Production Deployment

This guide covers deploying Harmony to production environments with proper security, scalability, and monitoring.

Deployment Architecture

2. Configure Database

   -- Enable required extensions
   CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
   CREATE EXTENSION IF NOT EXISTS "pgcrypto";
   
   -- Set up Row Level Security
   ALTER TABLE messages ENABLE ROW LEVEL SECURITY;
   ALTER TABLE profiles ENABLE ROW LEVEL SECURITY;
   
   -- Create indexes for performance
   CREATE INDEX idx_messages_channel_id ON messages(channel_id);
   CREATE INDEX idx_messages_created_at ON messages(created_at DESC);

3. Database Backup

   # Set up automated backups
   npx supabase db dump --file backup.sql

Security Configuration

SSL/TLS Setup

# Install Certbot
sudo apt install certbot python3-certbot-nginx

# Obtain SSL certificate
sudo certbot --nginx -d yourserver.social

# Auto-renewal
sudo systemctl enable certbot.timer

Firewall Configuration

# Configure UFW firewall
sudo ufw enable
sudo ufw allow ssh
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

# Block common attack patterns
sudo ufw deny from 192.168.0.0/16
sudo ufw deny from 10.0.0.0/8

Security Headers

# Additional security headers
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; connect-src 'self' wss: https:";
add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header Permissions-Policy "geolocation=(), microphone=(), camera=()";

Monitoring & Logging

Application Monitoring

// Sentry integration
import * as Sentry from "@sentry/vue"

Sentry.init({
  app,
  dsn: process.env.SENTRY_DSN,
  environment: process.env.NODE_ENV,
  tracesSampleRate: 0.1,
})

System Monitoring

# docker-compose.monitoring.yml
version: '3.8'

services:
  prometheus:
    image: prom/prometheus
    ports:
      - "9090:9090"
    volumes:
      - ./prometheus.yml:/etc/prometheus/prometheus.yml

  grafana:
    image: grafana/grafana
    ports:
      - "3000:3000"
    environment:
      - GF_SECURITY_ADMIN_PASSWORD=admin
    volumes:
      - grafana-storage:/var/lib/grafana

volumes:
  grafana-storage:

Log Management

# Configure log rotation
sudo nano /etc/logrotate.d/harmony

/var/log/harmony/*.log {
    daily
    missingok
    rotate 52
    compress
    delaycompress
    notifempty
    create 0644 harmony harmony
}

Performance Optimization

Caching Strategy

# Nginx caching
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=harmony_cache:10m max_size=1g inactive=60m;

location /api/public/ {
    proxy_cache harmony_cache;
    proxy_cache_valid 200 5m;
    proxy_cache_key "$scheme$request_method$host$request_uri";
    add_header X-Cache-Status $upstream_cache_status;
}

Database Optimization

-- Optimize database queries
ANALYZE;

-- Monitor slow queries
CREATE EXTENSION IF NOT EXISTS pg_stat_statements;

-- Set up connection pooling
ALTER SYSTEM SET max_connections = 100;
ALTER SYSTEM SET shared_buffers = '256MB';

---

📝 Next Steps: Learn about Monitoring for comprehensive monitoring setup.