SaaS deploy checklist
Step-by-step Vercel + Neon + Stripe + S3/R2 deploy checklist with copy-paste commands for Next.js SaaS kits.
Free tools/SaaS deploy checklist
Progress
0 of 7 sections marked done. Use test mode Stripe keys until the smoke test passes.
1. Prepare the kit locally
Clone or unzip the kit, install deps, and confirm `npm run build` (or the kit equivalent) succeeds before touching production.
Commands
cp .env.example .env.local npm install npx prisma generate npm run build
2. Create a Neon Postgres database
Use Neon's connection string with `sslmode=require`. Run migrations against production before first traffic.
Commands
# Neon dashboard → Connect → copy connection string export DATABASE_URL="postgresql://USER:PASSWORD@ep-xxxx.aws.neon.tech/neondb?sslmode=require" npx prisma migrate deploy
Env vars
DATABASE_URLrequired - Neon pooled or direct URL from the dashboard
3. Auth secrets
Generate a long random JWT secret. Never reuse local secrets in production.
Commands
openssl rand -base64 48 # Set JWT_SECRET to the output (min 32 characters)
Env vars
JWT_SECRETrequired - Signs access tokens - rotate only with a planned logoutNEXT_PUBLIC_APP_URLrequired - https://yourdomain.com (no trailing slash)
4. Stripe Checkout + webhook
Create a Stripe account, copy secret key, and point the webhook at your production `/api/stripe/webhook` (or the path your kit documents).
Commands
# Stripe Dashboard → Developers → API keys → Secret key # Stripe Dashboard → Developers → Webhooks → Add endpoint # Endpoint URL: https://yourdomain.com/api/stripe/webhook # Events: checkout.session.completed (plus refunds if the kit listens) stripe listen --forward-to localhost:3000/api/stripe/webhook # local only
Env vars
STRIPE_SECRET_KEYrequired - sk_live_... in productionSTRIPE_WEBHOOK_SECRETrequired - whsec_... from the webhook endpointNEXT_PUBLIC_STRIPE_PUBLISHABLE_KEYoptional - Only if the kit uses Stripe.js on the client
5. Object storage (S3 or Cloudflare R2)
Create a private bucket for product ZIPs and screenshots. Prefer signed URLs or authenticated download routes - never make private kits world-readable.
Commands
# AWS: aws s3 mb s3://your-kit-bucket # R2: Cloudflare dashboard → R2 → Create bucket # Create an access key with read/write on that bucket only
Env vars
S3_BUCKETrequired - Or R2_BUCKET / kit-specific nameS3_ACCESS_KEY_IDrequired - IAM or R2 access key idS3_SECRET_ACCESS_KEYrequired - Keep server-side onlyS3_ENDPOINToptional - Required for R2: https://ACCOUNT_ID.r2.cloudflarestorage.comS3_REGIONoptional - e.g. auto for R2, or us-east-1 for AWS
6. Deploy on Vercel
Import the Git repo, set all env vars, then deploy. Confirm the production domain matches NEXT_PUBLIC_APP_URL.
Commands
npm i -g vercel vercel link vercel env pull .env.local # optional vercel --prod # Or: connect the GitHub repo in the Vercel dashboard and deploy on push
Env vars
NEXT_PUBLIC_APP_URLrequired - Must match the custom domain (e.g. https://twentysite.com)
7. Post-deploy smoke test
Sign up, complete a test checkout (Stripe test mode first), confirm webhook fulfillment, and download/access the protected resource.
Commands
curl -I https://yourdomain.com/ # Stripe Dashboard → Webhooks → recent deliveries should be 2xx # Create a test purchase, then confirm the library/download path works
These tools are free helpers for SaaS builders. When you are ready, browse production-ready kits on the marketplace.