harkon/ai-tax-agent
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b324ff09effe98752d7fe4f0be00326c717ef1c5
ai-tax-agent/docs/QUICK_START.md
harkon b324ff09ef
Some checks failed
CI/CD Pipeline / Code Quality & Linting (push) Has been cancelled
Details
CI/CD Pipeline / Policy Validation (push) Has been cancelled
Details
CI/CD Pipeline / Test Suite (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-coverage) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-extract) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-firm-connectors) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-forms) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-hmrc) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-ingestion) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-kg) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-normalize-map) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-ocr) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-rag-indexer) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-rag-retriever) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-reason) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (svc-rpa) (push) Has been cancelled
Details
CI/CD Pipeline / Build Docker Images (ui-review) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-coverage) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-extract) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-kg) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (svc-rag-retriever) (push) Has been cancelled
Details
CI/CD Pipeline / Security Scanning (ui-review) (push) Has been cancelled
Details
CI/CD Pipeline / Generate SBOM (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
Details
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
Details
CI/CD Pipeline / Notifications (push) Has been cancelled
Details
Initial commit
2025-10-11 08:41:36 +01:00

246 lines
5.1 KiB
Markdown
Raw Blame History

# Quick Start - Production Deployment
**Target Server**: `deploy@141.136.35.199`
**Domain**: `harkon.co.uk`
**Time Required**: ~2 hours
---
## 🚀 Fast Track Deployment
### 1. Generate Secrets (5 min)
```bash
./scripts/generate-production-secrets.sh
```
**⚠️ SAVE THE OUTPUT CREDENTIALS IN YOUR PASSWORD MANAGER!**
---
### 2. Build & Push Images (30-60 min)
```bash
# Login to Gitea
docker login gitea.harkon.co.uk
# Build and push all images
./scripts/build-and-push-images.sh gitea.harkon.co.uk v1.0.0
```
---
### 3. Deploy Everything (15-30 min)
```bash
# Automated deployment
./scripts/deploy-to-production.sh all
```
**Or step-by-step:**
```bash
./scripts/deploy-to-production.sh backup # Create backup
./scripts/deploy-to-production.sh prepare # Setup directories
./scripts/deploy-to-production.sh infrastructure # Deploy infra
./scripts/deploy-to-production.sh services # Deploy apps
./scripts/deploy-to-production.sh monitoring # Deploy monitoring
./scripts/deploy-to-production.sh verify # Check status
```
---
### 4. Initialize Services (20-30 min)
**SSH to server:**
```bash
ssh deploy@141.136.35.199
cd /opt/compose/ai-tax-agent
```
**Initialize Vault:**
```bash
docker exec -it vault vault operator init
# ⚠️ SAVE UNSEAL KEYS!
docker exec -it vault vault operator unseal
```
**Create MinIO Buckets:**
```bash
docker exec -it minio mc alias set local http://localhost:9092 admin <MINIO_PASSWORD>
docker exec -it minio mc mb local/documents
docker exec -it minio mc mb local/models
```
**Create NATS Streams:**
```bash
docker exec -it nats nats stream add TAX_AGENT_EVENTS \
--subjects="tax.>" --storage=file --retention=limits --max-age=7d
```
**Configure Authentik:**
1. Go to https://authentik.harkon.co.uk
2. Create groups: `app-admin`, `app-user`, `app-reviewer`
3. Create OAuth providers for:
- Review UI: `app.harkon.co.uk`
- Grafana: `grafana.harkon.co.uk`
4. Update ForwardAuth outpost
---
### 5. Verify (10 min)
```bash
# Check services
./scripts/deploy-to-production.sh verify
# Test endpoints
curl -I https://app.harkon.co.uk
curl -I https://api.harkon.co.uk/healthz
curl -I https://grafana.harkon.co.uk
# View logs
./scripts/deploy-to-production.sh logs svc-ingestion
```
---
## 📍 Service URLs
### Public
- **App**: https://app.harkon.co.uk
- **API**: https://api.harkon.co.uk
- **Grafana**: https://grafana.harkon.co.uk
### Admin (Auth Required)
- **Vault**: https://vault.harkon.co.uk
- **MinIO**: https://minio.harkon.co.uk
- **Neo4j**: https://neo4j.harkon.co.uk
- **Qdrant**: https://qdrant.harkon.co.uk
- **Prometheus**: https://prometheus.harkon.co.uk
- **Loki**: https://loki.harkon.co.uk
- **NATS**: https://nats.harkon.co.uk
---
## 🔧 Common Commands
### View Logs
```bash
./scripts/deploy-to-production.sh logs <service-name>
```
### Restart Service
```bash
ssh deploy@141.136.35.199
cd /opt/compose/ai-tax-agent
docker compose -f services.yaml restart svc-ingestion
```
### Check Status
```bash
./scripts/deploy-to-production.sh verify
```
### Update Service
```bash
# Build new image
./scripts/build-and-push-images.sh gitea.harkon.co.uk v1.0.1
# Deploy
./scripts/deploy-to-production.sh services
```
### Backup
```bash
./scripts/deploy-to-production.sh backup
```
---
## 🆘 Troubleshooting
### Service Won't Start
```bash
# Check logs
docker compose -f services.yaml logs svc-ingestion
# Check dependencies
docker compose -f infrastructure.yaml ps
# Restart
docker compose -f services.yaml restart svc-ingestion
```
### SSL Issues
```bash
# Check Traefik logs
docker logs traefik
# Check certificates
sudo cat /opt/compose/traefik/certs/godaddy-acme.json | jq
```
### Database Connection
```bash
# Test Postgres
docker exec -it postgres pg_isready -U postgres
# Check env vars
docker exec -it svc-ingestion env | grep POSTGRES
```
---
## 🔄 Rollback
```bash
ssh deploy@141.136.35.199
cd /opt/compose/ai-tax-agent
# Stop services
docker compose -f services.yaml down
docker compose -f infrastructure.yaml down
docker compose -f monitoring.yaml down
# Restore backup
cd /opt/compose
tar -xzf ~/backups/backup-YYYYMMDD-HHMMSS.tar.gz
# Restart company services
cd /opt/compose/traefik && docker compose up -d
cd /opt/compose/authentik && docker compose up -d
```
---
## 📚 Full Documentation
- **Deployment Plan**: `docs/DEPLOYMENT_PLAN.md`
- **Deployment Checklist**: `docs/DEPLOYMENT_CHECKLIST.md`
- **Deployment Progress**: `docs/DEPLOYMENT_PROGRESS.md`
- **Production README**: `infra/compose/production/README.md`
- **Environment Comparison**: `docs/ENVIRONMENT_COMPARISON.md`
---
## ✅ Success Checklist
- [ ] Secrets generated and saved
- [ ] Images built and pushed
- [ ] Backup created
- [ ] Infrastructure deployed
- [ ] Services deployed
- [ ] Monitoring deployed
- [ ] Vault initialized
- [ ] MinIO buckets created
- [ ] NATS streams created
- [ ] Authentik configured
- [ ] All services healthy
- [ ] UI accessible
- [ ] API accessible
- [ ] Grafana accessible
- [ ] No errors in logs
---
**Need Help?** Check the full documentation in `docs/` or review logs with:
```bash
./scripts/deploy-to-production.sh logs <service>
```
Reference in New Issue View Git Blame Copy Permalink