Deployment Guides

Local-first

Provision a workstation or Mac Studio with AML security controls. Install Ollama with the qwen3 + granite profiles described in TR-2025-33. Run `pnpm dev` for the front-end and `pnpm payload dev` for CMS.

On-prem / cluster

Deploy CMS and Next.js separately to your Kubernetes or Nomad environment. Attach a managed Postgres (11+) to Payload instead of SQLite for HA. Configure the `PAYLOAD_PUBLIC_SERVER_URL` env var so API routes relay to the correct host.

• Use horizontal pod autoscalers only after enabling Redis-backed rate limits.
• Pin container images with digest tags to satisfy audit requirements.
• Mirror evaluation note assets to your internal artifact bucket.

Hybrid routing

HybridBridge is optional but recommended for workloads demanding >4k context or specialized reasoning. Configure `HYBRID_BRIDGE_URL` and store API keys in your internal secret manager. Provide escalation policy to the governance team before enabling.