# BharathTrucks — Deployment & Infrastructure **Version:** 1.0 **Date:** 2026-05-31 --- ## 1. Infrastructure Overview ``` ┌─────────────────────────────────────────────────────────────┐ │ bharathtrucks.com │ │ (Cloudflare DNS/CDN) │ │ │ │ DNS: A record → VPS IP │ │ SSL: Cloudflare Full (Strict) │ │ Caching: Static assets (CSS/JS/images) │ └──────────────────────────┬──────────────────────────────────┘ │ ┌──────────────────────────▼──────────────────────────────────┐ │ Hostinger VPS │ │ Ubuntu 22.04 LTS │ │ 4 vCPU / 8GB RAM / 200GB SSD │ │ │ │ ┌────────────────────────────────────────────────────────┐ │ │ │ Coolify │ │ │ │ (Self-hosted PaaS) │ │ │ │ │ │ │ │ ┌──────────────────────────────────────────────────┐ │ │ │ │ │ bharathtrucks (Docker Container) │ │ │ │ │ │ │ │ │ │ │ │ Node.js 20 + Express + EJS │ │ │ │ │ │ Port: 3000 (internal) │ │ │ │ │ │ Auto-restart: enabled │ │ │ │ │ │ Health check: /health │ │ │ │ │ └──────────────────────────────────────────────────┘ │ │ │ │ │ │ │ │ Traefik (Reverse Proxy) → :443 → Container :3000 │ │ │ └────────────────────────────────────────────────────────┘ │ └──────────────────────────────────────────────────────────────┘ │ ┌──────────────────────────▼──────────────────────────────────┐ │ Supabase Cloud │ │ │ │ Project: bharathtrucks │ │ Region: Mumbai (ap-south-1) │ │ Plan: Free → Pro (at 1000 users) │ └──────────────────────────────────────────────────────────────┘ ``` --- ## 2. Domain Setup (bharathtrucks.com) ### Cloudflare Configuration 1. Add domain to Cloudflare (free plan) 2. Update nameservers at registrar to Cloudflare's 3. DNS Records: | Type | Name | Value | Proxy | |------|------|-------|-------| | A | @ | `` | Proxied ☁️ | | A | www | `` | Proxied ☁️ | | CNAME | api | @ | Proxied ☁️ | 4. SSL: Full (Strict) mode 5. Page Rules: - `*.bharathtrucks.com/public/*` → Cache Everything, Edge TTL 1 month - `bharathtrucks.com/` → Cache Level: Standard --- ## 3. Dockerfile ```dockerfile FROM node:20-alpine WORKDIR /app COPY webapp/package*.json ./ RUN npm ci --only=production COPY webapp/src ./src ENV NODE_ENV=production ENV PORT=3000 EXPOSE 3000 HEALTHCHECK --interval=30s --timeout=3s --start-period=5s \ CMD wget --no-verbose --tries=1 --spider http://localhost:3000/health || exit 1 CMD ["node", "src/server.js"] ``` --- ## 4. Docker Compose (Local Development) ```yaml version: '3.8' services: app: build: context: . dockerfile: Dockerfile ports: - "3000:3000" env_file: - webapp/.env volumes: - ./webapp/src:/app/src restart: unless-stopped ``` --- ## 5. Coolify Deployment Steps ### Initial Setup 1. SSH into Hostinger VPS 2. Install Coolify: `curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash` 3. Access Coolify dashboard at `http://:8000` 4. Configure domain in Coolify settings ### App Deployment 1. **Source:** Connect GitHub/GitLab repo (or use Git URL) 2. **Build Pack:** Dockerfile 3. **Port:** 3000 4. **Domain:** bharathtrucks.com 5. **Environment Variables:** Add all from `.env.example` 6. **Health Check:** `/health` 7. **Auto Deploy:** On push to `main` branch ### Environment Variables in Coolify ``` NODE_ENV=production PORT=3000 SUPABASE_URL=https://xxx.supabase.co SUPABASE_ANON_KEY=eyJ... SUPABASE_SERVICE_KEY=eyJ... APP_URL=https://bharathtrucks.com SESSION_SECRET= RATE_LIMIT_BIDS_PER_DAY=5 ``` --- ## 6. Supabase