john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/deployment-quickstart/README.md
TheFlow 2594c0d812 feat: deployment quickstart kit - 30-minute Docker deployment (Task 6) 
Complete production-ready deployment package enabling implementers to deploy
Tractatus with all 5 governance services in 30 minutes using Docker Compose.

**Package Contents (15KB):**

1. docker-compose.yml
   - MongoDB 7.0 with authentication
   - Tractatus Node.js application
   - Health checks and volume management
   - Network configuration

2. Dockerfile
   - Multi-stage build (builder + production)
   - Security-hardened (non-root user, minimal image)
   - Health checks integrated
   - Production-optimized

3. .env.example
   - Complete configuration template
   - All 5 governance service toggles
   - Required secrets (MongoDB, JWT, Admin)
   - Feature flags and optional services
   - Rate limiting, CORS, CSP configuration

4. sample-governance-rules.json
   - 10 production-ready governance rules
   - STR-001: BoundaryEnforcer (human approval for values)
   - STR-002: CrossReferenceValidator (port specifications)
   - OPS-001: ContextPressureMonitor (pressure monitoring)
   - OPS-002: InstructionPersistenceClassifier (classification)
   - TAC-001: MetacognitiveVerifier (complex verification)
   - SYS-001/002: Database and project isolation
   - SEC-001: CSP enforcement
   - VAL-001: Te Tiriti commitment
   - QUAL-001: World-class quality

5. verify-deployment.sh
   - Automated verification (40+ checks)
   - 7 test categories: env, Docker, network, DB, services, security, files
   - Color-coded output (pass/fail/warn)
   - CI/CD integration ready

6. TROUBLESHOOTING.md
   - Comprehensive troubleshooting guide
   - 6 major sections covering common deployment issues
   - Docker, database, application, services, performance, security
   - Quick reference commands

7. README.md
   - "Deploy in 30 minutes" guide
   - 6-step quickstart (2+5+10+3+5+5 minutes)
   - Configuration guide (basic + production)
   - Testing procedures and monitoring
   - Architecture diagram
   - Backup/restore procedures

8. scripts/load-governance-rules.js
   - Loads sample rules into MongoDB
   - JSON validation and error handling
   - Creates indexes (rule_id, quadrant, enforced_by)
   - Summary statistics by quadrant and service

**Implementer Page Updates:**

- Added prominent "Deployment Quickstart Kit" section after hero
- Green gradient background with "NEW" badge
- Two-column layout: description + download / file list
- Download button: /downloads/tractatus-quickstart.tar.gz (15KB)
- Professional design matching site aesthetic

**Deliverables:**

 Production-ready Docker Compose configuration
 Complete environment configuration template
 10 sample governance rules (all 5 services)
 Automated deployment verification (40+ tests)
 Comprehensive troubleshooting guide
 Step-by-step deployment guide (30 minutes)
 Database initialization scripts
 Package deployed to production

**Testing:**

- Package structure validated
- File permissions correct (644/755)
- Deployed to https://agenticgovernance.digital/downloads/
- Implementer page updated with download section

**Roadmap Progress:**

Phase 1, Week 2, Task 6: Deployment Quickstart Kit - COMPLETED
Priority: High | Effort: 3-4 days | Status:  Done

Next: Task 8 - Technical Architecture Diagram (Week 3)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-12 07:27:37 +13:00

