I know this is a very broad question that allows many opinionated answers. To give some context as to why I am asking this:
I am a junior developer with 3 years of experience. My main line of work is programming ERP-Systems, so no web dev at all. In the next 2 weeks I will quit my job to join a startup owned by a friend of mine. I will be the only developer starting out, so I will have a lot of decisions to make.
In my time off, I learned a lot about how to build full stack apps. But none of them were production grade apps with security considerations, auth and so on...
My new job will require me to rebuild the frontend of the current system and later on decouple the API from wordpress to have a independent application.
I try to prepare for that role as much and as good as I can. This job creates many risks for me and I want to succeed and do it right.
Currently I am learning about auth, route guards, general deployment with Nginx, HTTPS, general system design and so on.
This is where my question comes into play.
I can not seem to find good guidance regarding on how to actually deploy a production grade web app. Full stack courses often disregard security concerns to simplify the code. Deployment often just uses some 3rd party vendor that does the heavy lifting for you. I have no mentor to ask about all of this, no guidance if I am doing right. So by asking this questions I am hoping for general guidelines on what to look out for. Maybe resources that help me with specifics.
What you need is to first learn some basics of few things:
- Web Servers (nginx, Apache, Caddy etc). They usually process request and then pass them on to what we usually call "App Servers". For some languages like PHP, you will need additional service like PHP-FPM or Wsgi for Python as web servers like nginx/caddy cannot directly process those.
- App/API Server. The server actually running the application and/or APIs (.e.g a PHP or PYthon or Typescript app).
- Load Balancers: Optional but usually a good idea for Production grade apps where you at least have 2 App Servers under the Load Balancer. Some platforms can auto scale it. For example, AWS ECS (using containers) or Heroku (dynos). Usually these are the entry points for an external User Request.
- Database server: Usually where you Db is hosted. Most people go with hosted solutions such as AWS RDS etc.
- A way to deploy your code changes to the App Servers. Usually connected with a version control like Git. Fancy term is CI/CD where you can do code changes automatically through Git etc using certain configuration files.
Note that technically, you can do all of the above on an actual single hardware/machine but usually they are set up separate.
However, before deploying, you need to build. For someone like you, I highly suggest starting with a tested framework with batteries included (e.g. Laravel for PHP, Django for Python, rails for Ruby etc). These frameworks also provide great deployment options. For example, laravel has forge which basically does everything for you in terms of deployment. Everything else will be noise for you including things like Kubernetes etc. Don't even worry about those until you have a need (most don't).
Stick with the LAMP/LEMP stack. It's not perfect, but if you're moving from WordPress (which uses the LAMP/LEMP stack) then sticking with it will make the move less painful.
In terms of a framework. Laravel is a good idea for RAD, although Symfony is a fine choice too!
---
Frontend:
Assuming is has to be a SPA: Use whatever you know best. React, Vue, or Angular are fine. Laravel seems to prefer Vue slighty?
If you can get away with SSR: Use a templating system. Assuming you're using PHP, you could use Blade (for Laravel) or Twig (for Symfony).
---
In terms of hosting and deploying, use one big VM for as long as possible. It's not better, but it's simpler... and I'd say you've got a lot on your plate!
---
But to answer your original question:
If you stick with LAMP/LEMP and a framework, there is so much documentation (and so many guides) that you will be able to figure out what to do. :)
IMO if you have no production web app experience and you're a solo dev, you shouldn't be rolling your own. There are many footguns along the way, security and performance issues, deliberate attacks, bots, etc. It can become a full-time job just keeping the website up and running. That's fine if your goal is to learn, but if you just want to launch something ASAP, well, we've had two decades of Web productizations and you can pretty much one-click deploy a website these days.
I'd look into more ready-built solutions like Vercel/Netlify, AWS Amplify, Google Firebase (or maybe App Engine), Shopify, etc. There's probably some vendor that offers what you want for very cheap (but it's not clear to me what you want... more details would help).
True, you won't learn as much this way as rolling your own from the ground up, but I don't think your startup's production website should also be your personal learning project... maybe first get it up and running on a vendor supported service, then slowly replace each piece of it (like one system or API route at a time, or whatever) as you gain knowledge?
Otherwise if you DIY it and you have no mentor and no fallback, if and when something breaks, you'll have to debug it while production is down and your customers are screaming at you. That's no fun.
You can also hire someone with more experience and have them architect and deploy the initial system, then you can co-learn and help maintain and iterate it afterward.
I don't think it's a good idea to just YOLO this for a production commercial site. Too many things can and will go wrong.
Most basic versions of production web apps could be backends coupled with an ORM like Ruby on Rails/Django/Spring/etc. No need to complicate things by splitting the front-end since you’re the only developer and your experience is ERP. Pick a tech that you’re strong with and reuse popular battle-proof libraries. Deploy to application platforms and offload the infrastructure management if your startup can afford it.
You can also leverage fractional CTO services to help guide you through the process. Personally, I’ve mentored a few junior developers on an ad-hoc, hourly basis to help them build out their expertise.
But if you just wanna learn the current "best practices", learning nextjs will put in the same position that most full stack and frontend programmers are currently (I hate nextjs and wouldn't get anywhere close to it tho)