A Copier template to create a full-stack app with a FastAPI backend, NextJS frontend, and deployed on AWS with Terraform
See the example generated repo here.
After creating the application from the template, you will need to complete the following steps to get everything deployed correctly:
- Create a Vercel account if you don't have one already and generate an API key
- Create a Google Cloud account if you don't have one already and generate a client id,
client secret, and JWT secret
- Create a project for the application, if one does not exist
- Go to Credentials -> Create Credentials -> OAuth Client ID
- Select Web Application
- Add
http://localhost:3000,https://<insert main domain>, andhttps://staging.<insert main domain>as authorized JavaScript origins - Add the same domains but with
/auth/googleas authorized redirect URIs, e.g.https://staging.<insert main domain>/auth/google - Go to "OAuth consent screen" in the navigation menu
- Select "External" and add the main domain as an authorized domain. Fill out the rest of the form as desired
- On the Scopes page, add any additional scopes you would like to gain access to during the OAuth flow. If you only want Google login, you can skip this step.
- Create a Google account for the e2e user
- Create a Google account for the system email user and enable "less secure access"
- Create an AWS root account and an IAM user for the application, with the following permissions:
- AmazonRoute53FullAccess
- AmazonEC2ContainerRegistryFullAccess
- AmazonSSMFullAccess
- AmazonEC2FullAccess
- AWSCertificateManagerFullAccess
- IAMFullAccess
- AmazonECS_FullAccess
- CloudWatchFullAccess
- AmazonVPCFullAccess
- AWSCloudFormationFullAccess
- AmazonDynamoDBFullAccess
- AmazonS3FullAccess
- AmazonRDSFullAccess
- AmazonSNSFullAccess
- AmazonPrometheusFullAccess
- AWSLambda_FullAccess
- Create a Slack user token starting with
xoxp, and a Slack webhook URL
- See the README.md in the
infradirectory for more details on setting up Slack alerts
- Createa RapidAPI account and go to Temp Mail's page. Subscribe to a plan and the API key will be available from the playground.
- Install and set up
direnvif not already installed cdinto the repo directory and rundirenv allow, thencdinto theinfradirectory, thencdback into the root directory and into thee2edirectory, runningdirenv alloweach time prompted.- Fill out
.env,infra/.env, ande2e/.env - Add secrets to the Github repo:
AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEYGH_TOKEN: Personal access tokenE2E_RAPID_API_KEY: RapidAPI keyVERCEL_API_TOKEN: Vercel API tokenVERCEL_ORG_ID: Vercel organization ID
- Create the
globalenvironment in AWS.cdinto theinfrafolder, and follow instructions in the README.md Setup section. - Once the
globalenvironment is created, make a change to theinfraREADME.md and create a PR to trigger a preview build. Ensure that the "Deploy Previews for PR" workflow runs successfully and inspect the preview build to ensure that it is working correctly. - Once all checks are passing, merge the PR. Ensure that the destroy preview workflow runs successfully. It will also trigger a job to deploy to staging and production.
- The deploy to staging and production will not work on the first run. If only e2e tests are failing, re-run the workflow from the beginning. Re-run until it can pass.
This project uses semantic-release for versioning.
Any time the major version changes, there may be breaking changes. If it is working well for you, consider
pegging to the current major version, e.g. copier-full-stack-app-fastapi-nextjs-terraform-aws@v1, to avoid breaking changes. Alternatively,
you can always point to the most recent stable release with the copier-full-stack-app-fastapi-nextjs-terraform-aws@latest.
Clone the repo and then run npm install to set up the pre-commit hooks.
Created by Nick DeRobertis. MIT License.