- Created OPERATIONAL_RUNBOOK.md: comprehensive step-by-step procedures for both Docker and Standalone deployment modes covering deployment, daily ops, troubleshooting, backup/restore, disaster recovery, scaling, and updates - Created HEALTH_MONITORING_CHECKLIST.md: daily/weekly/monthly health check procedures with alert thresholds and quick troubleshooting reference - Created DISASTER_RECOVERY_PLAN.md: detailed procedures for 6 failure scenarios (database corruption, hardware failure, data center failure, app crash, disk full, network isolation) with RTO/RPO targets - Created CONFIGURATION_REFERENCE.md: complete documentation of all inventory.env parameters for both deployment modes with common scenarios and troubleshooting - Created EMERGENCY_PROCEDURES.md: quick-reference incident response playbook with 7 critical scenarios, decision tree, escalation path, and printable cheat sheet - Created scripts/backup.sh: automated backup script supporting both Docker and Standalone with integrity verification and retention management - Created scripts/restore.sh: restore script with triple confirmation, safety backups, and validation tests for both deployment modes - Created config/backup-cron.sh: installer for daily/weekly automated backup cron jobs (2 AM daily, 3 AM Sunday) All documentation covers dual-deployment modes with shared configuration files. Documentation is operator-ready with copy-paste commands and clear expected outputs.
8.1 KiB
Deployment Quick Start Guide
Overview
This guide covers two deployment methods for TFM aInventory:
- Docker Mode - Full containerized deployment using Docker Compose
- Standalone Mode - Direct server startup without Docker
Both modes use the same configuration files and can be switched between freely.
Prerequisites
Minimum Requirements
- Ubuntu 22.04 LTS or similar Linux distro
- 2GB RAM
- 10GB free disk space
For Docker Mode
- Docker 24.0+ (
docker --version) - Docker Compose 2.0+ (
docker-compose --version)
For Standalone Mode
- Python 3.12+ (
python3 --version) - Node.js 20+ (
node --version) - npm 10+ (
npm --version)
Quick Start (Docker Mode)
Step 1: Prepare Environment
git clone <repository-url> tfm-inventory
cd tfm-inventory
cp inventory.env.template inventory.env
# Edit inventory.env to customize ports and settings
nano inventory.env
Step 2: Generate Secure Secret
# Generate a 32-byte hex string for JWT_SECRET_KEY
openssl rand -hex 32
# Copy the output and paste it into inventory.env as JWT_SECRET_KEY value
Step 3: Deploy with Docker
chmod +x deploy.sh
./deploy.sh production
The script will:
- Validate prerequisites (Docker, disk space, ports)
- Build Docker images
- Create necessary data directories
- Start all services in background
- Wait for health checks (max 60 seconds)
- Display access URLs and next steps
Step 4: Verify Access
Open your browser:
- Frontend: http://localhost:3000
- Backend API Docs: http://localhost:8000/docs
- HTTPS (Secure): https://localhost:8919
Quick Start (Standalone Mode)
Step 1: Prepare Environment
cd tfm-inventory
cp inventory.env.template inventory.env
# Edit configuration as needed
nano inventory.env
Step 2: Install Dependencies
# Backend dependencies
cd backend
pip install -r requirements.txt
cd ..
# Frontend dependencies
cd frontend
npm ci
npm run build
cd ..
Step 3: Start Servers
chmod +x start_server.sh
./start_server.sh
The script will:
- Check prerequisites (Python, Node.js, ports)
- Create data directories
- Install missing dependencies
- Initialize database if needed
- Start backend API server
- Start frontend web server
Step 4: Access the Application
- Frontend: http://localhost:3000
- Backend API: http://localhost:8000
- API Documentation: http://localhost:8000/docs
Configuration
Key Settings in inventory.env
| Variable | Default | Description |
|---|---|---|
BACKEND_PORT |
8000 | Backend API port |
FRONTEND_PORT |
3000 | Frontend web server port |
JWT_SECRET_KEY |
- | REQUIRED: Generate with openssl rand -hex 32 |
LOG_LEVEL |
INFO | Log verbosity: DEBUG, INFO, WARNING, ERROR |
DATA_DIR |
./data | Data files location (database, certs, etc.) |
LOGS_DIR |
./logs | Log files location |
AI_PROVIDER |
- | Optional: gemini, claude (if API keys provided) |
LDAP_SERVER |
- | Optional: LDAP server for authentication |
First-Time Setup
On first deployment:
- Database is automatically initialized
- Caddy HTTPS certificates are generated (may show browser warning on first access)
- Default admin user may be created (check logs)
Switching Between Modes
Docker to Standalone
# Stop Docker services
docker-compose down
# Start standalone services
./start_server.sh
Standalone to Docker
# Stop standalone processes (Ctrl+C or kill PID)
# Then start Docker
./deploy.sh production
Both modes read the same inventory.env, so configuration is preserved.
