Skip to content

Quickstart

From a fresh VPS to your shop, staff app, and API live over HTTPS — in about 30 minutes, most of it waiting for installs. This is the condensed path; for a host-specific, click-by-click version use a full runbook.

  1. Get a VPS and point your domain at it.

    Create an Ubuntu 24.04 LTS server (Hostinger KVM 2 for the full profile, DigitalOcean 2 GB for the lite floor), and note its IP. Then add three A records at your DNS provider, all pointing at that IP:

    Type Name Serves
    A @ (or a shop subdomain) storefront
    A api the API
    A admin staff admin app

    Do this before first boot so HTTPS certificates can be issued automatically. Check with ping your-domain.com and ping api.your-domain.com.

  2. Install Docker.

    Terminal window
    ssh root@YOUR_VPS_IP
    apt-get update && apt-get -y upgrade
    curl -fsSL https://get.docker.com | sh
    docker --version && docker compose version
  3. Get the code.

    Terminal window
    apt-get -y install git
    git clone YOUR_REPO_URL /srv/app
    cd /srv/app

    (Or upload your purchase zip and unzip it into /srv/app.)

  4. Configure .env.

    Terminal window
    cp .env.example .env
    nano .env

    Change at least these four:

    Variable Set it to
    DJANGO_SECRET_KEY a fresh key — docker run --rm python:3.13-slim python -c "import secrets; print(secrets.token_urlsafe(64))"
    DOMAIN your-domain.com — the shop domain; the API URL (api.your-domain.com), the admin. host, allowed hosts, CORS and CSRF all derive from it — you don’t set them separately
    DB_PASSWORD a strong database password
    DJANGO_SUPERUSER_USERNAME / _EMAIL / _PASSWORD your admin login (created on first boot)

    Leave DJANGO_ENV=production and DJANGO_DEBUG=False as they are.

    Optional now, easy later (all runtime — no rebuild):

    Variable For
    APP_NAME, BRAND_ACCENT, BRAND_LOGO_URL your brand name, accent colour and logo (or set these in the tenant config after boot)
    payment_methods (tenant config), COURIER_DEFAULT_PROVIDER, SMS_DEFAULT_PROVIDER + their credentials payments, couriers and SMS. Credentials go in the encrypted Integrations store, never .env. See Payment providers
    DJANGO_EMAIL_* a real SMTP host for transactional email

    You can launch without these and add them later — brand and providers are best set in the tenant config after first boot. Full reference: Store settings & branding.

  5. Launch.

    Terminal window
    docker compose up -d

    Keep INFRA_PROFILE=lite (the default). That’s the whole point of the small box.

    First run builds the API image and pulls the prebuilt frontends — expect 5–10 minutes. Boot is fully automatic: wait-for-db → migrate → collectstatic → create superuser → serve. No manual steps.

    Terminal window
    docker compose ps # wait for web "(healthy)"
    docker compose logs -f web # watch it come up; Ctrl+C to stop
  6. Verify.

    Terminal window
    curl -s https://api.your-domain.com/health/ # → "status": "success"
    curl -s https://your-domain.com/api/config # storefront runtime config
    curl -s https://admin.your-domain.com/api/config # admin runtime config

    Then open your shop at https://your-domain.com, the staff app at https://admin.your-domain.com, and log into the deep-ops console at https://api.your-domain.com/admin/ with your superuser credentials.

  1. Harden the box — firewall, SSH keys, automatic security updates. Ten minutes; do it the same day.

  2. Skim upgrades & backups — how updates roll out, and how to restore the nightly backup. Practice a restore once — a backup you’ve never restored is a hope, not a backup.

Optional: seed a demo catalog to click around

Section titled “Optional: seed a demo catalog to click around”
Terminal window
docker compose exec web python manage.py seed_client --profile belltex --demo

This loads the BellTex demo store so you can explore the storefront and admin with real-looking products before you add your own.

The most common snags — certificate warnings, connection refused, DisallowedHost — and their fixes are in the Hostinger troubleshooting table, which applies to any host.