iamcoolvivek007/bharath
1
0
Fork 0
mirror of http://forgejo-oa09toasww4dgii9cj3gpzda.187.127.164.61.sslip.io/iamcoolvivek007/bharath.git synced 2026-06-11 00:06:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
bharath/docs/architecture/DEPLOYMENT.md
Vivek 394117dd74 BharathTrucks MVP - 6 sprints complete 
- Govt-app styled freight marketplace
- Role-based auth (driver/shipper/broker/admin)
- Load board with bidding system
- Trip tracking with status flow
- In-app messaging
- Admin panel
- Mobile bottom nav + PWA
- Docker + Coolify ready
2026-05-31 06:21:13 +00:00

9.2 KiB
Raw Blame History

BharathTrucks — Deployment & Infrastructure

Version: 1.0
Date: 2026-05-31

1. Infrastructure Overview

┌─────────────────────────────────────────────────────────────┐
│                     bharathtrucks.com                         │
│                    (Cloudflare DNS/CDN)                       │
│                                                              │
│  DNS: A record → VPS IP                                      │
│  SSL: Cloudflare Full (Strict)                               │
│  Caching: Static assets (CSS/JS/images)                      │
└──────────────────────────┬──────────────────────────────────┘
                           │
┌──────────────────────────▼──────────────────────────────────┐
│              Hostinger VPS                                    │
│              Ubuntu 22.04 LTS                                 │
│              4 vCPU / 8GB RAM / 200GB SSD                    │
│                                                              │
│  ┌────────────────────────────────────────────────────────┐  │
│  │                    Coolify                              │  │
│  │              (Self-hosted PaaS)                         │  │
│  │                                                        │  │
│  │  ┌──────────────────────────────────────────────────┐  │  │
│  │  │         bharathtrucks (Docker Container)          │  │  │
│  │  │                                                    │  │  │
│  │  │  Node.js 20 + Express + EJS                       │  │  │
│  │  │  Port: 3000 (internal)                            │  │  │
│  │  │  Auto-restart: enabled                            │  │  │
│  │  │  Health check: /health                            │  │  │
│  │  └──────────────────────────────────────────────────┘  │  │
│  │                                                        │  │
│  │  Traefik (Reverse Proxy) → :443 → Container :3000     │  │
│  └────────────────────────────────────────────────────────┘  │
└──────────────────────────────────────────────────────────────┘
                           │
┌──────────────────────────▼──────────────────────────────────┐
│                    Supabase Cloud                             │
│                                                              │
│  Project: bharathtrucks                                      │
│  Region: Mumbai (ap-south-1)                                 │
│  Plan: Free → Pro (at 1000 users)                           │
└──────────────────────────────────────────────────────────────┘

2. Domain Setup (bharathtrucks.com)

Cloudflare Configuration

  1. Add domain to Cloudflare (free plan)
  2. Update nameservers at registrar to Cloudflare's
  3. DNS Records:
Type Name Value Proxy
A @ <VPS_IP> Proxied ☁️
A www <VPS_IP> Proxied ☁️
CNAME api @ Proxied ☁️
  1. SSL: Full (Strict) mode
  2. Page Rules:
    • *.bharathtrucks.com/public/* → Cache Everything, Edge TTL 1 month
    • bharathtrucks.com/ → Cache Level: Standard

3. Dockerfile

FROM node:20-alpine

WORKDIR /app

COPY webapp/package*.json ./
RUN npm ci --only=production

COPY webapp/src ./src

ENV NODE_ENV=production
ENV PORT=3000

EXPOSE 3000

HEALTHCHECK --interval=30s --timeout=3s --start-period=5s \
  CMD wget --no-verbose --tries=1 --spider http://localhost:3000/health || exit 1

CMD ["node", "src/server.js"]

4. Docker Compose (Local Development)

version: '3.8'

services:
  app:
    build:
      context: .
      dockerfile: Dockerfile
    ports:
      - "3000:3000"
    env_file:
      - webapp/.env
    volumes:
      - ./webapp/src:/app/src
    restart: unless-stopped

