Deployment Guide 🚀

This guide covers deploying Shelf.nu to production environments. We'll focus on Fly.io deployment with GitHub Actions for CI/CD.

Prerequisites ✅

✅ Working local development setup (Local Development Guide)
✅ Supabase project configured (Supabase Setup Guide)
✅ GitHub repository with your Shelf.nu code
✅ Fly.io account (free tier available)

Overview 📋

This deployment setup includes:

🚀 Fly.io hosting - Fast, global app deployment
🔄 GitHub Actions - Automated CI/CD pipeline
🌍 Multi-environment - Separate staging and production
📧 Email service - For authentication and notifications
🔒 Security - Environment secrets and best practices

Step 1: Install Fly CLI 🛠️

macOS/Linux

curl -L https://fly.io/install.sh | sh

Windows

powershell -Command "iwr https://fly.io/install.ps1 -useb | iex"

Verify Installation

fly version

Step 2: Authenticate with Fly.io 🔐

fly auth signup  # If you don't have an account
# OR
fly auth login   # If you already have an account

💡 Multiple accounts? Run fly auth whoami to verify you're logged into the correct account.

Step 3: Create Fly.io Apps 📱

Create separate apps for staging and production:

# Production app (should match your fly.toml)
fly apps create shelf-webapp

# Staging app (optional but recommended)
fly apps create shelf-webapp-staging

🔧 Important: The production app name must match the app field in your fly.toml file.

Step 4: Setup Production Supabase 🗄️

Option A: Separate Production Database

Create a new Supabase project for production following the Supabase Setup Guide.

Option B: Use Development Database

You can use your existing Supabase project for production (not recommended for sensitive data).

Update Supabase URLs for Production

In your production Supabase project:

Go to Authentication → URL Configuration

Add your production URLs:

https://your-production-app.fly.dev/reset-password
https://your-staging-app.fly.dev/reset-password

Step 5: Configure Environment Secrets 🔒

Set environment variables for your Fly.io apps:

Production Secrets

# Basic app configuration
fly secrets set SESSION_SECRET=$(openssl rand -hex 32)
fly secrets set SERVER_URL="https://your-production-app.fly.dev"
fly secrets set FINGERPRINT=$(openssl rand -hex 32)

# Supabase configuration
fly secrets set SUPABASE_URL="https://your-production-project.supabase.co"
fly secrets set SUPABASE_SERVICE_ROLE="your-production-service-role-key"
fly secrets set SUPABASE_ANON_PUBLIC="your-production-anon-key"
fly secrets set DATABASE_URL="postgres://user:pass@host:6543/db?pgbouncer=true&connection_limit=1"
fly secrets set DIRECT_URL="postgres://user:pass@host:5432/db"

# Email configuration (required)
fly secrets set SMTP_HOST="smtp.yourhost.com"
fly secrets set SMTP_PORT=465
fly secrets set SMTP_USER="you@example.com"
fly secrets set SMTP_PWD="yourSMTPpassword"
fly secrets set SMTP_FROM="Shelf.nu <noreply@yourapp.com>"

# Security tokens
fly secrets set INVITE_TOKEN_SECRET=$(openssl rand -hex 32)

# Optional integrations
fly secrets set MAPTILER_TOKEN="your-maptiler-token"
fly secrets set GEOCODING_USER_AGENT="Your Company Assets (https://yoursite.com)"
fly secrets set MICROSOFT_CLARITY_ID="your-clarity-id"

# Premium features (set to true for paid features)
fly secrets set ENABLE_PREMIUM_FEATURES="true"

# Stripe (if using premium features)
fly secrets set STRIPE_SECRET_KEY="your-stripe-secret-key"
fly secrets set STRIPE_PUBLIC_KEY="your-stripe-public-key"
fly secrets set STRIPE_WEBHOOK_ENDPOINT_SECRET="your-stripe-webhook-secret"

Staging Secrets (Optional)

# Repeat similar commands with --app shelf-webapp-staging
fly secrets set SESSION_SECRET=$(openssl rand -hex 32) --app shelf-webapp-staging
fly secrets set SERVER_URL="https://your-staging-app.fly.dev" --app shelf-webapp-staging
# ... etc for all other secrets

🔐 Security Note: Use different passwords and secrets for staging vs production!

Step 6: Setup GitHub Actions 🔄

Add Repository Secrets

In your GitHub repository, go to Settings → Secrets and variables → Actions and add:

FLY_API_TOKEN=your-fly-api-token

To get your Fly API token:

Go to Fly.io Personal Access Tokens
Create a new token
Copy and add to GitHub secrets

GitHub Action Configuration

The repository should already include GitHub Actions workflows:

.github/workflows/deploy.yml - Deploys main branch to production
.github/workflows/deploy-staging.yml - Deploys dev branch to staging

Environment Secrets for GitHub Actions

Add these secrets for testing in GitHub Actions:

DATABASE_URL=your-test-database-url
DIRECT_URL=your-test-direct-url
SUPABASE_URL=your-test-supabase-url
SUPABASE_SERVICE_ROLE=your-test-service-role
SUPABASE_ANON_PUBLIC=your-test-anon-key
SESSION_SECRET=test-session-secret
SERVER_URL=http://localhost:3000  # Important for tests!