475 lines
12 KiB
Markdown
Raw Blame History

# Tractatus Framework - Deployment Quickstart Kit
**Deploy Tractatus in 30 minutes** - Production-ready Docker deployment with all 5 governance services.
## 🎯 What You Get
- **MongoDB 7.0** - Database for governance rules and audit logs
- **Node.js Application** - Web interface and API
- **5 Core Governance Services:**
- BoundaryEnforcer - Prevents automation of values decisions
- InstructionPersistenceClassifier - Classifies and stores instructions
- CrossReferenceValidator - Prevents pattern bias override
- ContextPressureMonitor - Detects degraded operating conditions
- MetacognitiveVerifier - Self-checks complex reasoning
- **Sample Governance Rules** - 10 example rules to get started
- **Verification Script** - Automated deployment testing
- **Troubleshooting Guide** - Common issues and solutions
---
## 📋 Prerequisites
### Required
- **Docker** 20.10+ ([Install Docker](https://docs.docker.com/get-docker/))
- **Docker Compose** 2.0+ (included with Docker Desktop)
- **2GB RAM minimum** (4GB recommended)
- **10GB disk space**
### Recommended
- **Domain name** with DNS configured
- **SSL certificate** (Let's Encrypt recommended)
- **Anthropic API key** (for AI-assisted features)
### Check Your System
```bash
docker --version # Should be 20.10+
docker compose version # Should be 2.0+
```
---
## 🚀 Quick Start (30 Minutes)
### Step 1: Download and Extract (2 minutes)
```bash
# Download deployment package
wget https://agenticgovernance.digital/downloads/tractatus-quickstart.tar.gz
# Extract
tar -xzf tractatus-quickstart.tar.gz
cd tractatus-quickstart
```
### Step 2: Configure Environment (5 minutes)
```bash
# Copy environment template
cp .env.example .env
# Edit configuration
nano .env # or vi, emacs, code, etc.
```
**⚠️ CRITICAL: Update these values in .env:**
```bash
# Generate secure secrets:
openssl rand -base64 32 # Use for JWT_SECRET
openssl rand -base64 32 # Use for SESSION_SECRET
openssl rand -base64 32 # Use for MONGODB_PASSWORD
# Required changes:
MONGODB_PASSWORD=<paste-first-secret>
JWT_SECRET=<paste-second-secret>
SESSION_SECRET=<paste-third-secret>
ADMIN_PASSWORD=<choose-strong-password>
ADMIN_EMAIL=admin@your-domain.com
BASE_URL=https://your-domain.com
ANTHROPIC_API_KEY=sk-ant-your-key-here # Get from console.anthropic.com
```
### Step 3: Build and Start (10 minutes)
```bash
# Build containers
docker compose build
# Start services
docker compose up -d
# Watch logs (Ctrl+C to exit, containers keep running)
docker compose logs -f
```
**Wait for:** `Server started on port 9000` and `MongoDB connected successfully`
### Step 4: Initialize Database (3 minutes)
```bash
# Create admin account and seed initial data
docker compose exec tractatus-app node scripts/seed-admin.js
docker compose exec tractatus-app node scripts/init-db.js
# Optional: Load sample governance rules
docker compose exec tractatus-app node scripts/load-governance-rules.js sample-governance-rules.json
```
### Step 5: Verify Deployment (5 minutes)
```bash
# Run automated verification
chmod +x verify-deployment.sh
./verify-deployment.sh
```
**Expected output:**
```
╔════════════════════════════════════════════════════════════════════╗
║ Verification Results ║
╚════════════════════════════════════════════════════════════════════╝
Passed: 20 tests
Failed: 0 tests
Warnings: 2 tests
✓ All critical tests passed! Deployment is ready.
```
### Step 6: Access Your Deployment (5 minutes)
1. **Homepage:** http://localhost:9000 (or your domain)
2. **Admin Panel:** http://localhost:9000/admin
