Deployment Overview
This guide covers deploying the Ever Works to production environments, including platform-specific instructions and best practices.
Deployment Platforms
Recommended Platforms
- Vercel - Best for Next.js (Recommended)
- Netlify - Great for static sites
- Railway - Simple full-stack deployment
- DigitalOcean App Platform - Managed containers
Self-Hosted Options
- Docker - Containerized deployment
- PM2 - Process management for Node.js
- Nginx - Reverse proxy setup
- Kubernetes - Container orchestration
Pre-Deployment Checklist
Code Preparation
- All tests passing
- TypeScript compilation successful
- ESLint checks passing
- Build process completes without errors
- Environment variables configured
Database Setup
- Production database created
- Migrations applied
- Connection string configured
- Backup strategy implemented
External Services
- OAuth applications configured
- Payment providers set up
- Email service configured
- Analytics tools integrated
- Error tracking enabled
Security
- Secrets properly configured
- HTTPS enabled
- CORS settings configured
- Rate limiting enabled
- Input validation implemented
Environment Configuration
Production Environment Variables
# Basic Configuration
NODE_ENV=production
NEXT_PUBLIC_APP_URL="https://yourdomain.com"
NEXT_PUBLIC_API_BASE_URL="https://yourdomain.com/api"
# Security
AUTH_SECRET="your-production-secret-32-chars-min"
NEXTAUTH_URL="https://yourdomain.com"
COOKIE_SECURE=true
COOKIE_SAME_SITE="strict"
# Database
DATABASE_URL="postgresql://user:pass@host:5432/dbname"
# GitHub Integration
GH_TOKEN="your-github-token"
DATA_REPOSITORY="https://github.com/your-org/awesome-data"
# OAuth Providers
GOOGLE_CLIENT_ID="your-google-client-id"
GOOGLE_CLIENT_SECRET="your-google-client-secret"
GITHUB_CLIENT_ID="your-github-client-id"
GITHUB_CLIENT_SECRET="your-github-client-secret"
# Payment Processing
STRIPE_SECRET_KEY="sk_live_your_stripe_secret_key"
STRIPE_PUBLISHABLE_KEY="pk_live_your_stripe_publishable_key"
STRIPE_WEBHOOK_SECRET="whsec_your_webhook_secret"
# Monitoring
NEXT_PUBLIC_SENTRY_DSN="https://your-sentry-dsn"
NEXT_PUBLIC_POSTHOG_KEY="phc_your_posthog_key"
# Email
RESEND_API_KEY="re_your_resend_api_key"
SUPPORT_EMAIL="support@yourdomain.com"
Environment Security
- Never commit secrets to version control
- Use different secrets for each environment
- Rotate secrets regularly
- Use environment-specific OAuth apps
- Enable secret scanning in your repository
- Use secure password generators for all secrets
- Store secrets in secure environment variable management systems
- Regularly audit and review access permissions
Build Configuration
Next.js Configuration
// next.config.js
/** @type {import('next').NextConfig} */
const nextConfig = {
// Production optimizations
compress: true,
poweredByHeader: false,
// Image optimization
images: {
domains: ['yourdomain.com'],
formats: ['image/webp', 'image/avif'],
},
// Security headers
async headers() {
return [
{
source: '/(.*)',
headers: [
{
key: 'X-Frame-Options',
value: 'DENY'
},
{
key: 'X-Content-Type-Options',
value: 'nosniff'
},
{
key: 'Referrer-Policy',
value: 'origin-when-cross-origin'
}
]
}
]
},
// Redirects
async redirects() {
return [
{
source: '/admin',
destination: '/admin/dashboard',
permanent: true
}
]
}
}
module.exports = nextConfig
Build Scripts
{
"scripts": {
"build": "next build",
"start": "next start",
"build:analyze": "ANALYZE=true next build",
"build:standalone": "next build && next export"
}
}
Database Deployment
Migration Strategy
# Production migration workflow
npm run db:generate # Generate migration files
npm run db:migrate # Apply migrations
npm run db:seed # Seed initial data (if needed)
Database Providers
Supabase (Recommended)
# Connection string format
DATABASE_URL="postgresql://postgres:[password]@db.[project].supabase.co:5432/postgres"
PlanetScale
# Connection string format
DATABASE_URL="mysql://[username]:[password]@[host]/[database]?sslaccept=strict"
