Project • Recipe Platform + DevOps

giuseppe.food — production-grade from code to deploy.

A recipe platform with full DevOps infrastructure: multi-stage Docker, Terraform IaC, 7-job CI/CD pipeline, OpenTelemetry observability, and Redis-backed rate limiting. Open source.

Visit live site View on GitHubLinkedIn
Next.js 14TypeScriptDockerTerraformGitHub ActionsOpenTelemetryRedisVercel
7-job CI/CD
GitHub Actions: lint, test, build, security scan, Docker, Terraform, deploy + smoke tests.
Multi-stage Docker
Alpine base, non-root user, healthcheck endpoint, layer caching. Production-ready images.
Terraform IaC
Vercel project, domains, env vars, and deployment protection managed via Terraform Cloud.
OpenTelemetry
Distributed tracing with OTLP exporter. Jaeger in docker-compose for local debugging.
Redis rate limiting
Upstash REST API with in-memory fallback. Abuse detection with auto-ban escalation.
Security headers
OWASP-aligned CSP, HSTS with preload, X-Frame-Options, Permissions-Policy.

Open source and auditable

The entire codebase is public. Explore the Dockerfile, Terraform configs, GitHub Actions workflows, and production-grade patterns. Fork it, learn from it, or hire me to build something similar.

View sourceLive site
docker compose up
git push origin main
terraform apply
Full DevOps workflow included

CI/CD Pipeline

7-job GitHub Actions workflow with parallel execution:

  • 1. Lint + TypeScript + Prettier check
  • 2. Vitest with Codecov coverage
  • 3. Next.js production build + artifacts
  • 4. npm audit + TruffleHog secret scan
  • 5. Docker buildx with layer caching
  • 6. Terraform plan/apply
  • 7. Vercel deploy + smoke tests

Docker Strategy

Multi-stage build for minimal production images:

  • Stage 1: deps - Alpine base, npm ci
  • Stage 2: builder - Compile Next.js standalone
  • Stage 3: runner - Non-root user (uid 1001)
  • Built-in /health endpoint for orchestration
  • libc6-compat for Alpine compatibility

Infrastructure as Code

Terraform Cloud manages all Vercel infrastructure:

Project config
Custom domains
Env variables
Deploy protection
7
CI/CD jobs
3
Docker stages
5
Docker Compose services
100%
IaC coverage
OWASP
CSP compliance
<50MB
Production image
4
Health checks
0
Secrets in repo