GOALS Book — Launch Sequence
Deployment Checklist
Step-by-step guide to get sharifdyson.com live, connect goalsthebook.com as a redirect, deploy AWS infrastructure, and hand off to the dev team for the Next.js backend.
★
Domain Strategy
How your two domains work together
Primary Domain
sharifdyson.com
Registered at Network Solutions · DNS → AWS
Your main author + book website. All pages live here. AWS S3 + CloudFront serves the static site. Future Next.js backend at admin.sharifdyson.com.
Redirect Domain
goalsthebook.com
Registered at AWS Lightsail
Catches book-title searches. Redirects all traffic → sharifdyson.com. Anyone who types or clicks goalsthebook.com lands on your site automatically.
Why this setup works: People searching "the goals book" or "goals book sharif dyson" may try goalsthebook.com directly. The redirect catches them and sends them to your real site. You only maintain one codebase — at sharifdyson.com.
0
Progress Tracker
Click checklist items below to track your progress
Overall Deployment Progress
0 / 38 complete
1
Phase 1 — Publish on Genspark
Get your live Genspark URL first — takes 30 seconds
Do this first. Genspark hosting gives you an instant public URL (e.g., yourproject.genspark.site) before your custom domain is connected. Share this URL with the dev team right away — they can start reviewing the site immediately.
EasyClick the Publish tab in Genspark
In the Genspark editor, click the Publish tab (top right of this interface). Click "Publish" or "Deploy". Wait ~30 seconds for your site to go live.
EasyCopy your Genspark live URL
After publishing, Genspark shows your public URL. Copy it — you'll use this to test all pages and share with the dev team before the custom domain is ready.
EasyTest all 5 public pages on the live URL
Visit: / · /book.html · /author.html · /contact.html · /order.html — verify each loads correctly with images, fonts, and navigation working.
EasyTest admin.html on the live URL
Visit /admin.html — login with password
Goals2026!SD — confirm Supabase Connected (green), all tables load, charts appear, and the View Site button works.RequiredShare Genspark URL with your dev team
Send the dev team the Genspark URL + the link to /download.html and /devhandoff.html. They can review everything while you set up the custom domain.
2
Phase 2A — sharifdyson.com DNS Setup
Point your Network Solutions domain to AWS CloudFront
Do Phase 3 (S3 + CloudFront) before this step — you need your CloudFront distribution domain name (looks like d1abc123xyz.cloudfront.net) before you can update DNS here.
EasyLog in to Network Solutions
Go to networksolutions.com → My Account → Manage Domain Names → select sharifdyson.com.
DNSUpdate Nameservers to AWS Route 53
In Route 53, create a Hosted Zone for sharifdyson.com. Copy the 4 NS records Route 53 gives you. In Network Solutions, go to Manage DNS → Change Nameservers and replace with the 4 AWS nameservers. This is the simplest option — Route 53 handles all DNS from here.
# AWS nameservers will look like:
ns-1234.awsdns-56.com
ns-789.awsdns-01.net
ns-2048.awsdns-23.org
ns-512.awsdns-45.co.uk
ns-1234.awsdns-56.com
ns-789.awsdns-01.net
ns-2048.awsdns-23.org
ns-512.awsdns-45.co.uk
DNS propagation takes 15 minutes to 48 hours. Usually under 2 hours.
DNSAdd CloudFront A Record in Route 53
In Route 53 → your sharifdyson.com Hosted Zone → Create Record:
Name: (empty = root domain)
Type: A — Alias
Route traffic to: Alias to CloudFront distribution → select your distribution
Name: (empty = root domain)
Type: A — Alias
Route traffic to: Alias to CloudFront distribution → select your distribution
EasyAdd www subdomain CNAME in Route 53
Create Record: Name: www · Type: CNAME · Value: your CloudFront domain (e.g., d1abc123.cloudfront.net). This ensures www.sharifdyson.com also works.
EasyVerify sharifdyson.com loads your site
After DNS propagates, visit https://sharifdyson.com — you should see your GOALS homepage with HTTPS (padlock). Test on mobile too.
3
Phase 2B — goalsthebook.com Redirect
Make your Lightsail domain redirect to sharifdyson.com
Two options: Option A (Easiest) — Use Lightsail's built-in redirect feature. Option B — Create an S3 static website redirect bucket. Both work perfectly. Option A is faster.
Option A — Lightsail Redirect (Easiest)
EasyLog in to AWS Console → Lightsail
Go to lightsail.aws.amazon.com → Domains & DNS → select goalsthebook.com.
