{"id":38797,"date":"2026-07-08T12:09:40","date_gmt":"2026-07-08T15:09:40","guid":{"rendered":"https:\/\/www.locaweb.com.br\/ajuda\/?post_type=ht_kb&#038;p=38797"},"modified":"2026-07-08T12:09:40","modified_gmt":"2026-07-08T15:09:40","slug":"deploy-de-aplicacoes-next-js-e-nuxt-js-ssr-no-locaweb-cloud","status":"publish","type":"ht_kb","link":"https:\/\/www.locaweb.com.br\/ajuda\/wiki\/deploy-de-aplicacoes-next-js-e-nuxt-js-ssr-no-locaweb-cloud\/","title":{"rendered":"Deploy de Aplica\u00e7\u00f5es Next.js e Nuxt.js SSR no Locaweb Cloud"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">    \t\t<div class=\"hts-messages hts-messages--info  hts-messages--withtitle hts-messages--withicon \"   >\r\n    \t\t\t<span class=\"hts-messages__title\">Informa\u00e7\u00e3o!<\/span>    \t\t\t    \t\t\t\t<p>\r\n    \t\t\t\t\tNeste tutorial, voc\u00ea encontrar\u00e1 o passo a passo t\u00e9cnico para realizar o deploy de aplica\u00e7\u00f5es Next.js e Nuxt.js em modo SSR utilizando uma M\u00e1quina Virtual (VM) Linux no Locaweb Cloud, garantindo alta performance, baixa lat\u00eancia e total autonomia para a sua opera\u00e7\u00e3o.    \t\t\t\t<\/p>\r\n    \t\t\t    \t\t\t\r\n    \t\t<\/div><!-- \/.ht-shortcodes-messages -->\r\n    \t\t<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Trataremos desde a prepara\u00e7\u00e3o de rede na plataforma Apache CloudStack at\u00e9 os m\u00e9todos modernos de deploy via Docker e GitHub Actions (CI\/CD), al\u00e9m do modelo tradicional com PM2, proxy reverso com Nginx e certificado SSL gratuito via Let\u2019s Encrypt.<\/span><\/p>\n<h2><b>1. Pr\u00e9-requisitos<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Para garantir a efici\u00eancia total e que a sua opera\u00e7\u00e3o n\u00e3o sofra interrup\u00e7\u00f5es, certifique-se de validar os seguintes requisitos antes de iniciar:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Conta Locaweb Cloud ativa:<\/b><span style=\"font-weight: 400;\"> Acesso completo ao <\/span><a href=\"https:\/\/painel-cloud.locaweb.com.br\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">painel administrativo<\/span><\/a><span style=\"font-weight: 400;\"> CloudStack.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>M\u00e1quina Virtual (VM):<\/b><span style=\"font-weight: 400;\"> Uma inst\u00e2ncia ativa com o sistema operacional Ubuntu 22.04 LTS ou superior.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Chave SSH configurada:<\/b><span style=\"font-weight: 400;\"> Par de chaves cadastrado e associado \u00e0 sua VM para acesso seguro via terminal. O arquivo da chave privada (extens\u00e3o <\/span><span style=\"font-weight: 400;\">.key<\/span><span style=\"font-weight: 400;\"> ou <\/span><span style=\"font-weight: 400;\">.pem<\/span><span style=\"font-weight: 400;\">) deve estar salvo na sua m\u00e1quina local.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Rede e IP P\u00fablico:<\/b><span style=\"font-weight: 400;\"> Uma rede (VPC ou Rede Isolada) configurada com um IP P\u00fablico alocado.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Dom\u00ednio pr\u00f3prio:<\/b><span style=\"font-weight: 400;\"> Um <\/span><b>dom\u00ednio<\/b><span style=\"font-weight: 400;\"> de site registrado com permiss\u00e3o para alterar as configura\u00e7\u00f5es de apontamento.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">\u00a0    \t\t<div class=\"hts-messages hts-messages--alert  hts-messages--withtitle hts-messages--withicon \"   >\r\n    \t\t\t<span class=\"hts-messages__title\">Importante!<\/span>    \t\t\t    \t\t\t\t<p>\r\n    \t\t\t\t\t<span style=\"font-weight: 400;\">Recomendamos um plano de recursos com, no m\u00ednimo, 2 vCPUs e 4 GB de RAM. Os processos de compila\u00e7\u00e3o (<\/span><i><span style=\"font-weight: 400;\">build<\/span><\/i><span style=\"font-weight: 400;\">) do Next.js e Nuxt.js consomem muita CPU e mem\u00f3ria RAM; inst\u00e2ncias com limites inferiores podem sofrer travamentos durante essa etapa.<\/span>    \t\t\t\t<\/p>\r\n    \t\t\t    \t\t\t\r\n    \t\t<\/div><!-- \/.ht-shortcodes-messages -->\r\n    \t\t<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Est\u00e1 com d\u00favidas sobre como come\u00e7ar no Locaweb Cloud? Acesse nosso <\/span><a href=\"https:\/\/www.locaweb.com.br\/ajuda\/wiki\/por-onde-comecar-no-locaweb-cloud\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">tutorial de apoio<\/span><\/a><span style=\"font-weight: 400;\">.\u00a0<\/span><\/p>\n<h2><b>2. Configura\u00e7\u00e3o de infraestrutura (painel)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Antes de abrir o terminal, precisamos preparar a camada de rede diretamente no painel da Locaweb. O CloudStack isola suas inst\u00e2ncias por padr\u00e3o para proteger seu ecossistema. Portanto, nenhum tr\u00e1fego externo alcan\u00e7ar\u00e1 a VM se o encaminhamento de portas (<\/span><i><span style=\"font-weight: 400;\">Port Forwarding<\/span><\/i><span style=\"font-weight: 400;\">) e o Firewall n\u00e3o forem configurados primeiro.<\/span><\/p>\n<h3><b>2.1. Localizando o IP P\u00fablico<\/b><\/h3>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">No menu lateral esquerdo do painel, navegue at\u00e9 <\/span><b>Rede<\/b><span style=\"font-weight: 400;\"> &gt; <\/span><b>Endere\u00e7os IP p\u00fablicos<\/b><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Selecione o link correspondente ao n\u00famero do seu IP P\u00fablico alocado \u00e0 VM.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Anote esse endere\u00e7o: ele ser\u00e1 a base para as conex\u00f5es SSH e para o apontamento do seu dom\u00ednio.