Deploying to Production
This guide covers everything you need to know about deploying ONE applications to production environments, including setup, optimization, and monitoring.
Deployment Options
1. Vercel
The simplest way to deploy your ONE application:
# Install Vercel CLI
pnpm add -g vercel
# Deploy
vercel deploy
Environment Setup
# .env.production
OPENAI_API_KEY=your_production_key
EDGE_CONFIG=your_edge_config
Configuration
// vercel.json
{
"regions": ["all"],
"env": {
"EDGE_RUNTIME": "1"
},
"buildCommand": "pnpm build",
"outputDirectory": "dist"
}
2. Cloudflare Pages
Note: This is under development
# Install Wrangler
pnpm add -g wrangler
# Deploy
wrangler deploy
Configuration
# wrangler.toml
name = "your-one-app"
type = "webpack"
account_id = "your_account_id"
workers_dev = true
route = "your-domain.com/*"
zone_id = "your_zone_id"
[env.production]
vars = { ENVIRONMENT = "production" }
3. Asset Optimization
// astro.config.mjs
import { defineConfig } from 'astro/config';
export default defineConfig({
build: {
inlineStylesheets: 'auto',
minify: true,
splitting: true,
},
image: {
service: 'astro/assets/services/sharp',
},
});
Security Measures
1. Environment Variables
// src/env.ts
import { z } from 'zod';
const envSchema = z.object({
OPENAI_API_KEY: z.string().min(1),
DATABASE_URL: z.string().url(),
NODE_ENV: z.enum(['development', 'production', 'test']),
});
export const env = envSchema.parse(process.env);
3. Content Security Policy
// src/middleware/security.ts
export const securityHeaders = {
'Content-Security-Policy': `
default-src 'self';
script-src 'self' 'unsafe-inline' 'unsafe-eval';
style-src 'self' 'unsafe-inline';
img-src 'self' blob: data:;
font-src 'self';
object-src 'none';
base-uri 'self';
form-action 'self';
frame-ancestors 'none';
block-all-mixed-content;
upgrade-insecure-requests;
`.replace(/\s+/g, ' ').trim(),
'X-Frame-Options': 'DENY',
'X-Content-Type-Options': 'nosniff',
'X-XSS-Protection': '1; mode=block',
'Referrer-Policy': 'strict-origin-when-cross-origin',
'Permissions-Policy': 'camera=(), microphone=(), geolocation=()'
};
Monitoring
1. Error Tracking
// src/lib/errorTracking.ts
import * as Sentry from '@sentry/node';
Sentry.init({
dsn: process.env.SENTRY_DSN,
environment: process.env.NODE_ENV,
tracesSampleRate: 1.0,
});
export const trackError = (error: Error, context?: any) => {
Sentry.captureException(error, {
extra: context
});
};
2. Performance Monitoring
// src/lib/metrics.ts
import { Metrics } from '@opentelemetry/api';
export const metrics = {
chatLatency: new Metrics.Counter('chat_latency', {
description: 'Chat response latency in milliseconds'
}),
requestCount: new Metrics.Counter('request_count', {
description: 'Total number of requests'
})
};
// Usage
metrics.chatLatency.add(responseTime);
metrics.requestCount.add(1);
Health Checks
// src/pages/api/health.ts
export async function GET() {
const checks = {
database: await checkDatabase(),
redis: await checkRedis(),
openai: await checkOpenAI()
};
const isHealthy = Object.values(checks).every(status => status === 'healthy');
return new Response(JSON.stringify({
status: isHealthy ? 'healthy' : 'unhealthy',
checks,
timestamp: new Date().toISOString()
}), {
status: isHealthy ? 200 : 503,
headers: {
'Content-Type': 'application/json'
}
});
}
Scaling Considerations
-
Database Connections
- Use connection pooling
- Implement retry logic
- Monitor connection limits
-
Memory Management
- Implement proper garbage collection
- Monitor memory usage
- Use streaming for large responses
-
Load Balancing
- Distribute traffic evenly
- Handle failover scenarios
- Monitor server health
Troubleshooting
Common Issues
-
Build Failures
# Clear cache and dependencies pnpm clean rm -rf node_modules pnpm install
-
API Issues
- Verify environment variables
- Check API key permissions
- Monitor rate limits
-
Performance Problems
- Enable edge functions
- Implement caching
- Optimize assets
- Monitor response times
Deployment Checklist
- Environment variables configured
- Build process verified
- Security headers implemented
- Rate limiting enabled
- Error tracking setup
- Performance monitoring active
- Health checks configured
- Backup strategy in place
- SSL certificates installed
- DNS records updated