Inventory Management System Setup on Debian Trixie

Date: November 2025
OS: Debian 13 (Trixie)
Purpose: Production-ready Server for Inventory Management System

📋 Table of Contents

Initial Server Setup
Hostname & RDNS Configuration
Docker CE Installation
Nginx Installation & 3-Phase Setup
- Phase 1: Basic Config (HTTP for Let's Encrypt)
- Phase 2: Let's Encrypt Certificate
- Phase 3: Production Config (SSL + Optimizations)
SSL/TLS with Certbot
Firewall Configuration
Docker Compose Production Setup
Monitoring & Maintenance
Django Management Commands
Troubleshooting
Production Deployment Checklist

Initial Server Setup

1. System Update & Upgrade


# Update package lists
sudo apt update

# Upgrade packages
sudo apt upgrade -y

# Install essential tools
sudo apt install -y \
    curl \
    wget \
    git \
    vim \
    htop \
    net-tools \
    ufw \
    sudo \
    apt-transport-https \
    ca-certificates \
    gnupg \
    lsb-release \
    certbot \
    python3-certbot-nginx

2. Timezone Configuration


# Set timezone to Europe/Berlin (or as needed)
sudo timedatectl set-timezone Europe/Berlin

# Verify timezone
timedatectl

Hostname & RDNS Configuration

1. Set Hostname


# Check current hostname
hostnamectl status

# Set new hostname (e.g. "inventory-production")
sudo hostnamectl set-hostname inventory-production

# Verify
hostnamectl status

# Also update /etc/hosts
sudo nano /etc/hosts

Content of `/etc/hosts`:


127.0.0.1       localhost
::1             localhost ip6-localhost ip6-loopback
<your-public-ip> inventory-production

# Example:
# 192.168.1.100 inventory-production

2. RDNS (Reverse DNS) Configuration

IMPORTANT: RDNS is configured on the DNS provider side, not on the server!

Steps at your provider:

Go to your DNS management (e.g. hoster panel)
Find "Reverse DNS" or "PTR Records"
Set PTR record for your IP:
- IP: <your-public-ip>
- Hostname: inventory-production.yourdomain.com

Verify RDNS (after 24h):


# Check reverse DNS
nslookup <your-public-ip>
# or
dig -x <your-public-ip>

# Expected output:
# <your-public-ip>.in-addr.arpa. <ttl> IN PTR inventory-production.yourdomain.com.

Docker CE Installation

1. Add Docker's GPG Repo Key


# Download and add Docker's GPG key
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker.gpg

2. Add Docker Repository


# Add official Docker repository
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker.gpg] https://download.docker.com/linux/debian trixie stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

# Refresh package lists again
sudo apt update

3. Install Docker on Debian 13 (Trixie)


# Install Docker and related components
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

4. Verify Docker Installation


# Check if Docker service is active
sudo systemctl is-active docker

Nginx Installation & Configuration

1. Install Nginx


# Install Nginx
sudo apt install -y nginx

# Start Nginx
sudo systemctl start nginx

# Enable on boot
sudo systemctl enable nginx

# Verify
sudo systemctl status nginx

# Check version
nginx -v

2. Phase 1: Basic Nginx Config (for Let's Encrypt)

⚠️ IMPORTANT: Start with a simple HTTP config first so Let's Encrypt can create the certificate!

Step 1: Create Nginx config


sudo nano /etc/nginx/sites-available/inventar

Insert content (Basic config for Let's Encrypt):


server {
    listen 80;
    server_name Your.Domain.here;

    # Required for Certbot
    location /.well-known/acme-challenge/ {
        root /var/www/html;
    }

    # Redirect all other requests to HTTPS
    location / {
        return 301 https://$host$request_uri;
    }
}

Step 2: Enable config & test


# Enable site
sudo ln -s /etc/nginx/sites-available/inventar /etc/nginx/sites-enabled/

# Test nginx config
sudo nginx -t

# Restart Nginx
sudo systemctl restart nginx

# Verify running
sudo systemctl status nginx

SSL/TLS with Certbot - Phase 2 & Phase 3

1. Phase 2: Create SSL Certificate with Certbot

⚠️ IMPORTANT: The basic Nginx config (Phase 1) must be running!


