Pushduck
Pushduck// S3 uploads for any framework
Guides

Production Checklist

Essential checklist for deploying pushduck to production safely

Going Live Checklist

Get your file uploads production-ready. Start with the 8 essentials belowโ€”most apps don't need more than this.

Quick Path to Production: Complete the essential checklist below (8 items) and you're ready to deploy. Advanced optimizations can be added later as you scale.

โœ… Essential Checklist (Required)

These 8 items are critical for safe production deployment:

1. Authentication

  • Auth middleware on all upload routes
  • Unauthenticated requests are blocked
const router = s3.createRouter({
  userFiles: s3.image()
    .middleware(async ({ req }) => {
      const session = await getServerSession(req);
      if (!session) throw new Error("Auth required");
      return { userId: session.user.id };
    })
});

2. Environment Variables

  • S3 credentials in .env (not in code)
  • Secrets are strong and unique
AWS_ACCESS_KEY_ID=xxx
AWS_SECRET_ACCESS_KEY=xxx
AWS_REGION=us-east-1
S3_BUCKET_NAME=your-bucket

3. File Validation

  • File type restrictions (.formats())
  • File size limits (.maxFileSize())
userPhotos: s3.image()
  .maxFileSize("10MB")
  .maxFiles(5)
  .formats(["jpeg", "png", "webp"])

4. CORS Configuration

  • CORS set up on S3 bucket
  • Only your domain is allowed

See CORS Setup Guide

5. Error Monitoring

  • Error tracking enabled (Sentry/LogRocket)
  • Upload failures are logged
.onUploadError(async ({ error }) => {
  console.error('Upload failed:', error);
  // Sentry.captureException(error);
})

6. Basic Rate Limiting (Optional but recommended)

  • Prevent abuse with upload limits

Use Upstash or Vercel KV for simple rate limiting.

7. Test Uploads

  • Upload works in production environment
  • Files appear in S3 bucket correctly
  • URLs are accessible

8. Backup Strategy

  • S3 versioning enabled (optional)
  • Know how to restore deleted files

โœ… Done! If you've completed these 8 items, your upload system is production-ready.

๐Ÿš€ When You Need More

Most apps are production-ready with the 8 essentials above. As you scale, consider:

  • CDN integration - For global audience or high traffic
  • Advanced auth - RBAC/ABAC for enterprise permissions (see Authentication Guide)
  • Redis caching - For 10k+ requests/minute
  • Multi-region - For mission-critical redundancy

Next Steps

Security Details

Deep dive into authentication patterns

CORS Setup

Configure CORS for your provider

Get Help

Common issues and solutions

Enhanced Client Migration

Migrate from hook-based API to property-based client access for better type safety

API Reference

Complete API reference for pushduck - from client hooks to server configuration and storage operations

On this page

Going Live Checklist
โœ… Essential Checklist (Required)
๐Ÿš€ When You Need More
Next Steps