# Deployment Guide (OpenStack + Docker) This guide deploys the Next.js app as a Docker container on a private OpenStack environment. ## 1) Prerequisites - OpenStack project with a VM (Ubuntu 22.04 or similar) - Docker Engine installed on the VM - A PostgreSQL database reachable from the VM - A blockchain RPC endpoint (Sepolia or private chain) - A deployed DocumentRegistry contract address ## 2) Build the Docker image (local or CI) From the project root: ``` docker build -t lexichain-app:latest . ``` Optionally tag and push to your private registry. ## 3) Runtime environment variables Create a file named `lexichain.env` on the VM with the required secrets. Example (fill with your real values): ``` NODE_ENV=production PORT=3000 DATABASE_URL=postgresql://USER:PASSWORD@HOST:PORT/DBNAME CLERK_PUBLISHABLE_KEY=... CLERK_SECRET_KEY=... CLERK_WEBHOOK_SECRET=... UPLOADTHING_SECRET=... UPLOADTHING_APP_ID=... GOOGLE_AI_API_KEY=... BLOCKCHAIN_NETWORK=sepolia BLOCKCHAIN_RPC_URL=https://... BLOCKCHAIN_CONTRACT_ADDRESS=0x... BLOCKCHAIN_PRIVATE_KEY=0x... ``` If you use a private chain, set `BLOCKCHAIN_NETWORK` accordingly. ## 4) Run the container on the VM ``` docker run -d \ --name lexichain-app \ --restart unless-stopped \ --env-file /path/to/lexichain.env \ -p 3000:3000 \ lexichain-app:latest ``` ## 5) Database migration (first deploy) Run migrations from the container image (or from CI) before first launch: ``` docker run --rm \ --env-file /path/to/lexichain.env \ lexichain-app:latest \ npx prisma migrate deploy ``` ## 6) OpenStack security group / firewall Allow inbound traffic to port 3000 from your internal network or from the reverse proxy. ## 7) Optional: reverse proxy Place Nginx or HAProxy in front of the app for TLS termination and HTTP/2. ## 8) Health check Open `http://:3000` and validate: - Sign-in flow - Upload + AI analysis - Blockchain explorer stats - Document verification ## 9) Update / rollout - Build a new image and push to your registry. - Pull on the VM and restart the container: ``` docker pull registry.example.com/lexichain-app:latest docker stop lexichain-app docker rm lexichain-app docker run -d \ --name lexichain-app \ --restart unless-stopped \ --env-file /path/to/lexichain.env \ -p 3000:3000 \ registry.example.com/lexichain-app:latest ```