# SOP: Deploying a New Application

This guide outlines the workflow for adding a new service to the homelab.

## 1. Database Provisioning (Postgres)
Most apps use the centralized `global_postgres` instance.

1.  **Update Config:** Add the new database to the environment list in `/opt/docker/global-db/compose.yaml` for documentation.
2.  **Manual Provisioning:** Run the following commands to create the database and user on the live instance:
    ```bash
    # Access the Postgres CLI
    docker exec -it global_postgres psql -U postgres

    # Run these SQL commands:
    CREATE DATABASE app_name;
    CREATE USER app_name WITH PASSWORD 'secure-password';
    GRANT ALL PRIVILEGES ON DATABASE app_name TO app_name;
    ALTER DATABASE app_name OWNER TO app_name;
    ```

## 2. Container Setup
1.  **Directory:** Create a new directory under `/opt/docker/app_name`.
2.  **Compose File:** Draft a `compose.yaml` file.
    - Ensure it joins the `web_gateway` (for Cloudflare) and `db_network` (for Postgres).
    - Use environment variables for DB credentials.
3.  **Deployment:** Run `docker compose up -d`.

## 3. Networking & Security
1.  **Cloudflare Tunnel:** 
    - Log in to Cloudflare Zero Trust Dashboard.
    - Navigate to **Access > Tunnels**.
    - Add a **Public Hostname** for the service (e.g., `app.davisdre.com`).
2.  **Access Policy (Optional):** Add a Cloudflare Access Policy if MFA or WARP is required for this specific app.

## 4. Integration
1.  **Dashboard:** 
    - Add the new app link to the Antigravity Dashboard on your local PC.
    - `git push` the changes.
    - On Linode, run `updatedash` to reflect changes.