Requirement	How to get it
Server or VM	Any cloud provider or on-premise. Min: 1 vCPU, 1 GB RAM.
Docker & Compose	Install Docker →
Git	Pre-installed on most servers. If not: `sudo apt install git`

Required variables

Variable	What to set
`DOMAIN`	Your domain, or `localhost` for testing
`DB_PASSWORD`	A strong, unique database password
`SECRET_KEY`	Generate with the command below
`ADMIN_EMAIL`	Your admin contact email

Generate your SECRET_KEY:

openssl rand -base64 32

💡

Most API keys can be configured later via the Admin Console. You only need DB_PASSWORD, SECRET_KEY, and DOMAIN to start.

Start the System

Pull images and launch all services

▾

Production (recommended)

docker compose -f docker-compose.yml \ -f docker-compose.prod.yml pull docker compose -f docker-compose.yml \ -f docker-compose.prod.yml up -d

Development (builds locally)

docker compose up --build -d

Verify

docker compose ps

You should see backend, frontend, db, redis, caddy, celery_worker, and celery_beat — all Up.

Access points

Portal	URL
Resident Portal	`http://localhost/`
Staff Dashboard	`http://localhost/staff`
Admin Console	`http://localhost/admin`
Research Lab	`http://localhost/research`
API Docs	`http://localhost/api/docs`

Get Bootstrap Access

Initial admin access before Auth0

▾

curl -X POST http://localhost/api/auth/bootstrap

Click the returned magic link — it logs you into the Admin Console with full privileges.

⚠️

Bootstrap access is temporary and auto-disabled once Auth0 is configured.

Configure Auth0 (SSO)

Zero-password staff authentication

▾

1. Create an Auth0 application

Log into Auth0 Dashboard
Applications → Create Application → Regular Web Application

2. Configure callback URLs

Setting	Value
Callback URLs	`https://311.yourtown.gov/api/auth/callback`
Logout URLs	`https://311.yourtown.gov/staff`
Web Origins	`https://311.yourtown.gov`

3. Enter in Admin Console

Go to Setup & Integration, enter your Auth0 Domain, Client ID, and Client Secret.

🔒

Bootstrap access is now auto-disabled. All logins use Auth0 SSO with optional MFA and passkeys.

Configure Google Maps

Location picker, maps, autocomplete

▾

Google Cloud Console → Credentials → Create API Key
Restrict to: Maps JavaScript, Places, Geocoding APIs
Restrict referrers to your domain

Enter the key in Admin Console → Setup & Integration → Google Maps.

Google Cloud (AI Features)

Vertex AI, Translation, Secret Manager

▾

Enable APIs

In Google Cloud Console, enable Vertex AI API and Cloud Translation API.

Create a service account

IAM → Service Accounts → Create
Roles: Vertex AI User, Cloud Translation API User
Create key → JSON → download

Upload in Admin Console → Setup & Integration → Google Cloud. The key is encrypted with AES-128-CBC.

Email Notifications

SMTP for confirmation & status emails

▾

In Admin Console → Setup & Integration:

Field	Example
SMTP Host	`smtp.gmail.com`
SMTP Port	`587` (TLS)
Username	`311@yourtown.gov`
From Address	`311@yourtown.gov`

💡

Gmail users: create an App Password. Emails auto-inject your township's branding.

SMS (Optional)

Twilio text alerts

▾

Create a Twilio account
Get a phone number with SMS capability
Enter Account SID, Auth Token, and From Number in Admin Console

Municipality Boundaries

GeoJSON service area

▾

Requests outside the boundary are automatically rejected. Get your file from:

Your GIS department
Census TIGER/Line
geojson.io — draw manually

Upload in Setup & Integration → Municipality Boundaries.

Services & Departments

Categories, routing, custom questions

▾

In Admin Console → Services, create categories (Pothole, Streetlight, etc.):

Setting	Description
Routing	Township Handled, Third-Party, or Road-Based
Department	Which team handles it
Questions	Follow-up questions per service

💡

Road-Based routing splits jurisdiction per street — all configured without code.

