Deployment

Production Setup

Run SkyPort in production using systemd, reverse proxy, HTTPS, and real VPS infrastructure.

SkyPort is designed to run on real VPS infrastructure with your own domain, HTTPS, reverse proxy, and persistent background services.

This guide explains how to deploy SkyPort securely in production using:

  • Caddy
  • Nginx
  • Apache
  • Cloudflare DNS
  • systemd services
  • Reverse proxy workflows

The setup is intentionally lightweight and optimized for low-end VPS environments.


Install From Scratch

The production installer downloads the release binaries, writes the environment file, and installs the service for the platform.

To install from scratch on a Linux VPS, open a root shell first and then run the installer:

sudo su
curl -fsSL https://skyport.akashhalder.in/installer.sh | bash

If you want to inspect the script first, download it to a file and review it before running it:

sudo su
curl -fsSL https://skyport.akashhalder.in/installer.sh -o installer.sh
less installer.sh
bash installer.sh

The installer does the following:

  • installs skyport-server and the skyport CLI under /usr/local/bin
  • creates /opt/skyport, /etc/skyport, and the application data directories
  • writes the production environment file with ALLOWED_ORIGINS=*
  • installs and starts the native service manager for the platform
The installer is a privileged installer. It must run as root because it writes to system locations such as /usr/local/bin, /opt/skyport, /etc/systemd/system, and /Library/LaunchDaemons.
Internet
├── Domain (skyport-vps.example.com)
├── DNS Provider
   └── A Record -> VPS IP
├── Reverse Proxy
   ├── Caddy (Recommended)
   ├── Nginx
   └── Apache
├── HTTPS / SSL
└── SkyPort Backend (localhost:8080)
    ├── Web UI
    ├── API
    ├── Docker Integration
    ├── PM2 Integration
    └── Metrics

Important Production Notes

On Linux and macOS production servers, SkyPort should be managed using the native service manager instead of the CLI lifecycle manager.

Commands like:

skyport start
skyport start server
skyport start webui

are intended for:

  • local development
  • quick testing
  • debugging workflows

For production deployments, always use:

  • the installed service commands
  • reverse proxy
  • HTTPS
  • background services

Requirements

Before starting, make sure you have:

  • A Linux VPS
  • At least 1 vCPU and 512 MB RAM
  • 2 GB RAM recommended for Docker workloads
  • A public server IP
  • A domain or subdomain
  • ports 80 and 443 open
  • SkyPort installed

Point Domain To Your VPS

Go to your DNS provider and create an A record.

Example:

Type: A
Name: skyport-vps
Value: YOUR_SERVER_IP
TTL: Auto

Example domain:

skyport-vps.example.com

After DNS propagation:

bash
ping skyport-vps.example.com

It should resolve to your VPS IP.

Verify SkyPort Installation

Check whether the backend binary is installed:

bash
which skyport-server

Expected:

/usr/local/bin/skyport-server

Test Backend Locally

Run the backend manually once:

bash
/usr/local/bin/skyport-server

Expected output:

SKYPORT ready
 Local: http://localhost:8080

Stop it with:

bash
CTRL + C

Running SkyPort As A Service

For production environments, SkyPort should run as the installed native service.

This ensures:

  • automatic startup after reboot
  • crash recovery
  • persistent background execution
  • centralized logging
  • proper Linux or macOS process management

The supported service commands are:

skyport service install
skyport service start
skyport service status
skyport service restart
skyport service stop
skyport service enable
skyport service disable
skyport service uninstall

skyport start is still available in the CLI, but it is for local or foreground usage. For production, use the service commands above.


Create the Service File

bash
sudo nano /etc/systemd/system/skyport.service

Paste:

[Unit]
Description=SkyPort Backend
After=network.target

[Service]
Type=simple

ExecStart=/usr/local/bin/skyport-server
WorkingDirectory=/opt/skyport

User=skyport
Group=skyport

Restart=always
RestartSec=3

StandardOutput=journal
StandardError=journal

Environment=SKYPORT_ENV=production
Environment=SKYPORT_PORT=8080

[Install]
WantedBy=multi-user.target

Create the Working Directory

bash
sudo mkdir -p /opt/skyport

Reload systemd

bash
sudo systemctl daemon-reload

Enable SkyPort Service

bash
sudo systemctl enable skyport

Start SkyPort

bash
sudo systemctl start skyport

Verify Service Status

bash
sudo systemctl status skyport

View Logs

bash
sudo journalctl -u skyport -f

Verify Backend Health

bash
curl http://127.0.0.1:8080/api/v1/health

Expected output:

{
  "service": "skyport",
  "status": "ok"
}

SkyPort works best with Caddy because:

  • automatic HTTPS
  • automatic SSL renewal
  • simple configuration
  • lightweight resource usage
  • HTTP/2 support
  • minimal maintenance

Install Caddy

Ubuntu / Debian

bash
sudo apt update
sudo apt install -y caddy

Official installation guide: https://caddyserver.com/docs/install

Configure the Caddyfile

Edit:

bash
sudo nano /etc/caddy/Caddyfile

Example:

terminal
skyport-vps.example.com {

    reverse_proxy localhost:8080

    encode gzip

    header {
        Strict-Transport-Security "max-age=31536000;"
        X-Content-Type-Options "nosniff"
        X-Frame-Options "DENY"
        Referrer-Policy "strict-origin-when-cross-origin"
    }
}

Restart Caddy

bash
sudo systemctl restart caddy

Verify Caddy Status

bash
sudo systemctl status caddy

Now open:

https://skyport-vps.example.com

Caddy automatically provisions HTTPS certificates.


