Enterprise Deployment Strategy for Asset & Inventory Management
by Karosuru from Athato
This guide provides comprehensive instructions for deploying Quaex in enterprise environments, from development setup through production deployment and ongoing operations.
# 1. Clone and setup
git clone https://github.com/karosuru/quaex.git
cd quaex
# 2. Install Flutter dependencies
flutter pub get
# 3. Configure environment
cp .env.example .env
# Edit .env with your configuration
# 4. Run development server
flutter run -d web
# 5. Run tests
flutter test
# 6. Build for production
flutter build web --release
Minimum Requirements:
OS: Windows 10+, macOS 10.15+, or Ubuntu 18.04+
RAM: 8GB (16GB recommended)
Storage: 50GB available space
Flutter: 3.24.3+
Dart: 3.5.3+
Recommended Development Tools:
IDE: VS Code or IntelliJ IDEA
Extensions: Flutter, Dart, GitLens
Database: PostgreSQL 12+
Node.js: 18+ (for build tools)
Application Server:
CPU: 4+ cores (8+ recommended)
RAM: 16GB (32GB recommended)
Storage: 500GB SSD (enterprise-grade)
OS: Ubuntu 20.04 LTS or CentOS 8+
Database Server (Supabase/PostgreSQL):
CPU: 8+ cores
RAM: 32GB (64GB recommended)
Storage: 1TB SSD with backup
Network: Gigabit connection
Load Balancer/Reverse Proxy:
CPU: 2+ cores
RAM: 4GB
CDN: Global content delivery network
SSL: Enterprise certificates
# Install Flutter SDK
git clone https://github.com/flutter/flutter.git -b stable
export PATH="$PATH:`pwd`/flutter/bin"
# Verify installation
flutter doctor
# Accept licenses
flutter doctor --android-licenses
# Enable web and desktop support
flutter config --enable-web
flutter config --enable-macos-desktop
flutter config --enable-linux-desktop
flutter config --enable-windows-desktop
# Clone the repository
git clone https://github.com/karosuru/quaex.git
cd quaex
# Install dependencies
flutter pub get
# Setup environment configuration
cp .env.example .env
# Edit .env file
nano .env
# .env file contents
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_ANON_KEY=your-anon-key
SUPABASE_SERVICE_ROLE_KEY=your-service-key
# Environment settings
FLUTTER_ENV=development
DEBUG_MODE=true
API_BASE_URL=https://api.quaex.com
WEB_BASE_URL=https://app.quaex.com
# Security settings
JWT_SECRET=your-jwt-secret
ENCRYPTION_KEY=your-encryption-key
SESSION_TIMEOUT=3600
# Integration settings
BARCODE_API_KEY=your-barcode-api-key
NOTIFICATION_SERVICE_KEY=your-notification-key
ANALYTICS_KEY=your-analytics-key
-- Run these SQL commands in Supabase SQL Editor
-- Enable Row Level Security
ALTER TABLE IF EXISTS public.assets ENABLE ROW LEVEL SECURITY;
ALTER TABLE IF EXISTS public.inventory_items ENABLE ROW LEVEL SECURITY;
ALTER TABLE IF EXISTS public.workspaces ENABLE ROW LEVEL SECURITY;
ALTER TABLE IF EXISTS public.user_profiles ENABLE ROW LEVEL SECURITY;
-- Create RLS policies
CREATE POLICY "Users can view own workspace assets" ON public.assets
FOR SELECT USING (workspace_id IN (
SELECT workspace_id FROM public.user_workspaces
WHERE user_id = auth.uid()
));
CREATE POLICY "Users can modify own workspace assets" ON public.assets
FOR ALL USING (workspace_id IN (
SELECT workspace_id FROM public.user_workspaces
WHERE user_id = auth.uid() AND role IN ('admin', 'manager')
));
# Run in development mode
flutter run -d web --web-port 3000
# Run with hot reload
flutter run -d web --hot
# Run on specific device
flutter devices
flutter run -d chrome
# Run all tests
flutter test
# Run tests with coverage
flutter test --coverage
# Run specific test file
flutter test test/widget_test.dart
# Run integration tests
flutter test integration_test/
# Build web version
flutter build web --release \
--web-renderer canvaskit \
--base-href /app/
# Build Android APK
flutter build apk --release \
--obfuscate \
--split-debug-info=build/debug-info/
# Build iOS (on macOS)
flutter build ios --release \
--obfuscate \
--split-debug-info=build/debug-info/
# Build desktop versions
flutter build windows --release
flutter build macos --release
flutter build linux --release
# Build for production
flutter build web --release
# Deploy to CDN/Static hosting
aws s3 sync build/web/ s3://quaex-app-bucket/ --delete
aws cloudfront create-invalidation --distribution-id E1234567890 --paths "/*"
# Dockerfile for web deployment
FROM nginx:alpine
# Copy built Flutter web app
COPY build/web /usr/share/nginx/html
# Copy nginx configuration
COPY nginx.conf /etc/nginx/nginx.conf
# Expose port
EXPOSE 80
# Start nginx
CMD ["nginx", "-g", "daemon off;"]
# Build and deploy Docker container
docker build -t quaex-web .
