Deployment Guide
This guide covers deploying NextJudge to production environments.
Prerequisites
Section titled “Prerequisites”- Docker and Docker Compose installed
- At least 8GB RAM recommended
- Sufficient disk space for database and logs
- Domain name and SSL certificate (for production)
Quick Deployment
Section titled “Quick Deployment”The simplest deployment uses the provided Docker Compose files:
./deploy.shThis uses compose/docker-compose.backend.yml to start all services.
Production Deployment
Section titled “Production Deployment”Environment Variables
Section titled “Environment Variables”Set the following environment variables before deployment:
Data Layer:
DATABASE_URL- PostgreSQL connection stringRABBITMQ_URL- RabbitMQ connection stringJWT_SECRET- Secret key for JWT token signingCORS_ORIGIN- Allowed CORS origins (comma-separated)ELASTIC_ENABLED- Enable Elasticsearch (true/false)SEED_DATA- Seed development data (false for production)
Judge Service:
RABBITMQ_HOST- RabbitMQ hostnameRABBITMQ_PORT- RabbitMQ port (default: 5672)RABBITMQ_USER- RabbitMQ usernameRABBITMQ_PASSWORD- RabbitMQ passwordNEXTJUDGE_HOST- Data layer API hostnameNEXTJUDGE_PORT- Data layer API port (default: 5000)JUDGE_PASSWORD- Password for judge authentication
Web Application:
NEXT_PUBLIC_API_URL- Data layer API URLNEXTAUTH_SECRET- Secret for NextAuth.jsNEXTAUTH_URL- Public URL of the web application- Database connection variables (if using database session store)
Using Prebuilt Images
Section titled “Using Prebuilt Images”For production, use prebuilt Docker images:
docker-compose -f compose/docker-compose.prebuilt.yml up -dThis uses images from the GitHub Container Registry.
Building Custom Images
Section titled “Building Custom Images”To build your own images:
docker buildx bake -f docker-bake.hclThis builds all services using the multi-stage build configuration.
Service Configuration
Section titled “Service Configuration”PostgreSQL
Section titled “PostgreSQL”Configure PostgreSQL for production:
- Set appropriate
shared_buffersandmax_connections - Enable connection pooling (consider PgBouncer)
- Set up regular backups
- Configure replication if needed
RabbitMQ
Section titled “RabbitMQ”Configure RabbitMQ:
- Set up durable queues
- Configure message persistence
- Set appropriate memory limits
- Enable monitoring
Scaling Judge Services
Section titled “Scaling Judge Services”To handle more submissions, scale the judge service:
docker-compose up -d --scale judge=3This starts 3 judge instances, all consuming from the same queue.
Reverse Proxy
Section titled “Reverse Proxy”Set up a reverse proxy (nginx, Traefik, etc.) in front of the web application:
server { listen 80; server_name nextjudge.example.com;
location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; }}SSL/TLS
Section titled “SSL/TLS”Use Let’s Encrypt or your preferred certificate authority:
server { listen 443 ssl; server_name nextjudge.example.com;
ssl_certificate /path/to/cert.pem; ssl_certificate_key /path/to/key.pem;
location / { proxy_pass http://localhost:3000; # ... proxy settings }}Database Setup
Section titled “Database Setup”Initial Migration
Section titled “Initial Migration”The data layer runs migrations automatically on startup. For production:
- Review migration scripts
- Backup existing database (if upgrading)
- Start data layer service
- Verify migrations completed successfully
Seeding Data
Section titled “Seeding Data”Do not use SEED_DATA=true in production. Instead:
- Create admin user via API
- Import problems via API or CLI
- Configure languages via API
Monitoring
Section titled “Monitoring”Health Checks
Section titled “Health Checks”All services expose health check endpoints:
- Data Layer:
GET /healthy - Web Application: Built into Next.js
- Judge: Check RabbitMQ connection
Set up monitoring to check these endpoints regularly.
Logging
Section titled “Logging”Configure centralized logging:
- Use Docker logging drivers
- Forward logs to a logging service (ELK, Loki, etc.)
- Set appropriate log levels for production
Metrics
Section titled “Metrics”Consider adding metrics collection:
- Application metrics (Prometheus)
- Infrastructure metrics (cAdvisor, Node Exporter)
- Custom business metrics
Backup Strategy
Section titled “Backup Strategy”Database Backups
Section titled “Database Backups”Set up regular PostgreSQL backups:
# Daily backup scriptpg_dump -U postgres nextjudge > backup-$(date +%Y%m%d).sqlOr use PostgreSQL’s continuous archiving for point-in-time recovery.
Volume Backups
Section titled “Volume Backups”Back up Docker volumes containing persistent data:
- PostgreSQL data volume
- Any persistent judge cache directories
Security Considerations
Section titled “Security Considerations”Network Security
Section titled “Network Security”- Use Docker networks to isolate services
- Expose only necessary ports
- Use firewall rules to restrict access
- Consider using a VPN for admin access
Authentication
Section titled “Authentication”- Use strong JWT secrets
- Enable HTTPS for all connections
- Implement rate limiting
- Use secure password hashing
Code Execution Security
Section titled “Code Execution Security”The judge service uses nsjail for isolation, but also:
- Regularly update judge Docker images
- Monitor for security vulnerabilities
- Review and test isolation settings
- Limit resource usage appropriately
Performance Tuning
Section titled “Performance Tuning”Database
Section titled “Database”- Add appropriate indexes
- Analyze query performance
- Use connection pooling
- Consider read replicas for scaling
Judge Service
Section titled “Judge Service”- Scale horizontally by adding more instances
- Monitor queue depth
- Tune resource limits per problem
- Cache compilation results where possible
Web Application
Section titled “Web Application”- Enable Next.js production optimizations
- Use CDN for static assets
- Implement caching strategies
- Monitor bundle size
Troubleshooting
Section titled “Troubleshooting”Services Not Starting
Section titled “Services Not Starting”- Check Docker logs:
docker-compose logs <service> - Verify environment variables
- Check port availability
- Verify Docker resources (memory, disk)
Database Connection Issues
Section titled “Database Connection Issues”- Verify PostgreSQL is running
- Check connection string format
- Verify network connectivity
- Check firewall rules
Judge Not Processing Submissions
Section titled “Judge Not Processing Submissions”- Verify RabbitMQ connection
- Check judge authentication
- Verify queue exists
- Check judge logs for errors
High Memory Usage
Section titled “High Memory Usage”- Monitor service resource usage
- Scale judge services horizontally
- Tune database connection pool
- Review and optimize queries
Upgrading
Section titled “Upgrading”When upgrading NextJudge:
- Backup database and volumes
- Review changelog and migration notes
- Pull new Docker images
- Run migrations (automatic on startup)
- Verify all services start correctly
- Test critical functionality
Coolify Deployment
Section titled “Coolify Deployment”NextJudge includes a Coolify-specific compose file:
docker-compose -f compose/docker-compose.coolify.yml up -dThis is optimized for Coolify hosting platform deployments.
Cloud Deployment
Section titled “Cloud Deployment”- Use RDS for PostgreSQL
- Use ElastiCache for Redis (if needed)
- Use ECS or EKS for container orchestration
- Use ALB for load balancing
Google Cloud
Section titled “Google Cloud”- Use Cloud SQL for PostgreSQL
- Use Cloud Run for serverless deployment
- Use Cloud Load Balancing
- Use Azure Database for PostgreSQL
- Use Azure Container Instances or AKS
- Use Azure Application Gateway
Support
Section titled “Support”For deployment issues:
- Check GitHub issues
- Review service logs
- Consult the development guide
- Open a new issue with details