Skip to content

Deployment & Operations

Transitioning the Apptork Root System from a local machine to a production environment is seamless thanks to its strict containerized architecture.

Production Checklist

Before deploying, ensure you have correctly configured your production environment.

  1. Copy Secrets & Config: Duplicate the example production environment and configuration files: 
    cp .env.prod.example .env.prod
cp api/config/production.py.example api/config/production.py
  2. Secure Passwords: Update POSTGRES_PASSWORD, REDIS_PASSWORD, and SECRET_KEY with cryptographically secure strings.
  3. Configure Object Storage: Replace the local MinIO credentials with real AWS S3 credentials. (Alternatively, you can keep using MinIO in production! MinIO is enterprise-grade, fully S3-compatible, and an excellent choice for self-hosting to eliminate massive cloud egress fees.)
  4. Configure Domains: Update CORS_ALLOWED_ORIGINS and CSRF_TRUSTED_ORIGINS with your actual frontend domain (e.g., https://app.yourdomain.com).
  5. Observability: Input your SENTRY_DSN to enable automatic error tracking.

CORS for S3

Ensure your S3 bucket has the proper CORS policies if you are utilizing direct-to-S3 uploads from the frontend client.

Deployment Architectures

For early-stage startups or MVPs, a powerful VPS (e.g., DigitalOcean Droplet, Hetzner) is incredibly cost-effective.

We use Docker Swarm or raw Docker Compose on the host. The included docker-compose.yml mounts Nginx as the primary reverse proxy, sitting in front of Daphne (ASGI).

# On your server
docker compose --env-file .env.prod up --build -d

Make sure to map Nginx to ports 80 and 443, and configure SSL certificates via Let's Encrypt / Certbot.

As you scale, you can rip the docker-compose.yml apart:

  • Host PostgreSQL on Amazon RDS.
  • Host Redis on Amazon ElastiCache.
  • Deploy the api image to AWS ECS / Fargate.
  • Deploy the celeryworker and celerybeat images as continuous background tasks.

CI/CD via GitHub Actions

The boilerplate includes a pre-configured CI/CD pipeline (.github/workflows/deploy.yml) specifically engineered for automated VPS deployments over SSH.

How it works

  1. Trigger: You push a git tag matching v* (e.g., git tag v1.0.0; git push origin v1.0.0).
  2. Action: GitHub Runner spins up and utilizes appleboy/ssh-action.
  3. Execution: It securely SSHes into your server using repository secrets (SERVER_HOST, SERVER_SSH_KEY).
  4. Pull & Restart: The script pulls the latest codebase from main, rebuilds the docker images cleanly, runs database migrations, and restarts the containers with zero-downtime rolling updates.

Instant Deployment Parity

This provides instant, automated deployment parity without requiring expensive managed orchestration services right out of the gate.