Deployment
Docker Deployment
Deploy OpenAgent to production with Docker Compose.
Docker Deployment
This guide covers deploying OpenAgent to a production server using Docker Compose. It includes TLS termination, a reverse proxy, and persistent data storage.
Architecture
Internet
│
▼
┌──────────┐
│ Nginx │ ← TLS termination, static files
│ (port 443│
└────┬─────┘
│
▼
┌──────────┐ ┌──────────┐
│ OpenAgent│───►│ MySQL │
│ (port │ │ 8.0 │
│ 14000) │ └──────────┘
└──────────┘
│
▼
┌──────────┐
│ Casdoor │ ← SSO / Auth
│ (port │
│ 8000) │
└──────────┘Prerequisites
- A Linux server (Ubuntu 22.04+ recommended)
- Docker 24+ and Docker Compose 2+
- A domain name pointing to the server
- Ports 80 and 443 open in your firewall
Production docker-compose.yml
version: '3.8'
services:
db:
image: mysql:8.0
container_name: openagent-db
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
MYSQL_DATABASE: openagent
MYSQL_USER: openagent
MYSQL_PASSWORD: ${DB_PASSWORD}
volumes:
- db_data:/var/lib/mysql
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
interval: 10s
timeout: 5s
retries: 5
casdoor:
image: casbin/casdoor:latest
container_name: openagent-casdoor
restart: unless-stopped
depends_on:
db:
condition: service_healthy
environment:
RUNNING_IN_DOCKER: "true"
volumes:
- ./casdoor/conf:/conf
app:
image: openagent/openagent:latest
container_name: openagent-app
restart: unless-stopped
depends_on:
db:
condition: service_healthy
casdoor:
condition: service_started
environment:
- APP_SECRET_KEY=${APP_SECRET_KEY}
- DB_HOST=db
- DB_PORT=3306
- DB_NAME=openagent
- DB_USER=openagent
- DB_PASSWORD=${DB_PASSWORD}
- CASDOOR_ENDPOINT=http://casdoor:8000
volumes:
- uploads:/app/uploads
ports:
- "127.0.0.1:14000:14000"
nginx:
image: nginx:alpine
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./nginx/certs:/etc/nginx/certs:ro
depends_on:
- app
volumes:
db_data:
uploads:Deployment Steps
Prepare the server
# Install Docker
curl -fsSL https://get.docker.com | sh
# Install Docker Compose plugin
sudo apt install docker-compose-plugin
# Create the app directory
mkdir -p /opt/openagent && cd /opt/openagentClone and configure
git clone https://github.com/the-open-agent/openagent.git .
cp .env.example .envEdit .env with your production values:
APP_SECRET_KEY=<generate with: openssl rand -hex 32>
ADMIN_PASSWORD=<strong-password>
DB_ROOT_PASSWORD=<root-password>
DB_PASSWORD=<app-password>
DOMAIN=yourdomain.comObtain TLS certificates
Using Let's Encrypt with Certbot:
sudo apt install certbot
sudo certbot certonly --standalone -d yourdomain.com
# Certs are at:
# /etc/letsencrypt/live/yourdomain.com/fullchain.pem
# /etc/letsencrypt/live/yourdomain.com/privkey.pemConfigure Nginx
Create nginx/nginx.conf:
events { worker_connections 1024; }
http {
server {
listen 80;
server_name yourdomain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name yourdomain.com;
ssl_certificate /etc/nginx/certs/fullchain.pem;
ssl_certificate_key /etc/nginx/certs/privkey.pem;
client_max_body_size 100M;
location / {
proxy_pass http://app:14000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# WebSocket support (for streaming)
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 3600s;
}
}
}Start the services
docker compose up -d
# Verify all containers are running
docker compose ps
# Check logs
docker compose logs -f appOpen the dashboard
Navigate to https://yourdomain.com and log in with your admin credentials.
Database Backups
Set up automated daily backups:
#!/bin/bash
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_DIR=/opt/backups/openagent
mkdir -p $BACKUP_DIR
docker compose exec -T db mysqldump \
-u openagent -p"${DB_PASSWORD}" openagent \
| gzip > $BACKUP_DIR/openagent_$DATE.sql.gz
# Keep only last 30 days
find $BACKUP_DIR -name "*.sql.gz" -mtime +30 -deletechmod +x /opt/openagent/backup.sh
# Schedule daily backup at 2am
echo "0 2 * * * /opt/openagent/backup.sh" | crontab -Updating OpenAgent
cd /opt/openagent
# Pull the latest image
docker compose pull app
# Restart with zero downtime
docker compose up -d --no-deps appHealth Monitoring
The /api/health endpoint returns the application's health status:
curl https://yourdomain.com/api/health
# {"status":"ok","db":"connected","version":"1.x.x"}Use this endpoint with your monitoring tool (UptimeRobot, Grafana, etc.) to alert on downtime.
Always test upgrades in a staging environment before applying to production. Back up your database before each upgrade.