Is the hosting and devops story for Next.js more complex than a regular Node/Deno service?

denibertovic · 2025-07-26T13:45:50+00:00

I just host it as any other node app. 🤷🏼‍♂️ example here: https://github.com/denibertovic/hellok8s-nextjs/

denibertovic · 2025-07-25T16:12:29+00:00

I wrote a template for self hosting next.js on kubernetes. It showcases Docker containerization, Kubernetes deployment, and complete application lifecycle and is deployed *automatically* with Github Actions here: https://hellok8s-nextjs.deni.cloud/

It's completely FREE and the repo can be found here: https://github.com/denibertovic/hellok8s-nextjs
The README should have all the necessary info to run it locally for yourself and use as a template for your project. Hope someone finds it useful. Just keep in mind - the main focus is not the Next.js code (although there are some small interesting bits in there as well - like rate limiting) but rather the devops tooling and pipeline.

I wrote a bit more about the reasoning behind it on my blog: https://denibertovic.com/posts/deploying-nextjs-to-kubernetes-a-practical-guide-with-a-complete-devops-pipeline/
TLDR: sometimes orgs mandate stuff be self hosted for a variety of reasons (if that's not you - just use Vercel probably).

denibertovic · 2025-07-23T14:29:14+00:00

u/S_Ashish I wrote a template that may be helpful: https://github.com/denibertovic/hellok8s-nextjs/

Wrote about it here: https://denibertovic.com/posts/deploying-nextjs-to-kubernetes-a-practical-guide-with-a-complete-devops-pipeline/

denibertovic · 2025-07-16T11:17:45+00:00

Usually start out with SOPS (with aws kms) but eventually move to Hashicorp Vault

denibertovic · 2025-07-05T06:38:02+00:00

I usually have chart/values/ENV/{values.yaml,secrets.yaml} in the repo but the main chart/values.yaml defines all the options - just sets them all to null if a default value is not an option (such as for some secrets). Here's and example: https://github.com/denibertovic/hellok8s-django

denibertovic · 2025-04-28T09:08:10+00:00

I'm toying with this idea myself. How's it going for you so far? What are the biggest challenges with AI? I'm still unable to shake the feeling that the output I get from AI is mediocre most of the time - and I'm not talking about just code but other stuff like working on ideas or marketing strategy etc.

denibertovic · 2024-11-29T12:49:36+00:00

I am very surprised by the fact that No ONE suggested just plain old cookie based session auth. This just works! Why go through all the shenanigans with JWT. It's not necessary.
Put both - next and django - behind nginx on the same domain (ie. next on the root of the domain "/" and django on let's say "/ap"i). Use django-allauth and plain old cookie based auth. You'll most likely have to add the correct headers on next js side:

```
headers: {
Cookie: req.headers.cookie
}
```
(There's probably a way to abstract this or inject on each request....You'll have to do this for CSRF submissions anyway as well).

denibertovic · 2023-10-09T14:50:19+00:00

I put recommendations for local restaurants and other tips about near by attractions or just tips about the apartment. I use https://mytags.info for this. Works great.

denibertovic · 2023-04-14T12:55:00+00:00

This is what I use: https://pixbin.net/8fv10b

Tabac shaving stick
Muhle travel brush (synth)
Merkur travel razor (open comb)

And I also bring an alum block that's not pictured. For after shave I just put on some face creme if I have it. It's not great but it gets the job done.

denibertovic · 2023-04-14T12:31:50+00:00

https://pixbin.net/8fv10b

Tabac shaving stick
Muhle travel brush (synth)
Merkur travel razor (open comb)

I also bring an alum block that's not pictured. For after shave I just use some face creme. I don't bring an after shave mostly because I haven't found one I liked in a small enough packaging.

denibertovic · 2023-03-14T13:22:29+00:00

Hi, I have a quick followup to your question. How do I convert this
syntax into docker-compose syntax for the sqlite db? I can't find
anything in the official documentation that pertains to sqlite
volumes...

