Skip to main content

Overview

This guide walks you through deploying Dashtray to production on Cloudflare Pages with Convex backend.
Deployment Stack:
  • Frontend: Cloudflare Pages
  • Backend: Convex (serverless)
  • Database: Convex (built-in)
  • Authentication: Better Auth
  • Payments: Dodo Payments

Prerequisites

Before deploying, ensure you have:
  • A Cloudflare account
  • A Convex account
  • A custom domain (optional but recommended)
  • All required API keys and credentials
  • Git repository with your code

Deployment Steps

1. Deploy Convex Backend

1

Install Convex CLI

pnpm add -g convex
2

Login to Convex

npx convex login
3

Create Production Deployment

npx convex deploy --prod
This will:
  • Create a new production deployment
  • Deploy all Convex functions
  • Generate your production Convex URL
4

Set Environment Variables

Set all required environment variables in Convex:
# Core Configuration
npx convex env set SITE_URL "https://yourdomain.com" --prod
npx convex env set BETTER_AUTH_SECRET "$(openssl rand -base64 32)" --prod

# Email (Brevo)
npx convex env set BREVO_API_KEY "your-brevo-api-key" --prod
npx convex env set RESET_EMAIL_FROM "noreply@yourdomain.com" --prod

# OAuth (Optional)
npx convex env set GOOGLE_CLIENT_ID "your-google-client-id" --prod
npx convex env set GOOGLE_CLIENT_SECRET "your-google-client-secret" --prod

# Payments (Optional)
npx convex env set DODO_PAYMENTS_API_KEY "your-dodo-api-key" --prod
npx convex env set DODO_PAYMENTS_ENVIRONMENT "live" --prod

# AI (Optional)
npx convex env set GEMINI_API_KEY "your-gemini-api-key" --prod
5

Verify Deployment

Check that all functions deployed successfully:
npx convex dashboard --prod

2. Configure OAuth Applications

Google OAuth

  1. Go to Google Cloud Console
  2. Create a new project or select existing
  3. Enable Google+ API
  4. Create OAuth 2.0 credentials
  5. Add authorized redirect URIs: 
    https://yourdomain.com/api/auth/callback/google
  6. Copy Client ID and Secret to Convex env

GitHub OAuth

  1. Go to GitHub Settings
  2. Click New OAuth App
  3. Set Authorization callback URL: 
    https://yourdomain.com/api/auth/callback/github
  4. Copy Client ID and Secret to Convex env

3. Configure Brevo Email

1

Verify Domain

  1. Go to Brevo Settings
  2. Add your domain
  3. Add DNS records (SPF, DKIM, DMARC)
  4. Wait for verification (can take up to 48 hours)
2

Create API Key

  1. Go to Brevo API Keys
  2. Create new API key with full access
  3. Copy to Convex env
3

Test Email Sending

Send a test email to verify configuration:
# Use Convex dashboard to test email function
npx convex run emailService:sendEmail --prod \
  --args '{"to":"test@example.com","subject":"Test","html":"<p>Test</p>"}'

4. Deploy to Cloudflare Pages

1

Connect Repository

  1. Go to Cloudflare Dashboard
  2. Navigate to Pages
  3. Click Create a project
  4. Connect your Git repository
2

Configure Build Settings

Set the following build configuration:
  • Framework preset: SvelteKit
  • Build command: pnpm build
  • Build output directory: .svelte-kit/cloudflare
  • Root directory: / (or your monorepo path)
3

Set Environment Variables

Add environment variables in Cloudflare Pages:
PUBLIC_CONVEX_URL=https://your-deployment.convex.cloud
PUBLIC_CONVEX_SITE_URL=https://your-deployment.convex.site
SITE_URL=https://yourdomain.com
Get your Convex URLs from the Convex dashboard after deployment.
4

Deploy

Click Save and DeployCloudflare will:
  • Clone your repository
  • Install dependencies with pnpm
  • Build your SvelteKit app
  • Deploy to global CDN

5. Configure Custom Domain

1

Add Custom Domain

  1. In Cloudflare Pages, go to Custom domains
  2. Click Set up a custom domain
  3. Enter your domain (e.g., app.yourdomain.com)
2

Update DNS

Add CNAME record to your DNS:
Type: CNAME
Name: app (or @ for root domain)
Value: your-project.pages.dev
3

Enable SSL

Cloudflare automatically provisions SSL certificate.Wait 5-10 minutes for certificate to be issued.
4

Update Environment Variables

Update SITE_URL in both Convex and Cloudflare:
npx convex env set SITE_URL "https://app.yourdomain.com" --prod

6. Configure Dodo Payments

1

Create Live Mode Account

  1. Go to Dodo Payments Dashboard
  2. Switch to Live Mode
  3. Complete business verification
2

Get API Keys

  1. Navigate to SettingsAPI Keys
  2. Copy your Live API Key
  3. Add to Convex env:
npx convex env set DODO_PAYMENTS_API_KEY "your-live-key" --prod
npx convex env set DODO_PAYMENTS_ENVIRONMENT "live" --prod
3

Configure Webhooks

  1. In Dodo dashboard, go to Webhooks
  2. Add webhook endpoint: 
    https://yourdomain.com/api/webhooks/dodo
  3. Select events:
    • subscription.created
    • subscription.updated
    • subscription.canceled
    • payment.succeeded
    • payment.failed
  4. Copy webhook secret to Convex env

Post-Deployment Checklist

Security

  • All environment variables set correctly
  • OAuth redirect URIs configured
  • Webhook signatures verified
  • SSL certificate active
  • API keys rotated from development
  • Rate limiting configured