# Certbot with Nginx plugin (will automatically update Nginx)
sudo certbot --nginx -d Your.Domain.here

# Certbot will then automatically:
# 1. Validate the certificate (HTTP Challenge via Port 80)
# 2. Download Let's Encrypt Certificate
# 3. Automatically update Nginx config (HTTP → HTTPS Redirect)

# Follow prompts:
# - Enter email for renewals
# - Accept Let's Encrypt Terms (Y)
# - Optional: Share email with EFF (Y/N)

# Verify certificate was created
sudo certbot certificates

3. Phase 3: Adjust Production Nginx Config

After Certbot, the certificates are in place - now adjust & optimize:


sudo nano /etc/nginx/sites-available/inventar

Production Config (using actual production configuration from inv.handwerker.jetzt):


# Optimized Host Nginx config for Inventory System
# Production configuration for Your.Domain.here

# HTTP: ACME Challenge + Redirect to HTTPS
server {
    listen 80;
    server_name Your.Domain.here;

    # ACME Challenge (Certbot)
    location /.well-known/acme-challenge/ {
        root /var/www/html;
    }

    # Redirect everything else to HTTPS
    location / {
        return 301 https://$host$request_uri;
    }
}

# HTTPS: Main Application
server {
    listen 443 ssl;
    http2 on;
    server_name Your.Domain.here;

    # SSL/TLS (Certbot-managed files)
    ssl_certificate /etc/letsencrypt/live/Your.Domain.here/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/Your.Domain.here/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    # Security: HSTS (1 year)
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

    # Performance: gzip compression
    gzip on;
    gzip_vary on;
    gzip_proxied any;
    gzip_min_length 1024;
    gzip_comp_level 6;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;

    # Serve media files directly from host (user uploads)
    location /media/ {
        alias /opt/inventar/media/;
        try_files $uri =404;
        expires 1d;
        add_header Cache-Control "public";
        access_log off;
    }

# Serve static files directly from host (MAXIMUM PERFORMANCE)
location /static/ {
    alias /opt/inventar/static/;
    try_files $uri =404;
    expires 1y;
    add_header Cache-Control "public, immutable";
    access_log off;
}

    # Reverse proxy for the app (frontend container at 127.0.0.1:8080)
    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host              $host;
        proxy_set_header X-Real-IP         $remote_addr;
        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;

        # Keepalive and limits
        proxy_http_version 1.1;
        proxy_set_header Connection "";
        client_max_body_size 70m;
        proxy_read_timeout 60s;
        proxy_send_timeout 60s;
    }
}

Test config & restart Nginx:


# Test the configuration
sudo nginx -t

# Reload Nginx with new config
sudo systemctl reload nginx

# Verify it's working
sudo systemctl status nginx

4. Enable Production Config & Test


# Test new nginx config
sudo nginx -t

# If OK, reload
sudo systemctl reload nginx

# Verify SSL certificate
echo | openssl s_client -servername Your.Domain.here -connect Your.Domain.here:443 2>/dev/null | openssl x509 -noout -dates

# Test HTTP Redirect to HTTPS
curl -I http://Your.Domain.here
# Should show: HTTP/1.1 301 Moved Permanently
# Location: https://Your.Domain.here/

# Test HTTPS
curl -I https://Your.Domain.here
# Should show: HTTP/2 200

5. Configure Certbot Auto-Renewal


# Enable auto-renewal timer
sudo systemctl enable certbot.timer

# Start timer
sudo systemctl start certbot.timer

# Check status
sudo systemctl status certbot.timer

# Test renewal (dry-run - no actual renewal!)
sudo certbot renew --dry-run

# View renewal logs
sudo journalctl -u certbot.timer -f

Firewall Configuration

1. UFW (Uncomplicated Firewall) Setup

Only open these 4 ports - everything else remains blocked:


# Enable UFW
sudo ufw enable

# Allow SSH (IMPORTANT: BEFORE enabling firewall!)
sudo ufw allow 22/tcp

# Allow HTTP (for Let's Encrypt)
sudo ufw allow 80/tcp

# Allow HTTPS
sudo ufw allow 443/tcp

# Allow SMTP (outbound email)
sudo ufw allow 587/tcp

# Verify all rules
sudo ufw status verbose

# Show added rules only
sudo ufw show added

⚠️ IMPORTANT: Only these 4 ports are allowed. All others (5432, 8000, etc.) remain blocked!

