Guides
Production Deployment
Deploying Envault to Vercel, Railway, or your own infrastructure
Envault is designed to be easily deployable to any platform that supports Next.js (Node.js).
Environment Variables
Before deploying, ensure you have the following environment variables configured in your production environment:
| Variable | Description | Required |
|---|---|---|
NEXT_PUBLIC_SUPABASE_URL | Your Supabase Project URL | Yes |
NEXT_PUBLIC_SUPABASE_ANON_KEY | Your Supabase Anon Key | Yes |
SUPABASE_SERVICE_ROLE_KEY | Supabase Service Role Key (for Admin tasks) | Yes |
ENCRYPTION_KEY | 32-byte hex string for Master Key | Yes |
NEXT_PUBLIC_SITE_URL | The URL where your app is hosted (e.g. https://envault.app) | Yes |
NEXT_PUBLIC_APP_URL | Same as NEXT_PUBLIC_SITE_URL - used for GitHub callback redirects | Yes |
ENVAULT_GITHUB_APP_CLIENT_ID | GitHub App Client ID | For GitHub Integration |
ENVAULT_GITHUB_APP_CLIENT_SECRET | GitHub App Client Secret | For GitHub Integration |
ENVAULT_GITHUB_APP_PRIVATE_KEY | RSA private key, single-line \n-escaped | For GitHub Integration |
ENVAULT_GITHUB_WEBHOOK_SECRET | Secret to verify GitHub webhook payloads | For GitHub Integration |
NEXT_PUBLIC_GITHUB_APP_NAME | Your GitHub App's slug name | For GitHub Integration |
Never check your SUPABASE_SERVICE_ROLE_KEY or ENCRYPTION_KEY into version control. Always set them in your deployment platform's dashboard.
Deployment Providers
Deploy to Vercel
Vercel is the creators of Next.js and offers the seamless deployment experience.
- Push your code to a Git repository (GitHub, GitLab, Bitbucket).
- Import the project into Vercel.
- Add the Environment Variables listed above.
- Click Deploy.
Docker Build
You can containerize Envault using the standard Next.js Dockerfile.
FROM node:18-alpine AS base
# Install dependencies only when needed
FROM base AS deps
WORKDIR /app
COPY package.json yarn.lock* package-lock.json* pnpm-lock.yaml* ./
RUN npm ci
# Rebuild the source code only when needed
FROM base AS builder
WORKDIR /app
COPY --from=deps /app/node_modules ./node_modules
COPY . .
RUN npm run build
# Production image, copy all the files and run next
FROM base AS runner
WORKDIR /app
ENV NODE_ENV production
COPY --from=builder /app/public ./public
COPY --from=builder /app/.next/standalone ./
COPY --from=builder /app/.next/static ./.next/static
EXPOSE 3000
CMD ["node", "server.js"]Build and run:
docker build -t envault .
docker run -p 3000:3000 --env-file .env.production envaultDeploy to Railway
Railway requires zero configuration for Next.js apps.
- Connect your GitHub repository.
- Railway will automatically detect the
package.jsonand build command. - Go to Variables and add the required environment variables.
- Deployment will trigger automatically.
Post-Deployment Checklist
- HTTPS: Ensure your domain is serving over HTTPS.
- Database Backups: Enable Point-in-Time Recovery (PITR) on Supabase.
- Key Backup: Securely back up your
ENCRYPTION_KEYin a password manager. If you lose this, all data is lost.