# Deployment Architecture ## Supported Deployment Modes | Mode | Target | Packaging | |---|---|---| | SaaS | Primary cloud product | Containerized services on Kubernetes/ECS | | Self-hosted | Marketplace and direct customers | Signed zip or Docker Compose | | White-label | Agencies and enterprise partners | Custom domain, branding, isolated billing | | Enterprise private cloud | Regulated customers | Dedicated VPC, SSO, private storage, optional private AI gateway | ## Self-Hosted Runtime ```text nginx Laravel API Next.js frontend Laravel queue workers Laravel scheduler Redis PostgreSQL/MySQL S3-compatible object storage License heartbeat client Update client ``` ## SaaS Runtime ```text CDN/WAF Load balancer Frontend service Backend API service Queue worker service Scheduler service WebSocket service Managed database Redis cluster Object storage Observability stack Secrets manager ``` ## Deployment Safety Requirements - Blue-green or rolling deploys for SaaS. - Maintenance mode and backups for self-hosted updates. - Release manifests signed with Ed25519. - Database migrations versioned and backward-aware. - Health checks after every deploy/update. - Rollback package retained for self-hosted installs. - Runtime configs validated before marketplace packaging. - Production examples must default to `APP_DEBUG=false`. ## Deployment Control Plane The deployment control plane decides which environments can be provisioned, updated, or bound to a release. Control-plane APIs: - `/api/v1/deployment-server/target-policy` - `/api/v1/deployment-server/provisioning-policy` - `/api/v1/deployment-server/secrets-policy` - `/api/v1/deployment-server/attestation-policy` Provisioning flow: ```text allocate target -> validate runtime -> inject secrets -> run migrations -> seed foundation data -> activate license -> bind release -> run health checks -> lock installer -> record audit event ``` Targets are blocked when license revocation, failed attestation, unsupported runtime, missing backup policy, or release revocation is detected.