Docker Compose Production Setup

0. Create Directory Structure

Create the required directory structure with correct permissions:


# Create main application directory
sudo mkdir -p /opt/inventar

# Create subdirectories for static and media files
sudo mkdir -p /opt/inventar/static
sudo mkdir -p /opt/inventar/media

# Set permissions (www-data for web content, docker user for app files)
sudo chmod 777 /opt/inventar
sudo chown root:www-data /opt/inventar/static
sudo chown root:www-data /opt/inventar/media
sudo chmod 755 /opt/inventar/static
sudo chmod 755 /opt/inventar/media

# Verify structure
ls -la /opt/inventar/

Expected result:


root@inv:/opt/inventar# ls -l
total 0
drwxr-xr-x  2 root www-data  4096 Nov  2 12:00 static
drwxr-xr-x  2 root www-data  4096 Nov  2 12:00 media

1. Create Docker Compose File

File: `/opt/inventar/docker-compose.prod.yml`


# Production Docker Compose - PostgreSQL + Host Nginx + Redis
# Version 1.2 - Redis Caching Added
# Verwendung: docker compose up -d

services:
  db:
    image: inventory-system-db-postgres:1.2
    container_name: inventory_db
    restart: unless-stopped
    env_file:
      - .env.production
    # Keine Ports nach außen, nur Compose-Netz
    volumes:
      - postgres_data:/var/lib/postgresql/data
    networks:
      - inventory_network
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U inventory_user -d inventory_db"]
      interval: 10s
      timeout: 5s
      retries: 5
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"
    # PostgreSQL 18 Performance Optimization
    command: >
      postgres
      -c shared_buffers=256MB
      -c max_connections=200
      -c effective_cache_size=1GB
      -c maintenance_work_mem=64MB
      -c checkpoint_completion_target=0.9
      -c wal_buffers=16MB
      -c default_statistics_target=100
      -c random_page_cost=1.1
      -c effective_io_concurrency=200
      -c work_mem=2MB
      -c min_wal_size=1GB
      -c max_wal_size=4GB
      -c max_worker_processes=4
      -c max_parallel_workers_per_gather=2
      -c max_parallel_workers=4
      -c shared_preload_libraries='pg_stat_statements'

  redis:
    image: inventory-system-redis:1.2
    container_name: inventory_redis
    restart: unless-stopped
    volumes:
      - redis_data:/data
    networks:
      - inventory_network
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"

  backend:
    image: inventory-system-backend:1.2.6
    container_name: inventory_backend
    restart: unless-stopped
    env_file: 
      - .env.production
    depends_on:
      db:
        condition: service_healthy
      redis:
        condition: service_started
    volumes:
      - ./media:/app/media
      - ./static:/app/static
    networks:
      - inventory_network
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"

  frontend:
    image: inventory-system-frontend:1.2
    container_name: inventory_frontend
    restart: unless-stopped
    depends_on:
      - backend
    # Frontend nur lokal am Host erreichbar (für Host-Nginx Reverse Proxy)
    ports:
      - "127.0.0.1:8080:80"
    networks:
      - inventory_network
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"

volumes:
  postgres_data:
    name: inventory_postgres_data
  redis_data:
    name: inventory_redis_data
  # Optional: Falls du später zu Docker Volumes wechseln willst
  # media_data:
  #   name: inventory_media_data
  # static_data:
  #   name: inventory_static_data

networks:
  inventory_network:
    driver: bridge

2. Load Docker Images

The Docker images must be loaded into Docker before Docker Compose is started:

⚠️ IMPORTANT: Docker Images Download on Request!
The Docker images (backend.tar, db-postgres.tar, redis.tar, frontend.tar) are provided on request. You must upload them to the `/opt/inventar/` directory before executing the following commands.


cd /opt/inventar

# Load Docker images from tar files
docker load < backend.tar
docker load < db-postgres.tar
docker load < redis.tar
docker load < frontend.tar

# Verify images were loaded
docker images | grep inventory-system

3. Create Environment File

File: `/opt/inventar/.env.production`

⚠️ IMPORTANT - Email Configuration:
The system supports two email modes:

SMTP (Production): Real emails via SMTP server (if valid credentials are provided)
Console (Fallback): Emails are logged to console output (if credentials are empty/invalid)

If you DON'T need email configuration:
Simply omit the SMTP lines or leave them empty. The frontend will show a warning and password reset will be disabled. You can configure email later anytime in the Admin Interface!


