- Node.js 18+
- PostgreSQL (via Supabase)
- Redis
- GitHub OAuth App
- OpenAI API Key
- Copy
.env.exampleto.env - Fill in all required variables
- Generate encryption key:
openssl rand -hex 32
# Install dependencies
npm install
# Run migrations
npm run build
npm run migrate
# Start services
npm run dev # API server (with hot reload)
npm run worker # Job worker
npm run scheduler # Scheduler# Build and start all services
docker-compose up -d
# View logs
docker-compose logs -f
# Stop services
docker-compose down- Create a Supabase project
- Run the migration SQL from
src/db/migrations/001_initial_schema.sql - Get connection string from Supabase dashboard
Add Redis service in Railway:
- Use Redis template
- Copy connection URL
- Create new service in Railway
- Connect GitHub repository
- Set environment variables (all from
.env.example) - Set start command:
npm run build && npm start - Deploy
- Create another service (same repo)
- Same environment variables
- Set start command:
npm run build && npm run worker - Deploy
- Create another service (same repo)
- Same environment variables
- Set start command:
npm run build && npm run scheduler - Deploy
This backend is NOT designed for serverless deployment due to:
- Long-running analysis jobs
- Worker processes
- Scheduled tasks
Use Railway, Render, or traditional hosting instead.
- Set
NODE_ENV=production - Use strong
ENCRYPTION_KEY - Configure SMTP for emails
- Set up monitoring (e.g., Sentry)
- Configure rate limits
- Set up log aggregation
- Enable HTTPS
- Restrict CORS to production frontend URL
- Set up database backups
- Configure Redis persistence
- Set up health check monitoring
- Document API endpoints for frontend team
- Run multiple API instances behind a load balancer
- Run multiple worker instances for parallel processing
- Keep only 1 scheduler instance
- Increase
MAX_CONCURRENT_JOBSfor workers - Increase Redis memory
- Increase database connection pool size
- Adjust
IDEMPOTENCY_WINDOW_HOURSto reduce duplicate work - Configure BullMQ concurrency per job type
- Implement caching for GitHub API responses
- Use read replicas for database queries
- API response times
- Job queue depth
- Job success/failure rate
- GitHub API rate limit remaining
- OpenAI API usage
- Database connection pool usage
- Redis memory usage
- APM: Sentry, New Relic, or Datadog
- Logs: Logtail, Papertrail, or CloudWatch
- Uptime: UptimeRobot, Pingdom
- Metrics: Prometheus + Grafana
- Check worker logs
- Verify Redis connection
- Check GitHub token validity
- Verify OpenAI API key
- Check for memory leaks in worker
- Reduce
MAX_CONCURRENT_JOBS - Increase worker instances
- Check connection string
- Verify database is accessible
- Check connection pool settings
- Review RLS policies in Supabase
- Implement better caching
- Reduce analysis frequency
- Use GitHub Apps instead of OAuth (higher limits)
Supabase provides automatic daily backups. Additional steps:
- Set up point-in-time recovery
- Test restore procedures
- Document recovery time objectives
Configure Redis persistence:
redis:
command: redis-server --appendonly yesFailed jobs are automatically retried 3 times with exponential backoff.
Manual recovery:
# Re-trigger failed jobs
node scripts/retry-failed-jobs.js- Keep dependencies updated
- Monitor security advisories
- Run
npm auditregularly
- Rotate encryption keys periodically
- Use least-privilege database roles
- Implement IP whitelisting if needed
- Enable 2FA for all admin accounts
- GDPR: Implement data deletion endpoints
- SOC 2: Enable audit logging
- HIPAA: Not applicable (no health data)
- Use
gpt-4-turboinstead ofgpt-4(cheaper) - Implement output caching
- Set appropriate
max_tokenslimits
- Cache responses
- Use conditional requests
- Batch API calls where possible
- Implement data retention policies
- Archive old analysis outputs
- Use appropriate indexes
For deployment issues:
- Check logs:
docker-compose logs - Health endpoint:
GET /health - Database status:
SELECT 1
Contact: support@maintainerbrief.com