docker run -p 80:80 quaex-web
# Generate signed APK
keytool -genkey -v -keystore quaex-release-key.jks \
-keyalg RSA -keysize 2048 -validity 10000 \
-alias release
# Configure signing in android/key.properties
storePassword=your-store-password
keyPassword=your-key-password
keyAlias=release
storeFile=../quaex-release-key.jks
# Build signed APK
flutter build apk --release
# Deploy to Google Play Store via Google Play Console
# Upload build/app/outputs/flutter-apk/app-release.apk
# Configure code signing in Xcode
open ios/Runner.xcworkspace
# Build for App Store
flutter build ios --release
# Deploy via Xcode or fastlane
# Upload to App Store Connect
# Build Windows executable
flutter build windows --release
# Package with installer (using NSIS or similar)
makensis quaex-installer.nsi
# Build macOS app
flutter build macos --release
# Code sign and notarize
codesign --deep --force --verify --verbose --sign "Developer ID" build/macos/Build/Products/Release/quaex.app
xcrun notarytool submit build/macos/Build/Products/Release/quaex.app.zip
CDN (CloudFlare/AWS CloudFront):
- Global content delivery
- DDoS protection
- SSL/TLS termination
- Caching rules
Load Balancer (AWS ALB/nginx):
- Traffic distribution
- Health checks
- SSL offloading
- Rate limiting
Application Servers:
- Multiple instances
- Auto-scaling groups
- Container orchestration
- Rolling deployments
Database (Supabase):
- PostgreSQL cluster
- Read replicas
- Automated backups
- Connection pooling
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: quaex-web
spec:
replicas: 3
selector:
matchLabels:
app: quaex-web
template:
metadata:
labels:
app: quaex-web
spec:
containers:
- name: quaex-web
image: quaex/web:latest
ports:
- containerPort: 80
env:
- name: SUPABASE_URL
valueFrom:
secretKeyRef:
name: quaex-secrets
key: supabase-url
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "500m"
---
apiVersion: v1
kind: Service
metadata:
name: quaex-web-service
spec:
selector:
app: quaex-web
ports:
- port: 80
targetPort: 80
type: LoadBalancer
# .github/workflows/deploy.yml
name: Deploy Quaex
on:
push:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: subosito/flutter-action@v2
with:
flutter-version: '3.24.3'
- run: flutter pub get
- run: flutter test
- run: flutter test --coverage
build-and-deploy:
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: subosito/flutter-action@v2
with:
flutter-version: '3.24.3'
- run: flutter build web --release
- name: Deploy to S3
run: |
aws s3 sync build/web/ s3://quaex-app-production/ --delete
aws cloudfront create-invalidation --distribution-id $ --paths "/*"
# nginx.conf
server {
listen 443 ssl http2;
server_name app.quaex.com;
ssl_certificate /etc/ssl/certs/quaex.crt;
ssl_certificate_key /etc/ssl/private/quaex.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512;
ssl_prefer_server_ciphers off;
# Security headers
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options DENY always;
add_header X-Content-Type-Options nosniff always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';" always;
location / {
try_files $uri $uri/ /index.html;
expires 1h;
add_header Cache-Control "public, immutable";
}
}
# Use encrypted environment variables
export SUPABASE_URL=$(echo $ENCRYPTED_SUPABASE_URL | base64 -d)
export JWT_SECRET=$(openssl rand -hex 32)
# Restrict file permissions
chmod 600 .env
chown app:app .env
-- Enable SSL connections only
ALTER SYSTEM SET ssl = 'on';
ALTER SYSTEM SET ssl_cert_file = '/etc/ssl/certs/server.crt';
ALTER SYSTEM SET ssl_key_file = '/etc/ssl/private/server.key';
-- Configure row level security policies
CREATE POLICY "Authenticated users only" ON public.assets
FOR ALL USING (auth.role() = 'authenticated');
-- Audit logging
CREATE TABLE IF NOT EXISTS audit_logs (
id UUID DEFAULT gen_random_uuid() PRIMARY KEY,
user_id UUID REFERENCES auth.users(id),
action TEXT NOT NULL,
table_name TEXT NOT NULL,
old_values JSONB,
new_values JSONB,
created_at TIMESTAMP DEFAULT NOW()
);
Monitoring Stack:
APM: New Relic / DataDog
Logs: ELK Stack (Elasticsearch, Logstash, Kibana)
Metrics: Prometheus + Grafana
Uptime: Pingdom / StatusPage
Key Metrics:
- Response times
- Error rates
- User sessions
- Database performance
- Memory usage
- CPU utilization
// lib/utils/health_check.dart
class HealthCheck {
static Future<Map<String, dynamic>> getSystemStatus() async {
