d-bis/dbis_core-lite
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
dbis_core-lite/docs/deployment/deployment.md
defiQUG 929fe6f6b6 Initial commit: add .gitignore and README
2026-02-09 21:51:45 -08:00

240 lines
4.1 KiB
Markdown
Raw Permalink Blame History

# Deployment Guide
## Prerequisites
- Node.js 18+ installed
- PostgreSQL 14+ installed and running
- Redis 6+ (optional, for session management)
- SSL certificates (for mTLS, if required by receiver)
## Step 1: Install Dependencies
```bash
npm install
```
## Step 2: Database Setup
### Create Database
```bash
createdb dbis_core
```
### Run Schema
```bash
psql -d dbis_core -f src/database/schema.sql
```
Or using the connection string:
```bash
psql $DATABASE_URL -f src/database/schema.sql
```
### Seed Initial Operators
```sql
-- Example: Create a Maker operator
INSERT INTO operators (operator_id, name, password_hash, role)
VALUES (
'MAKER001',
'John Maker',
'$2a$10$YourHashedPasswordHere', -- Use bcrypt hash
'MAKER'
);
-- Example: Create a Checker operator
INSERT INTO operators (operator_id, name, password_hash, role)
VALUES (
'CHECKER001',
'Jane Checker',
'$2a$10$YourHashedPasswordHere', -- Use bcrypt hash
'CHECKER'
);
```
To generate password hashes:
```bash
node -e "const bcrypt = require('bcryptjs'); bcrypt.hash('yourpassword', 10).then(console.log);"
```
## Step 3: Configuration
Create a `.env` file in the project root:
```env
NODE_ENV=production
PORT=3000
# Database
DATABASE_URL=postgresql://user:password@localhost:5432/dbis_core
# Redis (optional)
REDIS_URL=redis://localhost:6379
# JWT
JWT_SECRET=your-secure-random-secret-key-change-this
JWT_EXPIRES_IN=8h
# Receiver Configuration
RECEIVER_IP=172.67.157.88
RECEIVER_PORT=443
RECEIVER_SNI=devmindgroup.com
RECEIVER_TLS_VERSION=TLSv1.3
# Client Certificates (for mTLS, if required)
CLIENT_CERT_PATH=/path/to/client.crt
CLIENT_KEY_PATH=/path/to/client.key
CA_CERT_PATH=/path/to/ca.crt
# Compliance
COMPLIANCE_TIMEOUT=5000
# Audit
AUDIT_RETENTION_YEARS=7
LOG_LEVEL=info
```
## Step 4: Build
```bash
npm run build
```
This creates the `dist/` directory with compiled JavaScript.
## Step 5: Start Server
### Production
```bash
npm start
```
### Development
```bash
npm run dev
```
## Step 6: Verify Deployment
1. Check health endpoint:
```bash
curl http://localhost:3000/health
```
2. Access terminal UI:
```
http://localhost:3000
```
3. Test login:
```bash
curl -X POST http://localhost:3000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"operatorId":"MAKER001","password":"yourpassword","terminalId":"TERM-001"}'
```
## Docker Deployment (Optional)
Create a `Dockerfile`:
```dockerfile
FROM node:18-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
RUN npm run build
EXPOSE 3000
CMD ["npm", "start"]
```
Build and run:
```bash
docker build -t dbis-core-lite .
docker run -p 3000:3000 --env-file .env dbis-core-lite
```
## Production Considerations
1. **Security**:
- Use strong JWT_SECRET
- Enable HTTPS/TLS
- Configure firewall rules
- Regular security updates
2. **Monitoring**:
- Set up application monitoring (e.g., Prometheus, DataDog)
- Monitor database connections
- Monitor TLS connection health
- Set up alerting for failed payments
3. **Backup**:
- Regular database backups
- Backup audit logs
- Test restore procedures
4. **High Availability**:
- Run multiple instances behind load balancer
- Use connection pooling
- Configure database replication
5. **Logging**:
- Centralized logging (e.g., ELK stack)
- Log rotation configured
- Retention policy enforced
## Troubleshooting
### Database Connection Issues
- Verify DATABASE_URL is correct
- Check PostgreSQL is running
- Verify network connectivity
- Check firewall rules
### TLS Connection Issues
- Verify receiver IP and port
- Check certificate paths (if mTLS)
- Verify SNI configuration
- Check TLS version compatibility
### Payment Processing Issues
- Check compliance screening status
- Verify ledger adapter connection
- Review audit logs
- Check reconciliation reports
## Maintenance
### Daily Tasks
- Review reconciliation reports
- Check for aging items
- Monitor exception queue
### Weekly Tasks
- Review audit log integrity
- Check system health metrics
- Review security logs
### Monthly Tasks
- Archive old audit logs
- Review operator access
- Update compliance lists
Reference in New Issue View Git Blame Copy Permalink