# Production environment variables - PostgreSQL Version
ENVIRONMENT=production
DEBUG=False

# Django Security & Configuration
SECRET_KEY=<GENERATE_STRONG_64_CHAR_KEY>
ALLOWED_HOSTS=Your.Domain.here,<YOUR_IP>,localhost,127.0.0.1
DOMAIN=Your.Domain.here
FRONTEND_URL=https://Your.Domain.here

# Admin User
ADMIN_USERNAME=admin
ADMIN_EMAIL=admin@yourdomain.com
ADMIN_PASSWORD=<STRONG_PASSWORD>

# PostgreSQL 18 Database
POSTGRES_DB=inventory_db
POSTGRES_USER=inventory_user
POSTGRES_PASSWORD=<STRONG_DATABASE_PASSWORD>
POSTGRES_HOST=db
POSTGRES_PORT=5432

# Connection String
DATABASE_URL=postgresql://inventory_user:<STRONG_DATABASE_PASSWORD>@db:5432/inventory_db

# SMTP Configuration (OPTIONAL - leave empty if not needed)
# System automatically falls back to console backend if empty
EMAIL_BACKEND=django.core.mail.backends.smtp.EmailBackend
EMAIL_HOST=smtp.yourdomain.com
EMAIL_PORT=587
EMAIL_USE_TLS=True
EMAIL_HOST_USER=noreply@yourdomain.com
EMAIL_HOST_PASSWORD=<SMTP_PASSWORD>
DEFAULT_FROM_EMAIL=noreply@yourdomain.com

⚠️ SECURITY - Important:

Generate SECRET_KEY: Use a random string (64+ characters):


# Option 1: With openssl (no Python installation needed!)
openssl rand -base64 64

# Option 2: With Python (if installed)
python3 -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())"

Use strong passwords (at least 16 characters, uppercase/lowercase/numbers/symbols)
```
# Generate random password:
openssl rand -base64 24
```
NEVER commit to Git - .gitignore has `.env.production`
Set permissions: chmod 600 .env.production
Backup `.env.production` in secure location!

4. Start Docker Compose


cd /opt/inventar

# Start services (images already loaded via docker load)
docker compose -f docker-compose.prod.yml up -d

# Check status
docker compose -f docker-compose.prod.yml ps

# View logs (all services)
docker compose -f docker-compose.prod.yml logs -f

# View logs per service
docker compose -f docker-compose.prod.yml logs -f frontend
docker compose -f docker-compose.prod.yml logs -f backend
docker compose -f docker-compose.prod.yml logs -f db

# Execute bash in backend container (for debugging)
docker compose -f docker-compose.prod.yml exec backend bash

# Collect static files (only if not done automatically)
docker compose -f docker-compose.prod.yml exec backend python manage.py collectstatic --noinput

Cleanup Docker Resources (if needed)


# Stop all services and remove volumes
docker compose -f docker-compose.prod.yml down -v

# Remove all dangling/unused images
docker image prune -a -f

# Full system cleanup (all containers, images, volumes, networks)
docker system prune -a -f --volumes

Monitoring & Maintenance

1. Log Monitoring


# Nginx access logs
sudo tail -f /var/log/nginx/itemp_access.log

# Nginx error logs
sudo tail -f /var/log/nginx/itemp_error.log

# Docker logs (all services)
cd /opt/inventar
docker compose -f docker-compose.prod.yml logs -f

# Docker logs per service
docker compose -f docker-compose.prod.yml logs -f backend
docker compose -f docker-compose.prod.yml logs -f frontend
docker compose -f docker-compose.prod.yml logs -f db

