Deployment Overview
Contract Lucidity can be deployed on any infrastructure that supports Docker containers. This guide covers five deployment options, from a single-server Docker Compose setup to fully managed cloud platforms.
Architecture
Every Contract Lucidity deployment consists of the same five services:
| Service | Image / Build | Purpose |
|---|---|---|
| cl-postgres | pgvector/pgvector:pg16 | PostgreSQL 16 with pgvector extension for document storage and vector embeddings |
| cl-redis | redis:7-alpine | Task queue broker (Celery) and result backend |
| cl-backend | Custom (Python 3.12 / FastAPI) | REST API, authentication, document management |
| cl-worker | Custom (Python 3.12 / Celery) | Async document processing pipeline (OCR, AI analysis) |
| cl-frontend | Custom (Node 20 / Next.js 16) | Web application UI |
Deployment Options Comparison
| Docker Compose | EasyPanel | AWS | Azure | GCP | |
|---|---|---|---|---|---|
| Best for | Dev, demos, small teams | SMB, managed single-server | Enterprise, high availability | Enterprise, Microsoft shops | Enterprise, Google ecosystem |
| Infrastructure | Single server | Single server (VPS) | Multi-AZ managed services | Multi-region managed services | Multi-region managed services |
| Setup time | 10 minutes | 15 minutes | 2-4 hours | 2-4 hours | 2-4 hours |
| Maintenance | Manual | Low (EasyPanel UI) | Low (managed services) | Low (managed services) | Low (managed services) |
| High availability | No | No | Yes (multi-AZ) | Yes (zone-redundant) | Yes (regional) |
| Auto-scaling | No | No | Yes (ECS auto-scaling) | Yes (Container Apps) | Yes (Cloud Run) |
| SSL/TLS | Manual (certbot) | Automatic (Let's Encrypt) | ACM (free) | Managed certificates | Managed certificates |
| Estimated monthly cost | $20-50 (VPS) | $20-80 (VPS) | $200-600 | $200-600 | $150-500 |
| Max concurrent users | ~50 | ~100 | 1,000+ | 1,000+ | 1,000+ |
Cost estimates as of March 2026. Verify current pricing with each cloud provider.
Decision Matrix
Use this flowchart to select the right deployment option:
Shared Requirements
Regardless of deployment platform, every installation requires:
- PostgreSQL 16 with the
pgvectorextension enabled - Redis 7 for the Celery task queue
- Shared storage accessible by both
cl-backendandcl-workerat/data/storage - Network connectivity between all five services
- Environment variables configured for database, Redis, JWT, and AI provider credentials
Shared Storage is Critical
The backend writes uploaded documents to /data/storage. The worker reads from the same path to process them. If these two services cannot see the same filesystem, document processing will silently fail. See Document Storage for details.
Environment Variables Reference
These environment variables are required across all deployment methods:
| Variable | Example | Required | Description |
|---|---|---|---|
POSTGRES_USER | cl_user | Yes | PostgreSQL username |
POSTGRES_PASSWORD | (generate a strong password) | Yes | PostgreSQL password |
POSTGRES_DB | contract_lucidity | Yes | Database name |
POSTGRES_HOST | cl-postgres | Yes | PostgreSQL hostname |
POSTGRES_PORT | 5432 | Yes | PostgreSQL port |
REDIS_URL | redis://cl-redis:6379/0 | Yes | Redis connection string |
CELERY_BROKER_URL | redis://cl-redis:6379/0 | Yes | Celery broker URL |
CELERY_RESULT_BACKEND | redis://cl-redis:6379/1 | Yes | Celery result backend URL |
JWT_SECRET_KEY | (generate a random 48+ char string) | Yes | JWT signing secret |
JWT_ALGORITHM | HS256 | Yes | JWT algorithm |
JWT_ACCESS_TOKEN_EXPIRE_MINUTES | 60 | Yes | Access token TTL |
JWT_REFRESH_TOKEN_EXPIRE_DAYS | 7 | Yes | Refresh token TTL |
STORAGE_PATH | /data/storage | Yes | Shared document storage path |
CONFIG_PATH | /data/config | Yes | Configuration file path |
CORS_ORIGINS | https://contractlucidity.com | Yes | Allowed CORS origins (comma-separated) |
FRONTEND_URL | https://contractlucidity.com | Yes | Public frontend URL |
BACKEND_INTERNAL_URL | http://cl-backend:8000 | Yes | Internal backend URL (frontend to backend) |
DEFAULT_ADMIN_EMAIL | [email protected] | Yes | Initial admin account email |
DEFAULT_ADMIN_PASSWORD | (strong password) | Yes | Initial admin account password |
APP_ENV | production | No | Environment (development / production) |
LOG_LEVEL | INFO | No | Logging level |
MAX_UPLOAD_SIZE_MB | 100 | No | Maximum file upload size in MB |
CELERY_CONCURRENCY | 2 | No | Number of concurrent worker processes |
NEXT_PUBLIC_DEPLOYMENT_MODE | client | No | Set to client for single-tenant client deployments |
Next Steps
- Docker Compose (Single Server) -- quickest path to a running instance
- EasyPanel -- managed single-server with a web UI
- AWS -- enterprise-grade on Amazon Web Services
- Azure -- enterprise-grade on Microsoft Azure
- GCP -- enterprise-grade on Google Cloud Platform
- Document Storage -- shared storage configuration and capacity planning