生产环境部署

# Database encryption key (32 characters)
openssl rand -hex 32

# JWT secret key
openssl rand -base64 48

# Redis password
openssl rand -base64 32

# Security
DATABASE_DECRYPTION_KEY: '[generated-key]'
JWT_KEY: '[generated-key]'
REDIS_PASSWORD: '[strong-password]'
PG_PASSWORD: '[strong-password]'

# HTTPS URLs
MCP_FRONTEND_URL: 'https://yourdomain.com'
MCP_PUBLIC_URL: 'https://api.yourdomain.com'
WHOOP_REDIRECT_URL: 'https://api.yourdomain.com/api/v1/pulse/theta/theta_whoop/callback'

# Strict CORS
HTTP_HEADERS:
  Access-Control-Allow-Origin: 'https://yourdomain.com'

# SSL/TLS
REDIS_SSL: true

┌─────────────────────────┐
│  Route 53 (DNS)         │
└────────┬────────────────┘
         │
┌────────▼────────────────┐
│  CloudFront (CDN)       │
└────────┬────────────────┘
         │
┌────────▼────────────────┐
│  ALB (Load Balancer)    │
└────┬────────────┬───────┘
     │            │
┌────▼────┐  ┌───▼─────┐
│ ECS/EC2 │  │ ECS/EC2 │
│ API 1   │  │ API 2   │
└────┬────┘  └───┬─────┘
     │           │
     └─────┬─────┘
           │
    ┌──────▼──────────┐
    │                 │
┌───▼─────────┐  ┌───▼────────────┐
│ RDS         │  │ ElastiCache    │
│ PostgreSQL  │  │ Redis          │
└─────────────┘  └────────────────┘

export DATABASE_DECRYPTION_KEY="..."
export JWT_KEY="..."
export OPENAI_API_KEY="..."
export POSTGRES_PASSWORD="..."
export REDIS_PASSWORD="..."

# Monitor application health
curl https://api.yourdomain.com/health

# Daily automated backup
0 2 * * * pg_dump -h localhost -U holistic_user holistic_db | gzip > /backups/mirobody-$(date +\%Y\%m\%d).sql.gz

# Backup configuration
tar -czf config-backup-$(date +%Y%m%d).tar.gz config.yaml .env

# docker-compose.yml
services:
  backend:
    deploy:
      resources:
        limits:
          cpus: '2'
          memory: 4G