RapidGo
No results found

Production

Production deployment configuration, security, and best practices.

This guide covers production deployment configuration and best practices for RapidGo applications.

Environment Configuration

APP_ENV=production
APP_DEBUG=false
APP_PORT=8080
APP_URL=https://yourdomain.com
APP_KEY=generate-a-random-32-byte-key

# Database
DB_DRIVER=postgres
DB_HOST=your-db-host
DB_PORT=5432
DB_NAME=myapp_prod
DB_USER=myapp
DB_PASSWORD=strong-password
DB_SSL_MODE=require

# Sessions
SESSION_DRIVER=db
SESSION_LIFETIME=120
SESSION_SECRET=generate-a-random-string
SESSION_SECURE=true
SESSION_HTTPONLY=true
SESSION_SAMESITE=strict

# JWT
JWT_SECRET=generate-a-random-string-at-least-32-bytes
JWT_EXPIRY=3600

# Logging
LOG_LEVEL=info
LOG_FORMAT=json
LOG_OUTPUT=file

Security Checklist

  • Set APP_ENV=production and APP_DEBUG=false
  • Generate strong, unique values for APP_KEY, JWT_SECRET, and SESSION_SECRET
  • Enable SESSION_SECURE=true (requires HTTPS)
  • Set SESSION_SAMESITE=strict or lax
  • Use DB_SSL_MODE=require for PostgreSQL
  • Configure CORS middleware with specific allowed origins
  • Enable rate limiting on API routes
  • Use CSRF middleware on all form-handling routes

Reverse Proxy (Caddy)

RapidGo works well behind a reverse proxy. Example Caddyfile:

yourdomain.com {
    reverse_proxy localhost:8080
}

api.yourdomain.com {
    reverse_proxy localhost:8080
}

Caddy automatically provisions and renews TLS certificates via Let's Encrypt.

Process Management

Systemd

[Unit]
Description=RapidGo Application
After=network.target

[Service]
Type=simple
User=www-data
WorkingDirectory=/opt/myapp
ExecStart=/opt/myapp/server serve
Restart=always
RestartSec=5
EnvironmentFile=/opt/myapp/.env

[Install]
WantedBy=multi-user.target

Use Docker Compose with restart: unless-stopped for automatic restarts.

Running Migrations in Production

# Docker
docker compose exec app ./server migrate

# Systemd
/opt/myapp/server migrate

Always run migrations before deploying new code that depends on schema changes.

Logging

In production, use JSON format and file output:

LOG_LEVEL=info
LOG_FORMAT=json
LOG_OUTPUT=file

Logs are written to storage/logs/app.log. Use log rotation (logrotate) to manage file size.

Monitoring

  • Enable the /metrics endpoint for Prometheus scraping
  • Use /health and /health/ready for load balancer health checks
  • Monitor error rates, response times, and resource usage

Deployment Workflow

A typical deployment:

# 1. Pull latest code
git pull origin main

# 2. Rebuild the container
docker compose build --no-cache app

# 3. Run migrations
docker compose exec app ./server migrate

# 4. Restart the application
docker compose up -d app

# 5. Restart reverse proxy if config changed
docker compose restart caddy