interledger · mkurapov · Sep 12, 2024 · mkurapov · Sep 12, 2024
diff --git a/packages/documentation/src/content/docs/integration/prod/docker-compose.mdx b/packages/documentation/src/content/docs/integration/prod/docker-compose.mdx
@@ -29,34 +29,34 @@ As Let's encrypt certificates are valid for 90 days, you must set up a cron proc
 ```sh
 crontab -e
 
-0 3 * * * crontab renew
+0 3 * * * certbot renew
 ```
 
 ## Update DNS records
 
-Next update the DNS records to point to the static external IP address of the volumes:
+Next update the DNS records (A records) to point to the static external IP address of the virtual machine:
 
-| service   | URL              | example                |
-| --------- | ---------------- | ---------------------- |
-| admin     | admin.DOMAIN     | admin.myrafiki.com     |
-| auth      | auth.DOMAIN      | auth.myrafiki.com      |
-| connector | connector.DOMAIN | connector.myrafiki.com |
-| ilp       | ilp.DOMAIN       | ilp.myrafiki.com       |
+| service                       | URL          | example            |
+| ----------------------------- | ------------ | ------------------ |
+| Open Payments resource server | DOMAIN       | myrafiki.com       |
+| ILP Connector                 | ilp.DOMAIN   | ilp.myrafiki.com   |
+| Open Payments auth server     | auth.DOMAIN  | auth.myrafiki.com  |
+| Admin UI                      | admin.DOMAIN | admin.myrafiki.com |
 
 ## Server preparation
 
 Create nginx configuration files for every exposed domain:
 
-### Admin
+### Open Payments Resource Server (`backend` package)
 
 ```sh
-
-    server_name admin.myrafiki.com;
+server {
+    server_name myrafiki.com;
 
     listen 443 ssl;
 
-    ssl_certificate /etc/letsencrypt/live/admin.myrafiki.com/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/admin.myrafiki.com/privkey.pem;
+    ssl_certificate /etc/letsencrypt/live/myrafiki.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/myrafiki.com/privkey.pem;
 
     include /etc/letsencrypt/options-ssl-nginx.conf;
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
@@ -72,33 +72,33 @@ Create nginx configuration files for every exposed domain:
 
         proxy_pass_request_headers on;
 
-        proxy_pass http://localhost:4010;
+        proxy_pass http://localhost:3000;
     }
 }
 
 server {
-    server_name admin.myrafiki.com;
+    server_name myrafiki.com;
 
     listen 80;
 
-    if ($host = admin.myrafiki.com) {
+    if ($host = myrafiki.com) {
 	    return 301 https://$host$request_uri;
     }
 
     return 404;
 }
 ```
 
-### Auth
+### ILP Connector (`backend` package)
 
 ```sh
 server {
-    server_name auth.myrafiki.com;
+    server_name ilp.myrafiki.com;
 
     listen 443 ssl;
 
-    ssl_certificate /etc/letsencrypt/live/auth.myrafiki.com/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/auth.myrafiki.com/privkey.pem;
+    ssl_certificate /etc/letsencrypt/live/ilp.myrafiki.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/ilp.myrafiki.com/privkey.pem;
 
     include /etc/letsencrypt/options-ssl-nginx.conf;
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
@@ -119,27 +119,28 @@ server {
 }
 
 server {
-    server_name auth.myrafiki.com;
+    server_name ilp.myrafiki.com;
 
     listen 80;
 
-    if ($host = auth.myrafiki.com) {
-	    return 301 https://$host$request_uri;
+    if ($host = ilp.myrafiki.com) {
+            return 301 https://$host$request_uri;
     }
 
     return 404;
 }
 ```
 
-### Connector
+### Open Payments Auth Server (`auth` package)
 
 ```sh
 server {
-    server_name connector.myrafiki.com;
+    server_name auth.myrafiki.com;
 
     listen 443 ssl;
-    ssl_certificate /etc/letsencrypt/live/connector.myrafiki.com/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/connector.myrafiki.com/privkey.pem; # managed by Certbot
+
+    ssl_certificate /etc/letsencrypt/live/auth.myrafiki.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/auth.myrafiki.com/privkey.pem;
 
     include /etc/letsencrypt/options-ssl-nginx.conf;
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
@@ -155,33 +156,33 @@ server {
 
         proxy_pass_request_headers on;
 
-        proxy_pass http://localhost:3002;
+        proxy_pass http://localhost:3006;
     }
 }
 
 server {
-    server_name connector.myrafiki.com;
+    server_name auth.myrafiki.com;
 
     listen 80;
 
-    if ($host = connector.myrafiki.com) {
-	    return 301 https://$host$request_uri;
+    if ($host = auth.myrafiki.com) {
+            return 301 https://$host$request_uri;
     }
 
     return 404;
 }
 ```
 
-### ILP
+### Admin (`frontend` package)
 
 ```sh
 server {
-    server_name ilp.myrafiki.com;
+    server_name admin.myrafiki.com;
 
     listen 443 ssl;
 
-    ssl_certificate /etc/letsencrypt/live/ilp.myrafiki.com/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/ilp.myrafiki.com/privkey.pem;
+    ssl_certificate /etc/letsencrypt/live/admin.myrafiki.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/admin.myrafiki.com/privkey.pem;
 
     include /etc/letsencrypt/options-ssl-nginx.conf;
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
@@ -197,17 +198,17 @@ server {
 
         proxy_pass_request_headers on;
 
-        proxy_pass http://localhost:4000;
+        proxy_pass http://localhost:3005;
     }
 }
 
 server {
-    server_name ilp.myrafiki.com;
+    server_name admin.myrafiki.com;
 
     listen 80;
 
-    if ($host = ilp.myrafiki.com) {
-            return 301 https://$host$request_uri;
+    if ($host = admin.myrafiki.com) {
+	    return 301 https://$host$request_uri;
     }
 
     return 404;