<\/span><\/li>\n<\/ol>\n<h3><b>2.2. Configurando o encaminhamento de portas (Port Forwarding)<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Ainda nos detalhes do seu IP P\u00fablico, acesse a aba <\/span><b>Encaminhamento de porta<\/b><span style=\"font-weight: 400;\"> (<\/span><i><span style=\"font-weight: 400;\">Port Forwarding<\/span><\/i><span style=\"font-weight: 400;\">) e crie as regras que mapeiam uma porta p\u00fablica para a porta privada correspondente na VM:<\/span><\/p>\n<table>\n<tbody>\n<tr>\n<td><b>Regra<\/b><\/td>\n<td><b>Protocolo<\/b><\/td>\n<td><b>Porta P\u00fablica<\/b><\/td>\n<td><b>Porta Privada<\/b><\/td>\n<td><b>Destino<\/b><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">SSH<\/span><\/td>\n<td><span style=\"font-weight: 400;\">TCP<\/span><\/td>\n<td><span style=\"font-weight: 400;\">22<\/span><\/td>\n<td><span style=\"font-weight: 400;\">22<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Sua VM<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">HTTP<\/span><\/td>\n<td><span style=\"font-weight: 400;\">TCP<\/span><\/td>\n<td><span style=\"font-weight: 400;\">80<\/span><\/td>\n<td><span style=\"font-weight: 400;\">80<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Sua VM<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">HTTPS<\/span><\/td>\n<td><span style=\"font-weight: 400;\">TCP<\/span><\/td>\n<td><span style=\"font-weight: 400;\">443<\/span><\/td>\n<td><span style=\"font-weight: 400;\">443<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Sua VM<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Aplica\u00e7\u00e3o SSR<\/span><\/td>\n<td><span style=\"font-weight: 400;\">TCP<\/span><\/td>\n<td><span style=\"font-weight: 400;\">3000<\/span><\/td>\n<td><span style=\"font-weight: 400;\">3000<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Sua VM<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">\u00a0    \t\t<div class=\"hts-messages hts-messages--alert  hts-messages--withtitle hts-messages--withicon \"   >\r\n    \t\t\t<span class=\"hts-messages__title\">Importante!<\/span>    \t\t\t    \t\t\t\t<p>\r\n    \t\t\t\t\t<span style=\"font-weight: 400;\">A porta do seu <\/span><b>banco de dados<\/b><span style=\"font-weight: 400;\"> (como PostgreSQL, porta 5432) nunca deve ser adicionada ao encaminhamento de portas como externo. O banco deve permanecer acess\u00edvel apenas localmente para eliminar o caos de acessos vulner\u00e1veis e proteger a integridade das suas informa\u00e7\u00f5es.<\/span>    \t\t\t\t<\/p>\r\n    \t\t\t    \t\t\t\r\n    \t\t<\/div><!-- \/.ht-shortcodes-messages -->\r\n    \t\t<\/span><\/p>\n<h3><b>2.3. Configurando as regras de Firewall<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Acesse a aba <\/span><b>Firewall<\/b><span style=\"font-weight: 400;\"> no painel do seu IP P\u00fablico e autorize a entrada do tr\u00e1fego adicionando as seguintes regras de entrada (<\/span><i><span style=\"font-weight: 400;\">inbound<\/span><\/i><span style=\"font-weight: 400;\">):<\/span><\/p>\n<table>\n<tbody>\n<tr>\n<td><b>Regra<\/b><\/td>\n<td><b>CIDR de Origem<\/b><\/td>\n<td><b>Protocolo<\/b><\/td>\n<td><b>Porta Inicial<\/b><\/td>\n<td><b>Porta Final<\/b><\/td>\n<td><b>Finalidade<\/b><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">SSH<\/span><\/td>\n<td><span style=\"font-weight: 400;\">&lt;SEU_IP_ADMIN&gt;\/32<\/span><\/td>\n<td><span style=\"font-weight: 400;\">TCP<\/span><\/td>\n<td><span style=\"font-weight: 400;\">22<\/span><\/td>\n<td><span style=\"font-weight: 400;\">22<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Acesso administrativo restrito<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">HTTP<\/span><\/td>\n<td><span style=\"font-weight: 400;\">0.0.0.0\/0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">TCP<\/span><\/td>\n<td><span style=\"font-weight: 400;\">80<\/span><\/td>\n<td><span style=\"font-weight: 400;\">80<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Acesso p\u00fablico HTTP<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">HTTPS<\/span><\/td>\n<td><span style=\"font-weight: 400;\">0.0.0.0\/0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">TCP<\/span><\/td>\n<td><span style=\"font-weight: 400;\">443<\/span><\/td>\n<td><span style=\"font-weight: 400;\">443<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Acesso p\u00fablico HTTPS<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">Aplica\u00e7\u00e3o SSR<\/span><\/td>\n<td><span style=\"font-weight: 400;\">0.0.0.0\/0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">TCP<\/span><\/td>\n<td><span style=\"font-weight: 400;\">3000<\/span><\/td>\n<td><span style=\"font-weight: 400;\">3000<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Valida\u00e7\u00e3o direta (tempor\u00e1ria)<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><span style=\"font-weight: 400;\">\u00a0    \t\t<div class=\"hts-messages hts-messages--alert  hts-messages--withtitle hts-messages--withicon \"   >\r\n    \t\t\t<span class=\"hts-messages__title\">Importante!<\/span>    \t\t\t    \t\t\t\t<p>\r\n    \t\t\t\t\t<span style=\"font-weight: 400;\">Na regra de SSH, substitua <\/span><span style=\"font-weight: 400;\">\/32<\/span><span style=\"font-weight: 400;\"> pelo IP fixo da sua rede de administra\u00e7\u00e3o para reduzir drasticamente a superf\u00edcie de ataques. Use <\/span><span style=\"font-weight: 400;\">0.0.0.0\/0<\/span><span style=\"font-weight: 400;\"> apenas se n\u00e3o possuir IP fixo.<\/span>    \t\t\t\t<\/p>\r\n    \t\t\t    \t\t\t\r\n    \t\t<\/div><!