Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.igrisecurity.com/llms.txt

Use this file to discover all available pages before exploring further.

Docker Deployment

Igris ships with a Dockerfile for containerized deployment. This guide covers building the image, running locally, and deploying to EC2.

Building the Image

From the repository root: 
docker build -t igris-api -f Dockerfile .
The Dockerfile uses a multi-stage build:
  1. Install — installs dependencies with Bun
  2. Build — compiles the Hono API server
  3. Runtime — minimal production image

Running Locally

docker run -p 3100:3100 \
  -e DATABASE_URL="postgresql://user:pass@host/igris" \
  -e BETTER_AUTH_SECRET="your-secret-here" \
  -e BETTER_AUTH_URL="http://localhost:3100" \
  -e UPSTASH_REDIS_REST_URL="https://your-redis.upstash.io" \
  -e UPSTASH_REDIS_REST_TOKEN="your-token" \
  igris-api
The API server starts on port 3100. Database migrations run automatically on startup.

Deploying to EC2

Igris deploys to EC2 via GitHub Actions with a systemd service.

1. Provision an EC2 Instance

  • Ubuntu 22.04+ recommended
  • Install Bun: curl -fsSL https://bun.sh/install | bash
  • Create the app directory: sudo mkdir -p /opt/igris && sudo chown ubuntu:ubuntu /opt/igris
  • Copy your .env file to /opt/igris/.env

2. Create the systemd Service

sudo tee /etc/systemd/system/igris-api.service > /dev/null <<EOF
[Unit]
Description=Igris API Server
After=network.target

[Service]
Type=simple
User=ubuntu
WorkingDirectory=/opt/igris
EnvironmentFile=/opt/igris/.env
ExecStart=/home/ubuntu/.bun/bin/bun run apps/api/src/index.ts
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
EOF

sudo systemctl daemon-reload
sudo systemctl enable igris-api

3. Deploy via GitHub Actions

Pushes to main trigger the deploy workflow which:
  1. SSHs into your EC2 instance
  2. Pulls the latest code to /opt/igris
  3. Runs bun install
  4. Applies database migrations via bunx drizzle-kit migrate
  5. Restarts the igris-api systemd service
  6. Verifies the /health endpoint

4. Verify

curl http://your-ec2-host:3100/health

Frontend Deployment

The Next.js frontend can be deployed separately:
  • Vercel — connect the repo, set the root directory to apps/web
  • EC2 — similar process with a separate systemd service
Set the NEXT_PUBLIC_API_URL environment variable to point to your API deployment.

Health Check

The API exposes a /health endpoint that returns: 
{
  "status": "ok",
  "database": "connected",
  "redis": "connected",
  "version": "1.0.0"
}
Use this for load balancer health checks and uptime monitoring.