Production deployment configuration for FleetAt application using Docker Compose.
NEVER commit these files to Git:
.env(contains real secrets)caddy/Caddyfile.prod(contains real domain)
Only commit template files:
.env.*.examplecaddy/Caddyfile.prod.example
- Docker & Docker Compose V2+ installed
- Domain name pointed to your server (A record)
- Ports 80, 443, 2019 open in firewall
- Sufficient disk space (recommend 20GB+)
- Run development script
This script will create your
./scripts/deploy-dev.sh
.envfrom template and ensure all local data directories exist before starting the services.
- Clone and navigate
git clone <your-repo-url> cd fleetat-deploy
- Run deployment script
./scripts/deploy-prod.sh
The script will:
- Create
.envfrom template (if missing) - Create
Caddyfile.prodfrom template (if missing) - Prompt you to edit configuration
- Check for placeholder values
- Ensure required Docker volumes exist
- Pull Docker images
- Start services
- Clone repository
git clone <your-repo-url> cd fleetat-deploy
- Create production volumes
docker volume create db-data docker volume create discovery-data docker volume create shell-data docker volume create caddy-data docker volume create caddy-config
- Configure environment
cp .env.prod.example .env nano .env # Edit and set secure values - Configure Caddy
cp caddy/Caddyfile.prod.example caddy/Caddyfile.prod nano caddy/Caddyfile.prod # Set your domain - Deploy
docker-compose -f docker-compose.yml -f docker-compose.prod.yml up -d
Required variables in .env:
BE_VERSION: Backend image versionFE_VERSION: Frontend image versionSPRING_PROFILES_ACTIVE: Spring profile (prodordev)POSTGRES_DB: Database namePOSTGRES_USER: Database userPOSTGRES_PASSWORD: Database password (32+ chars)REGISTRATION_SECRET: API secret (32+ chars)DOMAIN: Your actual domain
For local development, you can customize the host paths used for bind mounts in .env:
POSTGRES_DATA_PATH: Local path for database data (default:./data/postgres)DISCOVERY_DATA_PATH: Local path for discovery server data (default:./data/discovery)SHELL_DATA_PATH: Local path for shell data (default:./data/shell)CADDY_DATA_PATH: Local path for Caddy's internal data (default:./data/caddy-data)CADDY_CONFIG_PATH: Local path for Caddy's configuration (default:./data/caddy-config)
Note: Production uses named volumes for better data management and persistence.
Generate secure passwords:
openssl rand -base64 32fleetat-deploy/
├── .env.example # Template for development
├── .env.prod.example # Template for production
├── .env.dev.example # Template for local development
├── .gitignore # Protects secrets
├── docker-compose.yml # Base compose file (shared)
├── docker-compose.override.yml # Local development overrides
├── docker-compose.prod.yml # Production overrides
├── scripts/ # Deployment scripts
│ ├── deploy-dev.sh # Local development script
│ └── deploy-prod.sh # Production deployment script
├── README.md # This file
├── caddy/
│ ├── Caddyfile # Development config (HTTP only)
│ └── Caddyfile.prod.example # Production template (HTTPS)
└── nginx/
└── nginx.conf # Alternative to Caddy (not used)
# Production
docker-compose -f docker-compose.yml -f docker-compose.prod.yml logs -f
# Local
docker-compose logs -f# Production
docker-compose -f docker-compose.yml -f docker-compose.prod.yml ps
# Local
docker-compose psdocker exec fleetat_db pg_dump -U fleetat_prod fleetat_prod > backup-$(date +%Y%m%d-%H%M%S).sql- Use strong passwords (32+ characters)
- Keep
.envfile permissions restricted:chmod 600 .env - Regularly update Docker images
- Never commit
.envto Git