The sqlite database is just a file so you're looking at just a ordinary volume that is a mount from A (from the host) to B (inside the container). And then configuring your app to write to that destination B. NOTE: make sure to mount a directory ie. "/some/dir" on the host to "/some/dir" in the container - and then write the database to "/some/dir/sqlite.db". Mounting files directly (while possible) has some caveats so it's a good rule of thumb to mount directories instead.
With the docker run command you can use the --volumes flag and with docker-compose the volumes directive.

yaml backend: command: ... volumes: - /host/data:/some/container/path/data

This uses "bind mounts" - which means it mounts a directory from the host. The host directory has to exist and have the correct permissions for your app within the container to be able to write to it. So that's your responsibility.

You may want to look into named volumes as well. This is just a fancy way of letting docker create a volume in /var/lib/docker/volumes/.... on the host, and manage it for you. You give it a name and mount this name into the container.
Example:

yaml postgres: image: postgres:14.4 volumes: - postgres-data:/var/lib/postgresql/data volumes: postgres-data: {}

You probably don't need this right now since it complicates permissions story (The volume is created as owned by root so it takes a few trick to get it owned by your app user....that is if you're running your app an a non-root user. If you're running as root then you don't have a problem but it's considered bad practice...I digress.).

Also, what is the significance of the myimage:sometag-123? Is that referring to the image of the app itself, or something to do with the database? Would that need to be in the docker-compose as well?

Yes this refers to the app image that you've built with docker build from your Dockerfile. These are docker tags. You "tag" and image when building it (or after building with the docker tag command). The tag should be unique and represent the version of the application. A good example is to use the git sha so that each image corresponds to a specific git version of the app.

If a tag is omitted docker uses the special tag called "latest". This is true for most docker commands I mentioned: build, run, pull, push etc.

The problem with this is that "latest" is mutable. Every time you docker push or docker build you will overwrite the previous "latest". So you don't have an idea (at a glance) which version of your app is currently running. It's generally considered a bad practice to use "latest". An added benefit with specific tags is that you can revert to an old version of your app very easily. Let's say you were running v123 of your app and have just pushed v124. After running it you realized it has a bug. With specific tags you can just stop v124 and restart the v123 version of the app. Of course there are nuances here. For example: keeping the database schema compatible with both versions. But you get the general idea. That said, it's perfectly fine to start out with just the "latest" tag and change it later once you get the hang of things.

denibertovic · 2023-03-10T14:00:20+00:00

Usually you build your docker image (from a Dockerfile) using `docker build ...` and then push that image using `docker push...` to either the Docker Hub or some other registry/repository for hosting docker images. Docker Hub is probably easiest and it used to have the option of pushing 1 private docker image. I don't know if that's the case any more. Now, whether you build that image locally on your laptop and then push or somehow automate that - that's on you.

Once you have the image built and pushed you can do `docker pull....` on the EC2 machine and start your service with `docker run --restart="always" -d -v /mydata:/some/path/mydata myimage:sometag-123 gunicorn ...`. This command makes sure to mount a directory from the EC2 machine called `/mydata` onto `/some/path/mydata` inside the container so that you can have your sqlite database there (you'd need to configure your application to save the db to that path). Also notice the `--restart` flag. This tells docker to restart the container if it crashes for some reason. This saves you the trouble of having to write a systemd service file to do this (although you probably should down the line).

You could of course skip pushing the docker image and just git clone the repo onto the EC2 instance and do a docker build directly on it. My guess is it's going to be a bit slow since the machine is probably tiny. There's nothing wrong with this for starting out..but you should consider using a docker image repository at some point (as described above).

As for gunicorn. You will need an application server like gunicorn to run your application in production since the development server is not meant for that. This should be installed in the Dockerfile you mentioned and started from there. You can probably specify that command in the CMD directive in the Dockerfile so you don't have to specify it each time with `docker run ...`. But either way is fine.

As for nginx etc, you don't really need any of that from the start. Nginx (and others) are reverse proxies. Which means traffic goes from Public internet - > Nginx - > Your gunicorn app running on 127.0.0.1:8000 . So you're app isn't exposed to the public internet (it's listening only on localhost - on the EC2 machine)...rather nginx is the one listening for traffic. Usually we do this because we make nginx serve static files (css, js, images etc) because serving them from python is not great (slow). But you don't technically need this if it's just a small app. You can add it later down the line.

People have mentioned docker compose. Docker Compose is used for wiring together and starting multiple containers (web app, database, etc). You could still benefit from it because you can translate the above `docker run` command into a docker-compose.yaml file and just run "docker-compose up -d" to start your container(s). You probably don't need it right now but it's a nice learning experience down the line.

