Prerequisites
Hardware Requirements
| Profile | RAM | CPU | Disk | Use Case |
|---|---|---|---|---|
| Development | 4 GB | 2 cores | 20 GB | Local dev, testing |
| Small team | 8 GB | 4 cores | 50 GB | 1-10 users, low volume |
| Production | 16-32 GB | 8+ cores | 100+ GB SSD | 10-100+ users, high volume |
PostgreSQL with pgvector and the Celery worker are the most memory-intensive components. For production, allocate at least 4 GB to PostgreSQL and 2 GB per Celery worker concurrency slot.
Disk Considerations
- PostgreSQL data grows with document count and embedding dimensions (1536-dim vectors at ~6 KB per chunk)
- Uploaded files are stored in the
cl-storagevolume — plan for your expected document sizes (the default upload limit is 100 MB per file) - Redis memory usage is minimal (task queue only), typically under 100 MB
Software Requirements
Container Runtime (recommended)
| Software | Minimum Version | Notes |
|---|---|---|
| Docker Engine | 24.0+ | Or Docker Desktop 4.20+ |
| Docker Compose | v2.20+ | Included with Docker Desktop |
Kubernetes (alternative)
| Software | Minimum Version | Notes |
|---|---|---|
| Kubernetes | 1.28+ | Any distribution (EKS, AKS, GKE, k3s) |
| Helm | 3.12+ | For chart-based deployment |
| kubectl | Matching cluster version | For management |
Without Containers
If running services directly on a host:
| Software | Version |
|---|---|
| Python | 3.12+ |
| Node.js | 20 LTS+ |
| PostgreSQL | 16+ with pgvector extension |
| Redis | 7+ |
| Tesseract OCR | 5+ (with English language pack) |
Network Requirements
Outbound (from your server)
| Destination | Port | Purpose | Required? |
|---|---|---|---|
api.anthropic.com | 443 (HTTPS) | Anthropic Claude API | If using Anthropic |
api.openai.com | 443 (HTTPS) | OpenAI API | If using OpenAI |
| Docker Hub / GHCR | 443 (HTTPS) | Pull container images | Initial setup and updates |
Contract Lucidity requires at least one AI provider (Anthropic or OpenAI) to function. The document processing pipeline will not start without a configured provider. You can configure providers after first boot via Settings > AI Capabilities.
Inbound (to your server)
| Port | Service | Access |
|---|---|---|
| 443 (HTTPS) | Reverse proxy / load balancer | All users |
| 3000 | cl-frontend (if no reverse proxy) | All users (development only) |
Never expose ports 5432 (PostgreSQL), 6379 (Redis), or 8000 (backend API) to the public internet. These should only be accessible within the Docker network or private subnet.
AI Provider Account
You need an API key from at least one of:
| Provider | Sign-up | Models Used |
|---|---|---|
| Anthropic | console.anthropic.com | Claude (Haiku, Sonnet, Opus) for analysis; no native embedding model — pair with OpenAI for embeddings |
| OpenAI | platform.openai.com | GPT-5.4 nano/mini/full for analysis; text-embedding-3-small for embeddings |
Contract Lucidity maps AI capabilities independently, so you can mix providers — for example, use Anthropic Claude for document analysis and OpenAI for embeddings.
AI Capabilities
The system uses five AI capability slots, each assignable to a specific provider and model:
| Capability | Used For |
|---|---|
extraction_classification | Document type classification, metadata extraction |
document_understanding | Clause extraction, structured data extraction, report generation |
embeddings | Vector embeddings for semantic search and playbook matching |
reasoning | Complex analysis tasks |
generation | Content generation (drafts, counter-proposals) |
Domain and SSL
For production deployments:
- A domain name (e.g.,
contractlucidity.yourcompany.com) - A valid SSL/TLS certificate (Let's Encrypt, corporate CA, or cloud-managed)
- A reverse proxy (Nginx, Caddy, Traefik, or cloud load balancer) terminating TLS
Storage
| Environment | Recommendation |
|---|---|
| Development | Local Docker volumes (default) |
| Small team | Local disk or NAS mount |
| Production | Azure Files, AWS EFS/S3, GCP Filestore, or NFS |
The backend writes uploaded documents to /data/storage and configuration data to /data/config. Both paths are Docker volumes (cl-storage and cl-config) that must be backed up.