fiddy/docs/07_PUBLIC_LAUNCH_CHECKLIST.md

Public Launch Checklist

A) Infrastructure Baseline

• Domain DNS points to public IP.
• Router forwards only 80 and 443.
• Host firewall denies all inbound except 80/443 and restricted 22.
• SSH_ALLOW_CIDR policy validated.
• Postgres port 5432 is not public.

B) App and Deployment

• Dokploy project connected to Gitea repo.
• Secrets configured:
  • DATABASE_URL
  • DATABASE_SSL
  • ALLOWED_DB_NAMES
  • SESSION_COOKIE_NAME
  • SESSION_TTL_DAYS
  • DEBUG_API=0
  • DOKPLOY_DEPLOY_HOOK
  • DOKPLOY_HEALTHCHECK_URL
• Deploy workflow passes build/test/push/deploy.
• Post-deploy health gate passes (scripts/wait-for-health.sh).
• Manual smoke passes (scripts/smoke-public-launch.sh).

C) Security Controls

• Nginx TLS/headers/rate limits enabled (docker/nginx/fiddy.conf).
• Request-id propagation enabled (X-Request-Id in responses).
• Server-side rate limits active (auth/write/ip limiters).
• Fail2ban or CrowdSec configured from docker/security/.
• No secrets/full invite codes in logs.

D) Observability

• Loki, Promtail, Grafana, Uptime Kuma running.
• Promtail ingests job="nginx".
• Dashboards show request IDs for incident triage.
• Alerts configured for 5xx/auth spikes/DB failures/resource pressure.

E) Backup and Recovery

• Daily logical backup scheduled (scripts/backup-postgres.sh).
• Periodic base backup scheduled (scripts/basebackup-postgres.sh).
• Latest restore drill succeeded (scripts/restore-drill-postgres.sh).
• Drill logged (scripts/log-restore-drill.sh -> docs/restore-drill-log.csv).
• Measured RTO is acceptable.

F) Rollback Readiness

• Previous stable release retained in Dokploy.
• Rollback runbook tested once in staging or low-risk window.
• Rollback smoke check verified.