PROJECT OVERVIEW I have built a production-structured Telegram Kuji bot with a FastAPI backend and PostgreSQL database. The system is fully implemented and architected with production-grade safety features. I am looking for an experienced DevOps engineer to handle deployment from Replit to AWS Lightsail for a controlled test production run. This is NOT a feature development job. The application logic is complete. The scope is infrastructure setup, deployment, configuration, validation, and documentation. TECH STACK Backend: (1) Python 3 (2) FastAPI (3) aiogram (async Telegram bot) (4) SQLAlchemy 2.x (async) (5) PostgreSQL (asyncpg) (6) Alembic migrations (7) APScheduler (background jobs) Frontend: (1) Telegram WebApp (HTML/CSS/JS) (2) React (Vite + TypeScript + Tailwind) for Stripe redirect pages Infrastructure: (1) Docker-ready (or near-ready) (2) Structured JSON logging (3) Prometheus-style /metrics endpoint (4) Health and readiness endpoints Payments: (1) Stripe integration with webhook idempotency WHAT HAS ALREADY BEEN IMPLEMENTED DATA & CONCURRENCY SAFETY (1) PostgreSQL-first architecture (no active SQLite usage) (2) Row-level locking using SELECT ... FOR UPDATE SKIP LOCKED (3) Transaction-safe prize allocation (4) Oversell protection PAYMENT SAFETY (1) Stripe webhook idempotency table (2) Exactly-once-style payment handling (3) Duplicate webhook protection JOB QUEUE SYSTEM (1) Database-backed job queue (2) Retry with exponential backoff + jitter (3) Dead-letter queue (DLQ) (4) Crash-proof reclaim logic for stuck jobs (5) Guarded state transitions preventing stale worker overwrite OBSERVABILITY (1) Structured JSON logs (2) Correlation IDs (3) Health endpoint (4) Readiness endpoint (5) Prometheus-style metrics (6) Worker heartbeat monitoring This is structured like a small SaaS backend. The core application does NOT need to be rebuilt. SCOPE OF WORK PHASE 1 - AWS LIGHTSAIL SETUP (1) Provision and configure Lightsail instance (2) Configure firewall and ports (3) Set up domain (if applicable) (4) Configure HTTPS (Let’s Encrypt or equivalent) PHASE 2 - DOCKER DEPLOYMENT (1) Review and finalize Dockerfile and docker-compose (2) Set up multi-service architecture: - API - Bot - Worker - PostgreSQL (if self-hosted) (3) Configure restart policies (4) Ensure environment variables are properly loaded (5) Ensure NO secrets are hardcoded PHASE 3 - DATABASE & MIGRATIONS (1) Configure PostgreSQL (2) Run alembic upgrade head (3) Verify schema integrity (4) Ensure no destructive operations occur PHASE 4 - STRIPE & TELEGRAM CONFIGURATION (1) Update Stripe webhook URL (2) Validate webhook signature handling (3) Confirm Telegram bot token works in production (4) Ensure WebApp base URL works correctly PHASE 5 - PRODUCTION HARDENING (1) Verify no secrets are committed to Git (2) Ensure production values are not hardcoded (3) Validate worker queue, retry, and DLQ behavior (4) Confirm health and metrics endpoints function properly PHASE 6 - DOCUMENTATION Provide: (1) Step-by-step deployment guide (2) Redeployment procedure (3) Secret rotation guide (4) Service restart instructions (5) Basic monitoring instructions DELIVERABLES (1) Fully deployed system on AWS Lightsail (2) Working Stripe test-mode payments (3) Fully functioning Telegram bot (4) WebApp accessible and functional (5) Worker + queue + DLQ functioning correctly (6) Health and metrics endpoints accessible (7) Clear documentation for future deployments IDEAL CANDIDATE Required experience: (1) Deploying FastAPI applications (2) Docker and docker-compose (3) AWS Lightsail or similar VPS environments (4) PostgreSQL production configuration (5) Stripe webhook integration (6) Async Python systems Bonus: (1) Telegram bot deployment experience (2) Production logging and metrics (3) SaaS-style infrastructure setups TO APPLY Please include: (1) Your experience deploying similar systems (2) Your proposed deployment approach (3) Estimated timeline (4) Estimated cost (5) Any clarifying questions about the architecture I value reliability and clean infrastructure over shortcuts. Looking forward to working with someone experienced in production deployments.