Self-Hosting Guide

TeachRepo is MIT-licensed. Fork the template, wire up Supabase + Stripe, and deploy anywhere Node runs — Vercel, Railway, Fly.io, a plain VPS. No platform fees. No lock-in.

💡Time to deploy: ~20 minutes for a fresh Vercel + Supabase setup using the one-click template. The GitHub Actions workflow then handles every subsequent deploy on push.

Prerequisites

→Node.js 18+ — Check: node -v
→npm or pnpm — Check: npm -v
→Git — For repo-based course imports and the CLI
→Vercel account — Free tier works — vercel.com
→Supabase project — Free tier works up to ~50k rows — supabase.com
→Stripe account — Test mode is fine for dev — stripe.com
→GitHub account — For repo imports and CI/CD with GitHub Actions

Fork and clone the template

The full source is in the openclaw-workspace monorepo. The web app lives at startup-91-lean-launch-plan-repo-to-course-git-native-paywall/apps/web/.

# Fork on GitHub first, then:
git clone https://github.com/YOUR_ORG/YOUR_FORK.git
cd YOUR_FORK/startup-91-lean-launch-plan-repo-to-course-git-native-paywall/apps/web

npm install

ℹ️The monorepo root contains startup-*/ directories. The teachrepo web app is entirely self-contained in apps/web/ with its own package.json.

Set up Supabase

Create a new project at supabase.com. Then apply the schema:

# In the Supabase SQL editor, run both files in order:
# 1. supabase/schema.sql   — tables, indexes, enums
# 2. supabase/rls.sql      — row-level security policies

Grab your credentials from Project Settings → API:

NEXT_PUBLIC_SUPABASE_URL — Project URL (e.g. https://xxxx.supabase.co)
NEXT_PUBLIC_SUPABASE_ANON_KEY — public anon key
SUPABASE_SERVICE_ROLE_KEY — secret service role key (never expose client-side)

⚠️SUPABASE_SERVICE_ROLE_KEY bypasses RLS. Keep it server-only. Never put it in NEXT_PUBLIC_* env vars.

Enable email auth

Authentication → Email → Enable email confirmations. For development you can disable email confirmation to skip the verify step.

Storage bucket (optional)

Create a public bucket named course-assets for cover images and attachments. The app falls back gracefully if the bucket is absent.

Set up Stripe

STRIPE_SECRET_KEY — starts with sk_test_
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY — starts with pk_test_
STRIPE_WEBHOOK_SECRET — generated when you create a webhook endpoint

Create webhook endpoint

In Stripe Dashboard → Developers → Webhooks → Add endpoint:

# Endpoint URL:
https://YOUR_DOMAIN/api/webhooks/stripe

# Events to listen for:
checkout.session.completed
invoice.payment_succeeded
customer.subscription.updated
customer.subscription.deleted

Copy the Signing secret (starts with whsec_) into STRIPE_WEBHOOK_SECRET.

Course paywall pricing

Course prices are set per-course in the dashboard — no hard-coded Stripe price IDs needed. The import pipeline creates a Stripe Price on first publish.

💡For local webhook testing, use the Stripe CLI:
stripe listen --forward-to localhost:3000/api/webhooks/stripe

Configure environment variables

Copy the example env file and fill in your values:

cp .env.example .env.local

Minimum required variables:

# Supabase
NEXT_PUBLIC_SUPABASE_URL=https://xxxx.supabase.co
NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJhb...
SUPABASE_SERVICE_ROLE_KEY=eyJhb...

# Stripe
STRIPE_SECRET_KEY=sk_test_...
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_test_...
STRIPE_WEBHOOK_SECRET=whsec_...

# App
NEXT_PUBLIC_APP_URL=http://localhost:3000   # or https://yourdomain.com in prod

# GitHub (for repo-based imports)
GITHUB_TOKEN=ghp_...   # GitHub PAT with repo read scope

ℹ️Optional variables (AI quiz generation, analytics, PostHog, etc.) are documented in .env.example. The app boots without them — features degrade gracefully.

Run locally

npm run dev
# → http://localhost:3000

# Type-check:
npm run type-check

# Build for production:
npm run build
npm start

The first time you visit /auth/signup, create your founder account. The first signup auto-receives admin privileges if FOUNDER_EMAIL is set in env.

Deploy to Vercel

Option A — Vercel CLI (quickest)

# From apps/web/
npx vercel --prod

# Follow prompts: link to your Vercel project, select framework = Next.js
# Set env vars when prompted, or add them in the Vercel dashboard

Option B — Vercel dashboard import

New Project → Import Git Repository → select your fork
Set Root Directory to startup-91-lean-launch-plan-repo-to-course-git-native-paywall/apps/web
Framework preset: Next.js
Add all env vars (see Step 4) in the Environment Variables section
Deploy

Add your custom domain

vercel domains add yourdomain.com
# Then set the A record / CNAME in your DNS provider per Vercel's instructions

Update NEXT_PUBLIC_APP_URL to your custom domain and redeploy.

