F
FTH Protocol
Institutional Staking
Launch App
Deployment

FTH Protocol - Production Deployment Guide

Production deployment on Cloudflare Pages + DNS + backend services. Includes runbooks, records, and verification steps.

Docs HubLaunch App
Source: DEPLOYMENT.md
Section
Overview

Domain: fth.unykorn.org

Section
Quick Start
# 1. Deploy to Cloudflare (DNS + Frontend)
.\scripts\deploy-cloudflare.ps1 -DeployAll

# 2. Start backend services
docker-compose -f docker-compose.production.yml up -d

# 3. Verify deployment
.\scripts\deploy-cloudflare.ps1 -VerifyDeployment
Section
Deployment Architecture
┌─────────────────────────────────────────────────┐
│          Cloudflare Global Network              │
│  • DNS Management                               │
│  • DDoS Protection                              │
│  • CDN Caching                                  │
│  • SSL/TLS Termination                          │
│  • WAF (Web Application Firewall)              │
└─────────────────────────────────────────────────┘
                      │
        ┌─────────────┼─────────────┐
        │             │             │
┌───────▼──────┐ ┌───▼────────┐ ┌──▼──────────┐
│ Pages        │ │ Workers    │ │ VPS/Cloud   │
│ (Frontend)   │ │ (API Proxy)│ │ (Backend)   │
│              │ │            │ │             │
│ Next.js 14   │ │ Rust Edge  │ │ • API       │
│ Static Site  │ │ Functions  │ │ • Blockchain│
└──────────────┘ └────────────┘ │ • Database  │
                                 │ • Redis     │
                                 └─────────────┘
Section
DNS Records
TypeNameContentProxied
CNAMEfthfth-protocol.pages.dev
CNAMEapi.fthfth-protocol-api.workers.dev
Arpc.fth[YOUR_VPS_IP]
Section
Step-by-Step Deployment

Prerequisites

  1. Cloudflare Account
    • Domain unykorn.org added to Cloudflare
  • API token: <YOUR_CLOUDFLARE_API_TOKEN>

  1. Server Requirements

    • Ubuntu 22.04 LTS
    • 8 CPU cores, 32 GB RAM
    • 1 TB SSD
    • Docker & Docker Compose installed
    • Public IP address

  2. GitHub Repository

    • Code pushed to GitHub
    • Secrets configured:
      • CLOUDFLARE_API_TOKEN
      • CLOUDFLARE_ACCOUNT_ID
      • DEPLOYER_PRIVATE_KEY

Phase 1: Cloudflare Setup

1.1 Verify API Token

curl "https://api.cloudflare.com/client/v4/user/tokens/verify" `
  -H "Authorization: Bearer <YOUR_CLOUDFLARE_API_TOKEN>"

Expected output:

{
  "success": true,
  "result": {
    "status": "active"
  }
}

1.2 Configure DNS Records

# Automated setup
.\scripts\deploy-cloudflare.ps1 -SetupDNS

# Manual setup via Cloudflare Dashboard:
# 1. Go to DNS → Records
# 2. Add CNAME: fth → fth-protocol.pages.dev
# 3. Add CNAME: api.fth → fth-protocol-api.workers.dev
# 4. Add A: rpc.fth → [YOUR_VPS_IP]

1.3 Deploy Frontend

cd frontend

# Install Wrangler CLI
npm install -g wrangler

# Login to Cloudflare (if first time)
wrangler login

# Deploy
npm run build
npx wrangler pages deploy out --project-name=fth-protocol --branch=main

Or use automated script:

.\scripts\deploy-cloudflare.ps1 -DeployFrontend

Phase 2: Backend Deployment

2.1 Prepare Production Environment

# SSH into your VPS
ssh root@YOUR_VPS_IP

# Clone repository
git clone https://github.com/your-org/fth-protocol.git
cd fth-protocol

# Copy environment file
cp .env.production .env

# Update passwords and secrets
nano .env

Critical variables to update:

# Database
POSTGRES_PASSWORD=<GENERATE_STRONG_PASSWORD>

# Redis
REDIS_PASSWORD=<GENERATE_STRONG_PASSWORD>

# Security
JWT_SECRET=<RANDOM_64_CHAR_STRING>
ENCRYPTION_KEY=<RANDOM_32_CHAR_STRING>

# Governance
GOVERNANCE_MULTISIG=<YOUR_MULTISIG_ADDRESS>
ADMIN_WALLET=<YOUR_ADMIN_WALLET>

2.2 Start Services

# Build and start all containers
docker-compose -f docker-compose.production.yml build
docker-compose -f docker-compose.production.yml up -d

# Check status
docker-compose -f docker-compose.production.yml ps

# View logs
docker-compose -f docker-compose.production.yml logs -f

2.3 Verify Services

# Database
docker exec fthusd-db pg_isready -U fthusd_user

# Redis
docker exec fthusd-redis redis-cli -a YOUR_REDIS_PASSWORD ping

# API
curl http://localhost:8080/health

# Blockchain
curl http://localhost:9933/health

Phase 3: Smart Contract Deployment

3.1 Install Hardhat Dependencies

cd contracts/solidity
npm install

3.2 Configure Deployment

Edit hardhat.config.ts:

networks: {
  mainnet: {
    url: "https://rpc.fth.unykorn.org",
    accounts: [process.env.DEPLOYER_PRIVATE_KEY]
  }
}

3.3 Deploy Contracts

# Compile
npx hardhat compile

# Test
npx hardhat test

# Deploy
npx hardhat run scripts/deploy.ts --network mainnet

3.4 Update Contract Addresses

After deployment, update .env:

CONTRACT_STFTHUSD=0x...
CONTRACT_WSTFTHUSD=0x...
CONTRACT_VAULT=0x...
CONTRACT_CONTROLLER=0x...
CONTRACT_TREASURY=0x...

