enki/torrent-gateway
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
torrent-gateway/docs/deployment.md
enki e701652589
Some checks are pending
CI Pipeline / Run Tests (push) Waiting to run
Details
CI Pipeline / Lint Code (push) Waiting to run
Details
CI Pipeline / Security Scan (push) Waiting to run
Details
CI Pipeline / E2E Tests (push) Blocked by required conditions
Details
docker nuke and docs update
2025-08-27 11:30:45 -07:00

6.0 KiB
Raw Blame History

Production Deployment Guide

This guide covers production deployment of the Torrent Gateway using the native installation script.

Prerequisites

  • Ubuntu 20.04+ or Debian 11+ server
  • Root access (sudo)
  • 4GB+ RAM (8GB recommended for high traffic)
  • 50GB+ disk space
  • Domain name (optional, for SSL)

Quick Deployment

Basic Production Setup

# Clone repository
git clone https://git.sovbit.dev/enki/torrentGateway.git
cd torrentGateway

# Run production installation
sudo ./scripts/install_native.sh --domain gateway.example.com --email admin@example.com --with-monitoring

This single command will:

  • Install all dependencies
  • Configure nginx reverse proxy
  • Set up SSL certificates
  • Install monitoring stack
  • Start all services

Manual Deployment Steps

1. System Preparation

# Update system
sudo apt update && sudo apt upgrade -y

# Install git if needed
sudo apt install -y git

# Clone repository
git clone https://git.sovbit.dev/enki/torrentGateway.git
cd torrentGateway

2. Database Initialization

# Start services to initialize database
sudo systemctl start torrent-gateway redis-server nginx

# Wait for gateway to initialize database
./scripts/health_check.sh

3. Configuration Review

Review and update configurations:

  • configs/prometheus.yml - Metrics collection
  • configs/grafana/ - Dashboard settings
  • configs/loki.yml - Log aggregation
  • /opt/torrent-gateway/configs/config.yaml - Main configuration

4. Start Full Stack

# Start all services including monitoring
sudo systemctl start torrent-gateway redis-server nginx prometheus grafana-server

# Wait for all services to be healthy
timeout 120 bash -c 'until curl -sf http://localhost/api/health; do sleep 5; done'

5. Verify Deployment

# Run comprehensive health checks
sudo /opt/torrent-gateway/scripts/health_check.sh

# Check service logs
sudo journalctl -u torrent-gateway -n 50

Service URLs

Production Checklist

  • SSL certificates configured
  • Firewall rules applied
  • Monitoring enabled
  • Backups scheduled
  • Log rotation configured
  • Security headers enabled

Scaling

Horizontal Scaling

For high traffic, you can run multiple instances behind a load balancer:

# Edit systemd service to run on different ports
sudo systemctl edit torrent-gateway

Resource Limits

The systemd service includes resource limits:

  • Memory: 2G max
  • File descriptors: 65536

Maintenance

Daily Tasks

# Health check
sudo /opt/torrent-gateway/scripts/health_check.sh

# Check disk usage
df -h /opt/torrent-gateway/

# Review logs
sudo journalctl -u torrent-gateway --since "1 day ago"

Weekly Tasks

# Update system
sudo apt update && sudo apt upgrade -y

# Run cleanup
sudo /opt/torrent-gateway/scripts/cleanup.sh

# Check SSL certificate
sudo certbot certificates

Security Hardening

1. Firewall Configuration

# Enable UFW
sudo ufw enable

# Basic rules (already configured by installer)
sudo ufw allow ssh
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

2. SSL/TLS Configuration

SSL is automatically configured by the installer. To manually renew:

sudo certbot renew

3. Service Security

The installer configures systemd security features:

  • Non-root user execution
  • Read-only system protection
  • Private temporary directories
  • Resource limits

Monitoring

Prometheus Metrics

  • Service health status
  • Request rates and latencies
  • Storage usage
  • System resources

Grafana Dashboards

Pre-configured dashboards for:

  • Service overview
  • Performance metrics
  • Error rates
  • Storage statistics

Alerting

Configure alerting rules in configs/alert_rules.yml

Backup & Recovery

Automated Backups

Daily backups are automatically configured:

# Manual backup
sudo /opt/torrent-gateway/scripts/backup.sh

# List backups
ls -la /opt/torrent-gateway/backups/

# Restore from backup
sudo /opt/torrent-gateway/scripts/restore.sh 20240827_120000

Database Backups

# SQLite backup
sqlite3 /opt/torrent-gateway/data/metadata.db ".backup /opt/torrent-gateway/backups/manual_db_backup.db"

Troubleshooting

Service Won't Start

# Check service status
sudo systemctl status torrent-gateway

# View detailed logs
sudo journalctl -u torrent-gateway -f

# Check configuration
sudo /opt/torrent-gateway/bin/gateway -config /opt/torrent-gateway/configs/config.yaml -check

SSL Certificate Issues

# Check certificate status
sudo certbot certificates

# Test renewal
sudo certbot renew --dry-run

# Manual certificate request
sudo certbot --nginx -d gateway.example.com

Performance Issues

# Check resource usage
htop
sudo systemctl status torrent-gateway

# Review performance metrics
curl http://localhost/metrics

Updates

Application Updates

cd /path/to/torrentGateway
git pull
sudo ./scripts/install_native.sh --skip-build=false

System Updates

sudo apt update && sudo apt upgrade -y
sudo systemctl restart torrent-gateway

Load Balancing

For very high traffic, use nginx load balancing:

upstream torrent_gateway {
    server 127.0.0.1:9877;
    server 127.0.0.1:9878;
    server 127.0.0.1:9879;
}

server {
    listen 443 ssl http2;
    server_name gateway.example.com;
    
    location / {
        proxy_pass http://torrent_gateway;
        # ... other proxy settings
    }
}

Migration from Development

Export Development Data

# On development machine
sudo /opt/torrent-gateway/scripts/backup.sh
scp /opt/torrent-gateway/backups/gateway_backup_*.tar.gz user@production-server:~/

Import to Production

# On production server
sudo /opt/torrent-gateway/scripts/restore.sh ~/gateway_backup_*.tar.gz
sudo systemctl restart torrent-gateway