Infrastructure
How Duabalabs runs its production stack.
Compute
- Azure VMs running Docker Swarm.
- One stack per product (
sellub,dps-server,3y3anaa-server, etc.). - Stacks are independent — a deploy of one cannot break another.
See docs/SWARM-INFRASTRUCTURE-GUIDE.md and docs/VM-PROVISIONING-GUIDE.md for the detailed runbooks.
Container registry
Azure Container Registry at dpsplatform.azurecr.io. CI builds images per product and pushes:
latest(auto-promoted fromdevelopafter CI passes)<git-sha>(immutable, used for production deploys and rollbacks)
DNS & edge
- Cloudflare for all duabalabs.com subdomains (DNS, WAF, edge cache).
- Netlify for landing pages, storefronts, and this docs site.
Datastores
| Product | Database | Hosting |
|---|---|---|
| Sellub | Postgres 14 | Self-hosted on VM |
| DPS | MongoDB 6 | Self-hosted on VM |
| 3y3anaa | MongoDB 6 | DPS-hosted |
| Proxy Fidelity | MongoDB 6 | DPS-hosted |
Backups: nightly snapshots to Azure Blob, 30-day retention.
Secrets
- Production secrets in each VM’s
.env(root-owned, 600). - CI uses GitHub Actions secrets for build-time only.
- Rotate quarterly.
Deployment patterns
| Surface | Deploy mechanism |
|---|---|
| Landing pages, storefronts, this docs site | Netlify auto-deploy on push to production branch |
| Backends (Sellub, DPS, 3y3anaa, Proxy Fidelity) | CI builds image → push to ACR → SSH docker compose pull && up -d |
| Mobile apps | EAS Build (Expo) → store submission |
| n8n workflows | Versioned in apps/automation/, imported manually for now |
Observability
- Logs:
docker compose logson each VM (centralised log forwarding planned). - Metrics: Azure Monitor for VM-level; per-product health endpoints for app-level.
- Status page:
status.<product>.comper product.
Disaster recovery
- DB snapshots restorable to a fresh VM in <1 hour.
- Stateless services rebuildable from CI in <15 min per stack.
- See per-product Deployment sections (e.g. Sellub Deployment) for product-specific rollback procedures.