Footsol — Resource Requirements

VPS Specifications

Recommended single-VPS setup for MVP launch. Containerized for easy future migration.

CPU8 vCPU
RAM48 GB
Storage512 GB SSD
OSUbuntu 24.04 LTS
LocationUK / EU (GDPR compliance)

Core Software Stack

Software	Purpose	Status
Ubuntu Server 24.04	Operating System	Required
Docker + Docker Compose	Containerization	Required
Nginx	Reverse proxy, SSL termination	Required
Node.js (LTS)	Backend API runtime	Required
PostgreSQL	Primary database	Required
Redis	Caching, slot holds, sessions	Recommended
PM2	Process manager	Required
Certbot	SSL certificate management	Required

Security Hardening Checklist

Naked VPS means full security responsibility. These are mandatory before launch.

UFW Firewall — allow only ports 80, 443, 22
Fail2Ban — protect SSH from brute force
SSH Hardening — disable password login, use key auth only
PostgreSQL — bind to localhost only, strong password, regular backups
Redis — bind to localhost, no public exposure
Automated daily backups (pg_dump to object storage)
HTTPS everywhere via Certbot/Cloudflare
Environment variables for secrets (never in code)

External Services & Accounts

All third-party services are paid directly by the client. Development partner handles technical integration only.

Domain Registration

Domain name for the platform (e.g., footsol.co.uk)

namecheap.com →

VPS — Contabo

Best price/performance ratio for EU hosting

contabo.com →

VPS — Hetzner

Excellent price, reliable EU infrastructure

hetzner.com →

Stripe (Payments)

Card payments, Apple Pay, Google Pay, Connect for marketplace

stripe.com →

Apple Developer

Required for iOS App Store distribution ($99/year)

developer.apple.com →

Google Play Console

Required for Android app publishing ($25 one-time)

play.google.com/console →

Firebase

Push notifications via FCM (Android + iOS)

firebase.google.com →

Google Maps API

Venue discovery, distance calculation, map views

Google Cloud Console →

Cloudflare

DNS management, CDN, DDoS protection

cloudflare.com →

SendGrid (Email)

Transactional emails: confirmations, receipts, notifications

sendgrid.com →

Twilio (SMS)

Optional SMS notifications and verification

twilio.com →

Deployment Structure

/apps/ backend/ # Node.js API source admin/ # React admin panel build /data/ postgres/ # PostgreSQL data directory /nginx/ config/ # Nginx site configurations Docker Compose Services: ┌─────────────┐ │ nginx │ ← SSL termination, reverse proxy └──────┬──────┘ │ ┌──────▼──────┐ │ node-api │ ← Express API (port 3000) └──────┬──────┘ │ ┌──────▼──────┐ ┌───────────┐ │ postgresql │ │ redis │ └─────────────┘ └───────────┘

Domain & DNS Setup

Subdomain	Points To	Purpose
api.domain.com	VPS IP	Backend API
admin.domain.com	VPS IP	Admin panel

DNS managed via Cloudflare (strongly recommended for DDoS protection and caching).

Risks & Mitigations

Single Point of Failure

If the VPS crashes, everything goes down. Mitigation: automated daily backups, monitoring with Uptime Kuma, documented recovery procedure.

No Auto-Scaling

High traffic requires manual VPS upgrade. Mitigation: containerized architecture allows easy migration to cloud with auto-scaling when needed.

Manual Backups

Backups must be configured manually. Mitigation: automated pg_dump cron job to external object storage (e.g., Backblaze B2).

Full Security Responsibility

No cloud-layer protection. Mitigation: UFW firewall, Fail2Ban, SSH hardening, Cloudflare proxy, regular security updates.

Booking Concurrency

The biggest technical challenge — double-booking prevention. Mitigation: DB UNIQUE constraint + atomic slot hold lock (belt + suspenders approach).

Senior Architect Recommendation

For MVP: Yes, use naked VPS. But design so migration is easy later.

Containerize everything (Docker Compose)
Separate DB logically
Use environment variables for all config
Avoid tight coupling between services
Document deployment and recovery procedures