Nginx Setup

If you prefer Nginx:

Install Nginx

bash
sudo apt install -y nginx

Create the Site Configuration

bash
sudo nano /etc/nginx/sites-available/skyport

Example:

terminal
server {
    listen 80;

    server_name skyport-vps.example.com;

    location / {
        proxy_pass http://localhost:8080;

        proxy_http_version 1.1;

        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

Enable the Site

bash
sudo ln -s /etc/nginx/sites-available/skyport /etc/nginx/sites-enabled/

Test Configuration

bash
sudo nginx -t

Restart Nginx

bash
sudo systemctl restart nginx

Install Certbot

bash
sudo apt install certbot python3-certbot-nginx

Generate SSL Certificate

bash
sudo certbot --nginx -d skyport-vps.example.com

Apache Setup

If your server already uses Apache:

Install Apache

bash
sudo apt install apache2

Enable Proxy Modules

bash
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod rewrite
sudo a2enmod headers

Create the Virtual Host

bash
sudo nano /etc/apache2/sites-available/skyport.conf

Example:

terminal
<VirtualHost *:80>

    ServerName skyport-vps.example.com

    ProxyPreserveHost On

    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/

    RequestHeader set X-Forwarded-Proto "http"

</VirtualHost>

Enable Site

bash
sudo a2ensite skyport.conf

Restart Apache

bash
sudo systemctl restart apache2

Environment Variables

Example production configuration:

.env
SKYPORT_HOST=0.0.0.0
SKYPORT_PORT=8080

SKYPORT_DB_PATH=./data/skyport.db
SKYPORT_WORKSPACE_ROOT=./workspace

JWT_SECRET=change-this-secret
SKYPORT_ENCRYPTION_KEY=base64-key

ENABLE_METRICS=true
ENABLE_DOCKER=true
ENABLE_PM2=true

Firewall Configuration

If you are using a reverse proxy like Caddy or Nginx, you do NOT need to expose port 8080 publicly.

Only ports 80 and 443 should be publicly accessible.

Allow HTTP and HTTPS traffic

bash
sudo ufw allow 80
sudo ufw allow 443

Enable Firewall

bash
sudo ufw enable

Production Checklist

  • Domain points to VPS IP
  • SkyPort service running
  • Reverse proxy configured
  • HTTPS enabled
  • Firewall configured
  • Environment variables secured
  • Docker permissions verified
  • PM2 access verified
  • systemd service enabled

Troubleshooting

Port Already In Use

Check active processes:

bash
sudo lsof -i :8080

Verify Backend Health

bash
curl http://127.0.0.1:8080/api/v1/health

Reverse Proxy Cannot Connect

Verify backend status:

bash
sudo systemctl status skyport

Service Logs

bash
sudo journalctl -u skyport -f

HTTPS Not Working

Verify:

  • DNS propagation completed
  • ports 80/443 are open
  • reverse proxy is running
  • SSL certificate generation succeeded

Uninstall SkyPort

If you need to remove SkyPort from a machine, use the hosted uninstaller:

curl -fsSL https://skyport.akashhalder.in/uninstaller.sh | sudo bash

This hosted script removes:

  • skyport-server
  • skyport CLI
  • the Linux systemd service or macOS launchd service
  • the environment file and service configuration

It also stops any running skyport-server process before deleting files, so the API should not keep serving after uninstall.

By default, the uninstaller keeps the data directory so you can reinstall later without losing state.

To remove the data directory as well:

curl -fsSL https://skyport.akashhalder.in/uninstaller.sh -o uninstall.sh
sudo SKYPORT_PURGE_DATA=1 bash uninstall.sh
If you set SKYPORT_PURGE_DATA=1, the SkyPort data directory is deleted too. Use that only when you are sure you do not need the existing workspace or database files.If curl http://localhost:8080/api still returns SkyPort after uninstall, that means a SkyPort process is still running or another service is bound to port 8080. In that case, stop the process and re-run the uninstaller.

Recommended Production Stack

ComponentRecommendation
Reverse ProxyCaddy
TLSAutomatic via Caddy
Process Managersystemd
Container RuntimeDocker
Node RuntimePM2
OSUbuntu 24.04 LTS

Next Steps

SkyPort

SkyPort Docs

Self-hosted infrastructure platform