Advanced Topics

Deployment Guide

Production-ready deployment configurations for CAS SSO.

System Requirements

Server

  • PHP 8.3+ with Laravel 11
  • PostgreSQL 14+
  • Redis 7+ for cache
  • Nginx web server
  • Node.js 20+ for asset compilation

Minimum Resources

  • 2 GB RAM
  • 2 vCPU cores
  • 20 GB SSD storage
  • SSL/TLS certificate

Docker Deployment

The project includes a multi-service Docker Compose configuration for development and a production overlay.

docker-compose.yml 
version: '3.8'
services:
  app:
    build:
      context: ./docker/nginx
    ports:
      - "80:80"
    depends_on:
      - php
      - redis

  php:
    build:
      context: ./docker/php
    volumes:
      - .:/var/www/html:delegated
    env_file:
      - .env

  redis:
    image: redis:7-alpine
    command: redis-server --appendonly yes --requirepass ${REDIS_PASSWORD}

volumes:
  redis_data:
Terminal — Build & Run 
# Build and start all services
docker-compose up -d --build

# Run migrations and seed the database
docker-compose exec php php artisan migrate --seed

# Generate application key
docker-compose exec php php artisan key:generate

# Build frontend assets
docker-compose run --rm node npm install && npm run build
Production Overlay — Use docker-production.yml for production which adds Prometheus monitoring, Grafana dashboards, Fluentd logging, and queue workers with resource limits.

Kubernetes Deployment

Deploy CAS SSO on Kubernetes using the standalone Dockerfile. The Dockerfile bundles PHP-FPM, Nginx, and Supervisor into a single image.

k8s/deployment.yaml 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: cas-sso
spec:
  replicas: 2
  selector:
    matchLabels:
      app: cas-sso
  template:
    metadata:
      labels:
        app: cas-sso
    spec:
      containers:
        - name: cas-sso
          image: your-registry/cas-sso:latest
          ports:
            - containerPort: 80
          envFrom:
            - secretRef:
                name: cas-sso-secrets
          resources:
            requests:
              cpu: "500m"
              memory: "512Mi"
            limits:
              cpu: "1000m"
              memory: "1Gi"
          livenessProbe:
            httpGet:
              path: /health
              port: 80
            initialDelaySeconds: 10
            periodSeconds: 30
Terminal — Build & Deploy 
# Build the production image (uses root Dockerfile)
docker build -t your-registry/cas-sso:latest .

# Push to registry
docker push your-registry/cas-sso:latest

# Deploy to cluster
kubectl apply -f k8s/deployment.yaml

Environment Configuration

.env (production) 
APP_NAME="One System"
APP_ENV=production
APP_DEBUG=false
APP_URL=https://cas.yourdomain.com

DB_CONNECTION=pgsql
DB_HOST=your_db_host
DB_DATABASE=cas_system
DB_USERNAME=cas_user
DB_PASSWORD=your_secure_password

SESSION_DRIVER=database
CACHE_STORE=database
QUEUE_CONNECTION=database

REDIS_HOST=your_redis_host
REDIS_PASSWORD=your_redis_password

RECAPTCHA_SITE_KEY=your_recaptcha_site_key
RECAPTCHA_SECRET_KEY=your_recaptcha_secret

Production Checklist

Set APP_DEBUG=false
Configure SSL/TLS with valid certificate
Set strong database and Redis passwords
Run php artisan config:cache and php artisan route:cache
Configure reCAPTCHA keys for production domain
Set up automated database backups
Enable application-level logging with daily rotation
Configure IP whitelist for all client systems