Skip to content
PayloadCMS Boilerplate

Deployment Guide

This guide covers deploying to Coolify on Hetzner servers.

Prerequisites

Section titled “Prerequisites”

Complete the pre-deployment checklist before deploying.

Server Setup (Hetzner)

Section titled “Server Setup (Hetzner)”

  1. Create server in Hetzner Cloud:

    • Ubuntu 22.04 or 24.04
    • SSH keys configured
    • Appropriate resources for your traffic

  2. Configure firewall:

    PortSourcePurpose
    80/443AnywhereHTTP/HTTPS
    22Your IPSSH

  3. Run hardening script from coolifyservermanagement

  4. Install Coolify proxy

Coolify Setup

Section titled “Coolify Setup”

Create Environment

Section titled “Create Environment”

Create separate environments for staging and production.

Add Database

Section titled “Add Database”
  1. Create PostgreSQL database in Coolify
  2. Copy the connection string

Add Application

Section titled “Add Application”
  1. Select your Git repository
  2. Set build type to docker

Configuration:

SettingValue
DomainYour production domain
Builddocker

Environment Variables

Section titled “Environment Variables”

Copy from .env.example and update:

Terminal window
PAYLOAD_SECRET=your-new-secure-secret
DATABASE_URI=postgres://coolify:password@host:5432/coolify
NEXT_PUBLIC_SERVER_URL=https://yourdomain.com
NEXT_PUBLIC_SITE_NAME="Your Project Name"

Persistent Storage

Section titled “Persistent Storage”

Add mounts:

TypeSourceDestination
Volumenext/app/.next/cache
Directorymedia/app/media

Set permissions:

Terminal window
chown -R 1001:1001 media
chmod -R 755 media

Health Check

Section titled “Health Check”

Enable at /healthcheck

DNS Setup

Section titled “DNS Setup”
TypeNameValueTTL
A@SERVER_IPAuto
CNAMEwwwyourdomain.comAuto

SSL certificates are automatically provisioned by Traefik.

Post-Deployment Checklist

Section titled “Post-Deployment Checklist”
  • Site loads at https://yourdomain.com
  • Admin panel works at /admin
  • Uploaded media displays correctly
  • Media persists between deployments
  • Health check returns 200

Updating

Section titled “Updating”

Push changes to Git. Coolify auto-deploys via webhook.

Rollback: Go to Coolify → deployments → click previous working version.

Troubleshooting

Section titled “Troubleshooting”
IssueSolution
502 Bad GatewayCheck app logs, env vars, database
Uploads failRemove --entrypoints.https.http3 from proxy
Build failsCheck TypeScript errors in logs
SSL issuesVerify DNS points to server

Security

Section titled “Security”
  • SSH restricted to office IP
  • Strong PAYLOAD_SECRET
  • HSTS enabled
  • Database backups configured