Restart API:

docker-compose -f docker-compose.production.yml restart api

Phase 4: Security Hardening

4.1 SSL/TLS Configuration

Cloudflare automatically provides SSL. Verify:

curl -I https://fth.unykorn.org
# Check for: Strict-Transport-Security header

4.2 Firewall Rules

# Allow only necessary ports
ufw default deny incoming
ufw default allow outgoing
ufw allow 22/tcp   # SSH
ufw allow 80/tcp   # HTTP (redirects to HTTPS)
ufw allow 443/tcp  # HTTPS
ufw enable

4.3 Fail2Ban

apt install fail2ban
systemctl enable fail2ban
systemctl start fail2ban

4.4 Automatic Updates

apt install unattended-upgrades
dpkg-reconfigure -plow unattended-upgrades

Phase 5: Monitoring Setup

5.1 Access Grafana

URL: http://YOUR_VPS_IP:3001

Default credentials:

  • Username: admin
  • Password: (from .envGRAFANA_ADMIN_PASSWORD)

5.2 Import Dashboards

  1. Navigate to Dashboards → Import
  2. Upload: ./infrastructure/grafana/dashboards/fth-overview.json
  3. Select Prometheus datasource

5.3 Configure Alerts

Set up alerts for:

  • API response time > 500ms
  • Database connections > 80%
  • Blockchain node offline
  • Disk usage > 85%
Section
Continuous Deployment

GitHub Actions

Push to main branch triggers:

  1. ✓ Run tests
  2. ✓ Build frontend
  3. ✓ Deploy to Cloudflare Pages
  4. ✓ Build Docker images
  5. ✓ Deploy to production (if on production branch)

Manual Deployment

# Frontend only
.\scripts\deploy-cloudflare.ps1 -DeployFrontend

# Backend only
ssh root@YOUR_VPS_IP "cd /root/fth-protocol && git pull && docker-compose -f docker-compose.production.yml up -d --build"

# Full deployment
.\scripts\deploy-cloudflare.ps1 -DeployAll
Section
Post-Deployment Checklist
  • DNS records propagated (check with nslookup fth.unykorn.org)
  • Frontend accessible at https://fth.unykorn.org
  • API health check returns 200: https://api.fth.unykorn.org/health
  • RPC node accessible: wss://rpc.fth.unykorn.org
  • All 5 smart contracts deployed and verified
  • Grafana dashboards showing data
  • SSL certificate valid (A+ on SSL Labs)
  • Cloudflare security settings enabled (WAF, DDoS, Bot Management)
  • Backup strategy implemented
  • Monitoring alerts configured
  • Team has access to admin dashboards
Section
Maintenance Commands

View Logs

# All services
docker-compose -f docker-compose.production.yml logs -f

# Specific service
docker-compose -f docker-compose.production.yml logs -f api

Restart Services

# All services
docker-compose -f docker-compose.production.yml restart

# Specific service
docker-compose -f docker-compose.production.yml restart api

Database Backup

# Create backup
docker exec fthusd-db pg_dump -U fthusd_user fthusd_production > backup_$(date +%Y%m%d).sql

# Restore backup
cat backup_20260112.sql | docker exec -i fthusd-db psql -U fthusd_user fthusd_production

Update Application

cd /root/fth-protocol
git pull origin main
docker-compose -f docker-compose.production.yml build
docker-compose -f docker-compose.production.yml up -d
Section
Rollback Procedure

If deployment fails:

# Frontend rollback (via Cloudflare dashboard)
# Pages → fth-protocol → Deployments → Rollback to previous

# Backend rollback
cd /root/fth-protocol
git log  # Find last working commit
git reset --hard <commit-hash>
docker-compose -f docker-compose.production.yml up -d --build
Section
Support & Troubleshooting

Frontend not loading

# Check DNS
nslookup fth.unykorn.org

# Check Cloudflare Pages deployment
wrangler pages deployment list --project-name=fth-protocol

API returning errors

# Check logs
docker-compose -f docker-compose.production.yml logs api

# Check database connection
docker exec fthusd-api env | grep DATABASE_URL

Blockchain node offline

# Check node status
docker-compose -f docker-compose.production.yml logs blockchain

# Restart node
docker-compose -f docker-compose.production.yml restart blockchain
Section
Performance Optimization

Database

-- Create indexes
CREATE INDEX idx_users_address ON users(wallet_address);
CREATE INDEX idx_stakes_user ON stakes(user_id);
CREATE INDEX idx_transactions_timestamp ON transactions(timestamp DESC);

Redis Caching

# Monitor cache hit rate
docker exec fthusd-redis redis-cli -a YOUR_PASSWORD INFO stats | grep hit

Cloudflare Caching

  • Static assets: Cache for 1 year
  • API responses: Cache for 5 minutes
  • Use Cache-Control headers
Section
Security Audit

Run before production launch:

# Smart contract audit
npm run audit-contracts

# Dependency audit
npm audit --audit-level=high

# Docker security scan
docker scan fthusd-api
docker scan fthusd-blockchain
Section
Cost Estimates

Monthly Costs

ServiceCost
VPS (8 CPU, 32GB RAM)$80
Cloudflare Pro$20
Database Backups$10
Monitoring$5
Total$115/month
Section
URLs Reference
ServiceURL
Frontendhttps://fth.unykorn.org
APIhttps://api.fth.unykorn.org
RPC (WebSocket)wss://rpc.fth.unykorn.org
RPC (HTTP)https://rpc.fth.unykorn.org
Grafanahttp://YOUR_VPS_IP:3001
Prometheushttp://YOUR_VPS_IP:9090

Deployment Date: January 12, 2026
Version: 1.0.0
Status: Production Ready