- Email: (from .env)
- Password: (from .env)
3. **API Health:** http://localhost:9000/api/health
4. **Interactive Demos:** http://localhost:9000/demos/tractatus-demo.html
---
## 🔧 Configuration Guide
### Basic Configuration
**Minimal .env for local development:**
```bash
NODE_ENV=development
MONGODB_PASSWORD=dev_password_123
JWT_SECRET=dev_jwt_secret_456
SESSION_SECRET=dev_session_secret_789
ADMIN_PASSWORD=admin123
ADMIN_EMAIL=admin@localhost
ANTHROPIC_API_KEY=sk-ant-your-key
```
### Production Configuration
**Recommended .env for production:**
```bash
NODE_ENV=production
BASE_URL=https://your-domain.com
# Secrets (use openssl rand -base64 32)
MONGODB_PASSWORD=<strong-random-password>
JWT_SECRET=<strong-random-secret>
SESSION_SECRET=<strong-random-secret>
# Admin
ADMIN_EMAIL=admin@your-domain.com
ADMIN_PASSWORD=<strong-password>
# API
ANTHROPIC_API_KEY=sk-ant-your-production-key
# Security
HELMET_ENABLED=true
CSP_ENABLED=true
CORS_ORIGIN=https://your-domain.com
# Performance
RATE_LIMIT_MAX_REQUESTS=100
RATE_LIMIT_WINDOW_MS=900000
# Features
BLOG_ENABLED=true
KOHA_ENABLED=true
DEMOS_ENABLED=true
ANALYTICS_ENABLED=false # Set to true after configuring Plausible
```
### Governance Service Configuration
Enable/disable individual services:
```bash
BOUNDARY_ENFORCER_ENABLED=true # Blocks values decisions
CONTEXT_PRESSURE_ENABLED=true # Monitors session degradation
CROSS_REF_VALIDATOR_ENABLED=true # Prevents pattern bias
PERSISTENCE_CLASSIFIER_ENABLED=true # Classifies instructions
METACOGNITIVE_VERIFIER_ENABLED=true # Self-verification
```
---
## 📊 Governance Rules
### Loading Sample Rules
The deployment includes 10 sample governance rules covering:
- **Strategic:** Values decisions, Te Tiriti commitments
- **Operational:** Classification, context pressure
- **System:** Database configuration, project isolation
- **Security:** Content Security Policy enforcement
- **Quality:** World-class standards
**Load rules:**
```bash
docker compose exec tractatus-app node scripts/load-governance-rules.js sample-governance-rules.json
```
### Creating Custom Rules
See `sample-governance-rules.json` for the schema. Each rule includes:
```json
{
"rule_id": "CUSTOM-001",
"quadrant": "STRATEGIC|OPERATIONAL|TACTICAL|SYSTEM|STOCHASTIC",
"persistence": "HIGH|MEDIUM|LOW|VARIABLE",
"title": "Rule Title",
"content": "What the rule enforces",
"enforced_by": "BoundaryEnforcer|CrossReferenceValidator|...",
"violation_action": "BLOCK_AND_ESCALATE|WARN|LOG",
"examples": ["Example 1", "Example 2"],
"rationale": "Why this rule exists"
}
```
---
## 🧪 Testing Your Deployment
### Manual Tests
**1. Test Homepage:**
```bash
curl http://localhost:9000/
# Should return HTML homepage
```
**2. Test API Health:**
```bash
curl http://localhost:9000/api/health
# Should return: {"status":"ok","database":"connected"}
```
**3. Test BoundaryEnforcer:**
```bash
curl -X POST http://localhost:9000/api/demo/boundary-check \
-H "Content-Type: application/json" \
-d '{"scenario":"privacy-decision"}'
# Should return: {"allowed":false,"reason":"Values decision requires human approval"}
```
**4. Test Classification:**
```bash
curl -X POST http://localhost:9000/api/demo/classify \
-H "Content-Type: application/json" \
-d '{"instruction":"Use MongoDB port 27027"}'
# Should return classification with quadrant and persistence
```
### Automated Test Suite
```bash
# Run all tests
docker compose exec tractatus-app npm test
# Run specific test suites
docker compose exec tractatus-app npm run test:unit
docker compose exec tractatus-app npm run test:integration
