Deployment¶

Bluefox Cloud deploys your platform on your own server using Docker Swarm. One command provisions the full stack — Traefik, Postgres, Redis, and the platform services.

Prerequisites¶

A Linux server (Ubuntu 22.04+ recommended) with a public IP
A domain name pointed at your server (or let Bluefox handle it via Cloudflare)
SSH access as root (the bootstrap hardens the server and creates a deploy user)

Bootstrap a server¶

bfx cloud bootstrap --ip 37.27.83.150 --domain bluefox.software

This provisions the server over SSH:

Hardens the server — creates a deploy user, disables root login, configures UFW firewall and fail2ban
Installs Docker — sets up Docker Engine and initializes Swarm mode
Creates infrastructure — overlay network, Traefik reverse proxy, Docker registry, PostgreSQL, Redis (cache + queue)
Deploys the platform — pulls the platform image, runs migrations, starts web and worker services
Configures routing — writes Traefik config for platform.<domain>

If you provide Cloudflare credentials, the bootstrap also:

Creates a wildcard DNS record (*.<domain> → server IP)
Configures Let's Encrypt with DNS-01 challenge for automatic HTTPS

Cloudflare setup (optional)¶

When prompted, provide:

API Token — create one at dash.cloudflare.com/profile/api-tokens with Zone:DNS:Edit permission
Zone ID — found on your domain's overview page in Cloudflare

Without Cloudflare, you'll need to set up DNS manually and HTTPS won't be automatic.

What gets deployed¶

Service	Description
Traefik	Reverse proxy with automatic HTTPS
Registry	Local Docker registry at `localhost:5000`
Database	PostgreSQL 18
Cache	Redis 7 (caching)
Queue	Redis 7 (task queue)
Web	Bluefox Cloud platform API
Worker	Background task processor

Local development¶

bfx cloud bootstrap --local

Sets up the same infrastructure locally using Docker Swarm. No SSH, no Cloudflare, no HTTPS — just Swarm services on *.localhost.

The platform is available at http://platform.localhost.

Deploy updates¶

After the initial bootstrap, use deploy to ship platform updates:

bfx cloud deploy

This pulls the latest platform image, runs any new migrations, and updates the Swarm services. Zero downtime — Swarm handles the rolling update.

For local:

bfx cloud deploy --local

Check status¶

bfx cloud status

Shows the health of every service, the deployed image digest, and the platform URL.

Save credentials¶

bfx cloud login https://platform.bluefox.software

Saves the platform URL and API key for CLI commands that talk to the platform API.

Architecture¶

                    ┌─────────────┐
                    │   Traefik   │ :80 / :443
                    └──────┬──────┘
                           │
              ┌────────────┼────────────┐
              │            │            │
     platform.domain  app1.domain  app2.domain
              │
        ┌─────┴─────┐
        │  Web :8000 │
        │  Worker    │
        └─────┬──────┘
              │
    ┌─────────┼─────────┐
    │         │         │
┌───┴───┐ ┌──┴──┐ ┌───┴───┐
│Postgres│ │Cache│ │ Queue │
└───────┘ └─────┘ └───────┘

All services run on a shared overlay network (bluefox-net) inside Docker Swarm. Traefik routes traffic based on the Host header.

Configuration files¶

Bluefox Cloud stores configuration in ~/.bluefox/:

File	Contents
`cloud.yml`	Server IP, domain, SSH port, Cloudflare credentials, platform URL, API key
`local-secrets.yml`	Database password and secret key for local environment
`remote-secrets.yml`	Database password and secret key for remote server

Secrets files are created with chmod 600 permissions.