Deployment Guide
Production deployment on OCI, Docker Compose, and air-gapped environments.
Deployment Models
| Model | Infrastructure | Best For |
|---|---|---|
| Docker Compose | Single server | Development, small teams |
| OCI Shared SaaS | OKE shared cluster | Standard SaaS customers |
| OCI Private Tenant | Dedicated OKE namespace | Enterprise customers |
| On-Premise | Customer infrastructure | Sovereign / air-gapped |
Docker Compose (Development/Small)
Prerequisites
- Docker 24.0+ with Compose v2
- 8 GB RAM minimum
- 50 GB SSD storage
Deployment
# Clone and configure
git clone <repo-url>
cd aiia
cp .env.example .env
# Edit .env with production values
# Start all services
docker compose -f docker-compose.yml up -d
# Verify
docker compose ps
curl http://<your-server>:8005/api/v1/health
Environment Variables
| Variable | Description | Required |
|---|---|---|
POSTGRES_PASSWORD | Database password | ✅ |
SECRET_KEY | JWT signing key | ✅ |
SECRET_ENCRYPTION_KEY | AES-256 key for API key encryption | ✅ |
ENVIRONMENT | production / development | ✅ |
KEYCLOAK_URL | Keycloak base URL | ✅ |
SMTP_HOST | Email server | Recommended |
STRIPE_SECRET_KEY | Stripe billing | Optional |
MOYASAR_API_KEY | Moyasar payments | Optional |
OCI Deployment
Architecture
| Region | Role | Services |
|---|---|---|
| sa-riyadh-1 | Primary | OKE, PostgreSQL, Object Storage |
| sa-jeddah-1 | DR | Standby database, storage replication |
OKE (Oracle Kubernetes Engine)
# Namespace per tenant
apiVersion: v1
kind: Namespace
metadata:
name: org-{org_id}
labels:
tier: professional
region: sa-riyadh-1
Database
| Tier | Database |
|---|---|
| Shared SaaS | Shared PostgreSQL, RLS isolation |
| Private Tenant | Dedicated PostgreSQL instance |
| Sovereign | Customer-managed database |
On-Premise / Air-Gapped
Requirements
- All Docker images pre-loaded into local registry
- Ollama with locally-downloaded model weights
- No outbound internet connectivity required
- Self-signed or internal CA certificates
Deployment Steps
- Transfer Docker images to offline registry
- Configure
.envfor on-premise:ENVIRONMENT=productionAI_PROVIDER=ollamaOLLAMA_HOST=http://ollama:11434 - Start services:
docker compose -f docker-compose.yml up -d
- Generate license key:
python -m app.services.license_service keygenpython -m app.services.license_service generate \--org-id 1 --tier sovereign --months 12
Monitoring
Health Endpoints
| Endpoint | Purpose |
|---|---|
GET /api/v1/health | Basic health |
GET /api/v1/system/status | Full status |
GET /metrics | Prometheus metrics |
Grafana Dashboards
Pre-configured at http://instance:3003:
- API latency and throughput
- Database connections
- Worker task queue
- Error rates
- Resource utilization
Backup & Recovery
| Component | Strategy | Frequency |
|---|---|---|
| PostgreSQL | pg_dump / streaming replication | Daily |
| MinIO | Mirror replication | Real-time |
| Redis | RDB snapshots | Hourly |
| Config | Version-controlled files | On change |