Add production infrastructure: compiled builds, clustering, connection pooling

Root cause of 502 errors under 30 concurrent users: the production server was running dev-mode infrastructure (Vite dev server, NestJS --watch, no DB connection pooling, single Node.js process). Changes: - backend/Dockerfile: multi-stage prod build (compiled JS, no devDeps) - frontend/Dockerfile: multi-stage prod build (static assets served by nginx) - frontend/nginx.conf: SPA routing config for frontend container - docker-compose.prod.yml: production overlay with tuned Postgres, memory limits, health checks, restart policies - nginx/production.conf: keepalive upstreams, proxy buffering, rate limiting - backend/src/main.ts: Node.js clustering (1 worker per CPU, up to 4), conditional request logging, production CORS - backend/src/app.module.ts: TypeORM connection pool (max 30, min 5) - docs/DEPLOYMENT.md: new Production Deployment section Deploy with: docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d --build Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-02 16:55:19 -05:00
parent e719f593de
commit 8db89373e0
8 changed files with 408 additions and 18 deletions
--- a/backend/Dockerfile
+++ b/backend/Dockerfile
@@ -0,0 +1,26 @@
+# ---- Production Dockerfile for NestJS backend ----
+# Multi-stage build: compile TypeScript, then run with minimal image
+
+# Stage 1: Build
+FROM node:20-alpine AS builder
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci
+COPY . .
+RUN npm run build
+
+# Stage 2: Production
+FROM node:20-alpine
+WORKDIR /app
+
+# Only install production dependencies
+COPY package*.json ./
+RUN npm ci --omit=dev && npm cache clean --force
+
+# Copy compiled output from builder
+COPY --from=builder /app/dist ./dist
+
+EXPOSE 3000
+
+# Run the compiled JS directly — no ts-node, no watch, no devDeps
+CMD ["node", "dist/main"]
--- a/backend/src/app.module.ts
+++ b/backend/src/app.module.ts
@@ -43,6 +43,13 @@ import { ScheduleModule } from '@nestjs/schedule';
        autoLoadEntities: true,
        synchronize: false,
        logging: false,
+        // Connection pool — reuse connections instead of creating new ones per query
+        extra: {
+          max: 30,                        // max pool size (across all concurrent requests)
+          min: 5,                         // keep at least 5 idle connections warm
+          idleTimeoutMillis: 30000,       // close idle connections after 30s
+          connectionTimeoutMillis: 5000,  // fail fast if pool is exhausted
+        },
      }),
    }),
    DatabaseModule,
--- a/backend/src/main.ts
+++ b/backend/src/main.ts
@@ -1,18 +1,51 @@
+import cluster from 'node:cluster';
+import os from 'node:os';
 import { NestFactory } from '@nestjs/core';
 import { ValidationPipe } from '@nestjs/common';
 import { SwaggerModule, DocumentBuilder } from '@nestjs/swagger';
 import { AppModule } from './app.module';

+const isProduction = process.env.NODE_ENV === 'production';
+
+// ---------------------------------------------------------------------------
+// Clustering — fork one worker per CPU core in production
+// ---------------------------------------------------------------------------
+
+const WORKERS = isProduction
+  ? Math.min(os.cpus().length, 4)  // cap at 4 workers to stay within DB pool
+  : 1;                              // single process in dev
+
+if (WORKERS > 1 && cluster.isPrimary) {
+  console.log(`Primary ${process.pid} forking ${WORKERS} workers ...`);
+  for (let i = 0; i < WORKERS; i++) {
+    cluster.fork();
+  }
+  cluster.on('exit', (worker, code) => {
+    console.warn(`Worker ${worker.process.pid} exited (code ${code}), restarting ...`);
+    cluster.fork();
+  });
+} else {
+  bootstrap();
+}
+
+// ---------------------------------------------------------------------------
+// NestJS bootstrap
+// ---------------------------------------------------------------------------
+
 async function bootstrap() {
-  const app = await NestFactory.create(AppModule);
+  const app = await NestFactory.create(AppModule, {
+    logger: isProduction ? ['error', 'warn', 'log'] : ['error', 'warn', 'log', 'debug', 'verbose'],
+  });

  app.setGlobalPrefix('api');

-  // Request logging
-  app.use((req: any, _res: any, next: any) => {
-    console.log(`[REQ] ${req.method} ${req.url} auth=${req.headers.authorization ? 'yes' : 'no'}`);
-    next();
-  });
+  // Request logging — only in development (too noisy / slow for prod)
+  if (!isProduction) {
+    app.use((req: any, _res: any, next: any) => {
+      console.log(`[REQ] ${req.method} ${req.url} auth=${req.headers.authorization ? 'yes' : 'no'}`);
+      next();
+    });
+  }

  app.useGlobalPipes(
    new ValidationPipe({
@@ -22,21 +55,22 @@ async function bootstrap() {
    }),
  );

+  // CORS — in production nginx handles this; accept all origins behind the proxy
  app.enableCors({
-    origin: ['http://localhost', 'http://localhost:5173'],
+    origin: isProduction ? true : ['http://localhost', 'http://localhost:5173'],
    credentials: true,
  });

+  // Swagger docs — available in all environments
  const config = new DocumentBuilder()
    .setTitle('HOA LedgerIQ API')
    .setDescription('API for the HOA LedgerIQ')
-    .setVersion('0.1.0')
+    .setVersion('2026.3.2')
    .addBearerAuth()
    .build();
  const document = SwaggerModule.createDocument(app, config);
  SwaggerModule.setup('api/docs', app, document);

  await app.listen(3000);
-  console.log('Backend running on port 3000');
+  console.log(`Backend worker ${process.pid} listening on port 3000`);
 }
-bootstrap();