Prefect Deployment
GitOps deployment for Prefect workflow orchestration with Tailscale HTTPS access via Komodo.
Prerequisites
PostgreSQL Database
Connect to your PostgreSQL server and create the database:
CREATE DATABASE prefect;
CREATE USER prefect WITH PASSWORD 'your-secure-password';
GRANT ALL PRIVILEGES ON DATABASE prefect TO prefect;
-- PostgreSQL 15+ requires:
\c prefect
GRANT ALL ON SCHEMA public TO prefect;
Tailscale Auth Key
Generate a reusable auth key from https://login.tailscale.com/admin/settings/keys
Deployment with Komodo
1. Add Git Provider (if using private repo)
In Komodo UI: Settings → Git Providers → Add your Gitea instance credentials.
2. Create Stack
- Navigate to Stacks → New Stack
- Configure:
- Name:
prefect - Server: Select your target server
- Source: Git Repo
- Git Provider:
gitea.arnodo.fr(or your provider) - Repo:
Damien/prefect-deployment - Branch:
main
- Name:
3. Configure Environment Variables
In the stack configuration, add the following environment variables:
| Variable | Description | Example |
|---|---|---|
TS_AUTHKEY |
Tailscale auth key (reusable) | tskey-auth-xxx |
DB_HOST |
PostgreSQL host | postgresql.taila5ad8.ts.net |
DB_PORT |
PostgreSQL port | 5432 |
DB_USER |
Database user | prefect |
DB_PASSWORD |
Database password | secret |
S3_ACCESS_KEY |
Garage S3 access key | secret |
S3_SECRET_KEY |
Garage S3 secret key | secret |
S3_ENDPOINT_URL |
Garage S3 endpoint | https://s3.taila5ad8.ts.net |
Tip
: Use Komodo's secret variables (marked with 🔒) for sensitive values.
4. Deploy
Click Deploy in Komodo. The stack will clone the repository and start all services.
GitOps Workflow
Auto-deploy on Git Push
- In Komodo, go to your stack settings
- Enable Auto Deploy on push
- Copy the webhook URL
- Add it to your Gitea repository: Settings → Webhooks
Access
Once deployed: https://prefect.taila5ad8.ts.net
Services
| Service | Description | Image |
|---|---|---|
tailscale |
HTTPS ingress via Tailscale | tailscale/tailscale |
redis |
Messaging broker | redis:7-alpine |
prefect-server |
API + UI | prefecthq/prefect:3-latest |
prefect-services |
Background services | prefecthq/prefect:3-latest |
prefect-worker-pg-backup |
Worker for PostgreSQL backups | gitea.arnodo.fr/damien/prefect-worker-pg-backup |
Work Pools
The prefect-worker-pg-backup service automatically creates and listens to the pg-backup-pool work pool (type: process).
To deploy a flow to this pool:
from prefect import flow
@flow
def my_backup_flow():
...
my_backup_flow.deploy(
name="my-backup",
work_pool_name="pg-backup-pool"
)
Architecture
┌─────────────────────────────────────────────────────────────┐
│ Tailscale Network │
├─────────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────┐ ┌─────────────┐ ┌──────────────┐ │
│ │ Tailscale │────▶│ Prefect │────▶│ PostgreSQL │ │
│ │ Sidecar │ │ Server │ │ (external) │ │
│ │ :443 │ │ :4200 │ │ │ │
│ └─────────────┘ └──────┬──────┘ └──────────────┘ │
│ │ │
│ ┌──────▼──────┐ │
│ │ Redis │ │
│ │ (messaging) │ │
│ └─────────────┘ │
│ │
│ ┌─────────────────┐ ┌─────────────────┐ │
│ │ Prefect Services│ │ Backup Worker │──▶ Garage S3 │
│ │ (background) │ │ (pg-backup-pool)│ │
│ └─────────────────┘ └─────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────┘
Repository Structure
prefect-deployment/
├── docker-compose.yml # Stack definition (relative paths)
├── serve-config.json # Tailscale HTTPS serve config
└── README.md