Quickstart
From a fresh VPS to your shop, staff app, and API live over HTTPS — in about 30 minutes, most of it waiting for installs. This is the condensed path; for a host-specific, click-by-click version use a full runbook.
-
Get a VPS and point your domain at it.
Create an Ubuntu 24.04 LTS server (Hostinger KVM 2 for the full profile, DigitalOcean 2 GB for the lite floor), and note its IP. Then add three A records at your DNS provider, all pointing at that IP:
Type Name Serves A @(or ashopsubdomain)storefront A apithe API A adminstaff admin app Do this before first boot so HTTPS certificates can be issued automatically. Check with
ping your-domain.comandping api.your-domain.com. -
Install Docker.
Terminal window ssh root@YOUR_VPS_IPapt-get update && apt-get -y upgradecurl -fsSL https://get.docker.com | shdocker --version && docker compose version -
Get the code.
Terminal window apt-get -y install gitgit clone YOUR_REPO_URL /srv/appcd /srv/app(Or upload your purchase zip and
unzipit into/srv/app.) -
Configure
.env.Terminal window cp .env.example .envnano .envChange at least these four:
Variable Set it to DJANGO_SECRET_KEYa fresh key — docker run --rm python:3.13-slim python -c "import secrets; print(secrets.token_urlsafe(64))"DOMAINyour-domain.com— the shop domain; the API URL (api.your-domain.com), theadmin.host, allowed hosts, CORS and CSRF all derive from it — you don’t set them separatelyDB_PASSWORDa strong database password DJANGO_SUPERUSER_USERNAME/_EMAIL/_PASSWORDyour admin login (created on first boot) Leave
DJANGO_ENV=productionandDJANGO_DEBUG=Falseas they are.Optional now, easy later (all runtime — no rebuild):
Variable For APP_NAME,BRAND_ACCENT,BRAND_LOGO_URLyour brand name, accent colour and logo (or set these in the tenant config after boot) payment_methods(tenant config),COURIER_DEFAULT_PROVIDER,SMS_DEFAULT_PROVIDER+ their credentialspayments, couriers and SMS. Credentials go in the encrypted Integrations store, never .env. See Payment providersDJANGO_EMAIL_*a real SMTP host for transactional email You can launch without these and add them later — brand and providers are best set in the tenant config after first boot. Full reference: Store settings & branding.
-
Launch.
Terminal window docker compose up -dKeep
INFRA_PROFILE=lite(the default). That’s the whole point of the small box.Terminal window docker compose -f docker-compose.yml -f docker-compose.full.yml up -dAdds Redis + Celery + websockets on top of lite.
First run builds the API image and pulls the prebuilt frontends — expect 5–10 minutes. Boot is fully automatic: wait-for-db → migrate → collectstatic → create superuser → serve. No manual steps.
Terminal window docker compose ps # wait for web "(healthy)"docker compose logs -f web # watch it come up; Ctrl+C to stop -
Verify.
Terminal window curl -s https://api.your-domain.com/health/ # → "status": "success"curl -s https://your-domain.com/api/config # storefront runtime configcurl -s https://admin.your-domain.com/api/config # admin runtime configThen open your shop at
https://your-domain.com, the staff app athttps://admin.your-domain.com, and log into the deep-ops console athttps://api.your-domain.com/admin/with your superuser credentials.
Right after you’re live
Section titled “Right after you’re live”-
Harden the box — firewall, SSH keys, automatic security updates. Ten minutes; do it the same day.
-
Skim upgrades & backups — how updates roll out, and how to restore the nightly backup. Practice a restore once — a backup you’ve never restored is a hope, not a backup.
Optional: seed a demo catalog to click around
Section titled “Optional: seed a demo catalog to click around”docker compose exec web python manage.py seed_client --profile belltex --demoThis loads the BellTex demo store so you can explore the storefront and admin with real-looking products before you add your own.
If something doesn’t work
Section titled “If something doesn’t work”The most common snags — certificate warnings, connection refused,
DisallowedHost — and their fixes are in the
Hostinger troubleshooting table,
which applies to any host.