Conduct

Backend Deployment

Deployment Options

  1. Docker Compose (simplest)
  2. Kubernetes (scalable)
  3. Cloud Platforms (managed)
  4. Bare Metal (traditional)

Docker Compose Deployment

Prerequisites

  • Docker and Docker Compose installed
  • Domain name (optional, for HTTPS)
  • SSL certificate (optional, for HTTPS)

Step 1: Prepare Environment

Create docker-compose.prod.yml:

version: '3.8'
 
services:
  postgres:
    image: postgres:16
    environment:
      POSTGRES_USER: conduct
      POSTGRES_PASSWORD: ${DB_PASSWORD}
      POSTGRES_DB: conduct
    volumes:
      - postgres_data:/var/lib/postgresql/data
    networks:
      - conduct
 
  backend:
    build: .
    ports:
      - "3000:3000"
    environment:
      NODE_ENV: production
      DATABASE_URL: postgresql://conduct:${DB_PASSWORD}@postgres:5432/conduct
      STORAGE_TYPE: local
      STORAGE_PATH: /app/storage
      RATE_LIMIT_ENABLED: true
      RATE_LIMIT_MAX: 100
    volumes:
      - storage_data:/app/storage
    depends_on:
      - postgres
    networks:
      - conduct
    restart: unless-stopped
 
volumes:
  postgres_data:
  storage_data:
 
networks:
  conduct:

Step 2: Set Secrets

Create .env.prod:

DB_PASSWORD=your-secure-password

Step 3: Deploy

docker-compose -f docker-compose.prod.yml --env-file .env.prod up -d

Step 4: Run Migrations

docker-compose -f docker-compose.prod.yml exec backend npm run db:migrate

Step 5: Create Admin Key

docker-compose -f docker-compose.prod.yml exec backend npm run create-admin-key

Kubernetes Deployment

Prerequisites

  • Kubernetes cluster
  • kubectl configured
  • Helm (optional)

Step 1: Create Namespace

kubectl create namespace conduct

Step 2: Create Secrets

kubectl create secret generic conduct-db \
  --from-literal=password=your-secure-password \
  -n conduct
 
kubectl create secret generic conduct-admin \
  --from-literal=api-key=sk_admin_xxx \
  -n conduct

Step 3: Deploy PostgreSQL

# postgres.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: postgres
  namespace: conduct
spec:
  serviceName: postgres
  replicas: 1
  selector:
    matchLabels:
      app: postgres
  template:
    metadata:
      labels:
        app: postgres
    spec:
      containers:
      - name: postgres
        image: postgres:16
        env:
        - name: POSTGRES_USER
          value: conduct
        - name: POSTGRES_PASSWORD
          valueFrom:
            secretKeyRef:
              name: conduct-db
              key: password
        - name: POSTGRES_DB
          value: conduct
        ports:
        - containerPort: 5432
        volumeMounts:
        - name: postgres-storage
          mountPath: /var/lib/postgresql/data
  volumeClaimTemplates:
  - metadata:
      name: postgres-storage
    spec:
      accessModes: ["ReadWriteOnce"]
      resources:
        requests:
          storage: 10Gi
---
apiVersion: v1
kind: Service
metadata:
  name: postgres
  namespace: conduct
spec:
  ports:
  - port: 5432
  selector:
    app: postgres

Step 4: Deploy Backend

# backend.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: conduct-backend
  namespace: conduct
spec:
  replicas: 3
  selector:
    matchLabels:
      app: conduct-backend
  template:
    metadata:
      labels:
        app: conduct-backend
    spec:
      containers:
      - name: backend
        image: conduct/backend:latest
        env:
        - name: NODE_ENV
          value: production
        - name: DATABASE_URL
          valueFrom:
            secretKeyRef:
              name: conduct-db
              key: url
        - name: PORT
          value: "3000"
        ports:
        - containerPort: 3000
        resources:
          requests:
            memory: "256Mi"
            cpu: "250m"
          limits:
            memory: "512Mi"
            cpu: "500m"
---
apiVersion: v1
kind: Service
metadata:
  name: conduct-backend
  namespace: conduct
spec:
  type: LoadBalancer
  ports:
  - port: 80
    targetPort: 3000
  selector:
    app: conduct-backend