2. Disk Space Monitoring


# Check disk usage
df -h

# Check Docker usage
docker system df

# Clean up unused resources
docker system prune -a

3. Regular Maintenance


# Update system packages
sudo apt update && sudo apt upgrade -y

# Check for security updates
sudo apt list --upgradable

# Clean package cache
sudo apt autoclean
sudo apt autoremove

4. Certificate Expiry Monitoring


# Check certificate expiry
echo | openssl s_client -servername Your.Domain.here -connect Your.Domain.here:443 2>/dev/null | openssl x509 -noout -dates

# Certbot will send email alerts 30 days before expiry

🔧 Django Management Commands

All available management commands for system administration and maintenance:

📊 Database & Monitoring


# Check database health and detect Decimal anomalies
docker compose -f docker-compose.prod.yml exec backend python manage.py check_database_health

# Optimize database tables (OPTIMIZE/VACUUM)
docker compose -f docker-compose.prod.yml exec backend python manage.py optimize_database

# Rebuild database indexes
docker compose -f docker-compose.prod.yml exec backend python manage.py rebuild_indexes

# Create database backup
docker compose -f docker-compose.prod.yml exec backend python manage.py backup_database

🧹 Cleanup & Maintenance


# Delete unused entries (categories, locations without items)
docker compose -f docker-compose.prod.yml exec backend python manage.py cleanup_database --dry-run

# Clean old django-simple-history records (keep only 4 per item)
docker compose -f docker-compose.prod.yml exec backend python manage.py cleanup_django_history

# Clean history entries (keep only last 4 per item)
docker compose -f docker-compose.prod.yml exec backend python manage.py cleanup_history

# Delete old log files
docker compose -f docker-compose.prod.yml exec backend python manage.py cleanup_logs

# Find and delete orphaned image and QR code files
docker compose -f docker-compose.prod.yml exec backend python manage.py cleanup_orphaned_files

# Clean expired user sessions
docker compose -f docker-compose.prod.yml exec backend python manage.py cleanup_sessions

# Clean expired JWT tokens
docker compose -f docker-compose.prod.yml exec backend python manage.py cleanup_tokens

# Delete all cache entries
docker compose -f docker-compose.prod.yml exec backend python manage.py clear_cache

📦 Data & Import/Export


# Fast CSV bulk import (without per-item overhead)
docker compose -f docker-compose.prod.yml exec backend python manage.py bulk_import_items --csv /path/to/file.csv

# Generate dummy CSV for bulk import testing
docker compose -f docker-compose.prod.yml exec backend python manage.py generate_dummy_items_csv

# Export all data as CSV or JSON
docker compose -f docker-compose.prod.yml exec backend python manage.py export_data --format json

🧪 Test Data


# Create realistic test data
docker compose -f docker-compose.prod.yml exec backend python manage.py create_test_data

# Create 50 test items
docker compose -f docker-compose.prod.yml exec backend python manage.py create_test_items

# Delete test data
docker compose -f docker-compose.prod.yml exec backend python manage.py clear_test_data

# Create initial history entries for all items
docker compose -f docker-compose.prod.yml exec backend python manage.py populate_history

📷 QR Codes


# Generate missing QR codes
docker compose -f docker-compose.prod.yml exec backend python manage.py generate_qr_codes

# Parallel QR code generation (faster)
docker compose -f docker-compose.prod.yml exec backend python manage.py generate_qr_parallel

# Regenerate all QR codes
docker compose -f docker-compose.prod.yml exec backend python manage.py regenerate_qrcodes

📸 Media & Performance


# Optimize all item images (400x400px, WebP, square)
docker compose -f docker-compose.prod.yml exec backend python manage.py optimize_images

📋 View Logs


# View last error/warning logs with options
docker compose -f docker-compose.prod.yml exec backend python manage.py view_logs --lines 50 --level error

# Options:
#   --lines N       : Number of lines (default: 100)
#   --level all|error|warning : Filter level (default: all)

📝 Troubleshooting

Problem: Backend Shows Errors


cd /opt/inventar

# Check logs
docker compose -f docker-compose.prod.yml logs -f backend

# Execute bash in backend for debugging
docker compose -f docker-compose.prod.yml exec backend bash

# Within container - check:
ls -la /app/
python manage.py shell
python manage.py check

Problem: Nginx shows 502 Bad Gateway


# Check backend
curl http://localhost:8000

# Test Nginx config
sudo nginx -t

# Check Nginx logs
sudo tail -f /var/log/nginx/itemp_error.log

Problem: PostgreSQL does not start (Healthcheck failing)


