Deployment

Local Development

class="token comment"># Setup (first time)
scripts/setup.sh  class="token comment"># Creates .env from AWS SSM

class="token comment"># Run everything
bun run dev
class="token comment"># Gateway: http://127.0.0.1:8001 in the Fabric PM2 stack
class="token comment"># Web client: http://localhost:5173

Dev mode enables:

• Auth bypass (auto-authenticated as developer)
• Verbose error messages
• CORS permissive headers
• Hot reload

Production

Bun Runtime

Diminuendo runs as a single Bun process:

bun run src/main.ts

Docker

FROM oven/bun:1.0
WORKDIR /app
COPY . .
RUN bun install --production
CMD ["bun", "run", "src/main.ts"]

Data Persistence

Diminuendo keeps only local operational artifacts such as logs, caches, and debug output under DATA_DIR. Durable product state is delegated to the owning services:

For production, protect DATA_DIR for operational evidence, but do not treat it as the source of truth for sessions or tenant resources.

Scaling

Diminuendo scales by tenant routing:

1. Each instance handles a subset of tenants 2. A load balancer routes WebSocket connections by tenant ID (sticky sessions) 3. Durable state is read from Unison, Podium, Ensemble, and Chronicle rather than from per-instance tenant databases 4. To migrate traffic, move the tenant routing and keep upstream service credentials consistent

Health Check

GET /api/health

Returns dependency health (Podium, Ensemble connectivity) and instance metrics.

Environment Setup

Critical production environment variables:

class="token comment"># Required
PORT=8080
AUTH0_DOMAIN=your-tenant.auth0.com
AUTH0_CLIENT_ID=...
AUTH0_AUDIENCE=...
ENSEMBLE_URL=https://ensemble.prod.example.com
ENSEMBLE_API_KEY=ens_...
PODIUM_URL=https://podium.prod.example.com
PODIUM_API_KEY=pod_admin_...
PODIUM_SECRETS_KEY=...
DATA_DIR=/data/diminuendo

class="token comment"># Recommended
OTEL_EXPORTER_OTLP_ENDPOINT=https://otlp.example.com
LOG_LEVEL=info