# Deployment Guide — Multi-Environment

**Project**: CA Grow Ops Manager
**Targets**:

- **Test**: `veridian.runfoo.run` (Staff/Test Area) - Hosted on `nexus-vector`
- **Prod**: `tangible-aacorn` (Client Production)
**Created**: 2025-12-08
**Last Updated**: 2025-12-26

---

## Overview

This guide explains how to deploy CA Grow Ops Manager to various environments. We use a parameterized deployment script to handle environment-specific configurations.

---

## Prerequisites

### On Local Machine

- Git with SSH keys configured
- Access to servers via SSH (`admin@nexus-vector`, `admin@tangible-aacorn`)
- Forgejo account with SSH key added

### On Servers

- Docker and Docker Compose installed ✅
- PostgreSQL 15 available (via Docker)
- Redis available (via Docker)
- Port 8010 available (default)

---

## Deployment Script

We use `deploy.sh` for automated deployment.

### Usage

```bash
./deploy.sh [test|prod]
```

- **test** (Default): Deploys to `veridian.runfoo.run` (Host: `nexus-vector`, Path: `/srv/containers/ca-grow-ops-manager`)
- **prod**: Deploys to `tangible-aacorn` (Host: `tangible-aacorn`, Path: `/srv/containers/ca-grow-ops-manager`)

---

## Step 1: Initial Deployment

To set up a new environment for the first time:

1. **Run the deploy script**:

   ```bash
   ./deploy.sh test   # or prod
   ```

2. **Follow the prompts**:
   - The script will set up the remote directory.
   - It will clone the repository.
   - It will generate secure credentials (`docker-compose.env`) if missing.
   - It will build and start the containers.

---

## Step 2: Verify Deployment

### 2.1 Check Health

The script attempts a health check automatically. You can also manually check:

```bash
curl http://<server-ip>:8010/api/healthz
```

### 2.2 View Logs

ssh into the target server:

```bash
ssh admin@<server-host>
cd /srv/containers/ca-grow-ops-manager-test  # Adjust path based on env
docker compose logs -f
```

---

## Configuration

### Environment Variables

Located in `docker-compose.env` on the server:

```bash
# Database
DB_PASSWORD=...

# JWT
JWT_SECRET=...

# Environment
NODE_ENV=production
```

---

## CI/CD (Optional)

You can still use Forgejo Actions for CI/CD. Ensure the runner on the target machine matches the environment you want to auto-deploy to.

---

## Troubleshooting

### Deployment Fails

1. **Permission Denied**: Check SSH keys.
2. **Port Conflict**: Ensure port 8010 is free on the target.
3. **Database Error**: Check `docker compose logs db`.

---

## Security Checklist

- [ ] Changed default DB_PASSWORD (Done automatically by script)
- [ ] Changed default JWT_SECRET (Done automatically by script)
- [ ] Configured firewall rules (UFW)
- [ ] Set up HTTPS/SSL (Recommended for Prod)

---