Neon
# Connection string format
DATABASE_URL="postgresql://[user]:[password]@[host]/[dbname]?sslmode=require"
Backup Strategy
- Automated backups - Daily snapshots
- Point-in-time recovery - Transaction log backups
- Cross-region replication - Disaster recovery
- Backup testing - Regular restore tests
CDN and Static Assets
Vercel (Automatic)
- Global CDN included
- Automatic image optimization
- Edge caching
Cloudflare Setup
// next.config.js
module.exports = {
images: {
loader: 'cloudflare',
path: 'https://yourdomain.com/cdn-cgi/image/',
},
}
AWS CloudFront
// next.config.js
module.exports = {
assetPrefix: 'https://d1234567890.cloudfront.net',
images: {
domains: ['d1234567890.cloudfront.net'],
},
}
SSL/TLS Configuration
Automatic SSL (Recommended)
Most platforms provide automatic SSL:
- Vercel: Automatic Let's Encrypt
- Netlify: Automatic SSL
- Railway: Automatic certificates
Custom SSL Certificate
For custom domains:
- Purchase SSL certificate from provider
- Upload certificate to platform
- Configure DNS records
- Verify HTTPS is working
Performance Optimization
Build Optimizations
// next.config.js
module.exports = {
// Enable SWC minification
swcMinify: true,
// Optimize bundles
experimental: {
optimizeCss: true,
optimizePackageImports: ['@heroui/react'],
},
// Compression
compress: true,
}
Caching Strategy
// next.config.js
module.exports = {
async headers() {
return [
{
source: '/api/:path*',
headers: [
{
key: 'Cache-Control',
value: 'public, max-age=300, stale-while-revalidate=60'
}
]
},
{
source: '/_next/static/:path*',
headers: [
{
key: 'Cache-Control',
value: 'public, max-age=31536000, immutable'
}
]
}
]
}
}
Monitoring and Logging
Error Tracking
# Sentry configuration
NEXT_PUBLIC_SENTRY_DSN="https://your-sentry-dsn"
SENTRY_ORG="your-org"
SENTRY_PROJECT="your-project"
Analytics
# PostHog configuration
NEXT_PUBLIC_POSTHOG_KEY="phc_your_key"
NEXT_PUBLIC_POSTHOG_HOST="https://app.posthog.com"
Uptime Monitoring
Set up monitoring with:
- UptimeRobot
- Pingdom
- StatusCake
- New Relic
Scaling Considerations
Horizontal Scaling
- Load balancing - Multiple server instances
- Database scaling - Read replicas
- CDN usage - Global content distribution
Vertical Scaling
- Server resources - CPU and memory upgrades
- Database optimization - Query performance
- Caching layers - Redis/Memcached
Auto-scaling
# Example auto-scaling configuration
scaling:
min_instances: 2
max_instances: 10
target_cpu: 70
target_memory: 80
Deployment Strategies
Blue-Green Deployment
- Deploy to green environment
- Test green environment
- Switch traffic to green
- Keep blue as rollback
Rolling Deployment
- Deploy to subset of servers
- Verify deployment health
- Continue rolling deployment
- Monitor for issues
Canary Deployment
- Deploy to small percentage
- Monitor metrics and errors
- Gradually increase traffic
- Full deployment or rollback
Rollback Strategy
Preparation
- Keep previous version available
- Database migration rollback scripts
- DNS failover configuration
- Monitoring alerts for issues
Rollback Process
# Quick rollback steps
1. Switch DNS to previous version
2. Rollback database migrations (if needed)
3. Verify application health
4. Investigate and fix issues
Security Hardening
Application Security
- HTTPS enforcement
- Security headers
- Input validation
- Rate limiting
- CSRF protection
Infrastructure Security
- Firewall configuration
- VPN access
- Regular updates
- Access logging
- Intrusion detection
Compliance
GDPR Compliance
- Data processing consent
- Right to deletion
- Data portability
- Privacy policy
Accessibility
- WCAG 2.1 compliance
- Screen reader support
- Keyboard navigation
- Color contrast
Cost Optimization
Resource Optimization
- Right-sizing instances
- Reserved capacity
- Spot instances (where appropriate)
- Auto-scaling policies
Monitoring Costs
- Usage alerts
- Cost breakdown analysis
- Resource utilization tracking
- Optimization recommendations