Reeve
Cloud Platform

Deployment

Setting up a Reeve Cloud deployment on AWS with Docker and Traefik.

Cloud Deployment

This guide covers deploying Reeve Cloud infrastructure. For most users, the hosted version at meetreeve.com is the easiest path. This guide is for self-hosting the cloud platform.

Prerequisites

  • AWS account with EC2 access
  • Domain name with DNS control
  • Docker and Docker Compose
  • SSL certificate (or Let's Encrypt via Traefik)

Infrastructure Setup

1. Provision EC2

Recommended instance: m7g.xlarge (ARM/Graviton, 4 vCPU, 16 GB RAM)

# Install Docker
curl -fsSL https://get.docker.com | sh
sudo usermod -aG docker $USER

# Install Docker Compose
sudo apt install docker-compose-plugin

2. Configure Traefik

Create traefik.yml:

entryPoints:
  web:
    address: ":80"
    http:
      redirections:
        entryPoint:
          to: websecure
          scheme: https
  websecure:
    address: ":443"

certificatesResolvers:
  letsencrypt:
    acme:
      email: admin@yourdomain.com
      storage: /etc/traefik/acme.json
      httpChallenge:
        entryPoint: web

providers:
  docker:
    exposedByDefault: false
  file:
    directory: /etc/traefik/dynamic/

3. Create tenant containers

For each tenant, create a Docker Compose service:

# docker-compose.yml
services:
  traefik:
    image: traefik:v3
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./traefik.yml:/etc/traefik/traefik.yml
      - ./acme.json:/etc/traefik/acme.json

  tenant-acme:
    image: reeve-gateway:latest
    environment:
      - TENANT_ID=acme
      - REEVE_CLOUD_MODE=true
      - REEVE_SERVICES_URL=https://services.yourdomain.com
      - REEVE_SERVICES_TOKEN=${SERVICES_TOKEN}
    volumes:
      - /data/tenants/acme:/data
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.acme.rule=Host(`acme.gw.yourdomain.com`)"
      - "traefik.http.routers.acme.tls.certresolver=letsencrypt"
      - "traefik.http.services.acme.loadbalancer.server.port=8080"

4. DNS configuration

Point tenant subdomains to your EC2 instance:

*.gw.yourdomain.com  →  A  →  <EC2-IP>

5. Deploy Services API

The Python services API runs on Railway (or any Python hosting):

cd reeve-services
railway deploy

Required environment variables:

  • DATABASE_URL — PostgreSQL connection string
  • CLERK_SECRET_KEY — Clerk authentication
  • STRIPE_SECRET_KEY — Billing integration
  • REEVE_SERVICES_TOKEN — Service-to-service auth
  • S3_BUCKET — Data persistence bucket

6. Deploy Frontend

The Next.js frontend deploys to Vercel:

cd reeve-frontend
vercel --prod

The hosted Reeve Cloud at meetreeve.com handles all of this automatically. Self-hosting the cloud infrastructure is only necessary for enterprises with specific compliance or data residency requirements.

Tenant Provisioning

New tenants are provisioned through the Services API:

curl -X POST https://services.yourdomain.com/api/tenants \
  -H "Authorization: Bearer $ADMIN_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "tenant_id": "acme",
    "plan": "pro",
    "owner_email": "admin@acme.com"
  }'

This:

  1. Creates the tenant directory structure
  2. Generates a reeve.json with sensible defaults
  3. Creates the org layer with empty templates
  4. Provisions the Docker container
  5. Registers DNS via Traefik labels

Monitoring

  • Container health: Traefik health checks on gateway HTTP port
  • Logs: docker logs tenant-acme or centralized logging (CloudWatch, Datadog)
  • Metrics: Gateway exposes basic metrics at /api/health
  • Alerts: Set up CloudWatch alarms for container restarts, high memory, etc.

Architecture

Docker per-tenant containers, Traefik routing, S3 persistence, and EC2 infrastructure.

Tenant Isolation

How Reeve Cloud isolates workspaces, data, and execution between tenants.

On this page

Cloud DeploymentPrerequisitesInfrastructure Setup1. Provision EC22. Configure Traefik3. Create tenant containers4. DNS configuration5. Deploy Services API6. Deploy FrontendTenant ProvisioningMonitoring