Step 5: Deploy

kubectl apply -f postgres.yaml
kubectl apply -f backend.yaml

Step 6: Verify

kubectl get pods -n conduct
kubectl logs -f deployment/conduct-backend -n conduct

Cloud Platform Deployments

AWS (ECS + RDS)

  1. Create RDS PostgreSQL instance
  2. Create ECS cluster
  3. Create task definition for backend
  4. Create service with load balancer
  5. Configure security groups
  6. Set up CloudWatch logs

Google Cloud (Cloud Run + Cloud SQL)

  1. Create Cloud SQL PostgreSQL instance
  2. Build and push container to GCR
  3. Deploy to Cloud Run
  4. Connect to Cloud SQL
  5. Configure Cloud Storage for files

Azure (App Service + PostgreSQL)

  1. Create Azure Database for PostgreSQL
  2. Create App Service
  3. Deploy container
  4. Configure connection strings
  5. Set up Azure Blob Storage

Reverse Proxy Setup

Nginx

server {
    listen 80;
    server_name conduct.example.com;
 
    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Caddy

conduct.example.com {
    reverse_proxy localhost:3000
}

SSL/TLS Setup

Let's Encrypt with Certbot

certbot --nginx -d conduct.example.com

Manual Certificate

server {
    listen 443 ssl http2;
    server_name conduct.example.com;
 
    ssl_certificate /path/to/cert.pem;
    ssl_certificate_key /path/to/key.pem;
 
    location / {
        proxy_pass http://localhost:3000;
    }
}

Monitoring

Health Checks

# Kubernetes
livenessProbe:
  httpGet:
    path: /health
    port: 3000
  initialDelaySeconds: 30
  periodSeconds: 10
 
# Docker
healthcheck:
  test: ["CMD", "curl", "-f", "http://localhost:3000/health"]
  interval: 30s
  timeout: 10s
  retries: 3

Logging

Configure structured logging:

LOG_LEVEL=info
LOG_FORMAT=json

Aggregate with:

  • CloudWatch Logs
  • Google Cloud Logging
  • ELK Stack
  • Datadog

Metrics

Monitor:

  • Request rate
  • Error rate
  • Response time
  • Database connections
  • Memory usage
  • CPU usage

Backup Strategy

Database Backups

# PostgreSQL
pg_dump $DATABASE_URL > backup.sql
 
# Automated with cron
0 2 * * * pg_dump $DATABASE_URL | gzip > /backups/conduct-$(date +\%Y\%m\%d).sql.gz

File Storage Backups

# Local storage
tar -czf storage-backup.tar.gz storage/
 
# S3 sync
aws s3 sync storage/ s3://conduct-backups/storage/

Security Checklist

  • Use strong database passwords
  • Enable SSL/TLS
  • Rotate API keys regularly
  • Set up firewall rules
  • Enable rate limiting
  • Use environment variables for secrets
  • Keep dependencies updated
  • Monitor for security vulnerabilities
  • Set up intrusion detection
  • Regular security audits

Scaling Considerations

Vertical Scaling

Increase resources:

  • More CPU cores
  • More memory
  • Faster storage

Horizontal Scaling

Multiple backend instances:

  • Load balancer
  • Shared database
  • Shared file storage (S3/GCS)
  • Session management

Database Scaling

  • Read replicas
  • Connection pooling
  • Query optimization
  • Caching layer (Redis)

Disaster Recovery

Backup Plan

  1. Daily database backups
  2. Weekly full backups
  3. Offsite backup storage
  4. Test restore procedures

Recovery Steps

  1. Restore database from backup
  2. Restore file storage
  3. Verify data integrity
  4. Restart services
  5. Test functionality

Next Steps

Previous

Backend Setup

Next

CLI Overview

On this page