Production deployment
Before deploying Goiabada to production, choose your deployment method based on your infrastructure.
Deployment options
Section titled “Deployment options” Cloudflare Tunnel Simplest setup. No SSL certificates, no open ports, no Nginx.
Cloudflare + Nginx For servers already running Nginx with other sites.
Reverse proxy (no Cloudflare) Standard Nginx/Traefik setup with Let's Encrypt SSL.
Kubernetes Deploy to a Kubernetes cluster with ingress controller.
Native binaries Run without Docker using pre-built binaries.
Quick comparison
Section titled “Quick comparison”| Method | SSL management | Complexity | Best for |
|---|---|---|---|
| Cloudflare Tunnel | Cloudflare handles it | ⭐ Easiest | Most users |
| Cloudflare + Nginx | Cloudflare + local certs | ⭐⭐ Medium | Existing Nginx servers |
| Reverse proxy | Let’s Encrypt | ⭐⭐ Medium | Non-Cloudflare users |
| Kubernetes | cert-manager | ⭐⭐⭐ Advanced | Kubernetes environments |
| Native binaries | Manual | ⭐⭐⭐ Advanced | No-Docker environments |
Using the setup wizard
Section titled “Using the setup wizard”The setup wizard can generate production-ready configurations:
./goiabada-setup-linux-amd64Choose the deployment type that matches your setup:
| Option | Use case | Output |
|---|---|---|
| 2. Production with reverse proxy | Docker with Nginx/Cloudflare | docker-compose.yml |
| 3. Kubernetes cluster | Kubernetes deployment | goiabada-k8s.yaml |
| 4. Native binaries | Running without Docker | goiabada.env |
The wizard will ask for your domain names, generate all credentials (session keys, OAuth secrets), and create the appropriate configuration file.
You still need to set up SSL termination using one of the methods above (except for Kubernetes, where the wizard configures cert-manager).