EasyCreate a Lightsail instance just for redirect (optional)
If goalsthebook.com has an active Lightsail instance, you can add a redirect rule in its Nginx config, or simply create an S3 redirect bucket (Option B is cleaner for pure redirects).
Option B — S3 Redirect Bucket (Recommended)
AWSCreate S3 bucket named "goalsthebook.com"
AWS Console → S3 → Create Bucket → Name:
goalsthebook.com → Region: us-east-1 → uncheck "Block all public access" → Create.AWSEnable S3 static website hosting with redirect
Open the bucket → Properties tab → Static website hosting → Enable → Select "Redirect requests for an object" → Host name:
sharifdyson.com → Protocol: https → Save.
# This makes every request to goalsthebook.com
# automatically redirect to https://sharifdyson.com
# automatically redirect to https://sharifdyson.com
DNSPoint goalsthebook.com DNS to S3 bucket
In Lightsail → Domains & DNS → goalsthebook.com → add A record:
Subdomain: @ (root)
Resolves to: S3 bucket website endpoint (e.g.,
Or migrate DNS to Route 53 and use an Alias record.
Subdomain: @ (root)
Resolves to: S3 bucket website endpoint (e.g.,
goalsthebook.com.s3-website-us-east-1.amazonaws.com)Or migrate DNS to Route 53 and use an Alias record.
EasyVerify goalsthebook.com redirects correctly
After DNS propagates, visit http://goalsthebook.com — your browser should automatically redirect to https://sharifdyson.com.
4
Phase 3A — AWS S3 Bucket (Site Hosting)
Create the bucket that hosts your static site files
AWSCreate S3 bucket named "sharifdyson.com"
AWS Console → S3 → Create Bucket → Name:
sharifdyson.com → Region: us-east-1 → Uncheck Block all public access → Create Bucket.AWSEnable static website hosting
Open bucket → Properties → Static website hosting → Enable → Index document:
index.html → Error document: index.html → Save.AWSAdd S3 bucket policy for public read
Bucket → Permissions → Bucket Policy → paste:
{
"Version": "2012-10-17",
"Statement": [{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::sharifdyson.com/*"
}]
}
"Version": "2012-10-17",
"Statement": [{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::sharifdyson.com/*"
}]
}
AWSUpload all site files to S3
Using AWS CLI (fastest) or the S3 console drag-and-drop. Upload ALL files from the project (HTML, css/, images/, lambda/, infrastructure/).
# Install AWS CLI first if needed: https://aws.amazon.com/cli/
aws configure # enter your Access Key ID, Secret, region: us-east-1
# Sync all files to S3 (run from your project folder)
aws s3 sync . s3://sharifdyson.com \
--exclude ".git/*" \
--exclude "node_modules/*" \
--delete
aws configure # enter your Access Key ID, Secret, region: us-east-1
# Sync all files to S3 (run from your project folder)
aws s3 sync . s3://sharifdyson.com \
--exclude ".git/*" \
--exclude "node_modules/*" \
--delete
EasyVerify S3 website URL loads correctly
Copy the S3 static website endpoint from Properties (looks like
http://sharifdyson.com.s3-website-us-east-1.amazonaws.com) — open in browser to verify site loads before CloudFront.5
Phase 3B — CloudFront + SSL Certificate
HTTPS, global CDN speed, and custom domain routing
ACM SSL certificates for CloudFront must be requested in us-east-1 regardless of where your S3 bucket is. This is a common gotcha — make sure you're in the N. Virginia region when requesting the cert.
ACMRequest SSL certificate in ACM (us-east-1)
AWS Console → switch region to us-east-1 → Certificate Manager → Request → Public certificate → Add domains:
→ DNS validation → Request. Then click "Create records in Route 53" to auto-validate.
sharifdyson.com · www.sharifdyson.com · goalsthebook.com · www.goalsthebook.com→ DNS validation → Request. Then click "Create records in Route 53" to auto-validate.
EasyWait for certificate to show "Issued"
Refresh ACM until status shows Issued (usually 5–10 minutes after DNS validation records are created). Do not proceed to CloudFront until the cert is Issued.