Step 7: Deploy Your Application 🎉

Manual Deployment (First Time)

Deploy manually to test everything works:

# Deploy to production
fly deploy

# Deploy to staging (specify app)
fly deploy --app shelf-webapp-staging

Automatic Deployment

Once GitHub Actions are configured:

Push to main branch → Deploys to production
Push to dev branch → Deploys to staging

Step 8: Setup Custom Domain (Optional) 🌐

Add Domain to Fly.io

fly certs create yourdomain.com
fly certs create www.yourdomain.com

Configure DNS

Point your domain to Fly.io:

A record: @ → [Fly.io IP address from dashboard]
CNAME: www → yourapp.fly.dev

Update Environment Variables

fly secrets set SERVER_URL="https://yourdomain.com"

Step 9: Monitoring & Maintenance 📊

View Logs

fly logs           # Recent logs
fly logs -f        # Follow logs in real-time

Monitor App Health

fly status         # App status
fly checks list    # Health checks

Scale Your App

fly scale count 2              # Run 2 instances
fly scale vm shared-cpu-1x     # Change VM size

Email Service Setup 📧

Shelf requires email for authentication. Here are recommended providers:

Resend (Recommended)

Sign up at Resend
Create API key in your dashboard

Configure SMTP:

fly secrets set SMTP_HOST="smtp.resend.com"
fly secrets set SMTP_PORT=587
fly secrets set SMTP_USER="resend"
fly secrets set SMTP_PWD="your-resend-api-key"
fly secrets set SMTP_FROM="Shelf.nu <noreply@yourdomain.com>"

SendGrid

Sign up at SendGrid
Create API key with "Mail Send" permissions

Configure SMTP:

fly secrets set SMTP_HOST="smtp.sendgrid.net"
fly secrets set SMTP_PORT=587
fly secrets set SMTP_USER="apikey"
fly secrets set SMTP_PWD="your-sendgrid-api-key"

Mailgun

Sign up at Mailgun
Get SMTP credentials from your domain dashboard
Configure secrets with your Mailgun SMTP details

Gmail (Development Only)

⚠️ Not recommended for production

Enable 2-factor authentication
Create app password
Use app password as SMTP_PWD

Security Best Practices 🔒

Environment Secrets

✅ Never commit secrets to your repository
✅ Use different secrets for staging vs production
✅ Rotate secrets regularly
✅ Use strong passwords (minimum 32 characters)

Database Security

✅ Use connection pooling (pgbouncer=true)
✅ Limit connection count (connection_limit=1)
✅ Keep Supabase updated
✅ Monitor unusual activity

Application Security

✅ Enable HTTPS only (Fly.io provides this)
✅ Set secure headers (included in Shelf)
✅ Monitor error logs
✅ Keep dependencies updated

Troubleshooting 🔧

Common Deployment Issues

Build Failures:

# Check build logs
fly logs --app your-app-name

# Deploy with more verbose output
fly deploy --verbose

Database Connection Issues:

Verify your DATABASE_URL includes pgbouncer=true
Check your Supabase project is running
Ensure connection limits are appropriate

Authentication Problems:

Verify Supabase URL configuration includes your production URLs
Check email templates use the escaped token format (as shown in Supabase setup)
Test SMTP configuration with a simple email

Performance Issues:

# Scale up your app
fly scale vm performance-1x

# Add more instances
fly scale count 2

Useful Commands

# App information
fly info

# Scale configuration
fly scale show

# Certificate status
fly certs list

# SSH into your app
fly ssh console

# Database operations
fly postgres connect -a your-db-app

Monitoring & Analytics 📈

Built-in Monitoring

Fly.io Dashboard - Basic metrics and logs
Supabase Dashboard - Database performance and usage

Optional Integrations

Microsoft Clarity (Free):

fly secrets set MICROSOFT_CLARITY_ID="your-clarity-id"

Sentry (Error Tracking): Add Sentry configuration to track application errors.

Cost Optimization 💰

Fly.io Pricing Tips

Start with shared CPU instances (cheaper)
Use auto-scaling to handle traffic spikes
Monitor usage in the Fly.io dashboard
Consider regional deployment for better performance

Supabase Pricing

Free tier includes substantial usage
Monitor database size and queries
Use database indexes for better performance
Archive old data to stay within limits

Backup Strategy 💾

Database Backups

Supabase automatically backs up your database
Download backups from Supabase dashboard
Test restore procedures regularly

Application Backups

Code is backed up in GitHub
Environment secrets should be documented securely
File uploads are stored in Supabase storage

Next Steps 🎯

After successful deployment:

🧪 Test thoroughly - Verify all features work in production
👥 Invite team members - Share access to Fly.io and Supabase
📊 Monitor usage - Set up alerts for errors and performance
🔄 Plan updates - Use staging environment for testing changes
📖 Document your setup - Keep deployment details for your team

Getting Help 💬

💬 Discord Community - Get help from other users
📖 Fly.io Docs - Official Fly.io documentation
🐛 GitHub Issues - Report deployment issues
📧 Fly.io Support - Fly.io specific support

Congratulations on deploying Shelf.nu! 🎉

FilesExpand file tree

deployment.md

Latest commit

History