Administrator Guide
Deployment, operations, and maintenance for the Renewed Renaissance WooCommerce store.
Quick Access
Deployment Overview
Production Deployment
- SSH into the production server
- Pull the latest code
- Decrypt secrets and rebuild
- Restart services
cd /path/to/renewed-renaissance-woocommerce/deploy/03_prod
git pull origin main
make env.tmp && make promote
docker compose build wordpress
docker compose up -dStaging Deployment
cd deploy/02_stage
docker compose build wordpress
docker compose up -dSecrets Management
Production secrets are encrypted with SOPS/age:
# Encrypt secrets
make env.enc
# Decrypt secrets
make env.tmp && make promoteDaily Operations
Health Check
# Check all containers are running
docker compose ps
# Should show: cloudflared, wordpress, db, redis, maildev as "Up (healthy)"View Logs
# All services
docker compose logs --tail=100
# Specific service
docker compose logs wordpress --tail=200
docker compose logs db --tail=200
docker compose logs cloudflared --tail=200WordPress CLI
# Check WordPress status
docker compose exec wordpress wp --info
# List plugins
docker compose exec wordpress wp plugin list
# Update plugins
docker compose exec wordpress wp plugin update --all
# Clear cache
docker compose exec wordpress wp cache flushMonitoring
Site Health
Check WordPress Site Health at /wp-admin/site-health.php for:
- PHP version and configuration
- Database connectivity
- HTTPS status
- Cron job status
- Plugin/theme issues
Performance Targets
| Metric | Target |
|---|---|
| Monthly uptime | ≥ 99.9% |
| Cached page load | < 500 ms |
| Dynamic page load | < 2 seconds |
| Checkout flow | < 3 seconds |
Backup & Recovery
Backup Strategy
| Metric | Target |
|---|---|
| RPO (data loss tolerance) | ≤ 24 hours |
| RTO (recovery time) | ≤ 1 hour |
Manual Database Backup
docker compose exec db mysqldump -u root -p wordpress > backup-$(date +%Y%m%d).sqlRecovery Procedure
- Clone the repo
- Restore
.envfrom.env.enc - Start services
- Restore database from backup
- Verify site health
git clone https://bitbucket.org/wilsonify/renewed-renaissance-woocommerce.git
cd renewed-renaissance-woocommerce/deploy/03_prod
make env.tmp && make promote
docker compose up -d
docker compose exec -T db mysql -u root -p wordpress < backup.sqlRunbooks
Detailed guides for common issues:
Security
Requirements
- HTTPS with TLS 1.2+ (via Cloudflare)
- Strong passwords + 2FA for admin accounts
- Regular plugin/core updates
- PCI-DSS compliance via tokenized payments (Stripe/PayPal)
Access Control
- Limit admin accounts to essential personnel
- Use Editor role for content managers
- Review user list monthly
Cloudflare Tunnel
Production uses Cloudflare Tunnel (cloudflared) to expose the origin without opening firewall ports.
Tunnel Status
docker compose logs cloudflared --tail=50Common Issues
| Issue | Solution |
|---|---|
| Tunnel disconnected | docker compose restart cloudflared |
| IP address changed | Add alias: sudo ip addr add 192.168.1.129/24 dev eth0 |
| Token expired | Generate new token in Cloudflare dashboard, update .env |
WooCommerce Admin
Order Management
Access orders at /wp-admin/edit.php?post_type=shop_order
- Update order status as items ship
- Process refunds through the order detail page
- Add tracking information in order notes
Product Management
Manage products at /wp-admin/edit.php?post_type=product
- Update inventory levels
- Manage pricing and sales
- Configure shipping classes
Reports
View analytics at /wp-admin/admin.php?page=wc-admin
Matomo Analytics
Matomo requires DBIP-City.mmdb for geolocation (>100MB, not in repo):
- Download from Bitbucket Downloads
- Place in
wordpress/wp-content/uploads/matomo/