Deployment Manual3 min readReviewed 2026-05-15

Linux Docker Compose Deployment

Linux Docker Compose is the preferred DeskDox production deployment model for customer-managed infrastructure.

Deployment Position

This model is fully supported by the repository production compose baseline. It is appropriate for dedicated Linux servers, enterprise VMs, VPS deployments, and private-cloud hosts where the customer can control storage, DNS, firewall, TLS, backup, and monitoring.

Production Compose Baseline

The root production compose file defines:

ServiceImage / runtimePersistent data
postgrespostgres:16/srv/edms/volumes/postgres:/var/lib/postgresql/data
gotenberggotenberg/gotenberg:8Stateless conversion service.
backendghcr.io/dev-saifar/edms-backend:${IMAGE_TAG:-latest}Uploads, previews, FAISS, backups, licensing.
preview-workerSame backend imageUploads, previews, FAISS, backups, licensing.
index-workerSame backend imageUploads, previews, FAISS, backups, licensing.
frontendghcr.io/dev-saifar/edms-frontend:${IMAGE_TAG:-latest}Static runtime container.

The backend startup command applies Alembic migrations before starting Uvicorn. This means deployment windows must allow for schema migration review and backup/rollback planning.

Host Preparation

The customer should provision:

  • Linux server or VM with agreed CPU/RAM/storage sizing.
  • Docker Engine and Docker Compose v2.
  • Durable SSD-backed storage for /srv/edms/volumes/... or approved equivalent paths.
  • Restricted administrative access.
  • DNS and TLS endpoint strategy.
  • Monitoring for CPU, memory, disk, Docker service state, and backup success.

Persistent Directories

The production compose baseline uses:

Host pathContainer pathPurpose
/srv/edms/volumes/postgres/var/lib/postgresql/dataPostgreSQL data.
/srv/edms/volumes/uploads/app/filesUploaded document binaries.
/srv/edms/volumes/previews/app/data/previewsPreview artifacts.
/srv/edms/volumes/faiss/app/data/faissSearch, RAG, and index artifacts.
/srv/edms/volumes/backups/var/lib/deskdox/backupsBackup output.
/srv/edms/volumes/licensing/var/lib/deskdox/licensingLicensing state.

These paths must be included in capacity planning and backup design.

Implementation Notes

Commands are provided here for deployment engineers and should be adapted to the customer’s approved process.

cp .env.prod.template .env.prod
docker compose -f docker-compose.prod.yml --env-file .env.prod config
docker compose -f docker-compose.prod.yml --env-file .env.prod up -d
docker compose -f docker-compose.prod.yml --env-file .env.prod ps

Health validation should include the frontend endpoint, backend health API, container health status, and representative application smoke tests.

Linux Acceptance Criteria

AreaExpected result
Service startupAll six production services are running and healthy.
PersistenceRequired host paths exist, are writable, and survive container replacement.
Public endpointUsers access DeskDox through the approved FQDN and TLS endpoint.
Internal isolationDatabase, converter, backend direct port, and workers are not publicly exposed.
Application validationLogin, upload, preview, search/OCR, workflow, email, backup, and audit tests pass.
HandoverImage tag, environment location, data paths, backup path, and support owners are documented.

Production Caveats

The Linux compose model is single-host by default. Two-tier, three-tier, and HA designs require separate design review for shared storage, database operations, worker concurrency, file locking, backup/restore, and network exposure.

Was this article helpful?

Related articles

Continue with closely related deployment manual guidance.