Common Tasks
View Logs
Docker Mode:
# All services
docker-compose logs -f
# Specific service
docker-compose logs -f backend
docker-compose logs -f frontend
Standalone Mode:
# Backend
tail -f logs/backend.log
# Frontend
tail -f logs/frontend.log
Stop Services
Docker Mode:
docker-compose down
Standalone Mode:
# Press Ctrl+C in the terminal where start_server.sh is running
# Or find and kill the processes
ps aux | grep -E "uvicorn|node.*server"
kill <PID>
Change Ports
- Edit
inventory.env - Change
BACKEND_PORTand/orFRONTEND_PORT - Redeploy:
- Docker:
./deploy.sh production - Standalone:
./start_server.sh
- Docker:
Check Health Status
Docker Mode:
docker-compose ps
# All services should show "healthy" status
# Or call health endpoint
curl http://localhost:8000/health
Standalone Mode:
curl http://localhost:8000/health
curl http://localhost:3000/
Troubleshooting
Port Already in Use
Error: Port XXXX already in use
Solution:
- Find what's using the port:
lsof -i :XXXXornetstat -tuln | grep XXXX - Stop the application:
kill <PID> - Or change the port in
inventory.env
Health Check Timeout
Error: Services did not become healthy within timeout
Solution:
- Check logs:
docker-compose logs(Docker) ortail -f logs/*.log(Standalone) - Common causes:
- Insufficient disk space
- Database initialization slow on first run
- Port still in use by old process
- Retry:
./deploy.sh production(Docker) or restart (Standalone)
Database Locked
Error: database is locked
Solution:
# Docker: Restart backend
docker-compose restart backend
# Standalone: Kill and restart
kill <backend-pid>
./start_server.sh
HTTPS Certificate Warning
Issue: Browser shows certificate warning on first access
Explanation: Caddy generates self-signed certificates for local HTTPS. This is normal and secure.
Solution: Click "Advanced" and "Proceed Anyway" (Chrome) or similar button. The warning will not reappear once the certificate is accepted.
Can't Access Frontend/Backend
Error: Connection refused or timeout
Debugging:
# Check if service is running
docker-compose ps # Docker
ps aux | grep -E "uvicorn|node" # Standalone
# Check if port is listening
netstat -tuln | grep -E "8000|3000"
# Test direct connection
curl http://localhost:8000/health
curl http://localhost:3000/
Performance & Scaling
Single-Instance System
This deployment is optimized for single-instance operation:
- Database: SQLite (embedded)
- Storage: Local filesystem
- Capacity: ~5 concurrent users, ~10K items
Monitoring Performance
# Check process resource usage (Docker)
docker stats
# Check logs for slow queries
docker-compose logs backend | grep "duration"
Backup & Recovery
See docs/BACKUP_RUNBOOK.md for detailed backup procedures.
Production Deployment
Before Going Live
- Change
JWT_SECRET_KEYto a secure value - Update
ALLOWED_ORIGINSto match your domain - Set
LOG_LEVEL=WARNINGto reduce log volume - Test the application thoroughly
- Set up automated backups
- Configure firewall to expose only required ports (3000, 8000, 443)
- Review
inventory.envfor all sensitive values
Production Checklist
# Pre-deployment validation
bash .env.validation.sh
# Deploy
./deploy.sh production
# Verify all services
docker-compose ps
curl https://your-domain:8919/ # HTTPS frontend
# Monitor logs
docker-compose logs -f
Ongoing Maintenance
- Monitor logs daily
- Check health status weekly
- Perform backups daily/weekly per your retention policy
- Review resource usage monthly
Support & Logs
Enable Debug Logging
Edit inventory.env:
LOG_LEVEL=DEBUG
Then redeploy or restart services.
Collect Diagnostic Information
# Docker
docker-compose logs --tail=200 > diagnostics.log
docker-compose ps >> diagnostics.log
docker stats --no-stream >> diagnostics.log
# Standalone
tail -100 logs/*.log > diagnostics.log
ps aux | grep -E "uvicorn|node" >> diagnostics.log
Next Steps
- Backup Strategy: See
docs/BACKUP_RUNBOOK.md - API Documentation: http://localhost:8000/docs
- User Guide: See
USER_GUIDE.md - Architecture: See
PROJECT_ARCHITECTURE.md
Last Updated: 2026-04-22
Version: Phase 6, Plan 1
Support: Check logs and troubleshooting section above