span><span class="nl">synapse</span><span class="p">:</span><span class="mi">8008</span>
<span class="n">SYNAPSE_SERVER_NAME</span><span class="o">=</span><span class="n">matrix</span><span class="p">.</span><span class="n">daarion</span><span class="p">.</span><span class="n">example</span><span class="p">.</span><span class="n">com</span>
<span class="err">#</span><span class="w"> </span><span class="n">Production</span><span class="w"> </span><span class="n">mode</span>
<span class="n">NODE_ENV</span><span class="o">=</span><span class="n">production</span>
<span class="n">APP_ENV</span><span class="o">=</span><span class="n">production</span>
</code></pre></div>
<p><strong>Generate secrets:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="c1"># JWT Secret</span>
openssl<span class="w"> </span>rand<span class="w"> </span>-base64<span class="w"> </span><span class="m">32</span>
<span class="c1"># Internal Secret</span>
openssl<span class="w"> </span>rand<span class="w"> </span>-hex<span class="w"> </span><span class="m">32</span>
</code></pre></div>
<h3 id="5-build-frontend">5. Build Frontend<a class="headerlink" href="#5-build-frontend" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Install dependencies</span>
npm<span class="w"> </span>install
<span class="c1"># Build production bundle</span>
npm<span class="w"> </span>run<span class="w"> </span>build
<span class="c1"># Verify dist/ directory exists</span>
ls<span class="w"> </span>-la<span class="w"> </span>dist/
</code></pre></div>
<h3 id="6-apply-database-migrations">6. Apply Database Migrations<a class="headerlink" href="#6-apply-database-migrations" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Start only PostgreSQL first</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>postgres
<span class="c1"># Wait for PostgreSQL</span>
sleep<span class="w"> </span><span class="m">10</span>
<span class="c1"># Apply migrations</span>
<span class="k">for</span><span class="w"> </span>migration<span class="w"> </span><span class="k">in</span><span class="w"> </span>migrations/*.sql<span class="p">;</span><span class="w"> </span><span class="k">do</span>
<span class="w"> </span><span class="nb">echo</span><span class="w"> </span><span class="s2">&quot;Applying: </span><span class="nv">$migration</span><span class="s2">&quot;</span>
<span class="w"> </span><span class="nv">PGPASSWORD</span><span class="o">=</span>YOUR_PASSWORD<span class="w"> </span>psql<span class="w"> </span>-h<span class="w"> </span>localhost<span class="w"> </span>-U<span class="w"> </span>daarion_user<span class="w"> </span>-d<span class="w"> </span>daarion<span class="w"> </span>-f<span class="w"> </span><span class="s2">&quot;</span><span class="nv">$migration</span><span class="s2">&quot;</span>
<span class="k">done</span>
</code></pre></div>
<h3 id="7-start-all-services">7. Start All Services<a class="headerlink" href="#7-start-all-services" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Start full stack</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>up<span class="w"> </span>-d
<span class="c1"># Check status</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>ps
<span class="c1"># View logs</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>logs<span class="w"> </span>-f<span class="w"> </span>gateway
</code></pre></div>
<hr />
<h2 id="ssltls-setup">🔒 SSL/TLS Setup<a class="headerlink" href="#ssltls-setup" title="Permanent link">&para;</a></h2>
<h3 id="option-1-lets-encrypt-recommended">Option 1: Let's Encrypt (Recommended)<a class="headerlink" href="#option-1-lets-encrypt-recommended" title="Permanent link">&para;</a></h3>
<p>Create external nginx config:</p>
<div class="codehilite"><pre><span></span><code>sudo<span class="w"> </span>nano<span class="w"> </span>/etc/nginx/sites-available/daarion
</code></pre></div>
<p><strong>Config:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="c1"># HTTP redirect to HTTPS</span>
<span class="k">server</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="kn">listen</span><span class="w"> </span><span class="mi">80</span><span class="p">;</span>
