Deployment
Production Checklist
Security hardening, backups, monitoring, and operational best practices for BAP production deployments.
Production Checklist
This guide covers hardening your BAP installation for production use.
Security Hardening
Environment Variables
# Generate secure keys
JWT_SECRET=$(openssl rand -hex 32)
MASTER_KEY=$(openssl rand -hex 32)
# Use strong passwords
POSTGRES_PASSWORD=$(openssl rand -base64 32)Required Security Settings
| Setting | Recommendation |
|---|---|
| TLS 1.3 | Use latest protocol |
| HTTPS | Force redirect |
| CORS | Restrict to your domain |
| JWT Secret | 32+ random characters |
| Master Key | 64 random hex characters |
Firewall
# Allow only necessary ports
sudo ufw default deny incoming
sudo ufw allow 22/tcp # SSH
sudo ufw allow 80/tcp # HTTP
sudo ufw allow 443/tcp # HTTPS
sudo ufw enableDocker Security
# docker-compose.yml additions
services:
api:
security_opt:
- no-new-privileges:true
read_only: true
tmpfs:
- /tmp:size=10MBackup Strategy
Database Backups
SQLite
# Backup script
#!/bin/bash
DATE=$(date +%Y%m%d_%H%M%S)
docker cp bap-api-1:/data/bap.db /backup/bap-$DATE.db
# Keep last 30 backups
find /backup -name "bap-*.db" -mtime +30 -deletePostgreSQL
# Backup script
#!/bin/bash
DATE=$(date +%Y%m%d_%H%M%S)
docker exec bap-postgres-1 pg_dump -U bap bap > /backup/bap-$DATE.sql
find /backup -name "bap-*.sql" -mtime +30 -deleteSchedule Backups
# Crontab
0 2 * * * /path/to/backup.shOffsite Backups
Copy backups to cloud storage:
# Example: Upload to S3
aws s3 cp /backup/bap-$(date +%Y%m%d).db s3://your-bucket/backups/Monitoring
Health Checks
# API health
curl https://api.yourdomain.com/api/health
# Expected response
{"status":"ok"}Logs
# View logs
docker-compose logs -f --tail=100
# Ship to logging service (example)
docker-compose logs -f | journaldMetrics (Future)
Planned metrics:
- API response times
- Error rates
- Active wills
- Storage usage
Performance
Resource Limits
services:
api:
deploy:
resources:
limits:
cpus: '1'
memory: 1G
reservations:
cpus: '0.5'
memory: 512MDatabase Connection Pool
For PostgreSQL:
DATABASE_URL=postgresql://user:pass@host:5432/db?pool_max_conns=25Operational Procedures
Database Migration
# Backup first
./backup.sh
# Migrations run automatically on API startup
docker-compose up -dKey Rotation
# Generate new master key
NEW_MASTER_KEY=$(openssl rand -hex 32)
# Update environment
# MASTER_KEY must be the OLD key during migration
docker-compose down
# Edit .env with new key
# Run migration script
docker-compose up -dEmergency Recovery
-
Database corruption
- Restore from backup
- Verify integrity
-
Lost master key
- Data is unrecoverable
- Must start fresh
- This is by design
Maintenance Window
Scheduled Updates
- Announce maintenance window
- Backup database
- Stop services
- Pull new images
- Run migrations
- Start services
- Verify health
Zero-Downtime (Future)
Planned for future:
- Blue-green deployments
- Rolling updates
- Database migrations without lock
Compliance
GDPR
- Data encrypted at rest
- User data export available
- Deletion on request
- Privacy policy documented
Logging
- Audit log enabled
- Logs retained per policy
- Access logged
Incident Response
Alert Contacts
| Type | Contact |
|---|---|
| Security | [email protected] |
| Support | [email protected] |
Response Steps
- Identify issue
- Contain (stop services, rotate keys)
- Investigate (check logs)
- Recover (restore backups)
- Post-mortem
Next Steps
- Upgrading — Version updates
- Reverse Proxy — Proxy setup
- Docker Compose — Initial setup