-- \/.ht-shortcodes-messages -->\r\n    \t\t<\/span><\/p>\n<h3><b>2.4. Apontamento de DNS do Dom\u00ednio<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">No painel do provedor onde o seu dom\u00ednio est\u00e1 registrado (seja no <\/span><b>Registro de Dom\u00ednio<\/b><span style=\"font-weight: 400;\"> da Locaweb ou entidades externas):<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Crie um registro do tipo <\/span><b>A<\/b><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">No campo Host ou Nome, informe o subdom\u00ednio desejado (ex.: <\/span><span style=\"font-weight: 400;\">app<\/span><span style=\"font-weight: 400;\">).<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">No campo Aponta para ou Valor, cole o IP P\u00fablico alocado \u00e0 sua VM no Locaweb Cloud.<\/span><\/li>\n<\/ol>\n<h2><b>3. Configura\u00e7\u00e3o de sistema (Terminal)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Com a infraestrutura de rede liberada no painel administrativo, acesse o terminal do servidor para preparar o ambiente operacional.<\/span><\/p>\n<h3><b>3.1. Acesso via SSH<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Garanta as permiss\u00f5es restritas ao arquivo da sua chave privada antes de conectar, evitando que o cliente SSH recuse o acesso por seguran\u00e7a:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/p>\n<p><\/span><\/p>\n<pre><span style=\"font-weight: 400;\"># Restringe a leitura e escrita da chave apenas ao seu usu\u00e1rio<\/span>\r\n\r\n<span style=\"font-weight: 400;\">chmod 400 ~\/caminho\/sua-chave.key<\/span>\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Conecta \u00e0 VM informando a chave, o usu\u00e1rio padr\u00e3o 'ubuntu' e \r\no IP p\u00fablico<\/span>\r\n\r\n<span style=\"font-weight: 400;\">ssh -i ~\/caminho\/sua-chave.key ubuntu@&lt;SEU_IP_PUBLICO&gt;<\/span><\/pre>\n<p><span style=\"font-weight: 400;\"><br \/>\n<\/span><span style=\"font-weight: 400;\">Ap\u00f3s o login, sincronize os \u00edndices de pacotes e aplique as atualiza\u00e7\u00f5es pendentes para garantir a estabilidade do sistema:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<br \/>\n<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">sudo apt update &amp;&amp; sudo apt upgrade -y<\/span><\/pre>\n<h3><b>3.2. Instala\u00e7\u00e3o do Docker e Docker Compose<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Para trabalhar com a conteineriza\u00e7\u00e3o (m\u00e9todo altamente recomendado para manter a fluidez do ambiente), execute a instala\u00e7\u00e3o a partir do reposit\u00f3rio oficial:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/span><\/p>\n<pre><span style=\"font-weight: 400;\"># Instala as depend\u00eancias necess\u00e1rias para comunica\u00e7\u00e3o via HTTPS<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo apt-get update<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo apt-get install -y ca-certificates curl gnupg\r\n\r\n\r\n<\/span><span style=\"font-weight: 400;\"># Cria o diret\u00f3rio de seguran\u00e7a e importa a chave GPG oficial do Docker\r\n\r\n<\/span><span style=\"font-weight: 400;\">sudo install -m 0755 -d \/etc\/apt\/keyrings<\/span>\r\n\r\n<span style=\"font-weight: 400;\">curl -fsSL https:\/\/download.docker.com\/linux\/ubuntu\/gpg | \r\nsudo gpg --dearmor -o \/etc\/apt\/keyrings\/docker.gpg<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo chmod a+r \/etc\/apt\/keyrings\/docker.gpg<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Registra o reposit\u00f3rio est\u00e1vel do Docker conforme a vers\u00e3o do sistema<\/span>\r\n\r\n<span style=\"font-weight: 400;\">echo \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\"deb [arch=$(dpkg --print-architecture) \r\nsigned-by=\/etc\/apt\/keyrings\/docker.gpg]\r\n https:\/\/download.docker.com\/linux\/ubuntu \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0$(. \/etc\/os-release &amp;&amp; echo \"$VERSION_CODENAME\") stable\" | \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0sudo tee \/etc\/apt\/sources.list.d\/docker.list &gt; \/dev\/null<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Atualiza os \u00edndices e instala a engine oficial do Docker<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo apt-get update<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo apt-get install -y docker-ce docker-ce-cli containerd.io \r\ndocker-buildx-plugin docker-compose-plugin<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Habilita a inicializa\u00e7\u00e3o autom\u00e1tica do servi\u00e7o<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo systemctl enable --now docker<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Adiciona o usu\u00e1rio 'ubuntu' ao grupo Docker para dispensar \r\no uso de sudo nos comandos<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo usermod -aG docker ubuntu<\/span>\r\n\r\n\r\n<\/pre>\n<p><span style=\"font-weight: 400;\">\u00a0    \t\t<div class=\"hts-messages hts-messages--alert  hts-messages--withtitle hts-messages--withicon \"   >\r\n    \t\t\t<span class=\"hts-messages__title\">Importante!<\/span>    \t\t\t    \t\t\t\t<p>\r\n    \t\t\t\t\t<span style=\"font-weight: 400;\">Ap\u00f3s executar o comando <\/span><span style=\"font-weight: 400;\">usermod<\/span><span style=\"font-weight: 400;\">, encerre a sua sess\u00e3o SSH e reconecte-se ao servidor. Essa a\u00e7\u00e3o \u00e9 necess\u00e1ria para que o sistema operacional atualize as novas permiss\u00f5es do seu grupo de usu\u00e1rio.<\/span>    \t\t\t\t<\/p>\r\n    \t\t\t    \t\t\t\r\n    \t\t<\/div><!