<span class="w"> </span><span class="kn">server_name</span><span class="w"> </span><span class="s">daarion.example.com</span><span class="p">;</span>
<span class="w"> </span><span class="kn">location</span><span class="w"> </span><span class="s">/.well-known/acme-challenge/</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="kn">root</span><span class="w"> </span><span class="s">/var/www/certbot</span><span class="p">;</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="kn">location</span><span class="w"> </span><span class="s">/</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="kn">return</span><span class="w"> </span><span class="mi">301</span><span class="w"> </span><span class="s">https://</span><span class="nv">$server_name$request_uri</span><span class="p">;</span>
<span class="w"> </span><span class="p">}</span>
<span class="p">}</span>
<span class="c1"># HTTPS with proxy to gateway</span>
<span class="k">server</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="kn">listen</span><span class="w"> </span><span class="mi">443</span><span class="w"> </span><span class="s">ssl</span><span class="w"> </span><span class="s">http2</span><span class="p">;</span>
<span class="w"> </span><span class="kn">server_name</span><span class="w"> </span><span class="s">daarion.example.com</span><span class="p">;</span>
<span class="w"> </span><span class="c1"># SSL certificates (will be added by certbot)</span>
<span class="w"> </span><span class="kn">ssl_certificate</span><span class="w"> </span><span class="s">/etc/letsencrypt/live/daarion.example.com/fullchain.pem</span><span class="p">;</span>
<span class="w"> </span><span class="kn">ssl_certificate_key</span><span class="w"> </span><span class="s">/etc/letsencrypt/live/daarion.example.com/privkey.pem</span><span class="p">;</span>
<span class="w"> </span><span class="c1"># SSL configuration</span>
<span class="w"> </span><span class="kn">ssl_protocols</span><span class="w"> </span><span class="s">TLSv1.2</span><span class="w"> </span><span class="s">TLSv1.3</span><span class="p">;</span>
<span class="w"> </span><span class="kn">ssl_ciphers</span><span class="w"> </span><span class="s">HIGH:!aNULL:!MD5</span><span class="p">;</span>
<span class="w"> </span><span class="kn">ssl_prefer_server_ciphers</span><span class="w"> </span><span class="no">on</span><span class="p">;</span>
<span class="w"> </span><span class="c1"># Proxy to gateway container</span>
<span class="w"> </span><span class="kn">location</span><span class="w"> </span><span class="s">/</span><span class="w"> </span><span class="p">{</span>
<span class="w"> </span><span class="kn">proxy_pass</span><span class="w"> </span><span class="s">http://127.0.0.1:80</span><span class="p">;</span>
<span class="w"> </span><span class="kn">proxy_set_header</span><span class="w"> </span><span class="s">Host</span><span class="w"> </span><span class="nv">$host</span><span class="p">;</span>
<span class="w"> </span><span class="kn">proxy_set_header</span><span class="w"> </span><span class="s">X-Real-IP</span><span class="w"> </span><span class="nv">$remote_addr</span><span class="p">;</span>
<span class="w"> </span><span class="kn">proxy_set_header</span><span class="w"> </span><span class="s">X-Forwarded-For</span><span class="w"> </span><span class="nv">$proxy_add_x_forwarded_for</span><span class="p">;</span>
<span class="w"> </span><span class="kn">proxy_set_header</span><span class="w"> </span><span class="s">X-Forwarded-Proto</span><span class="w"> </span><span class="nv">$scheme</span><span class="p">;</span>
<span class="w"> </span><span class="c1"># WebSocket support</span>
<span class="w"> </span><span class="kn">proxy_http_version</span><span class="w"> </span><span class="mi">1</span><span class="s">.1</span><span class="p">;</span>
<span class="w"> </span><span class="kn">proxy_set_header</span><span class="w"> </span><span class="s">Upgrade</span><span class="w"> </span><span class="nv">$http_upgrade</span><span class="p">;</span>