Monitoring

  • Sentry error tracking configured
  • PostHog analytics configured
  • Uptime monitoring set up (UptimeRobot)
  • Cloudflare analytics enabled
  • Convex logs monitored

Email

  • Domain verified in Brevo
  • SPF/DKIM/DMARC records added
  • Test emails sent successfully
  • Email templates reviewed
  • Unsubscribe links working

Payments

  • Dodo Payments in live mode
  • Webhook endpoint verified
  • Test subscription flow
  • Pricing tiers configured
  • Trial periods set correctly

Testing

  • Sign up flow works
  • Email verification works
  • OAuth login works
  • Integration connections work
  • Dashboard displays correctly
  • Subscription upgrade works
  • Webhooks receive data

Environment Variables Reference

Required Variables

VariableLocationDescription
SITE_URLConvexYour production domain
BETTER_AUTH_SECRETConvexAuth secret (32+ chars)
BREVO_API_KEYConvexBrevo API key
RESET_EMAIL_FROMConvexEmail sender address
PUBLIC_CONVEX_URLCloudflareConvex deployment URL
PUBLIC_CONVEX_SITE_URLCloudflareConvex site URL

Optional Variables

VariableLocationDescription
GOOGLE_CLIENT_IDConvexGoogle OAuth client ID
GOOGLE_CLIENT_SECRETConvexGoogle OAuth secret
GITHUB_CLIENT_IDConvexGitHub OAuth client ID
GITHUB_CLIENT_SECRETConvexGitHub OAuth secret
DODO_PAYMENTS_API_KEYConvexDodo Payments API key
DODO_PAYMENTS_ENVIRONMENTConvexlive or test
GEMINI_API_KEYConvexGoogle Gemini API key

Troubleshooting

Build Failures

Problem: Cloudflare build fails. Solutions:
  • Check build logs for specific errors
  • Verify pnpm-lock.yaml is committed
  • Ensure all dependencies are in package.json
  • Check Node.js version compatibility

Environment Variable Issues

Problem: App can’t connect to Convex. Solutions:
  • Verify PUBLIC_CONVEX_URL is set in Cloudflare
  • Check that URL matches Convex dashboard
  • Ensure no trailing slashes in URLs
  • Redeploy after changing env vars

Email Not Sending

Problem: Emails not being delivered. Solutions:
  • Verify domain is verified in Brevo
  • Check SPF/DKIM records are correct
  • Test with Brevo’s test email feature
  • Check Brevo API key has correct permissions

OAuth Errors

Problem: OAuth login fails. Solutions:
  • Verify redirect URIs match exactly
  • Check OAuth credentials are for production
  • Ensure SITE_URL is correct in Convex
  • Test with incognito/private browsing

Webhook Failures

Problem: Webhooks not being received. Solutions:
  • Verify webhook URL is publicly accessible
  • Check webhook signature verification
  • Review webhook logs in provider dashboard
  • Test with webhook testing tools

Rollback Procedure

If deployment fails, rollback quickly:

Cloudflare Pages

  1. Go to Deployments tab
  2. Find last working deployment
  3. Click Rollback to this deployment

Convex

# List deployments
npx convex deployments list --prod

# Rollback to specific deployment
npx convex deployments rollback <deployment-id> --prod

Monitoring & Alerts

Set Up Monitoring

  1. Sentry - Error tracking 
    pnpm add @sentry/sveltekit
  2. UptimeRobot - Uptime monitoring
    • Add HTTP(s) monitor for your domain
    • Set check interval to 5 minutes
    • Configure alert contacts
  3. Cloudflare Analytics - Traffic monitoring
    • Enabled automatically
    • View in Cloudflare dashboard

Configure Alerts

Set up alerts for:
  • Error rate > 1% - Sentry alert
  • Response time > 2s - Cloudflare alert
  • Downtime > 1 minute - UptimeRobot alert
  • Failed deployments - Cloudflare email notification

Performance Optimization

Cloudflare Settings

  1. Enable Auto Minify (HTML, CSS, JS)
  2. Enable Brotli compression
  3. Set Browser Cache TTL to 4 hours
  4. Enable Always Use HTTPS

Convex Optimization

  1. Add indexes for common queries
  2. Use pagination for large datasets
  3. Implement caching where appropriate
  4. Monitor function execution times

Security Hardening

Headers

Add security headers in svelte.config.js: 
headers: {
  '/*': [
    'X-Frame-Options: DENY',
    'X-Content-Type-Options: nosniff',
    'Referrer-Policy: strict-origin-when-cross-origin',
    'Permissions-Policy: geolocation=(), microphone=(), camera=()'
  ]
}

Rate Limiting

Implement rate limiting in hooks.server.ts:
  • Auth endpoints: 10 requests/minute
  • API endpoints: 100 requests/minute
  • Webhook endpoints: 200 requests/minute

Credential Rotation

Rotate credentials regularly:
  • API keys: Every 90 days
  • OAuth secrets: Every 180 days
  • Webhook secrets: Every 90 days
  • Auth secrets: Every 365 days

Backup & Recovery

Convex Backups

Convex automatically backs up your data:
  • Frequency: Continuous
  • Retention: 30 days
  • Recovery: Contact Convex support

Manual Exports

Export data regularly (Scale tier): 
# Export all data
curl https://api.dashtray.com/api/v1/export \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -o backup-$(date +%Y%m%d).json

Support

Need deployment help?

Next Steps

Monitoring Setup

Configure monitoring and alerts

Production Checklist

Complete pre-launch checklist

Quick Reference

Common commands and URLs

Deployment Runbook

Detailed deployment procedures