-- \/.ht-shortcodes-messages -->\r\n    \t\t<\/span><\/p>\n<h3><b>3.3. Configura\u00e7\u00e3o do banco de dados<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Para aplica\u00e7\u00f5es de produ\u00e7\u00e3o que necessitam de persist\u00eancia de dados, inicializaremos um cont\u00eainer PostgreSQL isolado, garantindo o funcionamento interno sem expor portas sens\u00edveis \u00e0 internet:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/span><\/p>\n<p>&nbsp;<\/p>\n<pre><span style=\"font-weight: 400;\"># Cria um volume persistente para proteger as informa\u00e7\u00f5es \r\nfora do ciclo do cont\u00eainer<\/span>\r\n\r\n<span style=\"font-weight: 400;\">docker volume create pgdata<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Inicializa o cont\u00eainer do banco de dados amarrado ao localhost \r\n(127.0.0.1)<\/span>\r\n\r\n<span style=\"font-weight: 400;\">docker run -d \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0--name app-db \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0-e POSTGRES_USER=usuario_prod \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0-e POSTGRES_PASSWORD=&lt;SENHA_SEGURA_DO_BANCO&gt; \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0-e POSTGRES_DB=app_db_prod \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0-v pgdata:\/var\/lib\/postgresql\/data \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0--restart always \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0-p 127.0.0.1:5432:5432 \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0postgres:16-alpine<\/span>\r\n\r\n\r\n<\/pre>\n<h2><b>4. Prepara\u00e7\u00e3o da aplica\u00e7\u00e3o para o modo SSR<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">No reposit\u00f3rio do seu projeto (na sua m\u00e1quina local de desenvolvimento), crie os arquivos de configura\u00e7\u00e3o necess\u00e1rios para otimizar o empacotamento da aplica\u00e7\u00e3o.<\/span><\/p>\n<h3><b>4.1. Dockerfile para projetos Next.js<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Crie um arquivo chamado <\/span><span style=\"font-weight: 400;\">Dockerfile<\/span><span style=\"font-weight: 400;\"> na raiz do seu projeto Next.js. O modelo abaixo utiliza m\u00faltiplos est\u00e1gios para gerar uma imagem leve e otimizada:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Dockerfile<\/span><\/p>\n<p>&nbsp;<\/p>\n<pre><span style=\"font-weight: 400;\"># Est\u00e1gio de depend\u00eancias e build<\/span>\r\n\r\n<span style=\"font-weight: 400;\">FROM node:18-alpine AS builder<\/span>\r\n\r\n<span style=\"font-weight: 400;\">WORKDIR \/app<\/span>\r\n\r\n<span style=\"font-weight: 400;\">COPY package*.json .\/<\/span>\r\n\r\n<span style=\"font-weight: 400;\">RUN npm ci<\/span>\r\n\r\n<span style=\"font-weight: 400;\">COPY . .<\/span>\r\n\r\n<span style=\"font-weight: 400;\">ENV NODE_ENV=production<\/span>\r\n\r\n<span style=\"font-weight: 400;\">RUN npm run build<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Est\u00e1gio de execu\u00e7\u00e3o (produ\u00e7\u00e3o)<\/span>\r\n\r\n<span style=\"font-weight: 400;\">FROM node:18-alpine AS runner<\/span>\r\n\r\n<span style=\"font-weight: 400;\">WORKDIR \/app<\/span>\r\n\r\n<span style=\"font-weight: 400;\">ENV NODE_ENV=production<\/span>\r\n\r\n<span style=\"font-weight: 400;\">ENV PORT=3000<\/span>\r\n\r\n<span style=\"font-weight: 400;\">ENV HOSTNAME=\"0.0.0.0\"<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Copia apenas os artefatos m\u00ednimos e essenciais do build<\/span>\r\n\r\n<span style=\"font-weight: 400;\">COPY --from=builder \/app\/next.config.js .\/<\/span>\r\n\r\n<span style=\"font-weight: 400;\">COPY --from=builder \/app\/public .\/public<\/span>\r\n\r\n<span style=\"font-weight: 400;\">COPY --from=builder \/app\/.next\/standalone .\/<\/span>\r\n\r\n<span style=\"font-weight: 400;\">COPY --from=builder \/app\/.next\/static .\/.next\/static<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\">EXPOSE 3000<\/span>\r\n\r\n<span style=\"font-weight: 400;\">CMD [\"node\", \"server.js\"]<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">    \t\t<div class=\"hts-messages hts-messages--alert  hts-messages--withtitle hts-messages--withicon \"   >\r\n    \t\t\t<span class=\"hts-messages__title\">Importante!<\/span>    \t\t\t    \t\t\t\t<p>\r\n    \t\t\t\t\t<\/span><span style=\"font-weight: 400;\">Para utilizar essa estrutura standalone com sucesso, certifique-se de que a op\u00e7\u00e3o <\/span><span style=\"font-weight: 400;\">output: &#8216;standalone&#8217;<\/span><span style=\"font-weight: 400;\"> esteja ativada dentro do arquivo <\/span><span style=\"font-weight: 400;\">next.config.js<\/span><span style=\"font-weight: 400;\"> do seu projeto.<\/span><span style=\"font-weight: 400;\">    \t\t\t\t<\/p>\r\n    \t\t\t    \t\t\t\r\n    \t\t<\/div><!-- \/.ht-shortcodes-messages -->\r\n    \t\t<\/span><\/p>\n<h3><b>4.2. Dockerfile para projetos Nuxt.js<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Se o seu framework de escolha for o Nuxt.js, utilize o seguinte modelo de <\/span><span style=\"font-weight: 400;\">Dockerfile<\/span><span style=\"font-weight: 400;\"> na raiz do projeto:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Dockerfile<\/span><\/p>\n<p>&nbsp;<\/p>\n<pre><span style=\"font-weight: 400;\"># Est\u00e1gio de build<\/span>\r\n\r\n<span style=\"font-weight: 400;\">FROM node:18-alpine AS builder<\/span>\r\n\r\n<span style=\"font-weight: 400;\">WORKDIR \/app<\/span>\r\n\r\n<span style=\"font-weight: 400;\">COPY package*.json .\/<\/span>\r\n\r\n<span style=\"font-weight: 400;\">RUN npm ci<\/span>\r\n\r\n<span style=\"font-weight: 400;\">COPY . .