<span class="w"> </span><span class="kn">proxy_set_header</span><span class="w"> </span><span class="s">Connection</span><span class="w"> </span><span class="s">&quot;upgrade&quot;</span><span class="p">;</span>
<span class="w"> </span><span class="c1"># Timeouts</span>
<span class="w"> </span><span class="kn">proxy_connect_timeout</span><span class="w"> </span><span class="s">60s</span><span class="p">;</span>
<span class="w"> </span><span class="kn">proxy_send_timeout</span><span class="w"> </span><span class="s">60s</span><span class="p">;</span>
<span class="w"> </span><span class="kn">proxy_read_timeout</span><span class="w"> </span><span class="s">60s</span><span class="p">;</span>
<span class="w"> </span><span class="p">}</span>
<span class="w"> </span><span class="c1"># Client body size</span>
<span class="w"> </span><span class="kn">client_max_body_size</span><span class="w"> </span><span class="s">100M</span><span class="p">;</span>
<span class="p">}</span>
</code></pre></div>
<p><strong>Enable site:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="c1"># Create symlink</span>
sudo<span class="w"> </span>ln<span class="w"> </span>-s<span class="w"> </span>/etc/nginx/sites-available/daarion<span class="w"> </span>/etc/nginx/sites-enabled/
<span class="c1"># Test config</span>
sudo<span class="w"> </span>nginx<span class="w"> </span>-t
<span class="c1"># Reload nginx</span>
sudo<span class="w"> </span>systemctl<span class="w"> </span>reload<span class="w"> </span>nginx
</code></pre></div>
<p><strong>Get SSL certificate:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="c1"># Request certificate</span>
sudo<span class="w"> </span>certbot<span class="w"> </span>--nginx<span class="w"> </span>-d<span class="w"> </span>daarion.example.com
<span class="c1"># Auto-renewal (cron)</span>
sudo<span class="w"> </span>certbot<span class="w"> </span>renew<span class="w"> </span>--dry-run
</code></pre></div>
<h3 id="option-2-self-signed-development-only">Option 2: Self-signed (Development only)<a class="headerlink" href="#option-2-self-signed-development-only" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Generate certificate</span>
sudo<span class="w"> </span>openssl<span class="w"> </span>req<span class="w"> </span>-x509<span class="w"> </span>-nodes<span class="w"> </span>-days<span class="w"> </span><span class="m">365</span><span class="w"> </span>-newkey<span class="w"> </span>rsa:2048<span class="w"> </span><span class="se">\</span>
<span class="w"> </span>-keyout<span class="w"> </span>/etc/ssl/private/daarion.key<span class="w"> </span><span class="se">\</span>
<span class="w"> </span>-out<span class="w"> </span>/etc/ssl/certs/daarion.crt
<span class="c1"># Update nginx config to use these certs</span>
</code></pre></div>
<hr />
<h2 id="production-configuration">🔧 Production Configuration<a class="headerlink" href="#production-configuration" title="Permanent link">&para;</a></h2>
<h3 id="1-update-docker-compose-for-production">1. Update docker-compose for Production<a class="headerlink" href="#1-update-docker-compose-for-production" title="Permanent link">&para;</a></h3>
<p>Modify <code>docker-compose.all.yml</code>:</p>
<div class="codehilite"><pre><span></span><code><span class="c1"># Example changes for production</span>
<span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">postgres</span><span class="p">:</span>
<span class="w"> </span><span class="nt">restart</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">always</span>
<span class="w"> </span><span class="nt">environment</span><span class="p">:</span>
<span class="w"> </span><span class="nt">POSTGRES_PASSWORD</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">${POSTGRES_PASSWORD}</span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/opt/daarion/data/postgres:/var/lib/postgresql/data</span>
<span class="w"> </span><span class="nt">gateway</span><span class="p">:</span>
<span class="w"> </span><span class="nt">restart</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">always</span>
<span class="w"> </span><span class="c1"># Expose on localhost only (nginx proxies from host)</span>
