Menu
Deployment checklist and setup for NEAN projects targeting Docker, AWS, or Kubernetes.
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.
Based on SOC occupation classification
| name | nean-deploy |
| description | Deployment checklist and setup for NEAN projects targeting Docker, AWS, or Kubernetes. |
| argument-hint | [--target docker|aws|k8s] [--check-only] |
| allowed-tools | Bash, Write, Read, Glob, Grep |
Prepare a NEAN project for production deployment with proper configuration, security hardening, and monitoring setup.
--target <platform> — Deployment target (default: docker)
docker — Docker Compose (self-hosted, simplest)aws — AWS (ECS, RDS, ALB)k8s — Kubernetes (Helm charts)--check-only — Run pre-deployment checklist without creating files.env.exampleJWT_SECRET is unique 64+ char stringNODE_ENV=production in productionnpm run buildnpm run build -- --stats-json)/api/health, /api/health/readydocker/
├── Dockerfile.api # Multi-stage NestJS build
├── Dockerfile.web # Multi-stage Angular build + Nginx
├── docker-compose.yml # Full stack
├── docker-compose.prod.yml # Production overrides
└── nginx.conf # Nginx configuration
infrastructure/
├── terraform/ # Infrastructure as code
│ ├── main.tf
│ ├── variables.tf
│ └── outputs.tf
├── ecs/
│ └── task-definition.json
└── scripts/
└── deploy.sh # Deployment script
k8s/
├── helm/
│ └── myapp/
│ ├── Chart.yaml
│ ├── values.yaml
│ ├── values.prod.yaml
│ └── templates/
│ ├── api-deployment.yaml
│ ├── web-deployment.yaml
│ ├── service.yaml
│ ├── ingress.yaml
│ ├── configmap.yaml
│ └── secrets.yaml
└── skaffold.yaml # Local development
# Build images
docker compose -f docker/docker-compose.yml build
# Run locally
docker compose -f docker/docker-compose.yml up -d
# Production with overrides
docker compose -f docker/docker-compose.yml -f docker/docker-compose.prod.yml up -d
version: '3.8'
services:
api:
environment:
- NODE_ENV=production
deploy:
replicas: 2
resources:
limits:
memory: 512M
restart: always
web:
deploy:
replicas: 2
restart: always
db:
volumes:
- /data/postgres:/var/lib/postgresql/data
restart: always
# Production .env for API
NODE_ENV=production
DATABASE_HOST=db
DATABASE_PORT=5432
DATABASE_USERNAME=myapp
DATABASE_PASSWORD=${DB_PASSWORD} # From secrets
DATABASE_NAME=myapp_prod
JWT_SECRET=${JWT_SECRET} # From secrets
JWT_EXPIRES_IN=15m
JWT_REFRESH_EXPIRES_IN=7d
CORS_ORIGINS=https://myapp.com
API_PORT=3000
LOG_LEVEL=info
// environment.prod.ts
export const environment = {
production: true,
apiUrl: '/api', // Relative, goes through Nginx
};
For platform-specific configurations, see reference/nean-deploy-reference.md
Scaffold a pnpm + Turborepo MERN monorepo with Next.js, tooling, tests, CI, and optional GitHub repo creation.
Configure GitHub repository security with branch protection, Dependabot, security scanning, and CI workflows. Integrates with mern-scaffold, nean-scaffold, and iOS projects.
Harden a Vercel deployment with security headers, CSP, bot protection, and deployment configuration
Add authentication to an iOS app with Sign in with Apple, biometrics, and Keychain storage.
Scaffold a new feature with View, ViewModel, and tests following ios-std conventions.
Review iOS code for compliance with standards, NFRs, and security policy.