Installation

Installation

Complete production deployment guide for DO Manager on Cloudflare Workers.

---

Prerequisites

• Node.js 20+
• Cloudflare account
• Cloudflare Workers subscription (free tier works)

---

Step 1: Authenticate with Cloudflare

npx wrangler login

---

Step 2: Create D1 Database

Create the metadata database that stores namespace configs, instance tracking, and job history:

npx wrangler d1 create do-manager-metadata

Note the database_id from the output — you'll need it for wrangler.toml.

Initialize the schema:

npx wrangler d1 execute do-manager-metadata --remote --file=worker/schema.sql

---

Step 3: Create R2 Bucket

For backup/restore functionality:

npx wrangler r2 bucket create do-manager-backups

---

Step 4: Configure Wrangler

Copy the example configuration:

cp wrangler.toml.example wrangler.toml

Edit wrangler.toml and update the database_id from Step 2:

[[d1_databases]]
binding = "DB"
database_name = "do-manager-metadata"
database_id = "your-database-id-here"

[[r2_buckets]]
binding = "BACKUPS"
bucket_name = "do-manager-backups"

---

Step 5: Set Up Cloudflare Access

DO Manager uses Cloudflare Access (Zero Trust) for enterprise authentication.

5.1 Configure Zero Trust

1. Go to Cloudflare Zero Trust Dashboard
2. Navigate to Settings → Authentication
3. Add your preferred identity provider (GitHub OAuth, Google, etc.)

5.2 Create Access Application

1. Go to Access → Applications
2. Click Add an application → Self-hosted
3. Configure:
   • Application name: DO Manager
   • Session duration: 24 hours (recommended)
   • Application domain: your-do-manager.workers.dev (or custom domain)
4. Add an Access policy (e.g., allow specific emails or groups)
5. Save and copy the Application Audience (AUD) tag

5.3 Get Team Domain

Your team domain is shown in Zero Trust settings:

• Format: https://yourteam.cloudflareaccess.com

---

Step 6: Create API Token

1. Go to Cloudflare API Tokens
2. Click Create Token → Custom Token
3. Add permissions:
   • Account → Workers Scripts → Read
   • Account → D1 → Edit (if managing D1-backed DOs)
4. Create and copy the token

Note: Both API Tokens (Bearer auth) and Global API Keys (X-Auth-Key auth) are supported.

---

Step 7: Set Secrets

Store sensitive values as Worker secrets:

npx wrangler secret put ACCOUNT_ID
# Enter your Cloudflare account ID

npx wrangler secret put API_KEY
# Enter your API token from Step 6

npx wrangler secret put TEAM_DOMAIN
# Enter: https://yourteam.cloudflareaccess.com

npx wrangler secret put POLICY_AUD
# Enter the AUD tag from Step 5.2

Finding Your Account ID

Your account ID is in your Cloudflare dashboard URL:

https://dash.cloudflare.com/ACCOUNT_ID/...

---

Step 8: Deploy

Build and deploy:

npm run build
npx wrangler deploy

Your app is now live at the Workers URL shown in the output.

---

Custom Domain (Optional)

To use a custom domain:

1. Go to your Worker in the Cloudflare dashboard
2. Click Settings → Triggers
3. Add a Custom Domain
4. Update your Access application domain to match

---

Verify Installation

1. Navigate to your deployed URL
2. Authenticate via Cloudflare Access
3. Click Discover Namespaces to auto-detect your Durable Objects
4. If no namespaces appear, you may need to deploy Workers with Durable Objects first

---

Next Steps

• Admin Hooks — Enable storage management for your DOs
• Features — Learn about all available features
• Troubleshooting — Common issues and solutions