<span class="w"> </span><span class="nt">ports</span><span class="p">:</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;127.0.0.1:80:80&quot;</span>
</code></pre></div>
<h3 id="2-firewall-configuration">2. Firewall Configuration<a class="headerlink" href="#2-firewall-configuration" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Allow SSH</span>
sudo<span class="w"> </span>ufw<span class="w"> </span>allow<span class="w"> </span><span class="m">22</span>/tcp
<span class="c1"># Allow HTTP/HTTPS</span>
sudo<span class="w"> </span>ufw<span class="w"> </span>allow<span class="w"> </span><span class="m">80</span>/tcp
sudo<span class="w"> </span>ufw<span class="w"> </span>allow<span class="w"> </span><span class="m">443</span>/tcp
<span class="c1"># Enable firewall</span>
sudo<span class="w"> </span>ufw<span class="w"> </span><span class="nb">enable</span>
<span class="c1"># Check status</span>
sudo<span class="w"> </span>ufw<span class="w"> </span>status
</code></pre></div>
<h3 id="3-resource-limits">3. Resource Limits<a class="headerlink" href="#3-resource-limits" title="Permanent link">&para;</a></h3>
<p>Add to <code>docker-compose.all.yml</code>:</p>
<div class="codehilite"><pre><span></span><code><span class="nt">services</span><span class="p">:</span>
<span class="w"> </span><span class="nt">living-map-service</span><span class="p">:</span>
<span class="w"> </span><span class="nt">deploy</span><span class="p">:</span>
<span class="w"> </span><span class="nt">resources</span><span class="p">:</span>
<span class="w"> </span><span class="nt">limits</span><span class="p">:</span>
<span class="w"> </span><span class="nt">cpus</span><span class="p">:</span><span class="w"> </span><span class="s">&#39;1&#39;</span>
<span class="w"> </span><span class="nt">memory</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">1G</span>
<span class="w"> </span><span class="nt">reservations</span><span class="p">:</span>
<span class="w"> </span><span class="nt">cpus</span><span class="p">:</span><span class="w"> </span><span class="s">&#39;0.5&#39;</span>
<span class="w"> </span><span class="nt">memory</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">512M</span>
</code></pre></div>
<hr />
<h2 id="monitoring">📊 Monitoring<a class="headerlink" href="#monitoring" title="Permanent link">&para;</a></h2>
<h3 id="logs">Logs<a class="headerlink" href="#logs" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># All services</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>logs<span class="w"> </span>-f
<span class="c1"># Specific service</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>logs<span class="w"> </span>-f<span class="w"> </span>living-map-service
<span class="c1"># Last 100 lines</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>logs<span class="w"> </span>--tail<span class="o">=</span><span class="m">100</span>
</code></pre></div>
<h3 id="health-checks">Health Checks<a class="headerlink" href="#health-checks" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Gateway health</span>
curl<span class="w"> </span>https://daarion.example.com/health
<span class="c1"># Individual services</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>ps
</code></pre></div>
<h3 id="monitoring-stack">Monitoring Stack<a class="headerlink" href="#monitoring-stack" title="Permanent link">&para;</a></h3>
<p>Access Prometheus &amp; Grafana (if enabled):
- Prometheus: <code>https://daarion.example.com/api/prometheus/</code>
- Grafana: <code>https://daarion.example.com/api/grafana/</code></p>
<hr />
<h2 id="backup-strategy">💾 Backup Strategy<a class="headerlink" href="#backup-strategy" title="Permanent link">&para;</a></h2>
<h3 id="1-database-backup">1. Database Backup<a class="headerlink" href="#1-database-backup" title="Permanent link">&para;</a></h3>
<p><strong>Script:</strong> <code>scripts/backup-db.sh</code></p>
<div class="codehilite"><pre><span></span><code><span class="ch">#!/bin/bash</span>
<span class="nv">BACKUP_DIR</span><span class="o">=</span><span class="s2">&quot;/opt/daarion/backups&quot;</span>
