Deploy with Docker
Single Container
bash
docker pull ebmsovereign/energy-guard:latest
docker run -d \
-p 7860:7860 \
-e SECRET_KEY=your_secret_key \
-e DATABASE_URL=sqlite:///./energyguard.db \
--name energyguard \
ebmsovereign/energy-guard:latestDocker Compose (Production)
yaml
# docker-compose.yml
version: "3.9"
services:
energyguard_service:
image: ebmsovereign/energy-guard:latest
restart: always
environment:
- SECRET_KEY=${SECRET_KEY}
- DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/sovereign
- REDIS_URL=redis://redis:6379
- MAX_BATCH_SIZE=100
- RATE_LIMIT_PER_MINUTE=1000
ports:
- "7860:7860"
depends_on:
- db
- redis
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:7860/health"]
interval: 30s
timeout: 10s
retries: 3
db:
image: postgres:15-alpine
environment:
POSTGRES_DB: energyguard
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
volumes:
- pgdata:/var/lib/postgresql/data
redis:
image: redis:7-alpine
volumes:
- redisdata:/data
nginx:
image: nginx:alpine
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./ssl:/etc/nginx/ssl
volumes:
pgdata:
redisdata:Nginx Config (SSL + Rate Limiting)
nginx
# nginx.conf
events { worker_connections 1024; }
http {
limit_req_zone $binary_remote_addr zone=api:10m rate=100r/m;
upstream energyguard {
server energyguard_service:7860;
# Horizontal scaling: add more instances
# server sovereign2:7860;
# server sovereign3:7860;
}
server {
listen 443 ssl http2;
server_name api.ebmsovereign.com;
ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/key.pem;
location /api/ {
limit_req zone=api burst=50 nodelay;
proxy_pass http://energyguard;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 30s;
}
}
}Kubernetes (HPA)
yaml
# k8s/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: energyguard
spec:
replicas: 2
selector:
matchLabels:
app: energyguard
template:
metadata:
labels:
app: energyguard
spec:
containers:
- name: energyguard
image: ebmsovereign/energy-guard:latest
ports:
- containerPort: 7860
env:
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: energyguard-secrets
key: secret-key
resources:
requests:
memory: "512Mi"
cpu: "250m"
limits:
memory: "2Gi"
cpu: "1000m"
readinessProbe:
httpGet:
path: /ready
port: 7860
initialDelaySeconds: 10
periodSeconds: 5
---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: energyguard-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: energyguard
minReplicas: 2
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70