return {
'status': 'healthy',
'timestamp': DateTime.now().toIso8601String(),
'version': '1.0.0',
'services': {
'database': await _checkDatabase(),
'storage': await _checkStorage(),
'external_apis': await _checkExternalApis(),
},
'metrics': {
'uptime': await _getUptime(),
'memory_usage': await _getMemoryUsage(),
'active_users': await _getActiveUsers(),
}
};
}
}
Critical Alerts (PagerDuty):
- Application down (>5 minutes)
- Database connection failures
- High error rates (>5%)
- Security incidents
Warning Alerts (Email/Slack):
- High response times (>2 seconds)
- Low disk space (<20%)
- Certificate expiring (<30 days)
- Unusual traffic patterns
#!/bin/bash
# Daily backup script
# Database backup
pg_dump -h $DB_HOST -U $DB_USER -d $DB_NAME | gzip > backup_$(date +%Y%m%d).sql.gz
# File storage backup
rsync -av --delete /app/storage/ /backup/storage/
# Configuration backup
tar -czf config_backup_$(date +%Y%m%d).tar.gz /app/config/
# Upload to cloud storage
aws s3 cp backup_$(date +%Y%m%d).sql.gz s3://quaex-backups/database/
aws s3 sync /backup/storage/ s3://quaex-backups/storage/
aws s3 cp config_backup_$(date +%Y%m%d).tar.gz s3://quaex-backups/config/
# Cleanup old backups (keep 30 days)
find /backup -name "*.gz" -mtime +30 -delete
RTO (Recovery Time Objective): 4 hours
RPO (Recovery Point Objective): 1 hour
Recovery Procedures:
1. Activate disaster recovery site
2. Restore database from latest backup
3. Sync file storage
4. Update DNS records
5. Validate system functionality
6. Notify stakeholders
Testing Schedule:
- Monthly: Backup restoration test
- Quarterly: Full DR drill
- Annually: Comprehensive DR simulation
Code Splitting:
- Route-based splitting
- Component lazy loading
- Asset optimization
Caching Strategy:
- Browser caching
- CDN caching
- Application cache
- Service worker cache
Bundle Optimization:
- Tree shaking
- Minification
- Compression (gzip/brotli)
- Image optimization
-- Database indexing
CREATE INDEX idx_assets_workspace_status ON assets(workspace_id, status);
CREATE INDEX idx_inventory_location ON inventory_items(location_id);
CREATE INDEX idx_users_email ON user_profiles(email);
-- Query optimization
EXPLAIN ANALYZE SELECT * FROM assets WHERE workspace_id = $1 AND status = 'active';
-- Connection pooling
ALTER SYSTEM SET max_connections = 200;
ALTER SYSTEM SET shared_buffers = '256MB';
#!/bin/bash
# Production update script
# 1. Create maintenance window
curl -X POST "https://api.statuspage.io/v1/pages/$PAGE_ID/incidents" \
-H "Authorization: OAuth $TOKEN" \
-d "name=Scheduled Maintenance&status=scheduled"
# 2. Backup current version
kubectl create backup quaex-backup-$(date +%Y%m%d)
# 3. Deploy new version
kubectl set image deployment/quaex-web quaex-web=quaex/web:v1.1.0
# 4. Wait for rollout
kubectl rollout status deployment/quaex-web
# 5. Run health checks
./scripts/health-check.sh
# 6. Update status page
curl -X PATCH "https://api.statuspage.io/v1/pages/$PAGE_ID/incidents/$INCIDENT_ID" \
-d "status=resolved"
#!/bin/bash
# Emergency rollback script
# 1. Rollback deployment
kubectl rollout undo deployment/quaex-web
# 2. Verify rollback
kubectl rollout status deployment/quaex-web
# 3. Restore database if needed
psql -h $DB_HOST -U $DB_USER -d $DB_NAME < backup_latest.sql
# 4. Notify team
slack-notify "#ops" "🚨 Emergency rollback completed for Quaex"
Flutter Web Issues:
- CORS errors: Configure server CORS headers
- Routing problems: Check base href configuration
- Performance: Enable CanvasKit renderer
Database Issues:
- Connection timeouts: Check connection pool settings
- Slow queries: Analyze and add indexes
- Lock contention: Review transaction isolation levels
Mobile Issues:
- Build failures: Clean and rebuild
- Permission errors: Check platform permissions
- Network issues: Verify API endpoints
Technical Support:
Email: support@karosuru.com
Phone: +1-555-QUAEX-01
Slack: #quaex-support
Emergency Escalation:
On-call: +1-555-EMERGENCY
PagerDuty: quaex-critical
Documentation:
Wiki: https://wiki.karosuru.com/quaex
API Docs: https://api.quaex.com/docs
Status Page: https://status.quaex.com
Document Version: 1.0
Last Updated: 2025-01-21
Next Review: 2025-04-21
Maintained By: Karosuru DevOps Team
This deployment guide should be updated regularly to reflect changes in infrastructure, security requirements, and operational procedures.