<\/span>\r\n\r\n<span style=\"font-weight: 400;\">RUN npm run build<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Est\u00e1gio de execu\u00e7\u00e3o<\/span>\r\n\r\n<span style=\"font-weight: 400;\">FROM node:18-alpine AS runner<\/span>\r\n\r\n<span style=\"font-weight: 400;\">WORKDIR \/app<\/span>\r\n\r\n<span style=\"font-weight: 400;\">ENV NODE_ENV=production<\/span>\r\n\r\n<span style=\"font-weight: 400;\">ENV NITRO_PORT=3000<\/span>\r\n\r\n<span style=\"font-weight: 400;\">ENV NITRO_HOST=0.0.0.0<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Copia o diret\u00f3rio de sa\u00edda estruturado pelo Nitro<\/span>\r\n\r\n<span style=\"font-weight: 400;\">COPY --from=builder \/app\/.output .\/.output<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\">EXPOSE 3000<\/span>\r\n\r\n<span style=\"font-weight: 400;\">CMD [\"node\", \".output\/server\/index.mjs\"]<\/span><\/pre>\n<h2><b>5. Deploy: m\u00e9todo moderno (Docker + GitHub Actions)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Automatizar suas publica\u00e7\u00f5es atrav\u00e9s de uma esteira de CI\/CD (GitHub Actions) \u00e9 a melhor pr\u00e1tica para garantir agilidade, eliminar erros manuais e acelerar o seu <\/span><i><span style=\"font-weight: 400;\">time-to-market<\/span><\/i><span style=\"font-weight: 400;\">.<\/span><\/p>\n<h3><b>5.1. Workflow do GitHub Actions<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Crie a estrutura de diret\u00f3rios <\/span><span style=\"font-weight: 400;\">.github\/workflows\/<\/span><span style=\"font-weight: 400;\"> no seu projeto local e salve o arquivo <\/span><span style=\"font-weight: 400;\">deploy.yml<\/span><span style=\"font-weight: 400;\">:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">YAML<\/p>\n<p><\/span><\/p>\n<pre><span style=\"font-weight: 400;\">name: CI\/CD Deploy Locaweb Cloud<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\">on:<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0push:<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0branches:<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0- main<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\">jobs:<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0deploy:<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0runs-on: ubuntu-latest<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0steps:<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0- name: Checkout do c\u00f3digo<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0uses: actions\/checkout@v4<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0- name: Configurar chave SSH de acesso<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0run: |<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0mkdir -p ~\/.ssh<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0echo \"${{ secrets.SSH_PRIVATE_KEY }}\" &gt; ~\/.ssh\/id_rsa<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0chmod 600 ~\/.ssh\/id_rsa<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0ssh-keyscan -H ${{ secrets.SERVER_IP }} &gt;&gt; ~\/.ssh\/known_hosts<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0- name: Enviar c\u00f3digo para o servidor<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0run: |<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0rsync -avz --exclude '.git' --exclude 'node_modules' \r\n--exclude '.next' --exclude '.output' .\r\n\/ ubuntu@${{ secrets.SERVER_IP }}:\/home\/ubuntu\/app\/<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0- name: Build e rein\u00edcio do container na VM do Locaweb Cloud<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0run: |<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0ssh ubuntu@${{ secrets.SERVER_IP }} &lt;&lt; 'EOF'<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0cd \/home\/ubuntu\/app<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0docker build -t minha-app-ssr:latest .<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0docker stop minha-app-instancia || true<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0docker rm minha-app-instancia || true<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0docker run -d \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0--name minha-app-instancia \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-p 3000:3000 \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0--link app-db:db \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0-e DATABASE_URL=\"postgresql:\/\/usuario_prod:\r\n&lt;SENHA_SEGURA_DO_BANCO&gt;@db:5432\/app_db_prod\" \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0--restart always \\<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0minha-app-ssr:latest<\/span>\r\n\r\n<span style=\"font-weight: 400;\"> \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0EOF<\/span><\/pre>\n<h3><b>5.2. Configura\u00e7\u00e3o das vari\u00e1veis secretas (Secrets) no GitHub<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">No painel do seu reposit\u00f3rio no GitHub, navegue at\u00e9 <\/span><b>Settings<\/b><span style=\"font-weight: 400;\"> &gt; <\/span><b>Secrets and variables<\/b><span style=\"font-weight: 400;\"> &gt; <\/span><b>Actions<\/b><span style=\"font-weight: 400;\"> e cadastre as chaves de seguran\u00e7a:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">SSH_PRIVATE_KEY<\/span><span style=\"font-weight: 400;\">: O conte\u00fado textual completo do arquivo da sua chave privada <\/span><span style=\"font-weight: 400;\">.key<\/span><span style=\"font-weight: 400;\"> ou <\/span><span style=\"font-weight: 400;\">.pem<\/span><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">SERVER_IP<\/span><span style=\"font-weight: 400;\">: O endere\u00e7o IP P\u00fablico alocado para a sua VM.