Deployment Checklist

Production deployment guide

Production Deployment Checklist

Use this checklist to ensure a smooth and secure deployment of the Discord Game Management Bot to production.

Pre-Deployment

1. Code Preparation

  • All features tested in development environment
  • All unit tests passing: npm test
  • ESLint checks passing: npm run lint
  • No console.log statements (use logger instead)
  • All TODO comments addressed or documented
  • Code reviewed by team member (if applicable)
  • Git repository is up to date with latest changes

2. Environment Setup

  • Production server/hosting platform selected
  • Node.js 18+ installed on production server
  • PostgreSQL database provisioned
  • Domain name configured (if using web dashboard)
  • SSL certificate obtained (if using HTTPS)
  • Server firewall configured

3. Discord Bot Configuration

  • Production bot application created in Discord Developer Portal
  • Bot token generated and securely stored
  • Application/Client ID recorded
  • Privileged Gateway Intents enabled:
    • Server Members Intent
    • Message Content Intent (if needed)
  • Bot invite link generated with correct permissions
  • Bot invited to production Discord server(s)

4. Security Review

  • All secrets stored in environment variables (not in code)
  • .env file is in .gitignore
  • Database uses strong passwords (min 16 characters)
  • Bot token never committed to Git
  • Production database not publicly accessible
  • Rate limiting configured
  • Input validation implemented for all user inputs
  • Error messages don't leak sensitive information

Deployment Steps

5. Database Setup

  • PostgreSQL database created
  • Database user created with appropriate permissions
  • DATABASE_URL environment variable set
  • Prisma client generated: npm run db:generate
  • Database migrations applied: npm run db:migrate
  • Database connection tested
  • Database backup strategy implemented

6. Environment Configuration

Create production .env file with all required variables:

# Required
DISCORD_TOKEN=your_production_bot_token
DISCORD_CLIENT_ID=your_production_client_id
DATABASE_URL=postgresql://user:password@host:5432/dbname

# Recommended
LOG_LEVEL=info
NODE_ENV=production

# Optional (set after first setup)
DASHBOARD_CHANNEL_ID=

# AMP Integration (Optional)
AMP_ENABLED=false
AMP_URL=http://localhost:8080
AMP_USERNAME=
AMP_PASSWORD=
AMP_POLL_INTERVAL=*/5 * * * *

Checklist:

  • All required environment variables set
  • AMP credentials configured (if using AMP integration)
  • .env file permissions restricted (chmod 600)
  • Environment variables validated
  • No development tokens in production

7. Dependencies

  • Production dependencies installed: npm install --production
  • Dependency audit run: npm audit
  • Critical vulnerabilities fixed
  • Prisma client generated

8. Process Management

Choose and configure a process manager:

Option A: PM2 (Recommended)

  • PM2 installed globally: npm install -g pm2
  • Bot started: pm2 start src/index.js --name discord-bot
  • PM2 config saved: pm2 save
  • Auto-start on reboot enabled: pm2 startup
  • Max memory limit set: pm2 start src/index.js --max-memory-restart 500M

Option B: systemd

  • Service file created: /etc/systemd/system/discord-bot.service
  • Service enabled: sudo systemctl enable discord-bot
  • Service started: sudo systemctl start discord-bot

Option C: Docker

  • Dockerfile created and tested
  • docker-compose.yml configured
  • Containers built: docker-compose build
  • Containers started: docker-compose up -d
  • Health checks configured

9. Monitoring Setup

  • Log files location configured
  • Log rotation configured (logrotate or similar)
  • Monitoring solution configured (PM2 Plus, Datadog, etc.)
  • Alert system configured for bot downtime
  • Alert system configured for errors
  • Dashboard for bot metrics (optional)

Post-Deployment

10. Initial Testing

  • Bot appears online in Discord
  • /setupdashboard command works
  • Dashboard appears with buttons
  • Test game creation (Simple mode)
  • Test game creation (Advanced mode)
  • Test role assignment (/joingame)
  • Test role removal (/leavegame)
  • Test game archival
  • Test game deletion
  • Verify permissions work correctly
  • Check database for correct data
  • Review logs for errors

11. Load Testing

  • Test multiple concurrent game creations
  • Test with multiple users simultaneously
  • Verify rate limiting works
  • Monitor memory usage under load
  • Monitor database performance
  • Check for memory leaks over 24 hours

12. Monitoring Configuration

  • Log aggregation working
  • Error tracking configured
  • Performance metrics collected
  • Uptime monitoring active
  • Alert notifications tested

13. Backup Configuration

  • Database backup script created
  • Automated daily backups scheduled
  • Backup restoration tested
  • Backup retention policy defined (e.g., 30 days)
  • Off-site backup storage configured

