# Pounce Deployment Guide ## Server Information - **Server IP**: `10.42.0.73` - **User**: `user` - **Git Remote**: `git.6bit.ch` (10.13.12.81) - **Frontend Port**: 3000 - **Backend Port**: 8000 - **Public URL**: https://pounce.ch ## Automated Deployment (Recommended) ### Using the Deploy Script The `deploy.sh` script handles zero-downtime deployments automatically: ```bash # Full deployment (commit + push + deploy) ./deploy.sh "Your commit message" # Frontend only ./deploy.sh -f "Frontend changes" # Backend only ./deploy.sh -b "Backend changes" # Quick sync without git operations ./deploy.sh -q # Force deploy (skips safety checks) ./deploy.sh --force "Force deploy" ``` ### What the Script Does 1. **Git Operations** (unless `-q` flag): - Commits all changes with your message - Pushes to `git.6bit.ch` 2. **Syncing Files**: - Uses `rsync` to transfer only changed files to server - Preserves timestamps and permissions - Frontend: syncs to `~/pounce/frontend/` - Backend: syncs to `~/pounce/backend/` 3. **Building**: - Frontend: `npm run build` (creates optimized production build) - Backend: `pip install -r requirements.txt` (updates dependencies) 4. **Restarting Services**: - Gracefully restarts Next.js and Uvicorn - Zero downtime using `./start.sh` ## Manual Deployment ### Step 1: Commit & Push Local Changes ```bash cd /Users/yvesgugger/Documents/Projekte/pounce # Check status git status # Add all changes git add -A # Commit git commit -m "Your descriptive commit message" # Push to git.6bit.ch git push ``` ### Step 2: SSH into Server & Pull Changes ```bash # Connect to server sshpass -p "user" ssh user@10.42.0.73 # Navigate to project cd ~/pounce # Pull latest changes git pull ``` ### Step 3: Frontend Deployment ```bash # Navigate to frontend cd ~/pounce/frontend # Install dependencies (if package.json changed) npm install # Build production version npm run build # The build creates a .next folder with optimized static files ``` ### Step 4: Backend Deployment ```bash # Navigate to backend cd ~/pounce/backend # Activate virtual environment source venv/bin/activate # Install/update dependencies (if requirements.txt changed) pip install -r requirements.txt # Deactivate venv deactivate ``` ### Step 5: Restart Services ```bash # Navigate to project root cd ~/pounce # Stop running services pkill -f 'uvicorn' pkill -f 'next start' # Start services using start script ./start.sh ``` ## Start Script (`start.sh`) The `start.sh` script handles: - Stopping existing processes on ports 8000 and 3000 - Starting the backend (Uvicorn) with proper settings - Starting the frontend (Next.js) in production mode - Health checks for both services - Logging to `backend.log` and `frontend.log` ### Manual Service Management ```bash # Check running processes ps aux | grep uvicorn ps aux | grep next # View logs tail -f ~/pounce/backend/backend.log tail -f ~/pounce/frontend/frontend.log # Check ports lsof -i :8000 # Backend lsof -i :3000 # Frontend ``` ## Environment Configuration ### Backend `.env` (~/pounce/backend/.env) ```env DATABASE_URL=postgresql://user:password@localhost:5432/domainwatch SECRET_KEY=your-secret-key-here STRIPE_SECRET_KEY=sk_live_xxx STRIPE_PUBLISHABLE_KEY=pk_live_xxx STRIPE_WEBHOOK_SECRET=whsec_xxx ZOHO_SMTP_USER=noreply@pounce.ch ZOHO_SMTP_PASSWORD=xxx GOOGLE_CLIENT_ID=xxx GOOGLE_CLIENT_SECRET=xxx GITHUB_CLIENT_ID=xxx GITHUB_CLIENT_SECRET=xxx site_url=https://pounce.ch ``` ### Frontend `.env.local` (~/pounce/frontend/.env.local) ```env NEXT_PUBLIC_API_URL=https://pounce.ch/api/v1 NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_live_xxx