Databases Lesson 10: Databases in Production

🗄️ Databases CourseLesson 10 of 10 · 100% complete

Running a database in production requires backups, monitoring, connection pooling, and security. Don’t learn this the hard way.

Essential Production Practices

# 1. Connection Pooling (NEVER open new connection per request)
# Use pg-pool, Prisma, or any ORM that handles this
const pool = new Pool({ connectionString: DB_URL, max: 10 });

# 2. Environment Variables
DATABASE_URL=postgresql://user:password@host:5432/dbname
# NEVER hardcode credentials!

# 3. Automated Backups
# PostgreSQL: pg_dump mydb > backup.sql
# Or use managed services: Supabase, Neon, PlanetScale

# 4. Migrations (never edit schema manually in production!)
# Use: Prisma migrations, Flyway, or db-migrate

Security Checklist

-- Create limited user for your app (not superuser!)
CREATE USER app_user WITH PASSWORD 'strong-password';
GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES TO app_user;
-- Never: GRANT ALL or use superuser in production!

-- Prepare statements prevent SQL injection:
-- ❌ NEVER: "SELECT * FROM users WHERE id = " + userId
-- ✅ ALWAYS: "SELECT * FROM users WHERE id = $1" with [userId]

You completed the Databases course!

  • Supabase — Postgres with auth, real-time, and storage
  • Neon — Serverless Postgres, perfect for Next.js

🏋️ Practice Task

Set up a production-ready database: use a managed PostgreSQL service (Supabase free tier), connection pooling, run a migration, create an app user with limited permissions, test backup/restore with pg_dump.

💡 Hint: Supabase: go to supabase.com, create project, get DATABASE_URL, use with Prisma or node-postgres.

← PreviousLesson 10 of 10Course Complete!

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *