Diablo_Rain/LifeRPG_v2.0
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
d4c2f592b1
LifeRPG_v2.0/docs/DEPLOYMENT_GUIDE.md
Copilot 90750ee8df
Strip emoji from docs, fix XSS/hashing vulnerabilities, remediate all failing CI checks (#1) 
* Initial plan

* Fix security vulnerabilities: MD5→SHA-256, XSS via dangerouslySetInnerHTML/innerHTML, insecure randomness, CodeQL config

Co-authored-by: TLimoges33 <125313326+TLimoges33@users.noreply.github.com>

* Clean up README: remove decorative emojis for a professional tone

Remove all emojis from section headers, list item prefixes, and
decorative positions. Replace  phase status markers with '(Complete)'
text. Keep the  in the final call-to-action line. No changes to
links, badges, code blocks, or technical content.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* docs: remove emoji characters from CONTRIBUTING.md

Remove all emoji from section headers and closing line while
preserving links, code blocks, and technical content.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* docs: remove emoji characters from documentation files

Remove all emoji characters from 8 documentation files in docs/.
Replace status-marker checkmarks () with '(Done)' text.
Remove decorative emojis from headers and body text entirely.
Preserve emojis inside code blocks unchanged.
Clean up trailing whitespace introduced by removals.

Files modified:
- DEPLOYMENT_GUIDE.md
- IMPLEMENTATION_PLAN.md
- MILESTONE_6_SUMMARY.md
- PRODUCTION_ROADMAP.md
- PROJECT_STATUS.md
- REPOSITORY_ENHANCEMENT.md
- ROADMAP.md
- SECURITY_AUDIT_ROADMAP.md

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* docs: remove emoji characters from documentation files

Remove all emoji characters from 9 markdown files while preserving
code block content (box-drawing characters, indentation). Emojis
removed from headers, list items, and body text across READMEs,
issue templates, PR template, runbook, and mobile docs.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

* Remove excessive emoji from all documentation for professional presentation

Co-authored-by: TLimoges33 <125313326+TLimoges33@users.noreply.github.com>

* Fix PluginWidget initial state and remove || true from security audit steps

Co-authored-by: TLimoges33 <125313326+TLimoges33@users.noreply.github.com>

* Remediate all failing CI checks: update deprecated actions, fix npm vulnerabilities, fix migrations YAML

Co-authored-by: SynOSdev <257853113+SynOSdev@users.noreply.github.com>

* Fix all remaining CI failures: Node 18→20, fix test API contract, fix pytest version, fix Postgres health checks

Co-authored-by: SynOSdev <257853113+SynOSdev@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: TLimoges33 <125313326+TLimoges33@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: SynOSdev <257853113+SynOSdev@users.noreply.github.com>
2026-03-14 08:59:37 -04:00

11 KiB
Raw Blame History

LifeRPG Production Deployment Guide

This comprehensive guide covers deploying LifeRPG to production environments with security, scalability, and cost optimization in mind.

Deployment Options Overview

Free Tier Options (Perfect for Students)

  1. Frontend: Vercel/Netlify (Free tier)
  2. Backend: Railway/Render (Free tier with limitations)
  3. Database: SQLite (file-based, included)
  4. Monitoring: Built-in health checks

Low-Cost Options ($5-15/month)

  1. VPS: DigitalOcean Droplet, Linode, Vultr
  2. Platform: Railway Pro, Render Pro
  3. Container: Docker on cloud VPS

Production-Ready Options ($20-50/month)

  1. Cloud: AWS/GCP/Azure with proper scaling
  2. Database: Managed PostgreSQL
  3. CDN: CloudFlare Pro
  4. Monitoring: External monitoring services

Quick Start: Free Deployment

Option 1: Vercel + Railway (Recommended for Students)

Step 1: Prepare Repository

# Ensure all code is committed and pushed
git add .
git commit -m "Production deployment preparation"
git push origin master

Step 2: Deploy Frontend to Vercel

  1. Go to vercel.com
  2. Connect your GitHub repository
  3. Configure build settings: 
    Framework: Create React App
Root Directory: modern/frontend
Build Command: npm run build
Output Directory: build
  4. Add environment variables: 
    REACT_APP_API_URL=https://your-backend.railway.app
REACT_APP_ENVIRONMENT=production

Step 3: Deploy Backend to Railway

  1. Go to railway.app
  2. Create new project from GitHub
  3. Configure: 
    Root Directory: modern/backend
Start Command: uvicorn app:app --host 0.0.0.0 --port $PORT
  4. Add environment variables: 
    ENVIRONMENT=production
SECRET_KEY=your-secure-secret-key
DATABASE_URL=sqlite:///production.db
CORS_ORIGINS=["https://your-app.vercel.app"]

Option 2: Netlify + Render

Frontend (Netlify)

  1. Go to netlify.com
  2. Connect GitHub repository
  3. Build settings: 
    Publish directory: modern/frontend/build
Build command: cd modern/frontend && npm install && npm run build

Backend (Render)

  1. Go to render.com
  2. Create Web Service
  3. Settings: 
    Root Directory: modern/backend
Build Command: pip install -r requirements.txt
Start Command: uvicorn app:app --host 0.0.0.0 --port $PORT

Docker Deployment

Complete Docker Setup

1. Production Dockerfile (Backend)

# modern/backend/Dockerfile.prod
FROM python:3.12-slim

WORKDIR /app

# Install system dependencies
RUN apt-get update && apt-get install -y \
    gcc \
    && rm -rf /var/lib/apt/lists/*

# Copy requirements first for better caching
COPY requirements.txt requirements_ai.txt ./
RUN pip install --no-cache-dir -r requirements_ai.txt

# Copy application code
COPY . .

# Create non-root user
RUN useradd -m -r appuser && chown appuser:appuser /app
USER appuser

# Health check
HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
    CMD curl -f http://localhost:8000/api/v1/health/ || exit 1

EXPOSE 8000
CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "8000"]

2. Production docker-compose.yml

version: "3.8"

services:
  backend:
    build:
      context: ./modern/backend
      dockerfile: Dockerfile.prod
    ports:
      - "8000:8000"
    environment:
      - ENVIRONMENT=production
      - DATABASE_URL=sqlite:///data/production.db
      - SECRET_KEY=${SECRET_KEY}
    volumes:
      - ./data:/app/data
      - ./ai_models:/app/ai_models
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8000/api/v1/health/"]
      interval: 30s
      timeout: 10s
      retries: 3

  frontend:
    build:
      context: ./modern/frontend
      dockerfile: Dockerfile
    ports:
      - "3000:3000"
    environment:
      - REACT_APP_API_URL=http://localhost:8000
    depends_on:
      - backend
    restart: unless-stopped

  nginx:
    image: nginx:alpine
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - ./ssl:/etc/nginx/ssl
    depends_on:
      - frontend
      - backend
    restart: unless-stopped

3. Nginx Configuration

# nginx.conf
events {
    worker_connections 1024;
}

http {
    upstream backend {
        server backend:8000;
    }

    upstream frontend {
        server frontend:3000;
    }

    server {
        listen 80;
        server_name your-domain.com;

        # Redirect to HTTPS
        return 301 https://$server_name$request_uri;
    }

    server {
        listen 443 ssl;
        server_name your-domain.com;

        ssl_certificate /etc/nginx/ssl/cert.pem;
        ssl_certificate_key /etc/nginx/ssl/key.pem;

        # Frontend
        location / {
            proxy_pass http://frontend;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
        }

        # Backend API
        location /api {
            proxy_pass http://backend;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

        # Health checks
        location /health {
            proxy_pass http://backend;
        }
    }
}

VPS Deployment (DigitalOcean/Linode)

1. Server Setup

# Create and connect to VPS
ssh root@your-server-ip

# Update system
apt update && apt upgrade -y

# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
systemctl start docker
systemctl enable docker

# Install Docker Compose
pip3 install docker-compose

# Install other tools
apt install -y git nginx certbot python3-certbot-nginx

2. Deploy Application

# Clone repository
git clone https://github.com/yourusername/LifeRPG.git
cd LifeRPG

# Create environment file
cat > .env << EOF
SECRET_KEY=$(openssl rand -hex 32)
ENVIRONMENT=production
DATABASE_URL=sqlite:///data/production.db
REACT_APP_API_URL=https://your-domain.com
EOF

# Create data directory
mkdir -p data ai_models

# Start services
docker-compose -f docker-compose.prod.yml up -d

3. SSL Setup with Let's Encrypt

# Get SSL certificate
certbot --nginx -d your-domain.com

# Auto-renewal
crontab -e
# Add: 0 12 * * * /usr/bin/certbot renew --quiet

Monitoring and Maintenance

Health Monitoring Script

#!/bin/bash
# monitoring/health-check.sh

BACKEND_URL="https://your-domain.com"
SLACK_WEBHOOK="your-slack-webhook-url"

# Check backend health
if ! curl -f "$BACKEND_URL/api/v1/health/" > /dev/null 2>&1; then
    echo "Backend health check failed"
    curl -X POST -H 'Content-type: application/json' \
        --data '{"text":"🚨 LifeRPG Backend is down!"}' \
        $SLACK_WEBHOOK
fi

# Check disk space
DISK_USAGE=$(df / | grep -vE '^Filesystem' | awk '{print $5}' | sed 's/%//g')
if [ $DISK_USAGE -gt 80 ]; then
    echo "High disk usage: ${DISK_USAGE}%"
fi

Backup Script

#!/bin/bash
# scripts/backup.sh

BACKUP_DIR="/backups"
DB_FILE="data/production.db"
DATE=$(date +%Y%m%d_%H%M%S)

mkdir -p $BACKUP_DIR

# Backup database
cp $DB_FILE "$BACKUP_DIR/liferpg_db_$DATE.db"

# Backup user uploads (if any)
tar -czf "$BACKUP_DIR/uploads_$DATE.tar.gz" uploads/

# Keep only last 30 days of backups
find $BACKUP_DIR -name "*.db" -mtime +30 -delete
find $BACKUP_DIR -name "*.tar.gz" -mtime +30 -delete

echo "Backup completed: $DATE"

Security Checklist

Essential Security Measures

1. Environment Security

  • Strong SECRET_KEY in production
  • Environment variables for all secrets
  • No hardcoded credentials in code
  • HTTPS enabled with valid certificates
  • CORS properly configured

2. Application Security

  • Input validation on all endpoints
  • Rate limiting implemented
  • Authentication required for sensitive operations
  • SQL injection prevention (using parameterized queries)
  • XSS prevention in frontend

3. Server Security

  • Firewall configured (only necessary ports open)
  • SSH key authentication (disable password auth)
  • Regular system updates
  • Non-root user for application
  • Log monitoring set up

4. Database Security

  • Database file permissions restricted
  • Regular backups
  • Backup encryption for sensitive data

Performance Optimization

Backend Optimization

  1. Enable Compression

    from fastapi.middleware.gzip import GZipMiddleware
app.add_middleware(GZipMiddleware, minimum_size=1000)

  2. Response Caching

    from fastapi_cache import FastAPICache
from fastapi_cache.backends.redis import RedisBackend

  3. AI Model Optimization

  • Pre-load models on startup
  • Implement model caching
  • Use quantized models for lower memory usage

Frontend Optimization

  1. Code Splitting

    const LazyComponent = React.lazy(() => import("./Component"));

  2. Service Worker for Caching

  3. Image Optimization

  4. Bundle Analysis

Cost Optimization

Free Tier Maximization

  • Vercel: 100GB bandwidth, unlimited sites
  • Railway: 500 hours/month, $5 credit
  • Render: 750 hours/month
  • GitHub: Free hosting for static sites

Budget Planning ($10-20/month)

  • Domain: $12/year
  • VPS: $5-10/month
  • SSL: Free (Let's Encrypt)
  • CDN: Free (CloudFlare)

Scaling Strategy

  1. Start Free: Use free tiers
  2. Grow Smart: Upgrade one service at a time
  3. Monitor Usage: Use built-in analytics
  4. Optimize First: Before upgrading resources

Troubleshooting

Common Issues

Build Failures

# Clear caches
npm cache clean --force
pip cache purge

# Rebuild containers
docker-compose down
docker-compose build --no-cache

Memory Issues

# Check memory usage
free -h
docker stats

# Restart services
docker-compose restart

SSL Certificate Issues

# Renew certificates
certbot renew --dry-run
certbot renew

# Check certificate status
certbot certificates

Support and Maintenance

Regular Maintenance Tasks

  • Weekly: Check application logs
  • Weekly: Verify backups
  • Monthly: Update dependencies
  • Monthly: Review security logs
  • Quarterly: Performance review
  • Quarterly: Cost optimization review

Emergency Response Plan

  1. Monitor alerts (health checks, error rates)
  2. Incident response (restart services, check logs)
  3. Communication (user notifications if needed)
  4. Post-incident (root cause analysis, prevention)

Student-Specific Tips

Academic Projects

  • Use .edu domain for free services
  • GitHub Student Pack benefits
  • AWS/GCP/Azure education credits
  • Free SSL certificates through GitHub Pages

Portfolio Enhancement

  • Custom domain for professionalism
  • Performance metrics documentation
  • User feedback and testimonials
  • Technical blog posts about the project

Learning Opportunities

  • Infrastructure as Code (Terraform)
  • CI/CD pipeline improvements
  • Monitoring and observability
  • Security best practices implementation

This deployment guide provides multiple pathways from free student hosting to production-ready infrastructure. Choose the approach that matches your current needs and budget, with clear upgrade paths as your project grows.