enki/torrent-gateway
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
torrent-gateway/docs/deployment.md
enki e701652589
Some checks are pending
CI Pipeline / Run Tests (push) Waiting to run
Details
CI Pipeline / Lint Code (push) Waiting to run
Details
CI Pipeline / Security Scan (push) Waiting to run
Details
CI Pipeline / E2E Tests (push) Blocked by required conditions
Details
docker nuke and docs update
2025-08-27 11:30:45 -07:00

298 lines
6.0 KiB
Markdown
Raw Blame History

# Production Deployment Guide
This guide covers production deployment of the Torrent Gateway using the native installation script.
## Prerequisites
- Ubuntu 20.04+ or Debian 11+ server
- Root access (sudo)
- 4GB+ RAM (8GB recommended for high traffic)
- 50GB+ disk space
- Domain name (optional, for SSL)
## Quick Deployment
### Basic Production Setup
```bash
# Clone repository
git clone https://git.sovbit.dev/enki/torrentGateway.git
cd torrentGateway
# Run production installation
sudo ./scripts/install_native.sh --domain gateway.example.com --email admin@example.com --with-monitoring
```
This single command will:
- Install all dependencies
- Configure nginx reverse proxy
- Set up SSL certificates
- Install monitoring stack
- Start all services
## Manual Deployment Steps
### 1. System Preparation
```bash
# Update system
sudo apt update && sudo apt upgrade -y
# Install git if needed
sudo apt install -y git
# Clone repository
git clone https://git.sovbit.dev/enki/torrentGateway.git
cd torrentGateway
```
### 2. Database Initialization
```bash
# Start services to initialize database
sudo systemctl start torrent-gateway redis-server nginx
# Wait for gateway to initialize database
./scripts/health_check.sh
```
### 3. Configuration Review
Review and update configurations:
- `configs/prometheus.yml` - Metrics collection
- `configs/grafana/` - Dashboard settings
- `configs/loki.yml` - Log aggregation
- `/opt/torrent-gateway/configs/config.yaml` - Main configuration
### 4. Start Full Stack
```bash
# Start all services including monitoring
sudo systemctl start torrent-gateway redis-server nginx prometheus grafana-server
# Wait for all services to be healthy
timeout 120 bash -c 'until curl -sf http://localhost/api/health; do sleep 5; done'
```
### 5. Verify Deployment
```bash
# Run comprehensive health checks
sudo /opt/torrent-gateway/scripts/health_check.sh
# Check service logs
sudo journalctl -u torrent-gateway -n 50
```
## Service URLs
- **Gateway API:** https://gateway.example.com/api/
- **Admin Panel:** https://gateway.example.com/admin
- **Prometheus:** http://localhost:9090
- **Grafana:** http://localhost:3000 (admin/admin)
- **Web Interface:** https://gateway.example.com
## Production Checklist
- [ ] SSL certificates configured
- [ ] Firewall rules applied
- [ ] Monitoring enabled
- [ ] Backups scheduled
- [ ] Log rotation configured
- [ ] Security headers enabled
## Scaling
### Horizontal Scaling
For high traffic, you can run multiple instances behind a load balancer:
```bash
# Edit systemd service to run on different ports
sudo systemctl edit torrent-gateway
```
### Resource Limits
The systemd service includes resource limits:
- Memory: 2G max
- File descriptors: 65536
## Maintenance
### Daily Tasks
```bash
# Health check
sudo /opt/torrent-gateway/scripts/health_check.sh
# Check disk usage
df -h /opt/torrent-gateway/
# Review logs
sudo journalctl -u torrent-gateway --since "1 day ago"
```
### Weekly Tasks
```bash
# Update system
sudo apt update && sudo apt upgrade -y
# Run cleanup
sudo /opt/torrent-gateway/scripts/cleanup.sh
# Check SSL certificate
sudo certbot certificates
```
## Security Hardening
### 1. Firewall Configuration
```bash
# Enable UFW
sudo ufw enable
# Basic rules (already configured by installer)
sudo ufw allow ssh
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
```
### 2. SSL/TLS Configuration
SSL is automatically configured by the installer. To manually renew:
```bash
sudo certbot renew
```
### 3. Service Security
The installer configures systemd security features:
- Non-root user execution
- Read-only system protection
- Private temporary directories
- Resource limits
## Monitoring
### Prometheus Metrics
- Service health status
- Request rates and latencies
- Storage usage
- System resources
### Grafana Dashboards
Pre-configured dashboards for:
- Service overview
- Performance metrics
- Error rates
- Storage statistics
### Alerting
Configure alerting rules in `configs/alert_rules.yml`
## Backup & Recovery
### Automated Backups
Daily backups are automatically configured:
```bash
# Manual backup
sudo /opt/torrent-gateway/scripts/backup.sh
# List backups
ls -la /opt/torrent-gateway/backups/
# Restore from backup
sudo /opt/torrent-gateway/scripts/restore.sh 20240827_120000
```
### Database Backups
```bash
# SQLite backup
sqlite3 /opt/torrent-gateway/data/metadata.db ".backup /opt/torrent-gateway/backups/manual_db_backup.db"
```
## Troubleshooting
### Service Won't Start
```bash
# Check service status
sudo systemctl status torrent-gateway
# View detailed logs
sudo journalctl -u torrent-gateway -f
# Check configuration
sudo /opt/torrent-gateway/bin/gateway -config /opt/torrent-gateway/configs/config.yaml -check
```
### SSL Certificate Issues
```bash
# Check certificate status
sudo certbot certificates
# Test renewal
sudo certbot renew --dry-run
# Manual certificate request
sudo certbot --nginx -d gateway.example.com
```
### Performance Issues
```bash
# Check resource usage
htop
sudo systemctl status torrent-gateway
# Review performance metrics
curl http://localhost/metrics
```
## Updates
### Application Updates
```bash
cd /path/to/torrentGateway
git pull
sudo ./scripts/install_native.sh --skip-build=false
```
### System Updates
```bash
sudo apt update && sudo apt upgrade -y
sudo systemctl restart torrent-gateway
```
## Load Balancing
For very high traffic, use nginx load balancing:
```nginx
upstream torrent_gateway {
server 127.0.0.1:9877;
server 127.0.0.1:9878;
server 127.0.0.1:9879;
}
server {
listen 443 ssl http2;
server_name gateway.example.com;
location / {
proxy_pass http://torrent_gateway;
# ... other proxy settings
}
}
```
## Migration from Development
### Export Development Data
```bash
# On development machine
sudo /opt/torrent-gateway/scripts/backup.sh
scp /opt/torrent-gateway/backups/gateway_backup_*.tar.gz user@production-server:~/
```
### Import to Production
```bash
# On production server
sudo /opt/torrent-gateway/scripts/restore.sh ~/gateway_backup_*.tar.gz
sudo systemctl restart torrent-gateway
```
Reference in New Issue View Git Blame Copy Permalink