# Check PostgreSQL logs
cd /opt/inventar
docker compose -f docker-compose.prod.yml logs db

# Verify environment variables
docker compose -f docker-compose.prod.yml config | grep POSTGRES

# Try restarting
docker compose -f docker-compose.prod.yml down
docker compose -f docker-compose.prod.yml up -d

Problem: Static/Media Files return 404


# Verify Host Directories exist
ls -la /opt/inventar/static/
ls -la /opt/inventar/media/

# Check permissions
sudo chown -R 1000:1000 /opt/inventar/static/
sudo chown -R 1000:1000 /opt/inventar/media/

# Verify docker volume mounts
cd /opt/inventar
docker compose -f docker-compose.prod.yml exec backend ls -la /app/static/

Last Update: November 2, 2025
Status: ✅ Production-Ready

🚀 Production Deployment Checklist

🔧 Nginx 3-Phase Setup (CRITICAL)

☐ PHASE 1: Basic Nginx with HTTP (Port 80)
- ☐ Nginx installed
- ☐ Basic config with domain created (/etc/nginx/sites-available/inventar)
- ☐ Config enabled: sudo ln -s sites-available/inventar sites-enabled/
- ☐ Nginx reloaded: sudo systemctl reload nginx
- ☐ HTTP working: curl -I http://Your.Domain.here
- ☐ Firewall ports 80 & 443: sudo ufw allow 80/tcp; sudo ufw allow 443/tcp
☐ PHASE 2: Let's Encrypt Certificate
- ☐ Certbot installed
- ☐ Certificate created: sudo certbot --nginx -d Your.Domain.here
- ☐ Certificate verified: sudo certbot certificates
- ☐ Paths present: /etc/letsencrypt/live/Your.Domain.here/
☐ PHASE 3: Production Nginx Config
- ☐ Old config backed up: sudo cp sites-available/inventar sites-available/inventar.bak
- ☐ Production config inserted (with SSL, Gzip, Security Headers)
- ☐ Config tested: sudo nginx -t
- ☐ Nginx reloaded: sudo systemctl reload nginx
- ☐ HTTPS working: curl -I https://Your.Domain.here
- ☐ HTTP redirect working: curl -I http://Your.Domain.here
- ☐ SSL grade check: https://www.ssllabs.com/ssltest/

Pre-Deployment (Host Setup)

☐ Debian Trixie installed & fully updated
☐ Hostname set (hostnamectl)
☐ RDNS configured at provider
☐ SSH access configured for non-root user
☐ UFW Firewall enabled (Ports 22, 80, 443)
☐ Docker CE installed (docker --version)
☐ Docker Compose installed (docker-compose --version)

Docker Setup

☐ /opt/inventar/ directory created
☐ docker-compose.prod.yml placed
☐ .env.production created with secrets
☐ .gitignore updated
☐ Static/Media directories created
☐ Docker permissions configured

Initial Deployment

☐ Docker images loaded: docker load < *.tar
☐ Docker Compose started: docker compose -f docker-compose.prod.yml up -d
☐ Services running: docker compose -f docker-compose.prod.yml ps
☐ Static files collected: docker compose -f docker-compose.prod.yml exec backend python manage.py collectstatic --noinput
☐ Backend health check: curl http://127.0.0.1:8000/api/health/

Final Verification

☐ All services running stably: docker compose -f docker-compose.prod.yml ps
☐ Logs show no errors: docker compose -f docker-compose.prod.yml logs
☐ Website accessible (HTTPS): https://Your.Domain.here
☐ HTTP redirects to HTTPS
☐ SSL Certificate valid: curl -I https://Your.Domain.here
☐ API working: curl https://Your.Domain.here/api/books
☐ Frontend responsive
☐ Admin login working

📌 Important Notice

Docker Images Download on Request:

The Docker container images (backend.tar, db-postgres.tar, redis.tar, frontend.tar) are required for operating the Inventory Management System. These images are provided on request and must be uploaded to the `/opt/inventar/` directory before starting the system.

Please contact support or your administrator to obtain the necessary images.