Branding

Logo, colors, fonts

▾

In Admin Console → Branding:

Municipality Name — headers, emails, portal
Logo — nav, emails, portal
Primary & Secondary Colors
Font

Auto-applied to Resident Portal, all emails, SMS, and Staff Dashboard.

Legal Documents

Privacy, Terms, Accessibility

▾

In Branding → Legal Documents:

Privacy Policy — data collection, retention, rights
Terms of Service — includes non-emergency disclaimer
Accessibility — WCAG 2.1 AA, Section 508

All support Markdown formatting. Sensible defaults included.

Custom Domain

Auto HTTPS via Let's Encrypt

▾

1. Point DNS

Type	Name	Value
A	`311.yourtown.gov`	Your server IP

2. Update .env

DOMAIN=311.yourtown.gov

3. Restart Caddy

docker compose restart caddy

Caddy auto-provisions SSL and redirects HTTP → HTTPS.

Automatic Updates (Optional)

Watchtower patches at 3 AM daily

▾

# Enable docker compose up -d watchtower # Disable docker compose stop watchtower # Status docker compose ps watchtower

💡

Works perfectly without Watchtower. Use for hands-off updates, or disable for manual control.

Secret Manager (Optional)

Enterprise secret storage via GCP

▾

Ensure GCP service account has Secret Manager Admin role
In Admin Console, click Enable Secret Manager
All secrets auto-migrate

⚠️

Two bootstrap keys (GCP_SERVICE_ACCOUNT_JSON, GOOGLE_CLOUD_PROJECT) stay in the local DB — they're needed to access Secret Manager itself.

Add Staff Users

Invite and assign roles

▾

In Staff Management:

Role	Access
Staff	View, manage, resolve requests
Admin	Full Admin Console access
Researcher	Privacy-preserved analytics

Staff log in via Auth0 SSO — no passwords needed.

Go-Live Checklist

Verify before sharing with residents

▾

✓	Item
☐	Secure DB_PASSWORD and SECRET_KEY (not defaults)
☐	Auth0 configured, bootstrap disabled
☐	Google Maps key working
☐	Municipality boundary uploaded
☐	At least one service category
☐	At least one department with staff
☐	SMTP email configured and tested
☐	Branding set (logo, name, colors)
☐	Legal documents reviewed
☐	Custom domain with HTTPS
☐	Full lifecycle test: submit → staff → resolve → email

Ongoing Maintenance

Backups, updates, troubleshooting

▾

Database backups

docker compose exec db pg_dump -U township township_db > backup_$(date +%Y%m%d).sql

Manual updates

docker compose -f docker-compose.yml \ -f docker-compose.prod.yml pull docker compose -f docker-compose.yml \ -f docker-compose.prod.yml up -d

Database migrations

docker compose exec backend alembic upgrade head

View logs

docker compose logs -f backend

Record retention

State	Period
Texas	10 years
NJ, PA, WI	7 years
NY, MI, WA, CT	6 years
CA, FL, most	5 years (default)
GA, MA	3 years

Need help? We're here for you.

GitHub Repository → Report an Issue Donate (tax-deductible)

Requirement	Why
Google Cloud	Maps, Vertex AI (Gemini), Translate, Secret Manager
Auth0 Account	Staff SSO, MFA, passkeys — free tier
Custom Domain	e.g. `311.yourtown.gov`
SMTP Server	Confirmation & status emails

You're all set,
let's get you deployed.

Complete Setup Guide

Setup Steps

Required

Recommended

Required variables

Production (recommended)

Development (builds locally)

Verify

Access points

1. Create an Auth0 application

2. Configure callback URLs

3. Enter in Admin Console

Enable APIs

Create a service account

1. Point DNS

2. Update .env

3. Restart Caddy

Database backups

Manual updates

Database migrations

View logs

Record retention

You're all set,let's get you deployed.

Complete Setup Guide

Setup Steps

Required

Recommended

Required variables

Production (recommended)

Development (builds locally)

Verify

Access points

1. Create an Auth0 application

2. Configure callback URLs

3. Enter in Admin Console

Enable APIs

Create a service account

1. Point DNS

2. Update .env

3. Restart Caddy

Database backups

Manual updates

Database migrations

View logs

Record retention

You're all set,
let's get you deployed.