<span class="nv">DATE</span><span class="o">=</span><span class="k">$(</span>date<span class="w"> </span>+%Y%m%d_%H%M%S<span class="k">)</span>
mkdir<span class="w"> </span>-p<span class="w"> </span><span class="nv">$BACKUP_DIR</span>
docker<span class="w"> </span><span class="nb">exec</span><span class="w"> </span>daarion-postgres<span class="w"> </span>pg_dump<span class="w"> </span>-U<span class="w"> </span>postgres<span class="w"> </span>daarion<span class="w"> </span><span class="se">\</span>
<span class="w"> </span>&gt;<span class="w"> </span><span class="nv">$BACKUP_DIR</span>/daarion_<span class="nv">$DATE</span>.sql
<span class="c1"># Compress</span>
gzip<span class="w"> </span><span class="nv">$BACKUP_DIR</span>/daarion_<span class="nv">$DATE</span>.sql
<span class="c1"># Keep last 30 days</span>
find<span class="w"> </span><span class="nv">$BACKUP_DIR</span><span class="w"> </span>-name<span class="w"> </span><span class="s2">&quot;*.sql.gz&quot;</span><span class="w"> </span>-mtime<span class="w"> </span>+30<span class="w"> </span>-delete
<span class="nb">echo</span><span class="w"> </span><span class="s2">&quot;Backup completed: daarion_</span><span class="nv">$DATE</span><span class="s2">.sql.gz&quot;</span>
</code></pre></div>
<p><strong>Cron (daily at 2 AM):</strong></p>
<div class="codehilite"><pre><span></span><code>crontab<span class="w"> </span>-e
<span class="c1"># Add:</span>
<span class="m">0</span><span class="w"> </span><span class="m">2</span><span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>*<span class="w"> </span>/opt/daarion/scripts/backup-db.sh<span class="w"> </span>&gt;&gt;<span class="w"> </span>/var/log/daarion-backup.log<span class="w"> </span><span class="m">2</span>&gt;<span class="p">&amp;</span><span class="m">1</span>
</code></pre></div>
<h3 id="2-volume-backup">2. Volume Backup<a class="headerlink" href="#2-volume-backup" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Backup volumes</span>
docker<span class="w"> </span>run<span class="w"> </span>--rm<span class="w"> </span><span class="se">\</span>
<span class="w"> </span>-v<span class="w"> </span>daarion_postgres_data:/data<span class="w"> </span><span class="se">\</span>
<span class="w"> </span>-v<span class="w"> </span>/opt/daarion/backups:/backup<span class="w"> </span><span class="se">\</span>
<span class="w"> </span>alpine<span class="w"> </span>tar<span class="w"> </span>czf<span class="w"> </span>/backup/postgres_<span class="k">$(</span>date<span class="w"> </span>+%Y%m%d<span class="k">)</span>.tar.gz<span class="w"> </span>/data
</code></pre></div>
<hr />
<h2 id="updates-maintenance">🔄 Updates &amp; Maintenance<a class="headerlink" href="#updates-maintenance" title="Permanent link">&para;</a></h2>
<h3 id="docker-compose-postgres-city-service-node1">Docker Compose для Postgres та City-Service (NODE1)<a class="headerlink" href="#docker-compose-postgres-city-service-node1" title="Permanent link">&para;</a></h3>
<p><strong>⚠️ ВАЖЛИВО:</strong> На production (NODE1) використовується external том <code>microdao-daarion_postgres_data</code>.<br />
Не запускайте <code>docker compose up</code> без списку сервісів — це може створити нові порожні контейнери!</p>
<p><strong>Правильний запуск Postgres і City-Service:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="c1"># 1. Спочатку перевірте, що external том існує</span>
docker<span class="w"> </span>volume<span class="w"> </span>ls<span class="w"> </span><span class="p">|</span><span class="w"> </span>grep<span class="w"> </span>postgres_data
<span class="c1"># 2. Якщо тому немає — створіть його (тільки на свіжому сервері)</span>
docker<span class="w"> </span>volume<span class="w"> </span>create<span class="w"> </span>microdao-daarion_postgres_data
<span class="c1"># 3. Запуск Postgres (використовує existing volume)</span>
docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>postgres
<span class="c1"># 4. Запуск City-Service (без перезапуску залежностей)</span>
docker<span class="w"> </span>compose<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>city-service<span class="w"> </span>--no-deps