14. Documentation

  • Production server details documented
  • Database credentials stored securely (password manager)
  • Runbook created for common issues
  • Escalation procedures documented
  • Contact information for team members

Security Hardening

15. Server Security

  • Firewall configured (only necessary ports open)
  • SSH key authentication enabled
  • Root login disabled
  • Fail2ban or similar intrusion prevention installed
  • Automatic security updates enabled
  • Server timezone set to UTC
  • Unnecessary services disabled

16. Application Security

  • Bot uses minimal required Discord permissions
  • Bot role positioned correctly in server hierarchy
  • Rate limiting tested and working
  • Input sanitization verified
  • SQL injection prevention verified (Prisma handles this)
  • Audit logging enabled for all admin actions

17. Secrets Management

  • Bot token rotated from development
  • Database credentials unique to production
  • Secrets not in version control
  • Secrets encrypted at rest (if using secrets manager)
  • Access to production secrets restricted

Performance Optimization

18. Bot Optimization

  • Database queries optimized
  • Unnecessary logging removed
  • Caching implemented where appropriate
  • Connection pooling configured
  • Memory limits set appropriately

19. Database Optimization

  • Database indexes reviewed and optimized
  • Connection pool size configured
  • Query performance analyzed
  • Database vacuuming scheduled (PostgreSQL)

Rollback Plan

20. Prepare Rollback

  • Previous version tagged in Git
  • Database backup taken before deployment
  • Rollback procedure documented
  • Rollback tested in staging environment

Rollback Steps (if needed):

  1. Stop current bot: pm2 stop discord-bot
  2. Restore database from backup (if schema changed)
  3. Checkout previous version: git checkout <previous-tag>
  4. Install dependencies: npm install
  5. Start bot: pm2 start discord-bot
  6. Verify bot functionality
  7. Investigate and fix issues

Maintenance Schedule

21. Ongoing Maintenance

  • Weekly log review scheduled
  • Monthly dependency updates scheduled
  • Quarterly security audit scheduled
  • Database maintenance scheduled
  • Backup restoration test scheduled (monthly)

Production URLs and Credentials

Document these securely (NOT in the repository):

  • Production server IP/hostname: _____________
  • Database host: _____________
  • Database name: _____________
  • Bot application ID: _____________
  • PM2/monitoring dashboard URL: _____________
  • Server SSH key location: _____________
  • Backup storage location: _____________

Common Production Issues

Bot Not Starting

Symptoms: Process exits immediately

Checklist:

  • Check logs: pm2 logs discord-bot
  • Verify DISCORD_TOKEN is correct
  • Check database connection
  • Ensure all dependencies installed
  • Verify Prisma client generated

Commands Not Working

Symptoms: Slash commands don't appear or fail

Checklist:

  • Wait 1 hour for global command registration
  • Check bot has applications.commands scope
  • Verify bot is online
  • Check bot permissions in server

Database Connection Errors

Symptoms: Can't connect to database

Checklist:

  • Verify DATABASE_URL format
  • Check database is running
  • Verify database firewall allows connection
  • Test connection: psql $DATABASE_URL
  • Check database user permissions

Memory Issues

Symptoms: Bot crashes with out-of-memory

Checklist:

  • Check for memory leaks in logs
  • Increase server memory
  • Set PM2 memory limit: pm2 start --max-memory-restart 1G
  • Review and optimize database queries
  • Clear cache if implemented

Rate Limiting

Symptoms: Discord API returns 429 errors

Checklist:

  • Review recent activity logs
  • Check for loops or repeated operations
  • Implement exponential backoff
  • Reduce operation frequency
  • Contact Discord for rate limit increase

Emergency Contacts

Document these securely:

  • Server hosting support: _____________
  • Database provider support: _____________
  • Discord Developer Support: https://discord.com/developers/docs
  • On-call engineer: _____________

Sign-Off

Deployment completed by: ________________

Date: ________________

Deployed version: ________________

Verified by: ________________

Post-Launch 24-Hour Monitoring

After deployment, monitor these metrics for 24 hours:

  • Hour 1: Bot uptime and basic functionality
  • Hour 4: Memory usage stable
  • Hour 8: No critical errors in logs
  • Hour 12: Database performance acceptable
  • Hour 24: All systems stable

If any issues arise:

  1. Check logs immediately
  2. Refer to troubleshooting section
  3. Roll back if critical issue
  4. Document issue for future reference

Success Criteria

Deployment is successful when:

✅ Bot is online and responsive
✅ All commands work correctly
✅ Database operations successful
✅ No critical errors in logs
✅ Memory usage stable
✅ Backups running automatically
✅ Monitoring and alerts active

Additional Resources

Good luck with your deployment! 🚀