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">\u00a0    \t\t<div class=\"hts-messages hts-messages--alert  hts-messages--withtitle hts-messages--withicon \"   >\r\n    \t\t\t<span class=\"hts-messages__title\">Aviso!<\/span>    \t\t\t    \t\t\t\t<p>\r\n    \t\t\t\t\tNunca versione chaves privadas, credenciais ou strings de conex\u00e3o diretamente no seu c\u00f3digo-fonte. Utilize sempre os Secrets do GitHub para manter as diretrizes de seguran\u00e7a digital da sua empresa intactas.    \t\t\t\t<\/p>\r\n    \t\t\t    \t\t\t\r\n    \t\t<\/div><!-- \/.ht-shortcodes-messages -->\r\n    \t\t<\/span><\/p>\n<h2><b>6. Deploy: m\u00e9todo manual (PM2)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Caso prefira rodar a aplica\u00e7\u00e3o diretamente no sistema operacional da inst\u00e2ncia sem utilizar cont\u00eaineres, voc\u00ea pode contar com o PM2 para gerenciar os processos e manter a execu\u00e7\u00e3o SSR ativa em segundo plano.<\/span><\/p>\n<h3><b>6.1. Instala\u00e7\u00e3o do Node.js e do PM2 na VM<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">No terminal da sua inst\u00e2ncia Linux, instale o gerenciador de vers\u00f5es (NVM) e o PM2:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/span><\/p>\n<p>&nbsp;<\/p>\n<pre><span style=\"font-weight: 400;\"># Baixa e instala o NVM (Node Version Manager)<\/span>\r\n\r\n<span style=\"font-weight: 400;\">curl -o- https:\/\/raw.githubusercontent.com\/nvm-sh\/nvm\/v0.39.7\/\r\ninstall.sh|bash<\/span>\r\n\r\n<span style=\"font-weight: 400;\">source ~\/.bashrc<\/span>\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Instala a vers\u00e3o est\u00e1vel LTS do Node.js<\/span>\r\n\r\n<span style=\"font-weight: 400;\">nvm install --lts<\/span>\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Instala globalmente o gerenciador de processos PM2<\/span>\r\n\r\n<span style=\"font-weight: 400;\">npm install -g pm2<\/span>\r\n\r\n\r\n<\/pre>\n<h3><b>6.2. Execu\u00e7\u00e3o da aplica\u00e7\u00e3o<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Clone o reposit\u00f3rio diretamente na inst\u00e2ncia, instale os pacotes e gere a compila\u00e7\u00e3o:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">git clone https:\/\/github.com\/seu-usuario\/seu-repositorio.git app-manual<\/span>\r\n\r\n<span style=\"font-weight: 400;\">cd app-manual<\/span>\r\n\r\n<span style=\"font-weight: 400;\">npm install<\/span>\r\n\r\n<span style=\"font-weight: 400;\">npm run build<\/span><\/pre>\n<p><span style=\"font-weight: 400;\"><br \/>\nAgora, inicie o processo SSR no ambiente do PM2 apontando para o seu framework:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/span><\/p>\n<pre><span style=\"font-weight: 400;\"># Se o projeto for Next.js:<\/span>\r\n\r\n<span style=\"font-weight: 400;\">pm2 start npm --name \"next-ssr\" -- start -- --port 3000<\/span>\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Se o projeto for Nuxt.js:<\/span>\r\n\r\n<span style=\"font-weight: 400;\">pm2 start .output\/server\/index.mjs --name \"nuxt-ssr\"<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">Para garantir que a aplica\u00e7\u00e3o se recupere de forma automatizada caso o servidor sofra uma reinicializa\u00e7\u00e3o:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<br \/>\n<\/span><\/p>\n<pre><span style=\"font-weight: 400;\"># Integra os processos do PM2 ao systemd do sistema operacional<\/span>\r\n\r\n<span style=\"font-weight: 400;\">pm2 startup<\/span>\r\n\r\n<span style=\"font-weight: 400;\"># Execute o comando com 'sudo' gerado na tela do terminal para \r\nregistrar o servi\u00e7o<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Salva o estado atual dos processos para restaura\u00e7\u00e3o autom\u00e1tica \r\nno boot<\/span>\r\n<span style=\"font-weight: 400;\">pm2 save<\/span><\/pre>\n<p>&nbsp;<\/p>\n<h2><b>7. Configura\u00e7\u00e3o do Nginx como Proxy Reverso e SSL (HTTPS)<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Aplica\u00e7\u00f5es de produ\u00e7\u00e3o modernas n\u00e3o devem expor a porta da engine Node.js diretamente ao tr\u00e1fego p\u00fablico da internet. O Nginx funcionar\u00e1 como um proxy reverso para otimizar as requisi\u00e7\u00f5es, aplicar regras de cabe\u00e7alho e realizar a termina\u00e7\u00e3o criptogr\u00e1fica de seguran\u00e7a.<\/span><\/p>\n<h3><b>7.1. Instala\u00e7\u00e3o e configura\u00e7\u00e3o do Nginx<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Instale o servidor web e crie o arquivo de configura\u00e7\u00e3o dedicado para a sua aplica\u00e7\u00e3o:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/p>\n<p><\/span><\/p>\n<pre><span style=\"font-weight: 400;\">sudo apt install nginx -y<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Remove o bloco de configura\u00e7\u00e3o padr\u00e3o do sistema<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo rm \/etc\/nginx\/sites-enabled\/default<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Abre um novo arquivo de configura\u00e7\u00e3o limpo<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo nano \/etc\/nginx\/sites-available\/app-ssr\r\n<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">Insira o conte\u00fado abaixo no arquivo, ajustando o par\u00e2metro <\/span><span style=\"font-weight: 400;\">server_name<\/span><span style=\"font-weight: 400;\"> com o seu dom\u00ednio real:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Nginx<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">server {<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0listen 