<span class="c1"># 5. Перевірка</span>
docker<span class="w"> </span>ps<span class="w"> </span><span class="p">|</span><span class="w"> </span>grep<span class="w"> </span>-E<span class="w"> </span><span class="s2">&quot;(postgres|city-service)&quot;</span>
curl<span class="w"> </span>https://daarion.space/api/nodes/list
</code></pre></div>
<p><strong>Альтернативний файл (city-space):</strong></p>
<div class="codehilite"><pre><span></span><code><span class="c1"># Якщо використовуєте docker-compose.city-space.yml</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.city-space.yml<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>dagi-postgres
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.city-space.yml<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>city-service<span class="w"> </span>--no-deps
</code></pre></div>
<p><strong>Перевірка після запуску:</strong></p>
<div class="codehilite"><pre><span></span><code><span class="c1"># API ноди</span>
curl<span class="w"> </span>-s<span class="w"> </span>https://daarion.space/api/nodes/list<span class="w"> </span><span class="p">|</span><span class="w"> </span>jq<span class="w"> </span>.
<span class="c1"># API агентів</span>
curl<span class="w"> </span>-s<span class="w"> </span>https://daarion.space/api/agents/ag_daarwizz<span class="w"> </span><span class="p">|</span><span class="w"> </span>jq<span class="w"> </span>.
<span class="c1"># MicroDAO</span>
curl<span class="w"> </span>-s<span class="w"> </span>https://daarion.space/api/microdao/daarion<span class="w"> </span><span class="p">|</span><span class="w"> </span>jq<span class="w"> </span>.
</code></pre></div>
<hr />
<h3 id="update-daarion">Update DAARION<a class="headerlink" href="#update-daarion" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="nb">cd</span><span class="w"> </span>/opt/daarion
<span class="c1"># Pull latest</span>
git<span class="w"> </span>pull<span class="w"> </span>origin<span class="w"> </span>main
<span class="c1"># Rebuild frontend</span>
npm<span class="w"> </span>run<span class="w"> </span>build
<span class="c1"># Restart services</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>--build
<span class="c1"># Apply new migrations if any</span>
./scripts/migrate.sh
</code></pre></div>
<h3 id="zero-downtime-updates-advanced">Zero-downtime Updates (Advanced)<a class="headerlink" href="#zero-downtime-updates-advanced" title="Permanent link">&para;</a></h3>
<p>Use blue-green deployment or rolling updates:</p>
<div class="codehilite"><pre><span></span><code><span class="c1"># Scale up new version</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>--scale<span class="w"> </span>living-map-service<span class="o">=</span><span class="m">2</span>
<span class="c1"># Wait for health checks</span>
sleep<span class="w"> </span><span class="m">30</span>
<span class="c1"># Scale down old version</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>up<span class="w"> </span>-d<span class="w"> </span>--scale<span class="w"> </span>living-map-service<span class="o">=</span><span class="m">1</span>
</code></pre></div>
<hr />
<h2 id="troubleshooting">🐛 Troubleshooting<a class="headerlink" href="#troubleshooting" title="Permanent link">&para;</a></h2>
<h3 id="services-not-starting">Services not starting<a class="headerlink" href="#services-not-starting" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Check logs</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>logs
<span class="c1"># Check resources</span>
docker<span class="w"> </span>stats
<span class="c1"># Restart specific service</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>restart<span class="w"> </span>living-map-service
</code></pre></div>
<h3 id="database-connection-issues">Database connection issues<a class="headerlink" href="#database-connection-issues" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Connect to database</span>
