Skip to main content

Production Build

Create an optimized production build using the pb-cli toolchain: 
pb-cli --production
This command:
  • Builds and optimizes frontend assets
  • Generates OpenAPI specifications
  • Compiles the server binary with optimization flags (-ldflags="-s -w")
  • Creates a deployment-ready package in the dist/ directory

Custom Output Directory

Specify a custom output directory: 
pb-cli --production --dist release

Automated Deployment with pb-deployer

pb-deployer provides automated VPS deployment with zero-downtime updates, security hardening, and automated backup management.

Installation

git clone https://github.com/magooney-loon/pb-deployer.git
cd pb-deployer

# Install dependencies
go mod tidy

# Run deployment wizard
go run cmd/scripts/main.go --install

Features

Server Provisioning

Automated server setup with best practices

Security Hardening

SSL/TLS, firewall configuration, and security updates

Zero-Downtime

Rolling updates with health checks

Auto-Rollback

Automatic rollback on deployment failure

Systemd Integration

Service management and auto-restart

Backup Management

Automated backups of data and configurations
pb-deployer handles the entire deployment lifecycle, from initial server setup to ongoing updates and maintenance.

Manual VPS Deployment

For manual deployments, follow these steps:
1

Build for production

Create the production build:
pb-cli --production
2

Upload to server

Transfer the dist/ directory to your VPS:
scp -r dist/ user@your-server.com:/opt/pb-ext/
3

Configure systemd service

Create a systemd service file at /etc/systemd/system/pb-ext.service:
[Unit]
Description=pb-ext Server
After=network.target

[Service]
Type=simple
User=www-data
WorkingDirectory=/opt/pb-ext
ExecStart=/opt/pb-ext/pb-ext serve
Restart=always
RestartSec=5
StandardOutput=journal
StandardError=journal

# Environment variables
Environment="PB_DATA_DIR=/var/lib/pb-ext/data"

[Install]
WantedBy=multi-user.target
4

Enable and start service

sudo systemctl daemon-reload
sudo systemctl enable pb-ext
sudo systemctl start pb-ext

Binary Optimization

The production build uses Go linker flags to reduce binary size: 
go build -ldflags="-s -w" -o dist/pb-ext ./cmd/server
-s
flag
Strip symbol table and debug information
-w
flag
Strip DWARF debugging information
These flags typically reduce binary size by 20-30% without affecting runtime performance.

SSL/TLS Configuration

Reverse Proxy with Nginx

Recommended approach for production: 
server {
    listen 443 ssl http2;
    server_name your-domain.com;

    ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;

    location / {
        proxy_pass http://127.0.0.1:8090;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Let’s Encrypt

Obtain free SSL certificates: 
sudo apt-get install certbot python3-certbot-nginx
sudo certbot --nginx -d your-domain.com

Zero-Downtime Updates

For manual zero-downtime deployments:
1

Upload new binary

scp dist/pb-ext user@server:/opt/pb-ext/pb-ext.new
2

Backup current binary

ssh user@server "mv /opt/pb-ext/pb-ext /opt/pb-ext/pb-ext.backup"
3

Replace binary

ssh user@server "mv /opt/pb-ext/pb-ext.new /opt/pb-ext/pb-ext"
4

Reload service

ssh user@server "sudo systemctl reload-or-restart pb-ext"
5

Verify deployment

Check health endpoint:
curl https://your-domain.com/_/_

Backup Strategies

Database Backups

PocketBase uses SQLite, making backups straightforward: 
# Backup script
#!/bin/bash
DATE=$(date +%Y%m%d_%H%M%S)
cp /var/lib/pb-ext/data/data.db /backups/data_${DATE}.db

# Keep only last 30 days
find /backups -name "data_*.db" -mtime +30 -delete
Schedule with cron: 
0 2 * * * /opt/pb-ext/backup.sh

Automated Backups with pb-deployer

pb-deployer includes built-in backup management with configurable retention policies and automated restoration.

Health Checks

Monitor your deployment: 
# Check service status
sudo systemctl status pb-ext

# View logs
sudo journalctl -u pb-ext -f

# Health endpoint
curl http://localhost:8090/_/_

Production Checklist

  • Run pb-cli --production successfully
  • Test OpenAPI specs with --validate-specs-dir
  • Review and test frontend build
  • Verify environment variables are configured
  • Backup current production database
  • SSL/TLS certificates configured
  • Firewall rules in place
  • Service runs as non-root user
  • Database file permissions restricted (0600)
  • Admin panel behind authentication
  • Systemd service enabled and running
  • Log rotation configured
  • Backup script scheduled
  • Health check endpoint accessible
  • Alerts configured for service failures

Next Steps

Frontend Configuration

Configure SvelteKit and static file serving

Environment Setup

Configure ports, data directories, and environment variables