SaaS deploy checklist

Step-by-step Vercel + Neon + Stripe + S3/R2 deploy checklist with copy-paste commands for Next.js SaaS kits.

Free tools/SaaS deploy checklist

Progress

0 of 7 sections marked done. Use test mode Stripe keys until the smoke test passes.

1. Prepare the kit locally

Clone or unzip the kit, install deps, and confirm `npm run build` (or the kit equivalent) succeeds before touching production.

Commands

cp .env.example .env.local
npm install
npx prisma generate
npm run build

2. Create a Neon Postgres database

Use Neon's connection string with `sslmode=require`. Run migrations against production before first traffic.

Commands

# Neon dashboard → Connect → copy connection string
export DATABASE_URL="postgresql://USER:PASSWORD@ep-xxxx.aws.neon.tech/neondb?sslmode=require"
npx prisma migrate deploy

Env vars

  • DATABASE_URLrequired - Neon pooled or direct URL from the dashboard

3. Auth secrets

Generate a long random JWT secret. Never reuse local secrets in production.

Commands

openssl rand -base64 48
# Set JWT_SECRET to the output (min 32 characters)

Env vars

  • JWT_SECRETrequired - Signs access tokens - rotate only with a planned logout
  • NEXT_PUBLIC_APP_URLrequired - https://yourdomain.com (no trailing slash)

4. Stripe Checkout + webhook

Create a Stripe account, copy secret key, and point the webhook at your production `/api/stripe/webhook` (or the path your kit documents).

Commands

# Stripe Dashboard → Developers → API keys → Secret key
# Stripe Dashboard → Developers → Webhooks → Add endpoint
# Endpoint URL: https://yourdomain.com/api/stripe/webhook
# Events: checkout.session.completed (plus refunds if the kit listens)
stripe listen --forward-to localhost:3000/api/stripe/webhook  # local only

Env vars

  • STRIPE_SECRET_KEYrequired - sk_live_... in production
  • STRIPE_WEBHOOK_SECRETrequired - whsec_... from the webhook endpoint
  • NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEYoptional - Only if the kit uses Stripe.js on the client

5. Object storage (S3 or Cloudflare R2)

Create a private bucket for product ZIPs and screenshots. Prefer signed URLs or authenticated download routes - never make private kits world-readable.

Commands

# AWS: aws s3 mb s3://your-kit-bucket
# R2: Cloudflare dashboard → R2 → Create bucket
# Create an access key with read/write on that bucket only

Env vars

  • S3_BUCKETrequired - Or R2_BUCKET / kit-specific name
  • S3_ACCESS_KEY_IDrequired - IAM or R2 access key id
  • S3_SECRET_ACCESS_KEYrequired - Keep server-side only
  • S3_ENDPOINToptional - Required for R2: https://ACCOUNT_ID.r2.cloudflarestorage.com
  • S3_REGIONoptional - e.g. auto for R2, or us-east-1 for AWS

6. Deploy on Vercel

Import the Git repo, set all env vars, then deploy. Confirm the production domain matches NEXT_PUBLIC_APP_URL.

Commands

npm i -g vercel
vercel link
vercel env pull .env.local  # optional
vercel --prod
# Or: connect the GitHub repo in the Vercel dashboard and deploy on push

Env vars

  • NEXT_PUBLIC_APP_URLrequired - Must match the custom domain (e.g. https://twentysite.com)

7. Post-deploy smoke test

Sign up, complete a test checkout (Stripe test mode first), confirm webhook fulfillment, and download/access the protected resource.

Commands

curl -I https://yourdomain.com/
# Stripe Dashboard → Webhooks → recent deliveries should be 2xx
# Create a test purchase, then confirm the library/download path works

These tools are free helpers for SaaS builders. When you are ready, browse production-ready kits on the marketplace.