Production Deployment

# Install Certbot
sudo apt install certbot python3-certbot-nginx

# Get certificate
sudo certbot --nginx -d your-domain.com

# Backend
DATABASE_URL=postgresql://user:STRONG_PASSWORD@localhost/wryft
JWT_SECRET=RANDOM_64_CHAR_STRING
ALLOWED_ORIGINS=https://your-domain.com
REDIS_URL=redis://:REDIS_PASSWORD@localhost:6379

# MinIO
S3_ACCESS_KEY=RANDOM_ACCESS_KEY
S3_SECRET_KEY=RANDOM_SECRET_KEY

ALLOWED_ORIGINS=https://your-domain.com,https://www.your-domain.com

// Already configured in backend/src/main.rs
// 100 requests per minute per IP

REDIS_URL=redis://localhost:6379

CREATE INDEX idx_messages_channel ON messages(channel_id, created_at DESC);
CREATE INDEX idx_guild_members ON guild_members(guild_id, user_id);
CREATE INDEX idx_friendships ON friendships(user_id, status);

DATABASE_MAX_CONNECTIONS=20
DATABASE_MIN_CONNECTIONS=5

// Add to Cargo.toml
sentry = "0.31"

// Initialize in main.rs
let _guard = sentry::init("YOUR_DSN");

// Already using tracing in backend
RUST_LOG=info

# Daily backup cron job
0 2 * * * pg_dump -U postgres wryft | gzip > /backups/wryft-$(date +\%Y\%m\%d).sql.gz

# Sync to S3
mc mirror minio/wryft s3/wryft-backup

# docker-compose.yml
services:
  backend:
    deploy:
      replicas: 3

# Install Docker
curl -fsSL https://get.docker.com | sh

# Deploy
git clone your-repo
cd wryft-chat
docker-compose up -d

# Pull latest code
git pull

# Rebuild and restart
docker-compose build
docker-compose up -d

# Run new migrations
docker-compose exec backend psql -d wryft -f /app/migrations/*.sql

pg_dump wryft > backup-before-migration.sql