80;<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0server_name app.suaempresa.com.br;<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0client_max_body_size 20M;<\/span>\r\n\r\n\r\n\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0location \/ {<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0proxy_pass http:\/\/127.0.0.1:3000;<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0proxy_http_version 1.1;<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0proxy_set_header Upgrade $http_upgrade;<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0proxy_set_header Connection 'upgrade';<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0proxy_set_header Host $host;<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0proxy_cache_bypass $http_upgrade;<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0proxy_set_header X-Real-IP $remote_addr;<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0proxy_set_header X-Forwarded-Proto $scheme;<\/span>\r\n\r\n<span style=\"font-weight: 400;\">\u00a0\u00a0\u00a0\u00a0}<\/span>\r\n\r\n<span style=\"font-weight: 400;\">}<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">Ative a configura\u00e7\u00e3o criando o link simb\u00f3lico no sistema, valide a sintaxe do arquivo e reinicie o servi\u00e7o do Nginx:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/p>\n<p><\/span><\/p>\n<pre><span style=\"font-weight: 400;\">sudo ln -s \/etc\/nginx\/sites-available\/app-ssr \/etc\/nginx\/sites-enabled\/<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo nginx -t<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo systemctl restart nginx<\/span><\/pre>\n<h3><b>7.2. Instala\u00e7\u00e3o do Certificado SSL com Let&#8217;s Encrypt<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Para proteger as informa\u00e7\u00f5es e transa\u00e7\u00f5es de dados dos seus usu\u00e1rios com o protocolo seguro HTTPS, ative o <\/span><b>certificado SSL<\/b><span style=\"font-weight: 400;\"> gratuito:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/p>\n<p><\/span><\/p>\n<pre><span style=\"font-weight: 400;\"># Instala o Certbot utilit\u00e1rio e o m\u00f3dulo de integra\u00e7\u00e3o com o Nginx<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo apt install certbot python3-certbot-nginx -y<\/span>\r\n\r\n\r\n<span style=\"font-weight: 400;\"># Dispara a emiss\u00e3o autom\u00e1tica do certificado Let's Encrypt\r\n para o seu dom\u00ednio<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo certbot --nginx -d app.suaempresa.com.br<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">Siga as orienta\u00e7\u00f5es exibidas na tela do terminal. O assistente do Certbot aplicar\u00e1 as mudan\u00e7as necess\u00e1rias nas tabelas do Nginx, configurar\u00e1 o redirecionamento autom\u00e1tico de HTTP para HTTPS e cuidar\u00e1 das rotinas de renova\u00e7\u00e3o peri\u00f3dica do protocolo.<\/span><\/p>\n<h2><b>8. Valida\u00e7\u00e3o\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Com todas as etapas finalizadas, valide o sucesso da sua infraestrutura atrav\u00e9s de testes internos e externos.<\/span><\/p>\n<h3><b>8.1. Valida\u00e7\u00e3o interna (dentro da VM)<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Verifique se os cont\u00eaineres do Docker est\u00e3o ativos e saud\u00e1veis na camada do sistema:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/p>\n<p><\/span><\/p>\n<pre><span style=\"font-weight: 400;\">docker ps\r\n\r\n<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">Se utilizou o gerenciador de processos PM2, certifique-se de mapear o status como <\/span><span style=\"font-weight: 400;\">online<\/span><span style=\"font-weight: 400;\">:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<br \/>\n<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">pm2 status<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">Realize uma requisi\u00e7\u00e3o interna de teste para confirmar que a aplica\u00e7\u00e3o responde corretamente no servidor local:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">curl -I http:\/\/127.0.0.1:3000<\/span><\/pre>\n<h3><b>8.2. Valida\u00e7\u00e3o externa (m\u00e1quina local)<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Abra o terminal do seu computador local e valide o comportamento do seu dom\u00ednio apontado, certificando-se de receber o c\u00f3digo de status <\/span><span style=\"font-weight: 400;\">HTTP 200 OK<\/span><span style=\"font-weight: 400;\"> servido de forma protegida:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">curl -I https:\/\/app.suaempresa.com.br<\/span><\/pre>\n<p><span style=\"font-weight: 400;\">    \t\t<div class=\"hts-messages hts-messages--alert  hts-messages--withtitle hts-messages--withicon \"   >\r\n    \t\t\t<span class=\"hts-messages__title\">Importante!<\/span>    \t\t\t    \t\t\t\t<p>\r\n    \t\t\t\t\tPara garantir a conformidade de seguran\u00e7a e prote\u00e7\u00e3o de dados da sua empresa, realize um teste de conex\u00e3o externa direcionado \u00e0 porta do banco de dados (5432). O resultado esperado deve ser uma falha ou rejei\u00e7\u00e3o de conex\u00e3o, comprovando o isolamento do ambiente t\u00e9cnico:    \t\t\t\t<\/p>\r\n    \t\t\t    \t\t\t\r\n    \t\t<\/div><!