Skip to main content
Deploy Omni to AWS using Terraform for production-ready infrastructure with auto-scaling and multi-AZ redundancy. For development or single-server deployments, see Docker Compose Deployment.

Prerequisites

  • AWS account with administrative access
  • Terraform 1.0+
  • AWS CLI configured (aws configure)
  • Domain name and ACM certificate (optional, for HTTPS)

Quick Start

git clone https://github.com/getomnico/omni.git
cd omni/infra/aws/terraform
cp terraform.tfvars.example terraform.tfvars
Edit terraform.tfvars: 
# Required
customer_name     = "acme-corp"           # Lowercase, hyphens only
region            = "us-east-1"
environment       = "production"

# API Keys
anthropic_api_key = "sk-ant-..."          # https://console.anthropic.com
jina_api_key      = "jina_..."            # https://jina.ai

# Database
paradedb_instance_type = "r5.large"
paradedb_volume_size   = 200              # GB

# Optional: Custom domain
custom_domain       = "omni.yourcompany.com"
ssl_certificate_arn = "arn:aws:acm:us-east-1:xxx:certificate/xxx"

# Optional: Connectors (add as needed)
google_client_id     = "xxx.apps.googleusercontent.com"
google_client_secret = "GOCSPX-xxx"
slack_client_id      = "xxx"
slack_client_secret  = "xxx"
See Configuration Reference for all options.

Deploy

terraform init
terraform plan -out=tfplan
terraform apply tfplan
Deployment takes 15-20 minutes. Get outputs when complete: 
terraform output omni_url        # Application URL
terraform output alb_dns_name    # For DNS CNAME record
Create a CNAME record pointing your domain to the ALB DNS name, then access at https://omni.yourcompany.com.

Infrastructure Overview

ComponentAWS ServicePurpose
ComputeECS FargateRuns all Omni services (web, searcher, indexer, ai, connectors)
DatabaseParadeDB on ECSPrimary data store (PostgreSQL + pg_search)
CacheElastiCache RedisSessions and caching
Load BalancerALBHTTPS termination, routing
NetworkVPCPrivate subnets, NAT gateway
SecretsSecrets ManagerAuto-generated credentials
LogsCloudWatchCentralized logging
StorageS3Content and backups

Scaling

# Vertical: increase task resources
ecs_task_cpu    = "2048"    # 2 vCPU
ecs_task_memory = "4096"    # 4 GB

# Horizontal: more tasks per service
ecs_desired_count = 5

# Auto-scaling (optional)
enable_autoscaling     = true
min_capacity           = 2
max_capacity           = 10
target_cpu_percent     = 70
Apply with terraform apply.

Updating

Update image_tag in terraform.tfvars: 
image_tag = "v1.2.0"
Then apply: 
terraform apply
# ECS performs rolling update with zero downtime

Backups

# Get a running task ID
TASK_ID=$(aws ecs list-tasks --cluster $(terraform output -raw ecs_cluster_name) \
  --service-name paradedb --query 'taskArns[0]' --output text)

# Run backup (uploads to S3 directly from container)
aws ecs execute-command \
  --cluster $(terraform output -raw ecs_cluster_name) \
  --task $TASK_ID \
  --container paradedb \
  --interactive \
  --command "/bin/bash -c 'pg_dump -U omni omni | gzip | aws s3 cp - s3://your-backup-bucket/backup-\$(date +%Y%m%d).sql.gz'"

Monitoring

# Tail logs
aws logs tail $(terraform output -raw log_group_name) --follow

# Filter errors
aws logs filter-log-events \
  --log-group-name $(terraform output -raw log_group_name) \
  --filter-pattern "ERROR"
Enable Container Insights for ECS metrics: enable_container_insights = true

Destroying

# Backup database first, then destroy
terraform destroy

Troubleshooting

ProblemSolution
Terraform apply failsRun aws sts get-caller-identity to verify credentials; check IAM permissions
ECS tasks won’t startCheck CloudWatch logs; verify image pull permissions; increase task memory
Database connection errorsVerify security group allows port 5432 from ECS; check ParadeDB task status
See Troubleshooting Guide for detailed diagnostics.

Next Steps