Deployment best practices

I’ve been developing an application that I would like to share with a private network. This app would be hosted remotely; not at the private network where it’s used. Hosting this app on a cloud provider or at the end-user network are not viable options in my case.

So far, Vagrant is fine for my localhost setup. But, once you want to deploy an app, security best practices have to be checked, and this is why I am writing. Maybe I should be using Terraform instead.

At the end of the day, all I need is for users to enter an address (like any website address) and see the application. This app would require a login to use. And I want to configure the host with all the security best practices.

For the app, I currently have a next.js app, which sends requests to another local next.js app that fetches data from MongoDB and returns the data in response. You get the picture: simple app; I’m having fun. The data used by the app is in a dedicated external TB drive at the host, which is nice: I can destroy Vagrant box if needed and persist my content for the next Vagrant box. And the host is behind a VPN.

My primary concerns are security (firewall and configuration) and being able to adapt/throttle the network load so it doesn’t alarm the ISP. Terraform seems to be the way to go to set all of this up, and I’m looking for the free, single admin solution. :slight_smile: Or maybe I should use Apache Web Server.

Your assistance is greatly appreciated. Any suggestions to pull this off?

TF can deploy whatever you want with whatever configuration you set. You can embed the terraform binary to run the tf config you define on startup/etc. But you will need to know what services and targets to talk to in order to configure.