Skip to content

demospace-ai/coaster

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Coaster

Introduction

To deploy this system in production, there are only a few manual steps:

  • Setup a GCP Project
  • Create Terraform Google Cloud Storage bucket
  • Perform initial Terraform run

Setup GCP Project

Create a new GCP project and take note of the name and project ID.

Create Terraform GCP Cloud Storage bucket

This Google Cloud Bucket is used as a backing store for Terraform, so must be manually setup. Note the name you use as you'll need to edit infra/terraform/main.tf to point to it.

Initial Terraform run

Once those two things are setup, everything else can be configured with Infrastructure-as-code in Terraform. However, you must run terraform apply once manually to setup the correct permissions for the Cloud Build service account to run Terraform in the future.

Deploy to new region

  1. Create a new GCP project.

  2. Create a new Terraform file for the region by copying infra/terraform/main.tf into a new subdirectory.

  3. Update the new Terraform file with the following changes:

    1. Modify the project ID in the new Terraform file to match the new project.
    2. Modify the Cloud Storage bucket names to match the new region:
      1. Terraform bucket
      2. Frontend bucket
      3. Connect bucket
  4. Run terraform init in the new subdirectory.

  5. Enable all the GCP APIs needed:

    1. Cloud Build
    2. Cloud Engine
    3. Cloud Run
    4. Cloud SQL
    5. IAM
    6. KMS
    7. DNS
    8. Secret Manager
    9. Serverless VPC Access
    10. Service Networking
    11. Artifact Registry
  6. Create a new DB password in the new projects Secret Manager with the name coaster-db-password.

  7. Create a new Terraform bucket in Cloud Storage and add it to the Terraform file.

  8. Connect the Github repository to the new GCP project.

  9. Copy OAuth secrets to the new project's Secret Manager and ensure the code references them correctly.

  10. Enable Cloud Build to deploy to Cloud Run:

    gcloud iam service-accounts add-iam-policy-binding \
      coaster-backend@coaster-prod.iam.gserviceaccount.com \
      --member="serviceAccount:coaster-prod@cloudbuild.gserviceaccount.com" \
      --role="roles/iam.serviceAccountUser"
    
  11. Run terraform apply

Point domain name to GCP

To point the domain name at this new GCP setup, find the IP address of the external load balancer created in GCP (under Network Services > Load balancing). You'll need to create A records in your DNS provider that point to that DNS value for every subdomain you plan to host.

Other Notes

Google Cloud Build is used for a various automatic actions triggered by pushes to the main Github branch:

  • Run Terraform to build any new infrastructure
  • Build Docker image for backend code and push to Artifact Registry
  • Deploy new backend image to Cloud Run
  • Build frontend bundles and deploy to Cloud Storage buckets
  • Run database migrations