From 67260e9322b39ad7ab32b2a1303d3d4cd733d601 Mon Sep 17 00:00:00 2001 From: Samir Boulahtit Date: Tue, 17 Feb 2026 11:04:43 +0100 Subject: [PATCH] =?UTF-8?q?docs:=20update=20progress=20=E2=80=94=20server?= =?UTF-8?q?=20fully=20ready=20(44/44=20checks=20pass)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Mark all server-side tasks as complete (fail2ban, Flower password, unattended-upgrades, verification script) - Correct memory limits: celery-beat and flower bumped to 256m after OOM - Update scaling guide memory budget to match actual limits Co-Authored-By: Claude Opus 4.6 --- docs/deployment/hetzner-server-setup.md | 20 +++++++++----------- docs/deployment/scaling-guide.md | 10 +++++----- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/docs/deployment/hetzner-server-setup.md b/docs/deployment/hetzner-server-setup.md index 1e5aa81f..b44b97c9 100644 --- a/docs/deployment/hetzner-server-setup.md +++ b/docs/deployment/hetzner-server-setup.md @@ -132,21 +132,19 @@ Complete step-by-step guide for deploying Orion on a Hetzner Cloud VPS. **Steps 1–24 fully deployed and operational.** -!!! success "Progress — 2026-02-16 (continued)" - **Launch readiness — code changes:** +!!! success "Progress — 2026-02-17" + **Launch readiness — fully deployed and verified (44/44 checks pass):** - - **Memory limits** added to all 6 app containers in `docker-compose.yml` (db: 512m, redis: 128m, api: 512m, celery-worker: 512m, celery-beat: 128m, flower: 128m) + - **Memory limits** on all 6 app containers (db: 512m, redis: 128m, api: 512m, celery-worker: 512m, celery-beat: 256m, flower: 256m) — beat/flower bumped from 128m after OOM kills - **Flower port** restricted to localhost only (`127.0.0.1:5555:5555`) — access via Caddy reverse proxy + - **Flower password** changed from default - **Infrastructure health checks** — `/health/ready` now checks PostgreSQL (`SELECT 1`) and Redis (`ping`) with individual check details and latency - - **Scaling guide** — practical playbook at `docs/deployment/scaling-guide.md` (metrics, thresholds, Hetzner pricing, timeline) - - **Server verification script** — `scripts/verify-server.sh` checks all 12 infrastructure components + - **fail2ban Caddy auth jail** deployed — bans IPs after 10 failed auth attempts + - **Unattended upgrades** verified active + - **Scaling guide** — practical playbook at `docs/deployment/scaling-guide.md` + - **Server verification script** — `scripts/verify-server.sh` (44/44 PASS, 0 FAIL, 0 WARN) - **Pending server-side tasks:** - - - [ ] Deploy fail2ban Caddy auth jail (documented in Step 20, config ready but not yet applied) - - [ ] Change Flower password from default (`FLOWER_PASSWORD` in `.env`) - - [ ] Verify unattended-upgrades is active (`sudo unattended-upgrades --dry-run`) - - [ ] Run `scripts/verify-server.sh` on server to validate all infrastructure + **Server is launch-ready for first client (24 stores).** ## Installed Software Versions diff --git a/docs/deployment/scaling-guide.md b/docs/deployment/scaling-guide.md index 2fb622b6..43e2fd2c 100644 --- a/docs/deployment/scaling-guide.md +++ b/docs/deployment/scaling-guide.md @@ -22,17 +22,17 @@ Practical playbook for scaling Orion from a single CAX11 server to a multi-serve | redis | 128 MB | Task broker + cache | | api | 512 MB | FastAPI (Uvicorn) | | celery-worker | 512 MB | Background tasks | -| celery-beat | 128 MB | Task scheduler | -| flower | 128 MB | Celery monitoring | -| **App subtotal** | **1,920 MB** | | +| celery-beat | 256 MB | Task scheduler | +| flower | 256 MB | Celery monitoring | +| **App subtotal** | **2,176 MB** | | | prometheus | 256 MB | Metrics (15-day retention) | | grafana | 192 MB | Dashboards | | node-exporter | 64 MB | Host metrics | | cadvisor | 128 MB | Container metrics | | alertmanager | 32 MB | Alert routing | | **Monitoring subtotal** | **672 MB** | | -| **Total containers** | **2,592 MB** | | -| OS + Caddy + Gitea + CI | ~1,400 MB | Remaining headroom | +| **Total containers** | **2,848 MB** | | +| OS + Caddy + Gitea + CI | ~1,150 MB | Remaining headroom | ---