Spaces:

aditya2001
/

VidSimplify

Running

App Files Files Community

VidSimplify / DEPLOYMENT.md

Adityahulk

Restoring repo state for deployment

6fc3143 6 days ago

preview code

raw

history blame contribute delete

2.41 kB

	# Deployment Configuration Guide

	## Environment Variables

	For a secure production deployment, you must set the following environment variables.

	### 1. Frontend (Next.js)
	These variables should be set in your Vercel project settings or `.env.production`.

	\| Variable \| Description \| Example Value \|
	\|----------\|-------------\|---------------\|
	\| `NEXTAUTH_URL` \| The canonical URL of your site \| `https://your-app.com` \|
	\| `NEXTAUTH_SECRET` \| A random string used to hash tokens \| `openssl rand -base64 32` \|
	\| `GOOGLE_CLIENT_ID` \| OAuth Client ID from Google Cloud \| `123...apps.googleusercontent.com` \|
	\| `GOOGLE_CLIENT_SECRET` \| OAuth Client Secret from Google Cloud \| `GOCSPX-...` \|
	\| `INTERNAL_API_KEY` \| CRITICAL: Shared secret to talk to Python backend \| `long-random-string-shared-with-backend` \|
	\| `PYTHON_API_URL` \| URL of your deployed Python backend \| `https://api.your-app.com` \|
	\| `DATABASE_URL` \| Connection string for your production DB (e.g., Postgres) \| `postgresql://user:pass@host:5432/db` \|

	> Note on Database: Currently, the app uses SQLite (`file:./dev.db`). For production, you should switch the `provider` in `prisma/schema.prisma` to `postgresql` or `mysql` and use a real database URL.

	### 2. Backend (Python / FastAPI)
	These variables should be set in your backend hosting service (e.g., Railway, Render, AWS).

	\| Variable \| Description \| Example Value \|
	\|----------\|-------------\|---------------\|
	\| `INTERNAL_API_KEY` \| CRITICAL: Must match the Frontend key exactly \| `long-random-string-shared-with-backend` \|
	\| `OPENAI_API_KEY` \| For generating animation code \| `sk-...` \|
	\| `ELEVENLABS_API_KEY` \| For generating voiceovers \| `...` \|
	\| `ANTHROPIC_API_KEY` \| (Optional) If using Claude models \| `sk-ant-...` \|
	\| `CODE_GEN_MODEL` \| Model to use for code generation \| `gpt-4o` or `claude-3-5-sonnet-20240620` \|

	## Security Checklist

	1. [ ] Generate a Strong `INTERNAL_API_KEY`: Use `openssl rand -hex 32` to generate a secure key. Set this on BOTH frontend and backend.
	2. [ ] HTTPS Everywhere: Ensure both your frontend and backend are served over HTTPS.
	3. [ ] Database: Do not use SQLite in production if you have multiple server instances (serverless). Use a managed Postgres database (e.g., Supabase, Neon, Railway).
	4. [ ] CORS: In `api_server.py`, update `allow_origins` to only allow your production frontend domain, not `*` or `localhost`.

	# Deployment Configuration Guide

	## Environment Variables

	For a secure production deployment, you must set the following environment variables.

	### 1. Frontend (Next.js)
	These variables should be set in your Vercel project settings or `.env.production`.

	\| Variable \| Description \| Example Value \|
	\|----------\|-------------\|---------------\|
	\| `NEXTAUTH_URL` \| The canonical URL of your site \| `https://your-app.com` \|
	\| `NEXTAUTH_SECRET` \| A random string used to hash tokens \| `openssl rand -base64 32` \|
	\| `GOOGLE_CLIENT_ID` \| OAuth Client ID from Google Cloud \| `123...apps.googleusercontent.com` \|
	\| `GOOGLE_CLIENT_SECRET` \| OAuth Client Secret from Google Cloud \| `GOCSPX-...` \|
	\| `INTERNAL_API_KEY` \| CRITICAL: Shared secret to talk to Python backend \| `long-random-string-shared-with-backend` \|
	\| `PYTHON_API_URL` \| URL of your deployed Python backend \| `https://api.your-app.com` \|
	\| `DATABASE_URL` \| Connection string for your production DB (e.g., Postgres) \| `postgresql://user:pass@host:5432/db` \|

	> Note on Database: Currently, the app uses SQLite (`file:./dev.db`). For production, you should switch the `provider` in `prisma/schema.prisma` to `postgresql` or `mysql` and use a real database URL.

	### 2. Backend (Python / FastAPI)
	These variables should be set in your backend hosting service (e.g., Railway, Render, AWS).

	\| Variable \| Description \| Example Value \|
	\|----------\|-------------\|---------------\|
	\| `INTERNAL_API_KEY` \| CRITICAL: Must match the Frontend key exactly \| `long-random-string-shared-with-backend` \|
	\| `OPENAI_API_KEY` \| For generating animation code \| `sk-...` \|
	\| `ELEVENLABS_API_KEY` \| For generating voiceovers \| `...` \|
	\| `ANTHROPIC_API_KEY` \| (Optional) If using Claude models \| `sk-ant-...` \|
	\| `CODE_GEN_MODEL` \| Model to use for code generation \| `gpt-4o` or `claude-3-5-sonnet-20240620` \|

	## Security Checklist

	1. [ ] Generate a Strong `INTERNAL_API_KEY`: Use `openssl rand -hex 32` to generate a secure key. Set this on BOTH frontend and backend.
	2. [ ] HTTPS Everywhere: Ensure both your frontend and backend are served over HTTPS.
	3. [ ] Database: Do not use SQLite in production if you have multiple server instances (serverless). Use a managed Postgres database (e.g., Supabase, Neon, Railway).
	4. [ ] CORS: In `api_server.py`, update `allow_origins` to only allow your production frontend domain, not `*` or `localhost`.