# NextAV Deployment Guide ## Overview This guide covers deploying NextAV to a private Docker registry and production server. ## Prerequisites - Docker & Docker Compose installed - Access to private registry (e.g., 192.168.2.212:3000) - SSL certificates for HTTPS (optional for local deployment) ## Quick Start ### 1. Build & Push to Private Registry ```bash # Build the image docker build -t 192.168.2.212:3000/tigeren/nextav:latest . # Push to private registry docker push 192.168.2.212:3000/tigeren/nextav:latest # Verify push curl http://192.168.2.212:3000/v2/_catalog ``` ### 2. Deploy to Production Server ```bash # Copy deployment files to server scp -r docker/ user@server:/path/to/nextav/ # SSH to server ssh user@server cd /path/to/nextav/docker/ # Configure environment cp .env.example .env # Edit .env with your settings # Deploy docker-compose up -d ``` ## Detailed Deployment Steps ### Local Development ```bash # Build locally docker build -t nextav:dev . # Run locally docker-compose -f docker-compose.yml up -d ``` ### Production with Private Registry #### Step 1: Configure Private Registry Access ```bash # Add insecure registry to Docker daemon echo '{ "insecure-registries": ["192.168.2.212:3000"] }' | \ sudo tee /etc/docker/daemon.json sudo systemctl restart docker ``` #### Step 2: Build & Tag ```bash # Build with registry tag docker build -t 192.168.2.212:3000/tigeren/nextav:latest . docker build -t 192.168.2.212:3000/tigeren/nextav:v1.0.0 . ``` #### Step 3: Push to Registry ```bash # Push latest docker push 192.168.2.212:3000/tigeren/nextav:latest # Push versioned docker push 192.168.2.212:3000/tigeren/nextav:v1.0.0 ``` #### Step 4: Deploy on Target Server **On production server:** ```bash # Create deployment directory mkdir -p /opt/nextav cd /opt/nextav # Copy deployment files cp docker/docker-compose.yml . cp docker/.env.example .env # Create SSL directory (optional) mkdir -p ssl # Copy your SSL certificates to ssl/cert.pem and ssl/key.pem # Configure environment nano .env ``` **Edit .env file:** ```bash REGISTRY_URL=192.168.2.212:3000 IMAGE_NAME=tigeren/nextav IMAGE_TAG=latest # Set your domain NEXTAUTH_URL=https://your-domain.com NEXTAUTH_SECRET=your-secure-secret # Adjust paths if needed DB_PATH=./data MEDIA_PATH=./media ``` **Deploy:** ```bash # Pull and deploy docker-compose pull docker-compose up -d # Check status docker-compose ps docker-compose logs -f ``` ## Environment Variables | Variable | Description | Default | |----------|-------------|---------| | `REGISTRY_URL` | Private registry URL | 192.168.2.212:3000 | | `IMAGE_NAME` | Image name | tigeren/nextav | | `IMAGE_TAG` | Image tag | latest | | `NEXT_PUBLIC_MEDIA_ROOT` | Media directory | /app/media | | `DATABASE_URL` | Database file path | file:///app/data/nextav.db | | `NEXTAUTH_SECRET` | Auth secret | required | | `NEXTAUTH_URL` | Application URL | required | | `SSL_CERT_PATH` | SSL certificate path | ./ssl/cert.pem | | `SSL_KEY_PATH` | SSL private key path | ./ssl/key.pem | ## Directory Structure ``` docker/ ├── .env.example # Environment template ├── docker-compose.yml # Production compose ├── nginx.conf # Nginx configuration └── ssl/ # SSL certificates (optional) ``` ## SSL Setup (Production) ### Using Let's Encrypt ```bash # Install certbot sudo apt install certbot # Generate certificates sudo certbot certonly --standalone -d your-domain.com # Copy certificates cp /etc/letsencrypt/live/your-domain.com/fullchain.pem ssl/cert.pem cp /etc/letsencrypt/live/your-domain.com/privkey.pem ssl/key.pem ``` ### Using Self-Signed (Development) ```bash # Generate self-signed certificates openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ -keyout ssl/key.pem -out ssl/cert.pem ``` ## Monitoring & Maintenance ### Health Checks ```bash # Check application health curl http://localhost:3000/api/health # Check nginx health curl http://localhost/health ``` ### Logs ```bash # View all logs docker-compose logs -f # View specific service logs docker-compose logs -f nextav docker-compose logs -f nginx ``` ### Updates ```bash # Update to latest version docker-compose pull docker-compose up -d # Update to specific version # Edit .env: IMAGE_TAG=v1.0.1 docker-compose up -d ``` ### Backup ```bash # Backup database and media tar -czf backup-$(date +%Y%m%d).tar.gz data/ media/ ``` ## Troubleshooting ### Common Issues **Registry connection failed:** ```bash # Check registry accessibility curl http://192.168.2.212:3000/v2/_catalog # Check Docker daemon configuration cat /etc/docker/daemon.json ``` **Permission issues:** ```bash # Fix file permissions sudo chown -R $USER:$USER data/ media/ ``` **Port conflicts:** ```bash # Check port usage sudo netstat -tulpn | grep :3000 ``` ### Debug Mode ```bash # Run in debug mode docker-compose up # or docker-compose logs -f nextav ``` ## One-Click Deployment Use the provided deployment script: ```bash # Make executable chmod +x deploy.sh # Run deployment ./deploy.sh ``` ## Security Notes - Change default passwords and secrets - Use HTTPS in production - Regularly update images - Monitor logs for suspicious activity - Backup database regularly