When deploying Orion to production, you should host it under the same root domain as your Atlas instance. For example, if Atlas homepage of your Gateway is going t be served at https://mygateway.com, the Orion Auth API can be set up under https://auth.mygateway.com and the GraphQL API under https://query.mygateway.com. Alternatively, you can set up everything under the exact same domain, ie. the Auth API under https://mygateway.com/api/v1, the GraphQL api under https://mygateway.com/graphql and the Atlas app under https://mygateway.com. In this guide however, we'll focus on the first option, where Orion APIs are hosted under separate subdomains.
There are multiple reverse proxy servers that you can use to host Orion in production, like Nginx or Caddy. In this guide we'll be focusing on Caddy because of its simplicity.
The following guide will allow you to deploy the latest version of Orion
On your server, you'll need to have Docker and docker-compose installed (see: installation instructions)
If you're on a Linux server you can use the convinience script to install docker engine and then install docker-compose with sudo apt install docker-compose.
You will also need to own a domain where you'll be hosting your Orion instance. In this guide we'll be using mygateway.com as an example domain. To be able to use subdomains like auth.mygateway.com and query.mygateway.com you need to make sure that your domain is either configured with a wildcard DNS record or that you have added a separate DNS record for each of the subdomains.
You will also need a sendgrid account with an api key in order to have email notifications being send.
- Copy the
.env,docker-compose.yml,postgres.confandCaddyfilefrom theexamplesdirectory to your server. - Configure the Orion production environment variables. Inside the
.envfile you will find comments describing the meaning of each of the variables. Most importantly make sure to:- Replace all "placeholder" values inside angle brackets (
<>) with the real values - Fill in all the secrets (
OPERATOR_SECRET,APP_PRIVATE_KEY,COOKIE_SECRET) with proper, randomly generated values - Make sure that
ORION_ENVis set toproduction! - Set
GATEWAY_ROOT_DOMAINto your Gateway's root domain, in our example case it'll bemygateway.com - (Optional) Configure the email notification scheduler chron job (for Orion >=
3.2.0) in order to have notification delivery via email (see: Email Notifications)
- Replace all "placeholder" values inside angle brackets (
This step is optional in case you are considering using a different deployment service like Vercel for example
- Prepare a production build of the Atlas app. Assuming you have already cloned the Atlas repository and configured the environment variables inside
packages/atlas/src/.envas described in the Atlas operator guide, you'll also need to:- Make sure the
VITE_ENVvalue is set toproduction - Set
VITE_PRODUCTION_ORION_AUTH_URLto your Orion Auth API endpoint (https://auth.mygateway.com/api/v1in our example case) - Set
VITE_PRODUCTION_ORION_URLto your Orion GraphQL API endpoint (https://query.mygateway.com/graphqlin our example case) - Set
VITE_PRODUCTION_QUERY_NODE_SUBSCRIPTION_URLto your Orion GraphQL API WebSocket endpoint (wss://query.mygateway.com/graphqlin our example case) - (Optionally) You can also set
VITE_PRODUCTION_NODE_URLto your own Joystream node endpoint andVITE_PRODUCTION_FAUCET_URLto your own Membership faucet, but we won't be describing how to set up any other services in this guide.
- Make sure the
- Once the Atlas environment is correctly configured for the production build, you can build the Atlas app by running:
# Assuming you're in the root directory of the Atlas repository: yarn atlas:build - Copy the build artifacts from
packages/atlas/disttoatlasdirectory inside the same location on your production server where you already copied thedocker-compose.ymlfile. Your final directory structure should look like this:├── .env ├── Caddyfile ├── atlas │ ├── android-chrome-192x192.png │ ├── android-chrome-512x512.png │ ├── apple-touch-icon.png │ ├── assets │ ├── embedded │ ├── favicon.ico │ ├── icon.svg │ ├── index.html │ ├── manifest.webmanifest │ ├── og-image-ypp.webp │ ├── og-image.webp │ ├── robots.txt │ └── stats.html ├── docker-compose.yml └── postgres.conf
That's it! Your gateway should now be available under https://mygateway.com!
If you kept the Auth API playground enabled in your .env (OPENAPI_PLAYGROUND=true), you can also use https://auth.mygateway.com/playground to perform the Operator authentication (as described in Local testing tutorial) and then execute Operator queries and mutations through https://query.mygateway.com/graphql.
Once everything is set up, you can start:
a.The Orion services only with:
bash docker-compose up -d
b.The Orion services and the Caddy server by running:
bash docker-compose --profile deploy up -d