bca5e91826
- POST /auth/bootstrap — creates first admin, self-deactivates after - da setup bootstrap — CLI command for agent-driven setup - da setup verify — structured health check (JSON output for agents) - cli/skills/deploy.md — complete deployment guide for AI agents - 6 bootstrap tests including full agent deployment flow simulation - 156 total tests passing
3.8 KiB
3.8 KiB
Deploy — Complete server deployment guide for AI agents
Prerequisites
You need:
- A Linux server with SSH access (Ubuntu 22.04+ recommended)
- Docker + Docker Compose installed on the server
- A domain pointing to the server IP (optional but recommended for SSL)
- Keboola Storage Token + Stack URL + Project ID (for data source)
Step-by-step deployment
1. Connect to server
ssh user@your-server-ip
2. Clone the repository
git clone https://github.com/padak/tmp_oss.git /opt/data-analyst
cd /opt/data-analyst
git checkout feature/v2-fastapi-duckdb-docker-cli
3. Create .env file
cp config/.env.template .env
Edit .env with these REQUIRED values:
JWT_SECRET_KEY=<random 32+ char string>
DATA_DIR=/data
DATA_SOURCE=keboola
KEBOOLA_STORAGE_TOKEN=<your token>
KEBOOLA_STACK_URL=https://connection.keboola.com
KEBOOLA_PROJECT_ID=<your project id>
Generate a random JWT secret:
python3 -c "import secrets; print(secrets.token_urlsafe(32))"
4. Start Docker
docker compose up -d
Wait for health check:
sleep 5
curl http://localhost:8000/api/health
Expected: {"status": "healthy", ...}
5. Bootstrap first admin user
From your LOCAL machine (not the server):
da setup init --server http://SERVER_IP:8000
da setup bootstrap admin@company.com
Or directly via curl:
curl -X POST http://SERVER_IP:8000/auth/bootstrap \
-H "Content-Type: application/json" \
-d '{"email": "admin@company.com", "name": "Admin"}'
This returns a JWT token. Save it.
6. Trigger first data sync
da setup first-sync
Or via curl:
curl -X POST http://SERVER_IP:8000/api/sync/trigger \
-H "Authorization: Bearer <TOKEN>"
7. Verify everything works
da setup verify --json
Expected: all checks PASS.
8. Add more users
da admin add-user analyst@company.com --role analyst
Troubleshooting
Server not reachable
# Check containers
docker compose ps
# Check logs
docker compose logs app --tail 50
# Restart
docker compose restart app
Data sync fails
# Check logs
docker compose logs app --tail 50 | grep -i error
# Common issues:
# - KEBOOLA_STORAGE_TOKEN expired → get new token
# - KEBOOLA_STACK_URL wrong → check URL
# - data_description.md missing → needs table configuration
No tables after sync
# Check if data_description.md exists
docker compose exec app ls /data/docs/data_description.md
# Check sync state
curl -H "Authorization: Bearer <TOKEN>" http://SERVER_IP:8000/api/sync/manifest
Out of memory
# Check memory
docker stats --no-stream
# Increase Docker memory limit in docker-compose.yml:
# services.app.deploy.resources.limits.memory: 4g
For Google OAuth (optional)
- Go to https://console.cloud.google.com/apis/credentials
- Create OAuth 2.0 Client ID (Web application)
- Add authorized redirect URI:
https://your-domain.com/auth/google/callback - Add to .env:
GOOGLE_CLIENT_ID=<client id> GOOGLE_CLIENT_SECRET=<client secret> - Restart:
docker compose restart app
For SSL (optional)
Use Caddy as reverse proxy (simplest auto-SSL):
# Install Caddy
apt install caddy
# /etc/caddy/Caddyfile
your-domain.com {
reverse_proxy localhost:8000
}
# Restart
systemctl restart caddy
Agent deployment flow (automated)
An AI agent should follow this sequence:
ssh user@server— connect- Clone repo, create .env
docker compose up -d— startcurl /api/health— verify servercurl -X POST /auth/bootstrap— create admincurl -X POST /api/sync/trigger— sync data- Wait 30-60 seconds
curl /api/sync/manifest— verify data- Report success with URL + admin credentials