-- \/.ht-shortcodes-messages -->\r\n    \t\t<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Bash<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">curl -v telnet:\/\/&lt;SEU_IP_PUBLICO&gt;:5432<\/span><\/pre>\n<h2><b>9. Solu\u00e7\u00e3o de problemas (Troubleshooting)<\/b><\/h2>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Erro 502 Bad Gateway ao acessar o dom\u00ednio:<\/b><span style=\"font-weight: 400;\"> Indica que o Nginx est\u00e1 operacional, mas n\u00e3o consegue se conectar \u00e0 aplica\u00e7\u00e3o Node.js. Verifique os logs do cont\u00eainer com <\/span><span style=\"font-weight: 400;\">docker ps<\/span><span style=\"font-weight: 400;\"> ou consulte as sa\u00eddas do PM2 com <\/span><span style=\"font-weight: 400;\">pm2 logs<\/span><span style=\"font-weight: 400;\">. Certifique-se de que a aplica\u00e7\u00e3o est\u00e1 ativa escutando a porta 3000.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Falha de compila\u00e7\u00e3o por falta de mem\u00f3ria (Out of Memory):<\/b><span style=\"font-weight: 400;\"> Caso o comando <\/span><span style=\"font-weight: 400;\">npm run build<\/span><span style=\"font-weight: 400;\"> sofra quedas com o erro <\/span><i><span style=\"font-weight: 400;\">JavaScript heap out of memory<\/span><\/i><span style=\"font-weight: 400;\">, crie uma parti\u00e7\u00e3o de swap tempor\u00e1ria para atuar como mem\u00f3ria virtual auxiliar no sistema operacional:<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Bash<br \/>\n<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">sudo fallocate -l 2G \/swapfile<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo chmod 600 \/swapfile<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo mkswap \/swapfile<\/span>\r\n\r\n<span style=\"font-weight: 400;\">sudo swapon \/swapfile<\/span>\r\n\r\n<span style=\"font-weight: 400;\">echo '\/swapfile none swap sw,nofail 0 0' | sudo tee -a \/etc\/fstab<\/span><\/pre>\n<p><b><\/p>\n<p>Acesso recusado via SSH (Permission denied):<\/b> <b>Acesso via SSH negado (Permission denied):<\/b><span style=\"font-weight: 400;\"> Antes de tentar a conex\u00e3o, certifique-se de que as permiss\u00f5es de seguran\u00e7a do arquivo de chave privada em seu computador local foram configuradas corretamente. Utilize o comando <\/span><span style=\"font-weight: 400;\">chmod 400 sua-chave.key<\/span><span style=\"font-weight: 400;\"> para garantir que apenas o seu usu\u00e1rio tenha acesso ao arquivo, prevenindo bloqueios por chaves excessivamente expostas.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">    \t\t<div class=\"hts-messages hts-messages--info  hts-messages--withtitle hts-messages--withicon \"   >\r\n    \t\t\t<span class=\"hts-messages__title\">Pronto!<\/span>    \t\t\t    \t\t\t\t<p>\r\n    \t\t\t\t\tSua aplica\u00e7\u00e3o SSR foi publicada com sucesso. O ambiente t\u00e9cnico est\u00e1 completamente configurado, seguro e integrado dentro da infraestrutura el\u00e1stica da Locaweb.    \t\t\t\t<\/p>\r\n    \t\t\t    \t\t\t\r\n    \t\t<\/div><!-- \/.ht-shortcodes-messages -->\r\n    \t\t<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0    \t\t<div class=\"hts-messages hts-messages--info  hts-messages--withtitle hts-messages--withicon \"   >\r\n    \t\t\t<span class=\"hts-messages__title\">Conhe\u00e7a!<\/span>    \t\t\t    \t\t\t\t<p>\r\n    \t\t\t\t\t<\/span><span style=\"font-weight: 400;\">Quer proteger a identidade da sua marca e profissionalizar o contato com seus clientes? Conhe\u00e7a os planos de <\/span><a href=\"https:\/\/www.locaweb.com.br\/email-profissional\/\" target=\"_blank\" rel=\"noopener\"><b>Email Profissional<\/b><\/a><span style=\"font-weight: 400;\"> e <\/span><a href=\"https:\/\/www.locaweb.com.br\/registro-de-dominio-web\/\" target=\"_blank\" rel=\"noopener\"><b>Registro de Dom\u00ednio<\/b><\/a><span style=\"font-weight: 400;\"> da Locaweb e centralize sua presen\u00e7a digital no mesmo ecossistema com o melhor custo-benef\u00edcio<\/span><span style=\"font-weight: 400;\">    \t\t\t\t<\/p>\r\n    \t\t\t    \t\t\t\r\n    \t\t<\/div><!-- \/.ht-shortcodes-messages -->\r\n    \t\t<\/span><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Trataremos desde a prepara\u00e7\u00e3o de rede na plataforma Apache CloudStack at\u00e9 os m\u00e9todos modernos de deploy via Docker e GitHub Actions (CI\/CD), al\u00e9m do modelo tradicional com PM2, proxy reverso com Nginx e certificado SSL gratuito via Let\u2019s Encrypt. 1. Pr\u00e9-requisitos Para garantir a efici\u00eancia total e que a sua&#8230;<\/p>\n","protected":false},"author":55,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"footnotes":""},"ht-kb-category":[666],"ht-kb-tag":[],"class_list":["post-38797","ht_kb","type-ht_kb","status-publish","format-standard","hentry","ht_kb_category-locaweb-cloud"],"_links":{"self":[{"href":"https:\/\/www.locaweb.com.br\/ajuda\/wp-json\/wp\/v2\/ht-kb\/38797","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.locaweb.com.br\/ajuda\/wp-json\/wp\/v2\/ht-kb"}],"about":[{"href":"https:\/\/www.locaweb.com.br\/ajuda\/wp-json\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/www.locaweb.com.br\/ajuda\/wp-json\/wp\/v2\/users\/55"}],"replies":[{"embeddable":true,"href":"https:\/\/www.locaweb.com.br\/ajuda\/wp-json\/wp\/v2\/comments?post=38797"}],"version-history":[{"count":1,"href":"https:\/\/www.locaweb.com.br\/ajuda\/wp-json\/wp\/v2\/ht-kb\/38797\/revisions"}],"predecessor-version":[{"id":38798,"href":"https:\/\/www.locaweb.com.br\/ajuda\/wp-json\/wp\/v2\/ht-kb\/38797\/revisions\/38798"}],"wp:attachment":[{"href":"https:\/\/www.locaweb.com.br\/ajuda\/wp-json\/wp\/v2\/media?parent=38797"}],"wp:term":[{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/www.locaweb.com.br\/ajuda\/wp-json\/wp\/v2\/ht-kb-category?post=38797"},{"taxonomy":"ht_kb_tag","embeddable":true,"href":"https:\/\/www.locaweb.com.br\/ajuda\/wp-json\/wp\/v2\/ht-kb-tag?post=38797"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}