# Deployment ## Before deploy Before deployment, we've found an issue in production with the new content security policy headers. Basically, you need to add `wss://...`and your domain to the `:content_security_policy` `default_src` array, like below. {% code title="config.exs" %} ```elixir config :my_app, :content_security_policy, %{ default_src: [ .... "wss://yourdomain.com", "wss://yourdomain.com/live/websocket" ] } ``` {% endcode %} Read more: * [Petal Pro Github issue](https://github.com/petalframework/petal_pro/issues/46) * [Blog post about content security policy in Phoenix apps](https://furlough.merecomplexities.com/elixir/phoenix/security/2021/02/26/content-security-policy-configuration-in-phoenix.html) #### Removing CSP If you don't care about content security policies, you can remove this config and then in `router.exs` change: ```elixir # Change this: plug(:put_secure_browser_headers, %{ "content-security-policy" => ContentSecurityPolicy.serialize( struct(ContentSecurityPolicy.Policy, PetalPro.config(:content_security_policy)) ) }) # To this: plug :put_secure_browser_headers ``` ## Deployment with Fly.io We have found Fly.io to be the best combination of cheap and easy. Petal Pro has been set up for users to quickly deploy on Fly.io's servers. If you haven't already, download the [Fly.io CLI](https://fly.io/docs/getting-started/installing-flyctl). Then you will need to [register or sign in](https://fly.io/docs/getting-started/log-in-to-fly/). Once signed in, you can create a new project with: `fly launch` Give your app a name (this can't be changed in future).\ Hit Y to setting up a DB as we'll need that.\ Pick a server size. When it asks "Do you want to deploy now", hit N - we need to make a couple of changes before we deploy. We need a service to send our emails out. We've found that the simplest and cheapest solution is Amazon SES, and so Petal defaults to using this. We don't really use Amazon for much else, but its email service is cheap and the emails don't get sent to spam as easily as other services we've tried. Setting up Amazon SES is beyond the scope of this guide - you can google how to do it. The end result should be you are able to provide the following secrets that we'll provide to our production server: ``` fly secrets set AWS_ACCESS_KEY="xxx" AWS_SECRET="xxx" AWS_REGION="xxx" ``` Finally, we can run `fly deploy`. After deploying you can run `fly open` to see it in your browser. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.petal.build/petal-pro-documentation/v1.4.0/fundamentals/deployment.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.