Multi-Environment DevOps Automation
Containerized delivery from a single git push to production — identical across dev, staging, and prod.
A practical DevOps project demonstrating multi-environment containerization, automated CI/CD pipelines, and production-grade deployment flows.
Environments
3
dev · staging · prod
Pipeline stages
6
commit → serve
Release trigger
Git push
fully automated
Downtime
Zero
PM2 graceful reload
Overview
What it is
A self-hosted deployment platform built to make shipping repeatable and boring. Every environment runs the same container image, so what passes in staging behaves the same in production.
A single push to a tracked branch kicks off the whole pipeline: install, lint, test, build a lean Docker image, push it to a registry, and roll it out over SSH — with zero-downtime process reloads and an NGINX edge in front.
The goal was operational confidence: no snowflake servers, no manual SSH-and-pray releases, and a clear, scripted path from commit to live.
Delivery
From commit to production
Commit & Push
A push to a tracked branch triggers GitHub Actions via branch-based rules.
Install & Test
Dependencies installed in a clean runner, then lint and automated checks run.
Build Image
A multi-stage Dockerfile produces a small, reproducible production image.
Push to Registry
The versioned image is tagged and pushed to the container registry.
Deploy
The target host pulls the image over SSH; environment-specific config is injected.
Serve
PM2 supervises the Node process behind an NGINX reverse proxy with TLS.
Architecture
How it fits together
Source & CI
Where a release begins
Build
Reproducible artifacts
Runtime
How the app runs
Edge
What users hit
Ops
Keeping it healthy
Capabilities
Key features
Multi-environment parity
The same containerized runtime powers dev, staging, and prod — no environment drift.
Push-to-deploy CI/CD
GitHub Actions turns a git push into a fully automated build-and-release.
Zero-downtime releases
PM2 gracefully reloads processes so traffic is never dropped during a deploy.
NGINX edge + TLS
A reverse proxy terminates TLS, compresses responses, and routes to app processes.
Scripted operations
Bash tooling handles provisioning, deploys, and routine maintenance repeatably.
Isolated configuration
Per-environment secrets and variables keep credentials scoped and out of the image.
Toolbox
Tech stack
Containerization
CI/CD
Runtime
Edge
OS & Scripting
Want the deeper walkthrough?
Happy to talk through the architecture and trade-offs in detail.