Skip to content

production.md

Latest commit

 

History

History
209 lines (145 loc) · 3.25 KB

production.md

File metadata and controls

209 lines (145 loc) · 3.25 KB

Production Deployment Guide

Checklist and recommendations for deploying FARP in production.

Pre-Deployment Checklist

Security

  • Change default database passwords
  • Use strong, unique passwords
  • Configure firewall rules
  • Enable SSL/TLS for API
  • Implement API authentication (OAuth2/JWT)
  • Restrict CORS origins
  • Review pgAdmin access

Configuration

  • Set API_DEBUG=false
  • Configure production LOG_LEVEL
  • Set appropriate RISK_FREE_RATE
  • Review scheduler intervals

Database

  • Use managed PostgreSQL (AWS RDS, Cloud SQL)
  • Enable connection pooling
  • Configure backups
  • Set up monitoring

Security Configuration

API Authentication

Add OAuth2/JWT authentication:

# Example: Add to src/api/main.py
from fastapi.security import OAuth2PasswordBearer

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

@app.middleware("http")
async def authenticate(request, call_next):
    # Implement authentication
    pass

CORS

Restrict allowed origins:

app.add_middleware(
    CORSMiddleware,
    allow_origins=["https://your-domain.com"],
    allow_credentials=True,
    allow_methods=["GET", "POST", "DELETE"],
    allow_headers=["Authorization", "Content-Type"],
)

HTTPS

Use a reverse proxy (nginx, Traefik) for TLS termination.

Performance

Database

# PostgreSQL tuning
shared_buffers = 256MB
work_mem = 16MB
maintenance_work_mem = 64MB
effective_cache_size = 768MB

Connection Pool

Adjust in connection.py:

engine = create_engine(
    url,
    pool_size=20,
    max_overflow=30,
    pool_pre_ping=True
)

Caching

Consider Redis for:

  • FX rate caching
  • Price data caching
  • Session management

Monitoring

Health Endpoint

curl https://your-api/health

Metrics to Monitor

  • API response times
  • Database connections
  • Scheduler job status
  • Error rates

Logging

Configure structured logging:

LOG_LEVEL=WARNING
LOG_FORMAT=json

Backup Strategy

Database

# Daily backup
pg_dump -U farp farp_db | gzip > backup_$(date +%Y%m%d).sql.gz

# Point-in-time recovery
# Configure WAL archiving for PITR

Backup Schedule

Frequency Type Retention
Hourly WAL 24 hours
Daily Full 30 days
Weekly Full 1 year

High Availability

API

  • Deploy multiple API instances
  • Use load balancer
  • Implement health checks

Database

  • Use managed HA database
  • Configure read replicas
  • Set up failover

Environment Variables (Production)

# Database
POSTGRES_HOST=your-db-host.rds.amazonaws.com
POSTGRES_PASSWORD=<secure-password>

# API
API_DEBUG=false
API_HOST=0.0.0.0

# Logging
LOG_LEVEL=WARNING
LOG_FORMAT=json

# Scheduler
SCHEDULER_ENABLED=true

Deployment Checklist

  1. Infrastructure provisioned
  2. Database migrated
  3. Environment configured
  4. SSL certificates installed
  5. Authentication enabled
  6. Monitoring configured
  7. Backups scheduled
  8. Load testing completed
  9. Documentation updated

Related