docker<span class="w"> </span><span class="nb">exec</span><span class="w"> </span>-it<span class="w"> </span>daarion-postgres<span class="w"> </span>psql<span class="w"> </span>-U<span class="w"> </span>postgres<span class="w"> </span>-d<span class="w"> </span>daarion
<span class="c1"># Check connections</span>
SELECT<span class="w"> </span>*<span class="w"> </span>FROM<span class="w"> </span>pg_stat_activity<span class="p">;</span>
</code></pre></div>
<h3 id="high-memory-usage">High memory usage<a class="headerlink" href="#high-memory-usage" title="Permanent link">&para;</a></h3>
<div class="codehilite"><pre><span></span><code><span class="c1"># Check memory</span>
docker<span class="w"> </span>stats<span class="w"> </span>--no-stream
<span class="c1"># Restart heavy services</span>
docker<span class="w"> </span>compose<span class="w"> </span>-f<span class="w"> </span>docker-compose.all.yml<span class="w"> </span>restart<span class="w"> </span>living-map-service
</code></pre></div>
<hr />
<h2 id="performance-tuning">📈 Performance Tuning<a class="headerlink" href="#performance-tuning" title="Permanent link">&para;</a></h2>
<h3 id="postgresql">PostgreSQL<a class="headerlink" href="#postgresql" title="Permanent link">&para;</a></h3>
<p>Add to docker-compose:</p>
<div class="codehilite"><pre><span></span><code><span class="nt">postgres</span><span class="p">:</span>
<span class="w"> </span><span class="nt">command</span><span class="p">:</span><span class="w"> </span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;postgres&quot;</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;-c&quot;</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;max_connections=200&quot;</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;-c&quot;</span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;shared_buffers=256MB&quot;</span>
</code></pre></div>
<h3 id="nginx-cache">NGINX Cache<a class="headerlink" href="#nginx-cache" title="Permanent link">&para;</a></h3>
<p>Add to nginx config:</p>
<div class="codehilite"><pre><span></span><code><span class="c1"># Cache zone</span>
<span class="k">proxy_cache_path</span><span class="w"> </span><span class="s">/var/cache/nginx</span><span class="w"> </span><span class="s">levels=1:2</span><span class="w"> </span><span class="s">keys_zone=daarion_cache:10m</span><span class="w"> </span><span class="s">max_size=1g</span><span class="p">;</span>
<span class="c1"># In location blocks</span>
<span class="k">proxy_cache</span><span class="w"> </span><span class="s">daarion_cache</span><span class="p">;</span>
<span class="k">proxy_cache_valid</span><span class="w"> </span><span class="mi">200</span><span class="w"> </span><span class="mi">5m</span><span class="p">;</span>
</code></pre></div>
<hr />
<h2 id="security-checklist">🔐 Security Checklist<a class="headerlink" href="#security-checklist" title="Permanent link">&para;</a></h2>
<ul>
<li>[ ] Strong passwords for all services</li>
<li>[ ] SSL/TLS enabled</li>
<li>[ ] Firewall configured</li>
<li>[ ] Regular backups automated</li>
<li>[ ] Monitoring enabled</li>
<li>[ ] Log rotation configured</li>
<li>[ ] Non-root user for Docker</li>
<li>[ ] Secrets in environment variables (not in code)</li>
<li>[ ] Regular security updates</li>
</ul>
<hr />
<h2 id="related-documentation">📚 Related Documentation<a class="headerlink" href="#related-documentation" title="Permanent link">&para;</a></h2>
<ul>
<li><a href="../DEPLOYMENT_OVERVIEW/">Deployment Overview</a></li>
<li><a href="../INFRASTRUCTURE.md">Infrastructure Guide</a></li>
<li><a href="../PHASE_INFRA_READY.md">Phase INFRA Ready</a></li>
</ul>
<hr />
<p><strong>🎉 DAARION — Production Ready!</strong></p>
</article>
</div>
<script>var target=document.getElementById(location.hash.slice(1));target&&target.name&&(target.checked=target.name.startsWith("__tabbed_"))</script>
</div>
</main>
<footer class="md-footer">
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.sections", "navigation.instant", "content.code.copy"], "search": "../assets/javascripts/workers/search.b8dbb3d2.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../assets/javascripts/bundle.3220b9d7.min.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink