Deployment

Docker Deployment

This page covers production-grade Docker deployment of Open Astra using a multi-stage build for a minimal image, health checks, and resource limits.

Multi-stage Dockerfile

The included Dockerfile uses a multi-stage build: a build stage that compiles TypeScript, and a production stage that copies only the compiled output and production dependencies.

dockerfile
# Build stage
FROM node:20-slim AS build
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

# Production stage
FROM node:20-slim AS production
WORKDIR /app
ENV NODE_ENV=production
COPY package*.json ./
RUN npm ci --omit=dev
COPY --from=build /app/dist ./dist
COPY SOUL.md ./
COPY astra.yml ./
USER node
EXPOSE 3000
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \\
  CMD wget -qO- http://localhost:3000/health || exit 1
CMD ["node", "dist/gateway/index"]

Production docker-compose.yml

yaml
version: '3.9'

services:
  postgres:
    image: postgres:17-alpine
    environment:
      POSTGRES_DB: astra
      POSTGRES_USER: astra
      POSTGRES_PASSWORD: ${PG_PASSWORD}
    volumes:
      - pg-data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U astra"]
      interval: 10s
      timeout: 5s
      retries: 5
    restart: unless-stopped
    deploy:
      resources:
        limits:
          memory: 512M

  typesense:
    image: typesense/typesense:27.1
    command: --data-dir /data --api-key=${TYPESENSE_API_KEY}
    volumes:
      - typesense-data:/data
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8108/health"]
      interval: 10s
      timeout: 5s
      retries: 5
    restart: unless-stopped
    deploy:
      resources:
        limits:
          memory: 512M

  gateway:
    build: .
    ports:
      - "3000:3000"
    env_file: .env
    depends_on:
      postgres:
        condition: service_healthy
      typesense:
        condition: service_healthy
    restart: unless-stopped
    deploy:
      resources:
        limits:
          memory: 1G

volumes:
  pg-data:
  typesense-data:

Building and running

bash
# Build the production image
docker build -t open-astra:latest .

# Run the full stack
docker compose up -d

# Monitor health
docker compose ps
docker compose logs -f gateway

# Update to new version
git pull
docker compose build gateway
docker compose up -d gateway   # Rolling restart

Nginx reverse proxy with TLS

nginx
server {
    listen 443 ssl;
    server_name your-domain.com;

    ssl_certificate     /etc/letsencrypt/live/your-domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_cache_bypass $http_upgrade;
    }
}