Deployment Overview
This section covers deploying the TEA Platform for production use. The recommended approach is Docker Compose for self-hosting.
Development vs Production
For local development setup, see the Getting Started section. This section is for production deployments.
Deployment Options
Docker Compose (Recommended)
The simplest way to deploy the TEA Platform is using Docker Compose. This bundles the application and database in containers that can run on any Docker-compatible host.
Suitable for:
- Small to medium deployments
- Single-server hosting
- Organisations with Docker experience
See Docker Production for setup instructions.
Manual Deployment
For more control, you can deploy the components separately:
- Next.js application on any Node.js hosting
- PostgreSQL on a managed database service
This approach requires more configuration but allows integration with existing infrastructure.
Environment Variables
The TEA Platform is configured through environment variables. Here’s a reference of the key variables:
Required Variables
| Variable | Description | Example |
|---|---|---|
DATABASE_URL | PostgreSQL connection string | postgresql://user:pass@host:5432/tea |
NEXTAUTH_SECRET | Secret for session encryption | Generate with openssl rand -base64 32 |
NEXTAUTH_URL | Public URL of the application | https://tea.example.com |
Optional Variables
| Variable | Description | Default |
|---|---|---|
GITHUB_APP_CLIENT_ID | GitHub OAuth client ID | (disabled) |
GITHUB_APP_CLIENT_SECRET | GitHub OAuth client secret | (disabled) |
NODE_ENV | Environment mode | production |
Database Configuration
| Variable | Description | Default |
|---|---|---|
POSTGRES_USER | Database user | tea |
POSTGRES_PASSWORD | Database password | (required) |
POSTGRES_DB | Database name | tea |
Security Considerations
Secrets Management
- Never commit secrets to version control
- Use environment variables or a secrets manager
- Rotate
NEXTAUTH_SECRETperiodically - Use strong, unique database passwords
Network Security
- Run behind a reverse proxy (nginx, Traefik)
- Enable HTTPS with a valid certificate
- Restrict database access to application only
- Consider network isolation for database
Authentication
- Enable GitHub OAuth for easier user onboarding
- Require email verification for local accounts
- Implement rate limiting on authentication endpoints
Backup Strategy
Regular backups are essential for production deployments:
- Database backups - Daily automated backups
- Configuration backups - Store environment configs securely
- Test restores - Regularly verify backup integrity
See Database Management for backup procedures.
Monitoring
Consider monitoring for production deployments:
- Application health - HTTP health checks
- Database metrics - Connection pool, query performance
- Error tracking - Application error monitoring
- Uptime monitoring - External availability checks
Further Reading
- Docker Production - Production Docker Compose setup
- Database Management - Backup, restore, and migrations