Installation & Quick Start
Get Certexi running locally or in production with Docker Compose, Vercel, or traditional deployment in under 10 minutes.
Last updated: 2025-02-18
Installation & Quick Start
Certexi supports multiple deployment strategies depending on your infrastructure requirements. This guide covers everything from local development to production-ready deployments.
Prerequisites
Before installing Certexi, ensure you have the following:
- Node.js 20+ and pnpm 8+
- PostgreSQL 14+ (15+ recommended)
- Docker & Docker Compose (for containerized deployment)
- SSL certificates for HTTPS in production
Optional Services
Redis 6+ improves caching performance. ClamAV provides virus scanning for uploaded evidence files. Sentry enables production error tracking. All are optional but recommended for production.
Deployment Options Overview
Quick Start with Docker Compose
The fastest way to get Certexi running is with Docker Compose:
git clone https://github.com/certexi/platform.git
cd platform
cp .env.production.example .env.production
Generate secure secrets for your environment:
openssl rand -base64 32 # JWT_SECRET
openssl rand -base64 32 # ENCRYPTION_KEY
Start all services:
docker-compose -f docker-compose.production.yml up -d
This spins up the application on port 3000 with PostgreSQL, Redis, and ClamAV.
Environment Variables
Configure the required variables in .env.production:
| Variable | Description | Example |
|---|---|---|
DATABASE_URL | PostgreSQL connection string | postgresql://user:pass@localhost:5432/certexi |
NEXTCLOUD_URL | Your Nextcloud instance URL | https://cloud.example.com |
NEXTCLOUD_CLIENT_ID | OAuth2 client ID | abc123... |
NEXTCLOUD_CLIENT_SECRET | OAuth2 client secret | xyz789... |
JWT_SECRET | Secret for JWT signing (32+ chars) | Generated via openssl |
NEXT_PUBLIC_APP_URL | Your app's public URL | https://app.example.com |
NEXTAUTH_SECRET | Authentication secret | Generated via openssl |
Security
Never commit .env.production to version control. Use a secrets manager like
AWS Secrets Manager or Azure Key Vault in production environments.
Database Setup
Create the Database
CREATE DATABASE certexi_production;
CREATE USER certexi WITH ENCRYPTED PASSWORD 'secure_password';
GRANT ALL PRIVILEGES ON DATABASE certexi_production TO certexi;
-- Enable required extensions
\c certexi_production
CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
CREATE EXTENSION IF NOT EXISTS "pgcrypto";
Run Migrations
export DATABASE_URL="postgresql://certexi:password@localhost:5432/certexi_production?sslmode=require"
pnpm db:push
pnpm db:seed # Optional: seed initial data
pnpm db:verify
The database includes 15 tables, 25 indexes, and 2 stored functions covering core operations, ANPR events, and WHMS management.
Vercel Deployment
For a managed hosting solution:
npm i -g vercel
vercel --prod
vercel env add DATABASE_URL production
vercel env add NEXTCLOUD_URL production
Database for Vercel
Use a managed PostgreSQL provider like Neon, Supabase, or AWS RDS. Ensure SSL
is enabled on the connection string with ?sslmode=require.
Verify Installation
After deployment, confirm everything is working:
curl https://your-domain.com/api/health
Expected response:
{
"status": "healthy",
"services": {
"database": { "status": "healthy" },
"redis": { "status": "healthy" },
"nextcloud": { "status": "healthy" }
}
}