NEXT_PUBLIC_POSTHOG_KEY=phc_xxx NEXT_PUBLIC_POSTHOG_HOST=https://eu.i.posthog.com ``` ## Nginx Configuration Nginx acts as reverse proxy on the server: ```nginx # Frontend (Next.js) location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } # Backend (FastAPI) location /api { proxy_pass http://localhost:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } ``` ## Troubleshooting ### Frontend won't start ```bash # Check for port conflicts lsof -i :3000 # Check build errors cd ~/pounce/frontend npm run build # Check logs tail -f ~/pounce/frontend/frontend.log ``` ### Backend won't start ```bash # Check for port conflicts lsof -i :8000 # Test backend manually cd ~/pounce/backend source venv/bin/activate uvicorn app.main:app --host 0.0.0.0 --port 8000 # Check logs tail -f ~/pounce/backend/backend.log ``` ### Database issues ```bash # Check PostgreSQL status sudo systemctl status postgresql # Connect to database psql -U user -d domainwatch # Check migrations cd ~/pounce/backend alembic current alembic upgrade head ``` ### SSL Certificate issues ```bash # Check certificate expiry sudo certbot certificates # Renew certificates sudo certbot renew # Restart Nginx sudo systemctl restart nginx ``` ## Health Checks ```bash # Backend health curl http://localhost:8000/health # Frontend health curl -I http://localhost:3000 # Full stack check via public URL curl https://pounce.ch curl https://pounce.ch/api/health ``` ## Rollback Procedure If deployment fails: ```bash # On server cd ~/pounce # See recent commits git log --oneline -10 # Rollback to previous commit git reset --hard # Rebuild cd frontend && npm run build cd ../backend && source venv/bin/activate && pip install -r requirements.txt # Restart cd .. && ./start.sh ``` ## Monitoring & Maintenance ### Log Rotation Logs are in: - `~/pounce/backend/backend.log` - `~/pounce/frontend/frontend.log` Set up log rotation to prevent disk space issues: ```bash # Create logrotate config sudo nano /etc/logrotate.d/pounce ``` ``` /home/user/pounce/backend/backend.log { daily rotate 14 compress delaycompress notifempty create 0640 user user } /home/user/pounce/frontend/frontend.log { daily rotate 14 compress delaycompress notifempty create 0640 user user } ``` ### Cron Jobs Check scheduled tasks: ```bash crontab -l ``` Common cron jobs for Pounce: - Domain scraping - Health checks - Database cleanup - Backup scripts ## Backup & Recovery ### Database Backup ```bash # Manual backup pg_dump -U user domainwatch > backup_$(date +%Y%m%d_%H%M%S).sql # Restore from backup psql -U user domainwatch < backup_20250101_120000.sql ``` ### Code Backup All code is backed up on `git.6bit.ch`. To clone fresh: ```bash git clone user@10.13.12.81:yvg/pounce.git ``` ## Security Notes - Server uses SSH key authentication (password: `user` for development) - SSL certificates via Let's Encrypt (auto-renewal) - Database credentials in `.env` files (not committed to git) - Stripe webhooks require signing secret verification - OAuth secrets must match registered redirect URIs ## Quick Reference ```bash # Deploy everything ./deploy.sh "message" # Frontend only ./deploy.sh -f "message" # Backend only ./deploy.sh -b "message" # Quick sync (no git) ./deploy.sh -q # Check logs ssh user@10.42.0.73 'tail -f ~/pounce/backend/backend.log' # Restart services ssh user@10.42.0.73 'cd ~/pounce && ./start.sh' # Check health curl https://pounce.ch/api/health ``` ## Support For issues or questions, check: 1. Application logs (`backend.log`, `frontend.log`) 2. Nginx logs (`/var/log/nginx/error.log`) 3. PostgreSQL logs (`/var/log/postgresql/`) 4. System logs (`journalctl -xe`)