Infrastructure Checklist
Use this checklist to verify infrastructure readiness before deploying Chatty AI.
Host Preparation
- Server provisioned with adequate resources
- Operating system installed (Ubuntu 22.04 LTS recommended)
- OS updated to latest patches
sudo apt-get update && sudo apt-get upgrade -y - Hostname configured properly
- Time synchronization (NTP) configured and running
timedatectl status
Docker Installation
- Docker Engine installed (version 20.10+)
docker --version - Docker Compose installed (version 2.0+)
docker compose version - Docker service running
sudo systemctl status docker - User added to docker group (if not using root)
sudo usermod -aG docker $USER - Docker daemon configured with appropriate settings
Storage Preparation
- Adequate disk space available (minimum 100 GB, recommended 500 GB+)
df -h - SSD/NVMe storage for production deployments
- Filesystem is ext4, xfs, or btrfs
- Mount points created for volumes (if using custom locations)
- Permissions set correctly on volume directories
Network Configuration
- Static IP assigned (recommended for production)
- DNS resolution working
nslookup google.com - Firewall configured to allow required ports
- See Port Matrix
- Outbound HTTPS access available (for LLM endpoints)
- Internal network connectivity verified
Access and Permissions
- SSH access configured for administrators
- SSH key-based authentication enabled (recommended)
- Sudo access available for deployment user
- Firewall rules allow SSH from admin networks
- Backup of SSH keys stored securely
Deployment Repository Access
For Docker Compose Deployment
- GitHub deploy token obtained from vendor
- Token provides read-only access to private deployment repository
- Repository URL:
https://github.com/chattyai-org/chatty-app-deploy.git
- Git installed on deployment server
git --version - Deploy token tested (can clone repository)
git clone https://<DEPLOY_TOKEN>@github.com/chattyai-org/chatty-app-deploy.git - Deployment files reviewed in repository:
- docker-compose.yaml
- .env.example
- ENV_DOCUMENTATION.md
- README.md
For Portainer Deployment
- Deployment package obtained from vendor (if applicable)
- Package integrity verified (checksums, signatures)
- Package extracted to appropriate location
Portainer (if using Portainer deployment)
- Portainer Server accessible
- Portainer credentials available
- Edge Agent deployment command obtained
- Network path to Portainer Server verified
- Firewall allows outbound HTTPS to Portainer Server
Certificates
- SSL/TLS certificates obtained for all domains
- Chatty AI domain
- n8n domain
- Databases domain
- Certificates in PEM format
- Certificate files named correctly:
- fullchain.pem
- privkey.pem
- Certificates not expired
- Certificate chain complete
- Certificate directory structure created
/etc/nginx/certs/
├── chattyai/
├── n8n/
└── databases/ - Certificates copied to appropriate directories
- File permissions set (readable by Docker)
DNS Configuration
- DNS records created for all domains
- DNS propagation verified
nslookup chat.yourdomain.com
nslookup n8n.yourdomain.com
nslookup db.yourdomain.com - DNS points to correct IP address
- Internal DNS configured (if applicable)
Environment Variables
- .env file created from .env.example
- All required variables set:
- Domain names
- URLs
- Database password
- JWT secret
- API keys
- Admin password
- Secrets generated (not using example values)
- .env file permissions set to 600
chmod 600 .env
External Connectivity
- LLM endpoint accessible (if using external LLM)
curl -I https://llm.vendor.com - LDAP server accessible (if using LDAP)
- SSO provider accessible (if using SSO)
- Firewall rules allow outbound to external services
VPN (if applicable)
- VPN connection established
- VPN routes configured
- VPN allows required traffic
- VPN stability verified
Monitoring and Logging
- Log aggregation configured (optional but recommended)
- Monitoring tools installed (optional but recommended)
- Alerting configured for critical metrics
- Log rotation configured
Backup Infrastructure
- Backup storage available
- Backup scripts reviewed
- Backup schedule planned
- Restore procedure documented
- Backup testing planned
Security
- Firewall enabled and configured
- SSH hardened (key-only, non-standard port, etc.)
- Fail2ban or similar installed (optional)
- Security updates enabled
- Audit logging configured
- Secrets management strategy defined
Documentation
- Deployment plan documented
- Network diagram created
- Access procedures documented
- Escalation contacts identified
- Runbook prepared for common operations
Team Readiness
- Deployment team identified
- Roles and responsibilities assigned
- Deployment window scheduled
- Rollback plan prepared
- Communication plan established
Final Verification
- All prerequisites met
- Deployment checklist reviewed
- Stakeholders notified
- Go/no-go decision made
Quick Verification Script
#!/bin/bash
# Quick infrastructure verification
echo "=== Infrastructure Verification ==="
echo -n "Docker installed: "
docker --version && echo "✓" || echo "✗"
echo -n "Docker Compose installed: "
docker compose version && echo "✓" || echo "✗"
echo -n "Docker running: "
systemctl is-active docker && echo "✓" || echo "✗"
echo -n "Disk space (root): "
df -h / | awk 'NR==2 {print $4 " available"}'
echo -n "NTP synchronized: "
timedatectl | grep "synchronized: yes" && echo "✓" || echo "✗"
echo -n "DNS resolution: "
nslookup google.com > /dev/null 2>&1 && echo "✓" || echo "✗"
echo -n "Outbound HTTPS: "
curl -s -o /dev/null -w "%{http_code}" https://www.google.com | grep -q 200 && echo "✓" || echo "✗"
echo "=== End Verification ==="
Next Steps
Once all items are checked:
- Configure Environment Variables
- Begin Portainer Installation or Docker Compose Installation
Troubleshooting
If any checklist items fail:
- Review Software Requirements
- Check Hardware Requirements
- Consult Troubleshooting
- Contact vendor support if needed