TinyKit Pro Docs
Guides

Production Checklist

Complete guide for deploying TinyKit Pro to production. Use this checklist to ensure a smooth go-live.

Complete guide for deploying TinyKit Pro to production. Use this checklist to ensure a smooth go-live.

Quick Reference

Deployment Stack:

  • Frontend: Vercel
  • Backend: Convex (production deployment)
  • Payments: Stripe (live mode)
  • Email: Resend

Related Guides:


Pre-Launch Checklist

1. Environment Configuration

For complete environment variable documentation, see Environment Variables Reference.

Frontend Environment (Vercel)

# Required
NEXT_PUBLIC_SITE_URL=https://yourdomain.com
SITE_DOMAIN=yourdomain.com
CONVEX_DEPLOYMENT=prod:your-project
NEXT_PUBLIC_CONVEX_URL=https://your-project.convex.cloud
NEXT_PUBLIC_CONVEX_SITE_URL=https://your-project.convex.site

# Optional (recommended for production)
NEXT_PUBLIC_POSTHOG_KEY=phc_your_production_key
NEXT_PUBLIC_LOG_LEVEL=WARN
  • NEXT_PUBLIC_SITE_URL set to production domain
  • SITE_DOMAIN matches your domain (without protocol)
  • CONVEX_DEPLOYMENT points to production deployment
  • NEXT_PUBLIC_CONVEX_URL and NEXT_PUBLIC_CONVEX_SITE_URL are production URLs

Backend Environment (Convex)

# Set production environment variables
npx convex env set SITE_URL https://yourdomain.com --prod
npx convex env set BETTER_AUTH_SECRET <new-production-secret> --prod
npx convex env set STRIPE_SECRET_KEY sk_live_... --prod
npx convex env set STRIPE_WEBHOOKS_SECRET whsec_live_... --prod
npx convex env set RESEND_API_KEY re_... --prod
npx convex env set CONVEX_ENV production --prod
  • SITE_URL matches production domain
  • BETTER_AUTH_SECRET is a new, unique secret (not reused from development)
  • STRIPE_SECRET_KEY is the live key (starts with sk_live_)
  • STRIPE_WEBHOOKS_SECRET is from the production webhook endpoint
  • RESEND_API_KEY is configured
  • CONVEX_ENV is set to production

2. Domain & DNS

  • Primary domain configured in Vercel
  • SSL certificate active (automatic with Vercel)
  • DNS records propagated
  • Custom domain redirects working (www → apex or vice versa)

3. OAuth Providers

Update callback URLs for production:

GitHub OAuth:

  • Create new OAuth app for production (recommended) or update existing
  • Homepage URL: https://yourdomain.com
  • Callback URL: https://yourdomain.com/api/auth/callback/github
  • Set GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET in Convex production env

Google OAuth:

  • Add production domain to authorized origins
  • Callback URL: https://yourdomain.com/api/auth/callback/google
  • Set GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET in Convex production env

Security Checklist

Authentication & Secrets

  • Generate new BETTER_AUTH_SECRET for production (do not reuse dev secret)
    # Generate a secure secret
    openssl rand -base64 32
  • Verify all secrets are stored only in environment variables (not in code)
  • Confirm .env.local is in .gitignore

Access Control

  • First production user account created and verified as admin
  • Test admin-only routes require authentication
  • Verify rate limiting is active on authentication endpoints
  • Test that protected API routes reject unauthenticated requests

Data Protection

  • Review database indexes for sensitive queries
  • Verify no sensitive data in client-side logs (NEXT_PUBLIC_LOG_LEVEL=WARN)
  • Confirm error messages don't expose internal details

Stripe Production Setup

1. Enable Live Mode

  • Complete Stripe account verification (business details, bank account)
  • Switch Stripe Dashboard to Live mode
  • Copy live secret key (sk_live_...)

