Operations
Maintenance
Practical maintenance runbook for updates, cleanup, backups, and security hygiene.
Focus on service health, migration state, and critical endpoint checks.
Review resource pressure, backup success, and recurring worker failures.
Rotate secrets, refresh dependencies/images, and review hardening posture.
Daily / Per Deploy
- Check service health and key logs.
- Confirm migrations are current.
- Verify app/web endpoints and critical flows.
docker compose ps
docker compose logs --tail=100 app
bun db:migrateWeekly
- Review container resource usage.
- Validate backup jobs/files.
- Inspect failed job patterns in worker logs.
docker stats
docker system df
docker compose logs --tail=200 workerMonthly
- Update infrastructure images and restart services in a controlled window.
- Rotate secrets where required.
- Review security hardening checklist items.
Updating Application Services
git pull origin main
docker compose pull app web
docker compose up -d app webIn GitLab CI/CD setups, builds trigger on main/master and deploy is manual (deploy stage play button).
Cleanup Operations
Remove unused images:
docker image prune -a -fRemove unused volumes (caution: may remove needed data if unmanaged):
docker volume prune -fBackup / Restore Discipline
Keep regular Postgres dumps and test restore procedure periodically:
docker compose exec postgres pg_dump -U ai ai > backup-$(date +%Y%m%d).sql
docker compose exec -T postgres psql -U ai ai < backup-20240108.sqlSecurity Hygiene
- Change default passwords and credentials.
- Use strong auth and webhook secrets.
- Restrict SSH access and CI variable visibility.
- Enable SSL/TLS in front of app services.
- Keep host OS, Docker, and dependencies updated.
Maintenance Checklist
- Backups are current and restorable
- Migrations applied after each release
- Stale images/volumes pruned safely
- Secrets reviewed and rotated on schedule
- Logs and health checks reviewed for regressions