-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathsample.nextdeploy.yml
More file actions
169 lines (150 loc) · 6.91 KB
/
sample.nextdeploy.yml
File metadata and controls
169 lines (150 loc) · 6.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
# ==============================
# NEXTDEPLOY CONFIGURATION FILE
# ==============================
# This YAML defines everything needed to build, deploy, monitor, and scale your app on a VPS/SERVERlESS using NextDeploy.
# Think of it as your infrastructure-as-code for end-to-end delivery.
# NOTE: DO NOT ADD YOUR SECRETS AS OF NOW WE WORKING ON SECRET MANAGMENT THIS IS HOW WE INTENT TO USE
version: "1.0" # Config file versioning for forward compatibility with future NextDeploy updates
# -----
# TARGET TYPE — choose between "vps" (traditional server) or "serverless" (AWS Lambda + S3 + CloudFront)
# -----
target_type: vps # "vps" | "serverless"
# -----
# APP METADATA
# -----
app:
name: example-app # Unique app name used for container naming and logging
environment: production # Can be: development | staging | production. Affects env variables & caching.
domain: app.example.com # Public domain where your app will be accessible
port: 3000 # Internal app port (e.g., what your Node/Go server listens on)
# -----
# DEPLOYMENT TARGET
# -----
deployment:
server:
host: 192.0.2.123 # IP of the VPS where your app will be deployed
user: deploy # Linux user that NextDeploy connects as (ensure permissions are correct)
ssh_key: ~/.ssh/nextdeploy_rsa # Private key used for SSH access to the server
use_sudo: false # Set true if deployment user needs sudo for Docker/system commands
container:
name: example-app # Docker container name (must be unique per server)
restart: always # Automatically restart container on failure or reboot
env_file: .env # Relative path to your app's environment variables file
volumes:
- ./data:/app/data # Mount local folder (`./data`) into container at `/app/data`
ports:
- "80:3000" # Map public port 80 to container's port 3000 (so it's accessible on your domain)
healthcheck:
path: /api/health # API endpoint that returns 200 OK if the app is healthy
interval: 30s # Check every 30 seconds
timeout: 5s # Fail check if response isn't received within 5s
retries: 3 # After 3 failed checks, container will be restarted
# -----
# DATABASE CONFIG
# -----
database:
type: postgres # Supported: postgres | mysql
host: 192.0.2.124 # IP of your database server (managed or self-hosted)
port: 5432
username: dbuser
password: secret
name: exampledb
migrate_on_deploy: true # Run database migrations automatically after deployment
# Example:
# - Use Amazon RDS or DigitalOcean Managed PostgreSQL as the database host.
# - Schema is updated with migration tools like Goose, Flyway, or Prisma.
# -----
# LOGGING CONFIGURATION
# -----
logging:
enabled: true # Enable logging system
provider: nextdeploy # Use NextDeploy's internal logging daemon (alternatively: syslog, logtail, etc.)
stream_logs: true # Send live container logs to dashboard (tail -f equivalent)
log_path: /var/log/containers/example-app.log # Path on server where logs are persisted
# -----
# MONITORING & ALERTING
# -----
monitoring:
enabled: true # Enables resource monitoring for CPU, memory, disk
cpu_threshold: 80 # Alert if CPU usage goes over 80%
memory_threshold: 75 # Alert if memory usage exceeds 75%
disk_threshold: 90 # Alert if disk usage crosses 90%
alert:
email: ops@example.com # Email to send alerts to
slack_webhook: https://hooks.slack.com/services/... # Slack channel webhook for real-time alerting
notify_on:
- crash # App/container crash
- healthcheck_failed # Failed /api/health checks
- high_cpu
- high_memory
# Example:
# - If your Go server crashes due to panic, or memory spikes over 75%, you get a Slack alert.
# - Alerts also help you pre-emptively scale or investigate.
# -----
# BACKUP STRATEGY
# -----
backup:
enabled: true # Enable automatic backups
frequency: daily # Options: hourly | daily | weekly
retention_days: 7 # Keep backups for 7 days
storage:
provider: s3 # Use S3-compatible storage (AWS S3, MinIO, Wasabi, etc.)
bucket: nextdeploy-backups # S3 bucket name
region: us-east-1 # AWS region
access_key: YOUR_ACCESS_KEY
secret_key: YOUR_SECRET_KEY
# Example:
# - Database and volume data backed up to S3 every day.
# - Automatically deleted after 7 days unless extended.
# -----
# SSL CONFIGURATION
# -----
ssl:
enabled: true # Enable HTTPS
provider: letsencrypt # Automatically issue and renew free SSL certs
email: admin@example.com # For receiving expiry/renewal notices
auto_renew: true # Automatically renew certificates every 60–90 days
# Example:
# - NextDeploy auto-configures HTTPS for app.example.com using Let's Encrypt.
# - No manual cert renewal needed.
# -----
# WEBHOOKS AFTER DEPLOYMENT
# -----
webhook:
on_success:
- curl -X POST https://your-api.com/deploy/success # Notify external system (e.g., Slack, Discord, CI dashboard)
on_failure:
- curl -X POST https://your-api.com/deploy/failure # Used for alerting, logging, or rollback triggers
# Example:
# - You can hook this into Notion, Linear, Jira, Slack, or even a custom dashboard.
# - Also useful for CI/CD chaining (e.g., notify QA team that staging is ready).
## CLOUD PROVIDER instructions
CloudProvider:
name: aws # Supported: aws | gcp | azure | digitalocean
region: us-north-1 # AWS region (e.g., us-east-1, eu-west-1)
access_key: YOUR_AWS_ACCESS_KEY # IAM user access key
secret_key: YOUR_AWS_SECRET_KEY # IAM user secret key
vpc_id: vpc-12345678 # VPC ID for networking (if applicable)
subnet_id: subnet-12345678 # Subnet ID for deploying resources
# -----
# SERVERLESS DEPLOYMENT (set target_type: serverless above to enable)
# Requires: AWS credentials configured via environment or ~/.aws/credentials
# -----
# serverless:
# provider: aws # Only "aws" supported currently; cloudflare/gcp/azure coming soon
# region: us-east-1 # AWS region for all resources
# isrRevalidation: true # Enable ISR cache listener Lambda via SQS
# imageOptimization: true # Enable on-the-fly Image Resization Lambda via CloudFront
# warmer: true # Keep the Lambda warm
# s3_bucket: my-app-assets # S3 bucket where public/ and _next/static/ are uploaded
# cloudfront_id: EXXXXX # CloudFront distribution ID — triggers cache invalidation after deploy
# lambda_function_name: my-app-handler # Lambda function name (defaults to app name if omitted)
#
# How it works:
# 1. `nextdeploy build` packages .next/standalone + public/ into .nextdeploy/app.tar.gz
# 2. `nextdeploy ship` (with target_type: serverless):
# a. Loads your local secrets via SecretManager and pushes them to AWS Secrets Manager
# b. Uploads public/ and _next/static/ to S3 with correct Content-Type and Cache-Control
# c. Zips .next/standalone/ and deploys it to Lambda via UpdateFunctionCode
# d. Injects ND_SECRETS_ARN into Lambda env vars so your app can fetch secrets at runtime
# e. Creates a CloudFront invalidation (/*) to clear stale cached assets