2. Create Production Webhook

  1. Go to Stripe Dashboard > Developers > Webhooks
  2. Click "Add endpoint"
  3. Configure:
    • URL: https://your-project.convex.site/stripe-webhook
    • Events to send:
      customer.subscription.created
      customer.subscription.updated
      customer.subscription.deleted
      invoice.payment_succeeded
      invoice.payment_failed
      customer.created
      customer.updated
      checkout.session.completed
  • Production webhook endpoint created
  • Webhook signing secret saved to Convex (STRIPE_WEBHOOKS_SECRET)
  • Endpoint shows "Active" status in Stripe Dashboard

3. Sync Products

  • Products created in Stripe live mode
  • Products synced via Admin Panel > Products > "Sync from Stripe"
  • Verify all plans appear correctly with correct pricing

4. Customer Portal

  • Customer Portal configured for live mode
  • Business information added (name, email, phone)
  • Terms of Service and Privacy Policy URLs added
  • Cancellation policy configured

5. Tax Configuration (if applicable)

  • Tax collection enabled in Stripe Tax settings
  • Tax registrations configured for relevant jurisdictions

Email Configuration

Resend Setup

  • Production API key created in Resend Dashboard
  • Domain verified in Resend (DNS records added)
  • From address configured (e.g., noreply@yourdomain.com)
  • Reply-to address set to support email

Email Testing

  • Test welcome email sends on new user signup
  • Test password reset email
  • Test subscription confirmation email
  • Verify emails render correctly (check spam folder)

Database & Convex

Production Deployment

# Deploy to production
npx convex deploy --prod
  • Production deployment active
  • Database schema deployed
  • All functions deployed successfully

Data Initialization

  • Site settings configured (Admin > Site Settings)
  • Default products/prices synced from Stripe
  • Admin user created and verified

Post-Launch Verification

Critical Path Testing

Run through each flow on the production site:

Authentication:

  • Sign up with email/password
  • Sign in with email/password
  • Password reset flow
  • OAuth sign in (GitHub, Google)
  • Sign out

Subscription:

  • View pricing page
  • Complete checkout for a plan
  • Verify subscription shows in user dashboard
  • Access Stripe Customer Portal ("Manage Billing")
  • Test plan upgrade/downgrade

Organization (if enabled):

  • Create new organization
  • Invite team member
  • Accept invitation
  • Organization subscription checkout

Webhook Verification

# Check webhook delivery in Stripe Dashboard
# Developers > Webhooks > [your endpoint] > Recent deliveries
  • Webhook events showing as delivered
  • No failed webhook attempts
  • Subscription status updating in database after checkout

Monitoring Setup

  • Convex Dashboard accessible for production deployment
  • Stripe Dashboard monitoring configured
  • Error alerting configured (Stripe + Convex)
  • Analytics tracking working (PostHog if configured)

Launch Day Commands

# Deploy latest changes to production
npx convex deploy --prod

# Check production logs
npx convex logs --prod --tail

# Verify environment
npx convex env list --prod

# Check deployment status
npx convex status --prod

Rollback Plan

If issues arise after launch:

  1. Convex Rollback: Redeploy previous version from Convex Dashboard
  2. Vercel Rollback: Use Vercel Dashboard to redeploy previous deployment
  3. Stripe: Disable webhook endpoint temporarily if webhook issues

Post-Launch Maintenance

Regular Tasks

  • Monitor Convex logs for errors: npx convex logs --prod --tail
  • Review Stripe webhook delivery status weekly
  • Check email delivery rates in Resend Dashboard
  • Review user feedback and error reports

Security Updates

  • Rotate BETTER_AUTH_SECRET quarterly (or after any suspected breach)
  • Update OAuth app secrets if compromised
  • Review and update dependencies regularly

Quick Troubleshooting

Webhooks not being received:

  1. Verify webhook URL matches Convex site URL exactly
  2. Check webhook endpoint is enabled in Stripe
  3. Verify STRIPE_WEBHOOKS_SECRET matches the endpoint's signing secret

OAuth login failing:

  1. Verify callback URLs match production domain exactly
  2. Check OAuth app is not in development/sandbox mode
  3. Verify client ID and secret are for production app

Emails not sending:

  1. Check RESEND_API_KEY is set in Convex production env
  2. Verify domain is verified in Resend
  3. Check Resend Dashboard for delivery failures

Subscription status not updating:

  1. Check Convex logs for webhook processing errors
  2. Verify Stripe webhook events are being sent
  3. Confirm webhook signature verification is passing

← Back to Guides | Deployment Guide →

On this page

Ship your startup faster. In minutes.

Get TinyKit Pro