docker compose exec tractatus-app npm run test:security
```
---
## 📈 Monitoring & Maintenance
### View Logs
```bash
# All logs
docker compose logs -f
# Application only
docker compose logs -f tractatus-app
# MongoDB only
docker compose logs -f mongodb
# Last 100 lines
docker compose logs --tail=100 tractatus-app
```
### Check Resource Usage
```bash
docker stats
```
### Backup Database
```bash
# Create backup
docker exec tractatus-mongodb mongodump \
--db tractatus_prod \
--out /tmp/backup
# Copy backup to host
docker cp tractatus-mongodb:/tmp/backup ./mongodb-backup-$(date +%Y%m%d)
```
### Restore Database
```bash
# Copy backup to container
docker cp ./mongodb-backup-20251012 tractatus-mongodb:/tmp/restore
# Restore
docker exec tractatus-mongodb mongorestore \
--db tractatus_prod \
/tmp/restore/tractatus_prod
```
---
## 🔄 Updating
### Update Application Code
```bash
# Pull latest code
git pull origin main
# Rebuild containers
docker compose build
# Restart with zero downtime
docker compose up -d
```
### Update Dependencies
```bash
# Update package.json
docker compose exec tractatus-app npm update
# Rebuild
docker compose build
docker compose up -d
```
---
## 🛑 Stopping & Restarting
### Stop Services
```bash
# Stop all services (data persists)
docker compose down
# Stop and remove volumes (⚠️ destroys data)
docker compose down -v
```
### Restart Services
```bash
# Restart all
docker compose restart
# Restart specific service
docker compose restart tractatus-app
```
---
## 🚨 Troubleshooting
See [TROUBLESHOOTING.md](./TROUBLESHOOTING.md) for detailed solutions to common issues:
- Docker container won't start
- Database connection failures
- Port conflicts
- Governance services not responding
- Performance issues
- Security errors
**Quick diagnostic:**
```bash
./verify-deployment.sh
```
---
## 📚 Next Steps
1. **Customize Governance Rules** - Edit `sample-governance-rules.json` for your use case
2. **Configure SSL** - Set up HTTPS with Let's Encrypt
3. **Set Up Monitoring** - Configure Plausible Analytics (privacy-preserving)
4. **Create Admin Users** - Add team members to admin panel
5. **Review Documentation** - https://agenticgovernance.digital/docs
6. **Join Community** - Submit case studies, contribute rules
---
## 🤝 Support
- **Documentation:** https://agenticgovernance.digital/docs
- **Interactive Demos:** https://agenticgovernance.digital/demos
- **Case Studies:** https://agenticgovernance.digital/docs/case-studies
- **GitHub Issues:** https://github.com/AgenticGovernance/tractatus-framework/issues
- **Email:** research@agenticgovernance.digital
---
## 📄 License
Apache License 2.0 - See LICENSE file for details
---
## 🎯 Architecture Overview
```
┌─────────────────────────────────────────────────────────────┐
│ Docker Network │
│ │
│ ┌──────────────────┐ ┌────────────────────────┐ │
│ │ MongoDB 7.0 │ │ Tractatus App │ │
│ │ Port: 27017 │◄──────────┤ Port: 9000 │ │
│ │ │ │ │ │
│ │ - tractatus_prod│ │ ┌──────────────────┐ │ │
│ │ - Governance │ │ │ 5 Core Services │ │ │
│ │ Rules │ │ ├──────────────────┤ │ │
│ │ - Audit Logs │ │ │ • Boundary │ │ │
│ └──────────────────┘ │ │ • Classifier │ │ │
│ │ │ • Validator │ │ │
│ │ │ • Pressure │ │ │
│ │ │ • Verifier │ │ │
│ │ └──────────────────┘ │ │
│ └────────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
│ HTTP/HTTPS
[Your Users]
```
---
**Version:** 1.0.0
**Last Updated:** October 12, 2025
**Maintainer:** Tractatus Framework Team
**Ready to deploy? Run:** `docker compose up -d`
Reference in a new issue View git blame Copy permalink