This article provides a start-to-finish, production-ready guide to deploy OpenStatus on Debian VPS, including all required prerequisites and a clean, repeatable deployment flow.
What is OpenStatus?
OpenStatus is an open-source uptime monitoring and status page platform designed to help you monitor services, track incidents, and publish public or private status pagesβsimilar in concept to tools like Statuspage or Better Uptime, but self-hostable and developer-friendly.
How to Deploy OpenStatus on Debian VPS
What Youβll Install
| Component | Required Version |
|---|---|
| Node.js | β₯ 20.0.0 |
| pnpm | β₯ 8.6.2 |
| Bun | Latest |
| Turso CLI | Latest |
| OpenStatus | Current release |
-
Prepare the Debian VPS
-
Update System Packages
apt update && apt upgrade -y apt install -y \ curl \ git \ unzip \ ca-certificates \ build-essential \ pkg-config
-
Enable Development Tools
apt groupinstall -y "Development Tools"
-
-
Install Node.js (β₯ 20)
-
Add NodeSource Repository
curl -fsSL https://deb.nodesource.com/setup_20.x | bash -
-
Install Node.js
apt install -y nodejs
-
Verify
node -v npm -v
-
-
Install pnpm (β₯ 8.6.2)
corepack enable corepack prepare pnpm@8.6.2 --activate
Verify:
pnpm -v
-
Install Bun Runtime
curl -fsSL https://bun.sh/install | bash
Load Bun into your shell:
source ~/.bashrc
Verify:
bun --version
-
Install Turso CLI
curl -fsSL https://get.tur.so/install.sh | bash
Reload shell:
source ~/.bashrc
Verify:
turso --version
-
Create a Turso Database for OpenStatus
-
Authenticate
turso auth login
-
Create Database
turso db create openstatus
-
Get Authentication Token
turso db tokens create openstatus
-
Get Connection URL
turso db show openstatus
Turso authentication Save:
- DATABASE_URL
- DATABASEAUTHTOKEN
-
-
Install OpenStatus
-
Clone Repository
git clone https://github.com/openstatusHQ/openstatus.git cd openstatus
-
Install Dependencies
pnpm install
-
-
Configure Environment Variables
Create
.env:cp .env.example .env nano .env
Example configuration:
DATABASE_URL=libsql://openstatus.turso.io DATABASE_AUTH_TOKEN=your_token_here NEXTAUTH_SECRET=$(openssl rand -base64 32) NEXTAUTH_URL=http://your-server-ip:3000 RESEND_API_KEY=disabled STRIPE_SECRET_KEY=disabled PROJECT_ID_VERCEL=disabled TEAM_ID_VERCEL=disabled VERCEL_AUTH_BEARER_TOKEN=disabled TINY_BIRD_API_KEY=disabled CRON_SECRET=disabled UNKEY_TOKEN=disabled UNKEY_API_ID=disabled
-
Initialize Database Schema
pnpm build pnpm start
(Optional seed data)
pnpm db:seed
-
Build OpenStatus
pnpm build
-
Run OpenStatus
-
Development Mode
pnpm dev
-
Production Mode
pnpm start
Access:
http://SERVER_IP:3000
-
-
Final Verification Checklist
- Node.js β₯ 20 installed
- pnpm β₯ 8.6.2 installed
- Bun available
- Turso DB connected
- OpenStatus running
Enable HTTPS with Letβs Encrypt for OpenStatus (Debian)
Before continuing, make sure:
- OpenStatus is running on
http://127.0.0.1:3000 - You have a fully-qualified domain name (e.g.
status.example.com) - DNS A record points to your VPS IP
- Ports 80 and 443 are open
-
Install NGINX (if not already installed)
apt install -y nginx systemctl enable --now nginx
Verify:
curl http://localhost
-
Install Certbot (Letβs Encrypt client)
-
Install Certbot + NGINX plugin
apt install -y certbot python3-certbot-nginx
Verify:
certbot --version
-
-
Create NGINX Reverse Proxy for OpenStatus
Create a server block:
nano /etc/nginx/conf.d/openstatus.conf
HTTP Config (Temporary β for Certbot)
server { listen 80; server_name status.example.com; location / { proxy_pass http://127.0.0.1:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; } }Test and reload:
nginx -t systemctl reload nginx
-
Obtain Letβs Encrypt SSL Certificate
Run Certbot:
certbot --nginx -d status.example.com
During prompts:
- Enter email
- Agree to terms
- Choose Redirect HTTP β HTTPS
Certbot will:
- Generate certificate
- Modify NGINX config
- Enable automatic redirect
-
Final HTTPS NGINX Configuration (Auto-generated)
Certbot will convert your config to something like:
server { listen 443 ssl http2; server_name status.example.com; ssl_certificate /etc/letsencrypt/live/status.example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/status.example.com/privkey.pem; location / { proxy_pass http://127.0.0.1:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-For $remote_addr; } } server { listen 80; server_name status.example.com; return 301 https://$host$request_uri; }Reload:
systemctl reload nginx
-
Update OpenStatus Environment Variables
Edit
.env:nano /opt/openstatus/.env
Update:
NEXTAUTH_URL=https://status.example.com
Restart OpenStatus:
systemctl restart openstatus
-
Enable Firewall Rules
ufw allow http ufw allow https ufw enable
-
Verify HTTPS
Open browser:
https://status.example.com
Confirm:
- π Valid certificate
- No mixed-content warnings
- Auto-redirect from HTTP β HTTPS
-
Auto-Renewal (Important)
Certbot installs a system timer automatically.
Verify:
systemctl list-timers | grep certbot
Test renewal:
certbot renew --dry-run
-
Optional Hardening (Recommended)
Add to SSL server block:
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff;
Reload:
systemctl reload nginx
Youβre Done β
OpenStatus is now:
- Fully HTTPS-secured
- Auto-renewing via Letβs Encrypt
- Reverse-proxied through NGINX
- Production-ready
Youβre Live π
You now have OpenStatus running cleanly on Debian, backed by Turso, using modern JS tooling and ready for production monitoring.
Conclusion
You now know how to deploy OpenStatus on Debian VPS. Now youβre ready to visit the OpenStatus docs and setup monitors and status pages.
