Deployment Requirements
Monozu Cloud is deployed as a multi-tenant SaaS-style stack: React SPA, Go API, Azure SQL, and optional Azure storage for edge snap distribution.
Platform components
Section titled “Platform components”| Component | Technology | Notes |
|---|---|---|
| Frontend | React / Vite static bundle | Hosted on CDN (e.g. Cloudflare Pages) |
| API | Go / Fiber | Azure App Service (container) |
| Database | Azure SQL (SQL Server) | Row-Level Security per tenant |
| Ingest | HTTPS API | ingest.cloud.monozu.io path (tenant-configured on edge) |
| VPN Hub | WireGuard | Co-located with API infrastructure |
| Resend (optional) | Invites, maintenance notifications |
Minimum scale (reference)
Section titled “Minimum scale (reference)”| Resource | Starting point |
|---|---|
| App Service | 2 vCPU, 4 GB RAM (scale per tenant count) |
| Azure SQL | General Purpose, 2+ vCores, geo-redundant backup |
| TLS | TLS 1.2+ end-to-end |
Network
Section titled “Network”- Outbound HTTPS from App Service to SQL, Resend, NVD/Shodan (if vulnerability feeds enabled)
- Public endpoints: SPA origin, API (
API_PUBLIC_URL), WebSocket/ws/vpnand/ws/security - Customer edges only require outbound HTTPS/UDP to cloud — see Architecture Overview
Security baseline
Section titled “Security baseline”SECRET_KEY≥ 32 characters- Production
ALLOW_ORIGINSmust list SPA origins (no wildcard with credentials) - Prefer managed identity for SQL and storage over long-lived keys