Deployment overview

Use this page as a reading order for production setup. Each section links to the detailed guide.

1. Unix user and permissions

Before automated deploys work end-to-end, the coaching (or equivalent) user needs rights for git, npm, Prisma, MkDocs, and optionally passwordless sudo for deploy/cron/install.sh.

Deploy user permissions

2. Application runtime — Node.js and PM2

PM2 must run next start with Node ≥ 22 on PATH (repository standard: 24, see .nvmrc) — systemd units often need explicit PATH / interpreter.

PM2, systemd, and Node.js

3. Reverse proxy — Nginx

TLS termination, proxy to 127.0.0.1:3000, and a long-timeout block for POST /api/admin/deploy (SSE).

Nginx — app + documentation

4. Scheduled jobs — systemd timer

Install coaching-cron-tick.timer so POST /api/cron/tick runs on a schedule. Requires /etc/coaching/cron.env (BASE_URL, CRON_SECRET).

Systemd cron (timers)

5. This documentation site

Build output is documentation/site/. Point docs.diasantos.com at that directory (see Certbot and nginx).

Hosting docs.diasantos.com

---

Application deploy

The in-app Deploy button runs git pull, install, Prisma, Next build, cron install script, MkDocs build, and PM2 reload — see deploy/cron/README.md and documentation/build-from-deploy.sh in the repository.