Skip to content
Jetrepo
Esc
navigateopen⌘Jpreview
On this page

Install Jetrepo

Configure, build, migrate, start, and verify the production stack.

Install from a trusted release checkout with docker-compose.prod.yaml. The repository has not recorded a clean-host installation or first-Organization bootstrap drill.

Access

You need host, DNS, TLS, reverse-proxy, Google OAuth, and deployment-secret administration.

Set required values

Provide all 14 required values before starting:

  • POSTGRES_PASSWORD, REDIS_PASSWORD, BETTER_AUTH_SECRET, and IMAGOR_SECRET
  • MINIO_ROOT_USER and MINIO_ROOT_PASSWORD
  • CORE_API_PUBLIC_URL, DELIVERY_API_PUBLIC_URL, ADMIN_APP_PUBLIC_URL, IMAGOR_PUBLIC_URL, and S3_PUBLIC_URL
  • GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET, and GOOGLE_ALLOWED_DOMAIN

Register this Google callback exactly:

${CORE_API_PUBLIC_URL}/api/auth/callback/google

POSTGRES_PASSWORD is required by the Postgres service even when DATABASE_URL is set explicitly.

Start the stack

  1. Validate Compose interpolation and syntax without printing resolved values.

    docker compose -f docker-compose.prod.yaml config --quiet
  2. Build and start the production targets.

    docker compose -f docker-compose.prod.yaml up -d --build
  3. Inspect all services and both one-shot tasks.

    docker compose -f docker-compose.prod.yaml ps -a
    docker compose -f docker-compose.prod.yaml logs --tail=200 migrate minio-setup

    Migration must exit 0 before Core API, Delivery API, and Worker can start. Object setup must also exit 0, but it does not gate those services; confirm it separately before testing uploads or images.

  4. Probe the public routes. Core API /health and Delivery API /health prove only Postgres connectivity. Admin / proves only an HTTP response.

    curl -fsS "$CORE_API_PUBLIC_URL/health"
    curl -fsS "$DELIVERY_API_PUBLIC_URL/health"
    curl -fsS "$ADMIN_APP_PUBLIC_URL/" > /dev/null
  5. Sign in with an account in the configured Workspace domain. Test sign-out and refresh. Email/password sign-in is disabled.

  6. After product access exists, use non-sensitive test content to verify a Draft write, published Delivery API read, upload, Worker metadata completion, public original-object download, and one signed image transform. These functional checks cover dependencies that the health endpoints omit.

If first installation fails, preserve pgdata, redis_data, and minio_data and capture redacted logs. Correct the configuration and recreate only affected services. Never use volume deletion as installation rollback.

Was this page helpful?