bisco/azionelab
1
0
Fork 0
generated from bisco/codex-bootstrap
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
97427a0864ba236518aa122651d77d8cc420bb1c
azionelab/docs/deployment.md

4.9 KiB
Raw Blame History

Deployment

AzioneLab should deploy with a simple Docker Compose topology:

  • nginx: public reverse proxy and static frontend server;
  • frontend: Angular build source or build stage for static assets;
  • backend: Django 5.2 LTS application served by gunicorn;
  • db: PostgreSQL database.

Only nginx should expose public ports. The backend and database should stay on the internal Compose network.

Services

nginx

Responsibilities:

  • listen on public HTTP and HTTPS ports;
  • serve built Angular files;
  • proxy /api/ and /admin/ requests to the backend;
  • serve static and media files according to the selected storage layout;
  • apply request size and timeout limits appropriate for booking and admin usage.

Public ports:

  • 80 for HTTP;
  • 443 for HTTPS in production.

frontend

The frontend is an Angular application using Angular Material.

Deployment options:

  • build the Angular app in a Docker build stage and copy static files into the nginx image;
  • or run a one-shot build container that writes static files to a shared volume consumed by nginx.

The first option is preferred for a simple production deployment because nginx can serve immutable built assets without a long-running Node process.

backend

The backend is a Django application served by gunicorn.

Responsibilities:

  • REST API;
  • Django admin;
  • booking, confirmation, QR generation, and check-in logic;
  • transactional capacity validation;
  • email sending.

The backend should run database migrations before or during deployment through an explicit operational command, not as hidden startup magic unless that choice is documented later.

db

PostgreSQL is the only database service.

Responsibilities:

  • persistent application data;
  • reservation and check-in state;
  • transactional capacity enforcement.

Use a named Docker volume for database data.

Networks

Recommended Compose networks:

  • public: nginx-facing network when needed;
  • internal: private network for nginx, backend, and db communication.

The database should not be published to the host in production.

Volumes

Recommended volumes:

  • postgres_data: PostgreSQL data directory;
  • media: uploaded media and generated QR assets if stored on disk;
  • static: collected Django static files if served by nginx from a shared volume.

Generated QR codes may also be generated on demand instead of stored as files. If stored, they must not reveal personal data and access must remain controlled.

Configuration

Required backend configuration:

  • DJANGO_SECRET_KEY;
  • DJANGO_ALLOWED_HOSTS;
  • DJANGO_CSRF_TRUSTED_ORIGINS;
  • DATABASE_URL or equivalent database settings;
  • email host, port, username, password, TLS settings, and sender address;
  • public site URL used to build confirmation and QR verification links.

Required database configuration:

  • database name;
  • database user;
  • database password;
  • data volume path.

Required nginx configuration:

  • upstream backend service name and port;
  • static frontend root;
  • proxy rules for /api/ and /admin/;
  • TLS certificate paths for production.

Secrets must be provided through deployment-managed environment variables, Docker secrets, or another secret manager. Do not commit real secret values.

Example Request Routing

Visitor browser
  -> nginx
    -> Angular static files
    -> /api/ requests proxied to backend:gunicorn
    -> /admin/ requests proxied to backend:gunicorn
Backend
  -> PostgreSQL
  -> SMTP provider

Deployment Commands

The exact commands will be finalized when application code and Compose files are added.

Expected production-style flow:

docker compose build
docker compose run --rm backend python manage.py migrate
docker compose run --rm backend python manage.py collectstatic --noinput
docker compose up -d

Expected validation commands:

docker compose config
docker compose run --rm backend python manage.py check --deploy
docker compose run --rm backend python manage.py test

The repository does not yet define the canonical Docker-based test command.

Rollback

Rollback should be designed around immutable images and database backups.

Basic rollback steps:

  1. identify the previous known-good image tags or Git commit;
  2. stop the current Compose stack;
  3. deploy the previous image tags or commit;
  4. restore the database from backup only if a migration or data change requires it;
  5. run smoke checks for public pages, booking creation, confirmation, and check-in.

Database rollback needs special care once migrations exist. Down migrations or backup restore procedures should be documented before production use.

Operational Notes

  • Configure database backups before accepting real bookings.
  • Monitor backend errors, email delivery failures, and check-in failures.
  • Keep container images explicitly versioned; do not use latest tags.
  • Keep the system small until operational needs justify additional services.
Reference in New Issue View Git Blame Copy Permalink