Automate with GitHub Actions

Add this workflow to your fork for automatic deploy-on-push:

# .github/workflows/deploy.yml
name: Deploy to Vercel

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

env:
  VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
  VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}

jobs:
  deploy:
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: startup-91-lean-launch-plan-repo-to-course-git-native-paywall/apps/web

    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version: 20
          cache: npm
          cache-dependency-path: |
            startup-91-lean-launch-plan-repo-to-course-git-native-paywall/apps/web/package-lock.json

      - run: npm ci

      - name: Type-check
        run: npm run type-check

      - name: Install Vercel CLI
        run: npm install -g vercel@latest

      - name: Pull Vercel env
        run: vercel pull --yes --environment=production --token=${{ secrets.VERCEL_TOKEN }}

      - name: Build
        run: vercel build --prod --token=${{ secrets.VERCEL_TOKEN }}

      - name: Deploy
        if: github.ref == 'refs/heads/main'
        run: vercel deploy --prebuilt --prod --token=${{ secrets.VERCEL_TOKEN }}

GitHub Secrets to set

Secret name	Where to get it
VERCEL_TOKEN	Vercel → Account Settings → Tokens
VERCEL_ORG_ID	vercel.com/account → General → Your ID, or .vercel/project.json
VERCEL_PROJECT_ID	.vercel/project.json after first vercel link
SUPABASE_SERVICE_ROLE_KEY	Supabase → Project Settings → API
STRIPE_SECRET_KEY	Stripe Dashboard → Developers → API keys
STRIPE_WEBHOOK_SECRET	Stripe Dashboard → Developers → Webhooks

Go to your GitHub repo → Settings → Secrets and variables → Actions → New repository secret.

(Optional) Run the TeachRepo CLI

The CLI lets you push course updates directly from your local repo:

npm install -g @teachrepo/cli

# Authenticate (generates an API token for your account)
teachrepo login

# In your course repo:
teachrepo push --url https://yourdomain.com

# Push a specific branch as a version
teachrepo push --branch v1.2 --label "v1.2"

See the full CLI Reference for all commands.

(Optional) Deploy on Railway or Fly.io

TeachRepo is a standard Next.js app. Any platform that runs Node 18+ works.

Railway

# railway.toml (place in apps/web/)
[build]
builder = "nixpacks"
buildCommand = "npm run build"

[deploy]
startCommand = "npm start"
healthcheckPath = "/api/health"
restartPolicyType = "on_failure"

Fly.io

# From apps/web/:
fly launch --name teachrepo-app --region iad
fly secrets set NEXT_PUBLIC_SUPABASE_URL=... STRIPE_SECRET_KEY=... # etc.
fly deploy

Docker (VPS / bare metal)

FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build

FROM node:20-alpine AS runner
WORKDIR /app
ENV NODE_ENV=production
COPY --from=builder /app/.next/standalone ./
COPY --from=builder /app/.next/static ./.next/static
COPY --from=builder /app/public ./public
EXPOSE 3000
CMD ["node", "server.js"]

ℹ️Add output: 'standalone' to next.config.js to enable the minimal Docker image (Next.js docs: output: standalone).

Self-hosted vs. Hosted SaaS — differences

Aspect	Self-hosted	Hosted (Creator plan)
Cost	Infra costs only (Vercel/Supabase free tiers = $0/mo)	$29/mo managed
Course limit	Unlimited (you own the DB)	→ Unlimited (plan unlocked)
Lesson limit	Unlimited	→ Unlimited
Custom domain	Yes — configure in Vercel	Yes — one-click in dashboard
Stripe account	Your own	Your own (Connect)
Platform fee	0%	0% direct, 10% marketplace
Marketplace listing	No (self-hosted not indexed)	Yes
Updates	Manual — merge upstream PRs	Automatic
Devops burden	You manage Supabase, Vercel, webhooks	Managed for you
Data ownership	Full — your Supabase project	Full — export anytime
AI quiz generation	Unlimited (bring your own key)	Unlimited (included)
Support	GitHub Issues / community	Priority email support

Keeping your fork up to date

Add the upstream remote and merge new releases:

git remote add upstream https://github.com/ErlisK/openclaw-workspace.git

# Check for new commits:
git fetch upstream

# Merge latest:
git merge upstream/main

# Or cherry-pick specific commits:
git cherry-pick <commit-sha>

⚠️Check the release notes before merging — database schema migrations need to be applied manually to your Supabase project via the SQL editor.

Troubleshooting

❌ Stripe webhook returns 400 "No signatures found"

✅ Make sure STRIPE_WEBHOOK_SECRET matches the signing secret for the endpoint in your Stripe dashboard. For local dev, use the Stripe CLI to forward events.

❌ Supabase RLS blocking all reads

✅ Check that you applied supabase/rls.sql. If testing, temporarily disable RLS on a table via the Supabase dashboard to isolate the issue.

❌ Build fails with "SUPABASE_SERVICE_ROLE_KEY not found"

✅ Add the secret to Vercel env vars (Dashboard → Project → Settings → Environment Variables) or to your .env.local file.

❌ GitHub import returns 404

✅ Make sure GITHUB_TOKEN has repo read scope and the repo is not private (or the token has access to private repos).

❌ Vercel deploy fails with "Build Error"

✅ Run npm run build locally first. The most common cause is a missing env var — check the build log for "undefined" values.