# Deployment ## Before deploy Before deployment, we've found an issue in production with the new content security policy headers. Basically, you need to add `wss://...`and your domain to the `:content_security_policy` `default_src` array, like below. {% code title="config.exs" %} ```elixir config :my_app, :content_security_policy, %{ default_src: [ .... "wss://yourdomain.com", "wss://yourdomain.com/live/websocket" ] } ``` {% endcode %} Read more: * [Petal Pro Github issue](https://github.com/petalframework/petal_pro/issues/46) * [Blog post about content security policy in Phoenix apps](https://furlough.merecomplexities.com/elixir/phoenix/security/2021/02/26/content-security-policy-configuration-in-phoenix.html) ### Removing CSP If you don't care about content security policies, you can remove this config and then in `router.exs` change: ```elixir # Change this: plug(:put_secure_browser_headers, %{ "content-security-policy" => ContentSecurityPolicy.serialize( struct(ContentSecurityPolicy.Policy, PetalPro.config(:content_security_policy)) ) }) # To this: plug :put_secure_browser_headers ``` ### Faker dependency and the Landing Page If you haven't changed the landing page yet, there will be references to [Faker](https://hexdocs.pm/faker). If you don't remove references to Faker, you'll need to find this line in `mix.exs`: ```elixir defp deps do [ {:faker, "~> 0.17", only: [:test, :dev]}, ] ``` And change it to this: ```elixir defp deps do [ {:faker, "~> 0.17"}, ] ``` ## A word on environment variables In production, Petal Pro requires the following environment variables to be set: * `SECRET_KEY_BASE` * `DATABASE_URL` * `PHX_HOST` * `PORT` If you're deploying to Fly.io, these environment variables should be automatically taken care of. However, if you're testing `prod` on your dev machine or using a different deployment mechanism - you'll need to make sure that these environment variables have been set. Please bare in mind that `SECRET_KEY_BASE` and `DATABASE_URL` are secrets and need to be protected. Please follow best practices for managing secrets on the platform you are deploying to. ## Deployment with Fly.io To deploy to Fly.io, use the following guide: {% content-ref url="/pages/jdVc4e2YZPTEHpaGDkra" %} [Deploy to Fly.io](/petal-pro-documentation/v2.0.0/guides/deploy-to-fly.io.md) {% endcontent-ref %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.petal.build/petal-pro-documentation/v2.0.0/fundamentals/deployment.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.