Skip to content
OpenPartner docs

Deploy to DO App Platform

The repo includes a .do/app.yaml that provisions OpenPartner as a multi-service app with a managed Postgres database.

What gets deployed

  • api — Express HTTP service (port 8787)
  • router — Hono click redirect service (port 8788)
  • portal — Vite-built static site, served from CDN
  • db — Managed Postgres (1GB minimum)

Steps

  1. Fork or clone getcoherence/openpartner to your GitHub.
  2. In DO App Platform, Create App → GitHub and point it at your repo.
  3. Select the .do/app.yaml spec when prompted.
  4. Set required env vars (encrypted):
    • SECRETS_ENCRYPTION_KEY — 32-byte hex
    • MAIL_FROM (optional — overridable from admin UI)
    • POSTMARK_SERVER_TOKEN or SMTP creds (optional — overridable from admin UI)
  5. Click Create Resources.

Once the build completes, visit your app URL. The install wizard runs on first load.

Custom domain

Add your apex domain in DO App Platform → Settings → Domains. DO handles cert provisioning.

For the click router, point a subdomain like r.yourdomain.com to the router service for short links.

File uploads (brand logos, creator avatars)

App Platform containers are ephemeral — local-disk storage gets wiped on every redeploy. For production, use DO Spaces (S3-compatible) so uploaded logos and avatars survive deploys.

  1. Create a Spaces bucket in the same region as your app.

  2. Generate a Spaces access key under API → Spaces Keys.

  3. Add these env vars on the api component (encrypted):

    OPENPARTNER_STORAGE_KIND=s3
    OPENPARTNER_STORAGE_S3_BUCKET=<bucket name>
    OPENPARTNER_STORAGE_S3_REGION=<bucket region, e.g. nyc3>
    OPENPARTNER_STORAGE_S3_ENDPOINT=https://<region>.digitaloceanspaces.com
    OPENPARTNER_STORAGE_S3_ACCESS_KEY_ID=<key>
    OPENPARTNER_STORAGE_S3_SECRET_ACCESS_KEY=<secret>

    If you’ve enabled the bucket’s CDN, also set OPENPARTNER_STORAGE_S3_PUBLIC_BASE=https://<bucket>.<region>.cdn.digitaloceanspaces.com.

  4. If you’re running the Network as a separate app, repeat with the NETWORK_ prefix on that app’s component. You can use the same bucket with different key prefixes — the storage layer namespaces under tenants/.../logos/ and creators/.../avatars/.

Files written to Spaces get public-read ACL with a 1-year immutable cache header. Object keys are random hex (16 bytes), so make sure the bucket’s “Restrict File Listing” is on.

Updating

Push to your main branch — DO redeploys automatically.