5. Coolify Deployment Steps

Initial Setup

  1. SSH into Hostinger VPS
  2. Install Coolify: curl -fsSL https://cdn.coollabs.io/coolify/install.sh | bash
  3. Access Coolify dashboard at http://<VPS_IP>:8000
  4. Configure domain in Coolify settings

App Deployment

  1. Source: Connect GitHub/GitLab repo (or use Git URL)
  2. Build Pack: Dockerfile
  3. Port: 3000
  4. Domain: bharathtrucks.com
  5. Environment Variables: Add all from .env.example
  6. Health Check: /health
  7. Auto Deploy: On push to main branch

Environment Variables in Coolify

NODE_ENV=production
PORT=3000
SUPABASE_URL=https://xxx.supabase.co
SUPABASE_ANON_KEY=eyJ...
SUPABASE_SERVICE_KEY=eyJ...
APP_URL=https://bharathtrucks.com
SESSION_SECRET=<generate-random-64-char>
RATE_LIMIT_BIDS_PER_DAY=5

6. Supabase Setup

Project Configuration

  1. Create project at supabase.com (region: Mumbai)
  2. Note: Project URL + anon key + service role key
  3. Enable Phone Auth (OTP provider)
  4. Configure SMS provider (Twilio or MSG91)

Auth Settings

  • Phone OTP enabled
  • OTP expiry: 5 minutes
  • Rate limit: 5 OTP requests per hour per number
  • Disable email confirmation (phone-first)

Database Setup

  • Run schema SQL from docs/architecture/DATABASE_SCHEMA.md
  • Enable RLS on all tables
  • Create indexes as specified

Storage Buckets

Bucket Purpose Public
avatars Profile photos Yes
documents License, RC uploads No
load-images Load/material photos Yes

7. CI/CD Pipeline

GitHub Actions (Optional)

name: Deploy
on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Trigger Coolify Webhook
        run: |
          curl -X POST "${{ secrets.COOLIFY_WEBHOOK_URL }}"

Simpler: Coolify Auto-Deploy

Coolify watches the repo and auto-deploys on push to main. No CI/CD config needed.

8. Monitoring & Logging

Tool Purpose Cost
Coolify Dashboard Container status, resource usage Free
Cloudflare Analytics Traffic, cache hit rate Free
Supabase Dashboard DB metrics, auth logs Free
UptimeRobot Uptime monitoring, alerts Free (50 monitors)

Health Check Endpoint

app.get('/health', (req, res) => {
  res.status(200).json({ status: 'ok', timestamp: Date.now() });
});

Log Strategy

  • Application logs: stdout (Docker captures)
  • Access logs: Morgan middleware (combined format)
  • Error logs: Structured JSON to stdout
  • View in Coolify dashboard → Container logs

9. Backup Strategy

What How Frequency
Database Supabase automatic backups Daily (Pro plan)
Code Git repository Every push
Environment Documented in .env.example Manual
Uploads Supabase Storage (managed) Automatic

10. Security Hardening

VPS Level

  • UFW firewall: allow 22, 80, 443 only
  • Fail2ban for SSH brute-force protection
  • SSH key-only auth (disable password)
  • Automatic security updates

Application Level

  • Helmet.js security headers
  • CORS restricted to bharathtrucks.com
  • Rate limiting (express-rate-limit)
  • Input sanitization
  • httpOnly cookies for sessions
  • CSP headers (Content Security Policy)

Cloudflare Level

  • DDoS protection (automatic)
  • Bot management (free tier)
  • WAF rules (basic)
  • SSL enforcement

11. Scaling Triggers

Metric Threshold Action
CPU >80% sustained Upgrade VPS
RAM >85% Upgrade VPS
Response time >2s average Add caching/optimize
Users >5000 Supabase Pro + Redis
Traffic >10K req/min Multiple containers

12. Cost Estimate (Phase 1)

Service Plan Monthly Cost
Hostinger VPS KVM 2 (4vCPU/8GB) ~₹800/month
Supabase Free tier ₹0
Cloudflare Free plan ₹0
Domain bharathtrucks.com ~₹800/year
UptimeRobot Free ₹0
Total ~₹900/month

Infrastructure designed for minimal cost during growth phase, with clear upgrade paths as user base scales.