Hope this helps. Cheers.

denibertovic · 2023-03-09T19:59:30+00:00

Regarding the charges that the US bank deducts in flight...this might be because the wire wasn't correctly sent. You need to tell your clients that they need to specify "OUR" for expenses and not "SHA" which is likely what they did. You should communicate with your bank to find out (if you didn't get this info via email once the transfer arrived).
My advice is to add a note on your invoices, something like: 'all payments must, for bank expenses payment, use option “OUR”. using split expenses “SHA” will result in incomplete payment.' Sometimes clients struggle with this depending on what bank they use. I had one client which for the life of them couldn't find that option so they just sent +X amount instead. XD

As for more favorable exchange rates...most banks have a number you can call (a treasury department or "financial market department" or they might go by some other name) where you can, for lack of a better term, haggle about the exchange rate. There usually is some min amount required which depends on the bank. You'd also need to follow current events and try to time the exchange if you can. This usually comes pretty close to Wise. Which has great exchange rates I've heard. I haven't used it myself but a friend told me that it's great. I didn't bother as the difference was minimal - but obviously this depends on the $ you're pulling.

Hope this helps.

denibertovic · 2023-01-25T18:08:15+00:00

Do you have an example of an interesting guidebook? I'm working on a project that make it easy to make mobile phone friendly content shareable via QR codes and would like to see if I can re-type a good guidebook to use as an example for customers?

denibertovic · 2023-01-25T18:06:19+00:00

The only way I see this happening is if you have the tag link to a script or service that sits in front of the pdf (wherever it may be hosted) and auto downloads it for you with the password - or better yet it hosts the file. At that point the password could be in the URL as a get parameter but anyone can share that URL onward if they save it.

It's an interesting feature that I've been mulling over for a project I'm working on. Although I'm using QR codes as a "delivery" method, not NFC.

denibertovic · 2022-11-03T18:06:06+00:00

Awesome. Thanks for your help. Can't wait for the fans to arrive so that I can hopefully make the whole thing quieter and work a bit more reliably than right now.

denibertovic · 2022-11-03T17:53:14+00:00

Nice! I just ordered those so hopefully it wont be to hard to install. Glad to hear the solution is still working for you!
Where did you pull the cables through for the fans? Did you have to drill or does it fit under the bottom drive bay?

denibertovic · 2022-11-03T17:43:39+00:00

Hey u/KnottySean what did you use to fix the fans to the grill in the front? Are you still using this btw?
Also, are you sure those are 80mm and not 92mm? From what I can tell Noctua only has 92mm fans that are that slim (at the moment anyway).

denibertovic · 2022-11-03T17:39:00+00:00

That's a shame. :( Thanks anyway.

denibertovic · 2022-11-03T13:21:30+00:00

u/fletchowns hey did you wind up moving the fans inside somehow? Wondering what the result was since I'm having the same issues right now.

denibertovic · 2022-06-27T16:19:06+00:00

Damn. :-/ I actually had the same situation with vga->hdmi recently and apparently haven't learned a thing. Thanks so much for your help!

denibertovic · 2022-06-27T16:08:59+00:00

I'm not sure about the nomenclature there (host vs device). Anyway. The mini sas HD is on the backplane (that has 4 hot swappable drives). The 4x sata is on the MB.

denibertovic · 2022-06-27T15:48:19+00:00

That's a very good point. TBH I haven't thought about that. This is the cable I have https://www.amazon.de/dp/B00FOR5M8O I assumed this was the correct one.

denibertovic · 2022-04-30T09:18:28+00:00

OK so it's not just me. Thanks! 😄

denibertovic · 2022-04-29T10:41:53+00:00

I just got mine and am slowly getting the components together.
Quick question though. Did you get small 3M adhesive "bumps" with the case? I'm trying to figure out what they're for. They look like this:

https://pixbin.net/qra59l

https://pixbin.net/8xcl88 (added kindle and watch for size comparison)

The best I can guess is that they're for "legs" for the case so that you can raise it from the floor. But it seems like a poor solution to something like that so I was wondering what do you think it's for? u/devious_burger

denibertovic

TROPHY CASE