ShipAISaaS
Docs
Deploying to Vercel

Deploying to Vercel

Production deployment checklist for Vercel + Supabase + QStash.

Prerequisites

Before deploying, have the following ready:

  • Vercel account with a project connected to your repository
  • Supabase production database (recommended — consolidates DB and storage in one project; Neon or any PostgreSQL also works)
  • Supabase project with two storage buckets:
    • generated-images — public access, for AI-generated images
    • uploads — public access, for user file uploads (profile images, chat attachments, receipts, PDFs)
  • Upstash QStash account with credentials
  • Resend with your sending domain verified
  • Stripe production keys and webhook configured
  • Google Cloud OAuth redirect URIs updated for production domain

Deployment Steps

Set all environment variables in Vercel

In the Vercel dashboard, go to Settings → Environment Variables and add every variable from the Environment Variables reference.

Critical values that differ from dev:

  • NEXT_PUBLIC_APP_URL — must be your production URL, e.g. https://yourdomain.com
  • QSTASH_BASE_URL — must be https://yourdomain.com (QStash POSTs step requests here)
  • STRIPE_WEBHOOK_SECRET — the production webhook signing secret (different from the local stripe listen secret)

Run the database migration

Before the first deploy, run migrations against your production database:

DATABASE_URL=<prod-url> npm run db:push

Or use generate + migrate for a migration-file-based approach.

Run migrations before the first deploy. If the app starts without the tables existing, it will crash on first request.

Configure the Stripe webhook

In the Stripe dashboard, add a webhook endpoint:

  • URL: https://yourdomain.com/api/webhooks/stripe
  • Events: checkout.session.completed, invoice.payment_succeeded

Copy the signing secret to STRIPE_WEBHOOK_SECRET in Vercel.

Configure QStash

In the Upstash console, copy your production credentials to Vercel:

  • QSTASH_TOKEN
  • QSTASH_URL
  • QSTASH_CURRENT_SIGNING_KEY
  • QSTASH_NEXT_SIGNING_KEY

QStash will POST step executions to https://yourdomain.com/api/workflows/step. The verifySignatureAppRouter middleware validates each request using the signing keys.

Update Google OAuth redirect URI

In Google Cloud Console, add your production callback URL to the OAuth client's authorized redirect URIs:

https://yourdomain.com/api/auth/callback/google

Deploy

Push to your connected branch — Vercel will build and deploy automatically.

Vercel Function Duration

Some agents export maxDuration to extend the default timeout:

AgentmaxDurationRequired Vercel Plan
All others60sHobby or higher
legal-analyzer120sPro or higher

The legal-analyzer must analyze full PDF text, which can take 90+ seconds. Vercel Hobby caps at 60 seconds — upgrade to Pro before enabling this agent in production.

Post-Deploy Verification Checklist

  • Sign up and verify an OTP verification email arrives via Resend
  • Send a chat message and confirm it streams correctly
  • Create a workflow and verify the plan approval email arrives
  • Test Stripe checkout with a test card (use 4242 4242 4242 4242)
  • Generate an image and verify it appears in the Supabase bucket
  • Trigger a workflow run and confirm QStash executes each step
Customizing the OrchestratorChat Endpoint