Deployment

Docker

A multi-stage Dockerfile is provided at apps/engine/Dockerfile. It builds the engine and serves on port 3000 with a built-in healthcheck (/api/health).

          docker build -f apps/engine/Dockerfile -t cms .
docker run -p 3000:3000 --env-file .env cms
        

Environment variables

See Installation — Environment variables for the full list. At minimum, set:

• DATABASE_URL — Postgres connection string
• NODE_ENV=production — enables migration file mode
• CMS_CONFIG_PATH — path to your config file
• CMS_ADMIN_PASSWORD — change from the default admin

Migrations

In production (NODE_ENV=production), the engine applies migration files from MIGRATIONS_PATH on startup. Generate and commit them before deploying:

          cms migration generate
cms migration run   # optional: verify locally first
        

Graceful shutdown

The engine handles SIGTERM (Docker/k8s) and SIGINT (Ctrl+C) for graceful shutdown. In-flight requests are drained with a 5-second forced-exit timeout.

Production checklist

• Set NODE_ENV=production
• Set a strong CMS_ADMIN_PASSWORD (the default is admin)
• Generate and commit migration files — drizzle-kit push is not used in production
• Put a reverse proxy (nginx, Cloudflare) in front for TLS and rate limiting — the built-in rate limiter is in-memory, per-process
• Set ADMIN_UI=false if you don’t need the admin panel on this instance