Odock.ai
Reference

Deployment Checklists

Production-oriented checklists for rolling out Odock.

Deployment Checklists

Minimum Production Checklist

  • Set strong Postgres credentials.
  • Set strong Redis credentials or network isolation.
  • Set a real Better Auth secret.
  • Configure GitHub OAuth credentials.
  • Configure NEXT_PUBLIC_APP_URL and auth base URL for the production host.
  • Generate provider-key encryption key pair.
  • Provide UI public key values at build time.
  • Provide gateway private key values at runtime.
  • Configure CACHE_INVALIDATION_SECRET on both UI and gateway.
  • Configure ODOCK_SERVER_INTERNAL_URL for the UI.
  • Enable TLS at the proxy/load balancer layer.
  • Set trusted proxy CIDRs if the gateway receives forwarded headers.
  • Review the global rate-limit policy.
  • Enable SafetySec if required.
  • Confirm gateway health and readiness endpoints.
  • Confirm Prisma migrations run before the UI and gateway serve traffic.
  • Confirm observability targets are up.
  • Rotate any legacy plaintext provider keys by re-saving or recreating them.

Provider And Model Rollout Checklist

  1. Create an organisation.
  2. Create a provider with type, base URL, and timeout.
  3. Create encrypted provider API key.
  4. Create model with user-facing name and upstream slug.
  5. Attach provider and provider key to model.
  6. Add pricing JSON.
  7. Add model-level policies if needed.
  8. Create an Odock API key.
  9. Grant model access to the key.
  10. Test with the playground.
  11. Test with a direct gateway call.
  12. Confirm usage record and cost fields.

MCP Rollout Checklist

  1. Create an MCP server.
  2. Choose transport: STREAMABLE_HTTP, SSE, or STDIO.
  3. Configure endpoint or stdio command.
  4. Configure auth type and auth config.
  5. Add allowed/blocked tools.
  6. Add pricing if MCP cost tracking is required.
  7. Add policies if MCP rate limits are required.
  8. Grant API key MCP access.
  9. Test the /v1/mcp/:identifier route.
  10. Confirm McpUsageRecord rows are created.

Budget And Quota Checklist

  1. Ensure model pricing is configured.
  2. Create budgets for organisation, team, user, or API key scopes.
  3. Create quotas for the same scopes as needed.
  4. Use appropriate periods and timezone.
  5. Confirm active policies do not overlap unexpectedly.
  6. Test under a low limit in a non-production environment.
  7. Confirm blocked requests return 402 for budget or 429 for quota.
  8. Confirm reservations settle after successful usage.
  9. Confirm stale reservations are reconciled by the worker.

Observability Checklist

  1. Start the observability profile.
  2. Confirm Prometheus targets are up.
  3. Confirm Grafana datasources are healthy.
  4. Confirm gateway /metrics is scraped.
  5. Confirm traces appear in Tempo.
  6. Confirm logs appear in Loki.
  7. Open the Gateway Request Dashboard.
  8. Open the Rate Limit Dashboard.
  9. Open the Token Usage Dashboard.
  10. Trigger a test request and follow it by request ID.
  11. Review alert thresholds.
  12. Configure Alertmanager receivers before production.

Upgrade Checklist

  1. Read migration files in odock-ui/prisma/migrations.
  2. Back up Postgres.
  3. Back up Redis if rate-limit or cache state is important for rollback.
  4. Build images.
  5. Run migrations.
  6. Start UI and gateway.
  7. Verify health and readiness.
  8. Verify auth login.
  9. Verify gateway request.
  10. Verify usage recording.
  11. Verify observability.

API And Data Reference

Quick reference for routes, resources, and core data models.

Troubleshooting

Diagnose common Odock setup, gateway, UI, governance, and observability problems.

On this page

Deployment ChecklistsMinimum Production ChecklistProvider And Model Rollout ChecklistMCP Rollout ChecklistBudget And Quota ChecklistObservability ChecklistUpgrade Checklist