Self-Hosted Deployment

Run the entire Virke stack on your own Fastly account. Full control, no vendor dependency on Virke Cloud.

Prerequisites

  • A Fastly account with Compute@Edge enabled
  • A Fastly API token with full scope (global, purge_all, purge_select)
  • Bun v1.0+
  • Rust toolchain with wasm32-wasip1 target
  • wasi-sdk 25.0 installed (for compiling SQLite to Wasm)
  • A GitHub OAuth application
  • Fastly CLI installed

Fastly Resources Checklist

Resource Type Purpose
virke-api Compute service API, auth, deploy, DB proxy
virke-sites VCL service Static site serving (free)
sessions KV Store Session storage (TTL)
control_plane KV Store Control plane SQLite DB
project_databases KV Store Customer database blobs
project_kv KV Store Customer KV data
secrets Secret Store API tokens, OAuth secrets
sites_config Secret Store VCL service + dictionary IDs
Object Storage bucket Object Storage Static files, dashboard

Step 1: Clone the Repository

git clone https://github.com/virke-os/virke.git
cd virke
bun install

Step 2: Create Fastly Services

# Compute service (virke-api)
fastly service create --name virke-api --type compute

# VCL service (virke-sites)
fastly service create --name virke-sites --type vcl

Step 3: Create KV Stores

fastly kv-store create --name sessions
fastly kv-store create --name control_plane
fastly kv-store create --name project_databases
fastly kv-store create --name project_kv

Step 4: Create Secret Stores

fastly secret-store create --name secrets

Add the required secrets:

# GitHub OAuth credentials
fastly secret-store-entry create --store-id=<ID> --name=github_client_id --secret=<VALUE>
fastly secret-store-entry create --store-id=<ID> --name=github_client_secret --secret=<VALUE>

# Fastly API token
fastly secret-store-entry create --store-id=<ID> --name=fastly_api_token --secret=<VALUE>

# Session signing key
fastly secret-store-entry create --store-id=<ID> --name=session_signing_key --secret=$(openssl rand -hex 32)

# Object Storage credentials
fastly secret-store-entry create --store-id=<ID> --name=object_storage_access_key --secret=<VALUE>
fastly secret-store-entry create --store-id=<ID> --name=object_storage_secret_key --secret=<VALUE>

Step 5: Configure Edge Dictionaries

fastly dictionary create --service-id=<SVC_SITES_ID> --version=1 --name=routes
fastly dictionary create --service-id=<SVC_SITES_ID> --version=1 --name=versions
fastly dictionary create --service-id=<SVC_SITES_ID> --version=1 --name=canary
fastly dictionary create --service-id=<SVC_SITES_ID> --version=1 --name=previews

Store dictionary IDs in the sites_config Secret Store.

Step 6: Build and Deploy the API

cd apps/api
bash build.sh        # produces bin/main.wasm (~1.8 MB)
fastly compute publish

Step 7: Build and Deploy the Dashboard

cd apps/dashboard
VITE_API_URL=https://your-api-domain.edgecompute.app bun run build

Upload the dist/ directory to Object Storage.

Step 8: Configure GitHub OAuth

  1. Go to GitHub Developer Settings > OAuth Apps > New OAuth App
  2. Set the callback URL to https://your-api-domain/auth/callback
  3. Add Client ID and Secret to the secrets Secret Store

Step 9: Configure DNS

# API domain
CNAME  api.your-domain.com  ->  your-api-domain.edgecompute.app

# Sites wildcard domain
CNAME  *.sites.your-domain.com  ->  your-sites-domain.global.ssl.fastly.net

# Dashboard domain
CNAME  dashboard.your-domain.com  ->  your-sites-domain.global.ssl.fastly.net

Step 10: Test the Installation

# Verify API
curl https://api.your-domain.com/health

# Install CLI and deploy a test project
bun install -g @virke/cli
virke login --api-url https://api.your-domain.com

mkdir test-site && cd test-site
echo '<h1>Hello from self-hosted Virke!</h1>' > index.html
virke init --name test-site --type static
virke deploy

Updating

cd virke
git pull origin main
bun install

# Rebuild API
cd apps/api && bash build.sh && fastly compute publish

# Rebuild dashboard
cd apps/dashboard
VITE_API_URL=https://api.your-domain.com bun run build
# Re-upload dist/ to Object Storage

Troubleshooting

KVStore not found

Verify KV Store resource links in fastly.toml match the names used in KVStore::open().

GitHub OAuth callback fails

Verify the callback URL matches exactly: https://your-api-domain/auth/callback. Must be HTTPS, no trailing slash.

Build failures (wasi-sdk not found)

Verify wasi-sdk 25.0 is installed and $WASI_SDK_PATH is set or it is at $HOME/wasi-sdk-25.0-x86_64-linux.

Secret Store entry not found

Secret Store entries are immutable. Delete and recreate to change a value:

fastly secret-store-entry delete --store-id=<ID> --name=<KEY>
fastly secret-store-entry create --store-id=<ID> --name=<KEY> --secret=<NEW_VALUE>

Further Reading

  • CI/CD — Automated deployment from GitHub Actions
  • CLI Commands — Full CLI reference