Setup ### Project Configuration 1. Create project at supabase.com (region: Mumbai) 2. Note: Project URL + anon key + service role key 3. Enable Phone Auth (OTP provider) 4. Configure SMS provider (Twilio or MSG91) ### Auth Settings - Phone OTP enabled - OTP expiry: 5 minutes - Rate limit: 5 OTP requests per hour per number - Disable email confirmation (phone-first) ### Database Setup - Run schema SQL from `docs/architecture/DATABASE_SCHEMA.md` - Enable RLS on all tables - Create indexes as specified ### Storage Buckets | Bucket | Purpose | Public | |--------|---------|--------| | `avatars` | Profile photos | Yes | | `documents` | License, RC uploads | No | | `load-images` | Load/material photos | Yes | --- ## 7. CI/CD Pipeline ### GitHub Actions (Optional) ```yaml name: Deploy on: push: branches: [main] jobs: deploy: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Trigger Coolify Webhook run: | curl -X POST "${{ secrets.COOLIFY_WEBHOOK_URL }}" ``` ### Simpler: Coolify Auto-Deploy Coolify watches the repo and auto-deploys on push to `main`. No CI/CD config needed. --- ## 8. Monitoring & Logging | Tool | Purpose | Cost | |------|---------|------| | Coolify Dashboard | Container status, resource usage | Free | | Cloudflare Analytics | Traffic, cache hit rate | Free | | Supabase Dashboard | DB metrics, auth logs | Free | | UptimeRobot | Uptime monitoring, alerts | Free (50 monitors) | ### Health Check Endpoint ```javascript app.get('/health', (req, res) => { res.status(200).json({ status: 'ok', timestamp: Date.now() }); }); ``` ### Log Strategy - Application logs: stdout (Docker captures) - Access logs: Morgan middleware (combined format) - Error logs: Structured JSON to stdout - View in Coolify dashboard → Container logs --- ## 9. Backup Strategy | What | How | Frequency | |------|-----|-----------| | Database | Supabase automatic backups | Daily (Pro plan) | | Code | Git repository | Every push | | Environment | Documented in `.env.example` | Manual | | Uploads | Supabase Storage (managed) | Automatic | --- ## 10. Security Hardening ### VPS Level - UFW firewall: allow 22, 80, 443 only - Fail2ban for SSH brute-force protection - SSH key-only auth (disable password) - Automatic security updates ### Application Level - Helmet.js security headers - CORS restricted to bharathtrucks.com - Rate limiting (express-rate-limit) - Input sanitization - httpOnly cookies for sessions - CSP headers (Content Security Policy) ### Cloudflare Level - DDoS protection (automatic) - Bot management (free tier) - WAF rules (basic) - SSL enforcement --- ## 11. Scaling Triggers | Metric | Threshold | Action | |--------|-----------|--------| | CPU | >80% sustained | Upgrade VPS | | RAM | >85% | Upgrade VPS | | Response time | >2s average | Add caching/optimize | | Users | >5000 | Supabase Pro + Redis | | Traffic | >10K req/min | Multiple containers | --- ## 12. Cost Estimate (Phase 1) | Service | Plan | Monthly Cost | |---------|------|-------------| | Hostinger VPS | KVM 2 (4vCPU/8GB) | ~₹800/month | | Supabase | Free tier | ₹0 | | Cloudflare | Free plan | ₹0 | | Domain | bharathtrucks.com | ~₹800/year | | UptimeRobot | Free | ₹0 | | **Total** | | **~₹900/month** | --- *Infrastructure designed for minimal cost during growth phase, with clear upgrade paths as user base scales.*