Server Setup

Deployment guide for the GSign platform.

Server Requirements

Tier	Instance	RAM	Monthly Cost
Recommended	t3.large	8GB	$60
Budget	t3.medium	4GB	$30
High Performance	t3.xlarge	16GB	$120
Best Value	Lightsail 8GB	8GB	$40

Quick Start

1. SSH to Server

bash

ssh -i "esign.pem" ubuntu@16.171.135.212

2. Install Docker

bash

# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
sudo usermod -aG docker $USER

# Install Docker Compose
sudo apt install docker-compose-plugin

# Verify
docker --version
docker compose version

3. Create Directory Structure

bash

sudo mkdir -p /opt/gsign/{app,config,data,logs,backups}
sudo mkdir -p /opt/gsign/data/{postgres,mongodb,redis,prometheus,grafana,gitlab}
sudo chown -R ubuntu:ubuntu /opt/gsign

4. Deploy Services

bash

cd /opt/gsign
docker compose up -d

Docker Compose Configuration

The main docker-compose.yml is located at /opt/gsign/docker-compose.yml.

Services:

Databases: PostgreSQL, MongoDB, Redis
Monitoring: Prometheus, Grafana, Loki
CI/CD: GitLab CE, GitLab Runner
Applications: Backend, Frontend, HSM, Docs

Domain Configuration

DNS Records

Add A records for your domain:

*.gesign.mn → 16.171.135.212

SSL Certificates

bash

# Install certbot
sudo apt install certbot python3-certbot-nginx

# Get wildcard certificate
sudo certbot certonly --manual \
  -d "*.gesign.mn" -d "gesign.mn" \
  --preferred-challenges dns-01

# Auto-renew
sudo crontab -e
# Add: 0 0 1 * * certbot renew --quiet

NGINX Configuration

Main configuration at /etc/nginx/nginx.conf.

Each subdomain has its own config in /etc/nginx/sites-enabled/:

gesign.mn.conf (frontend)
api.gesign.mn.conf (backend)
doc.gesign.mn.conf (documentation)
gitlab.gesign.mn.conf (GitLab)
grafana.gesign.mn.conf (monitoring)

Service Management

bash

# Docker containers
docker ps -a
docker logs <container> -f --tail 100
docker restart <container>

# NGINX
sudo systemctl status nginx
sudo nginx -t
sudo systemctl reload nginx

# All services
docker compose -f /opt/gsign/docker-compose.yml ps
docker compose -f /opt/gsign/docker-compose.yml restart

Monitoring

Grafana: https://grafana.gesign.mn
Prometheus: https://prometheus.gesign.mn (internal)
Container logs: Loki + Promtail

Backups

bash

# PostgreSQL backup
docker exec gsign-postgres pg_dump -U gsign gsign > backup.sql

# MongoDB backup
docker exec gsign-mongodb mongodump --out=/backup

# Redis backup
docker exec gsign-redis redis-cli BGSAVE

Troubleshooting

Container not starting

bash

docker logs <container> --tail 50
docker inspect <container>

NGINX errors

bash

sudo nginx -t
sudo tail -f /var/log/nginx/error.log

Database connection issues

bash

# Test PostgreSQL
docker exec -it gsign-postgres psql -U gsign -c "SELECT 1"

# Test MongoDB
docker exec -it gsign-mongodb mongosh --eval "db.runCommand({ping: 1})"

# Test Redis
docker exec -it gsign-redis redis-cli PING

Server Setup ​

Server Requirements ​

Quick Start ​

1. SSH to Server ​

2. Install Docker ​

3. Create Directory Structure ​

4. Deploy Services ​

Docker Compose Configuration ​

Domain Configuration ​

DNS Records ​

SSL Certificates ​

NGINX Configuration ​

Service Management ​

Monitoring ​

Backups ​

Troubleshooting ​

Container not starting ​

NGINX errors ​

Database connection issues ​

Server Setup

Server Requirements

Quick Start

1. SSH to Server

2. Install Docker

3. Create Directory Structure

4. Deploy Services

Docker Compose Configuration

Domain Configuration

DNS Records

SSL Certificates

NGINX Configuration

Service Management

Monitoring

Backups

Troubleshooting

Container not starting

NGINX errors

Database connection issues