CFCreate CloudFront distribution
CloudFront → Create distribution:
Origin domain: select your S3 static website endpoint (NOT the S3 bucket ARN)
Viewer protocol policy: Redirect HTTP to HTTPS
Alternate domain names (CNAMEs):
Custom SSL certificate: select your ACM cert
Default root object:
→ Create distribution
Origin domain: select your S3 static website endpoint (NOT the S3 bucket ARN)
Viewer protocol policy: Redirect HTTP to HTTPS
Alternate domain names (CNAMEs):
sharifdyson.com, www.sharifdyson.comCustom SSL certificate: select your ACM cert
Default root object:
index.html→ Create distribution
EasyCopy CloudFront domain name
Once created (takes ~10 min to deploy), copy the CloudFront domain from the distribution detail page. Looks like:
d1abc123xyz.cloudfront.net — you'll use this for the Route 53 alias records in Phase 2A.CFSet up custom error pages (optional but recommended)
CloudFront distribution → Error pages → Create custom error response → HTTP error code: 403 → Response page path:
/index.html → HTTP response code: 200. Repeat for 404. This makes client-side routing work correctly.6
Phase 3C — Lambda Functions
Deploy your 4 serverless backend handlers
Pre-requisite: You need AWS CLI configured with admin permissions, and Node.js 18+ installed locally. The deploy script is in lambda/deploy.sh — download it from the Downloads page.
SetupDownload lambda/ folder from download.html
Go to download.html → Lambda Functions section → download all 4 JS files, package.json, and deploy.sh. Place them in a local
lambda/ folder.SetupCreate IAM role for Lambda functions
AWS Console → IAM → Roles → Create Role → AWS Service → Lambda → attach policies:
Name it:
AWSLambdaBasicExecutionRoleAmazonSESFullAccessAmazonRDSFullAccess (for future DB)Name it:
goals-lambda-execution-role
DeployRun deploy.sh to package and upload Lambdas
In your terminal, from the lambda/ folder:
cd lambda
npm install
chmod +x deploy.sh
./deploy.sh
npm install
chmod +x deploy.sh
./deploy.sh
AWSCreate API Gateway and connect Lambda routes
AWS Console → API Gateway → Create API → HTTP API → Add integrations:
Enable CORS → allow origin:
Deploy → copy the API endpoint URL.
POST /contact → contact-form LambdaPOST /order → process-payment LambdaPOST /order/confirm → order-confirmation LambdaPOST /broadcast → broadcast-email LambdaEnable CORS → allow origin:
https://sharifdyson.comDeploy → copy the API endpoint URL.
ConfigUpdate contact.html and order.html with API Gateway URL
Replace the API endpoint in the fetch() calls in
contact.html and order.html with your actual API Gateway URL. Dev team will do this properly during Next.js migration.7
Phase 3D — SES Email Setup
Verify sending addresses before any emails can be sent
SES Sandbox Limitation: By default, SES is in Sandbox mode — you can only send to verified email addresses. You MUST request production access before sending to real customers. This takes 1–3 business days for AWS approval.
EasyVerify [email protected] in SES
AWS Console → SES → Verified Identities → Create Identity → Email address →
[email protected] → Create. Check your inbox for verification email and click the link.EasyVerify [email protected] in SES
Repeat for
[email protected] — this is the From address for broadcast emails.SESVerify sharifdyson.com domain in SES (recommended)
SES → Verified Identities → Create Identity → Domain →
sharifdyson.com. SES will show DKIM DNS records to add in Route 53. Once verified, any email @sharifdyson.com can be used as a sender.CriticalRequest SES Production Access
SES → Account Dashboard → Request Production Access. Fill out the form: use case = transactional (order confirmations) and marketing (book launch broadcast). Describe your list opt-in process. AWS reviews in 1–3 business days. Do this immediately — it's on their timeline, not yours.
SESAdd SES DKIM records to Route 53
After domain verification, SES provides 3 CNAME DKIM records. Add them to Route 53. This improves email deliverability and prevents Gmail/Outlook from marking emails as spam.
8
Phase 4A — Dev Team Handoff
Everything the dev team needs to build the Next.js backend
Your handoff package is complete. Share these 3 URLs with the dev team — they have everything they need to build the full production backend.
| Resource | URL | Contents |
|---|---|---|
| Dev Handoff Guide | /devhandoff.html |
Stack, API routes, Prisma schema, sprint plan, env vars |
| Downloads | /download.html |
All 10 Lambda + infrastructure files with download buttons |
| AWS Guide | /aws-deployment-guide.html |
Full AWS architecture, CloudFormation YAML, deployment steps |
| Admin Dashboard | /admin.html · pw: Goals2026!SD |
Live data, orders, customers, subscribers, broadcast |
EasyShare download.html URL with dev team
Send:
https://sharifdyson.com/download.html — contains all downloadable files and the full handoff package. This is their starting point.EasyShare admin.html with dev team lead only
Send admin URL + password only to the lead developer. They need to see the current Table API data schema to match it in PostgreSQL. Remind them to change the password once Next.js auth is live.
DevDev team: Set up GitHub repo and 4-week sprint
The devhandoff.html sprint plan covers: Week 1 — Next.js + auth + DB, Week 2 — API routes + Square, Week 3 — SES emails + admin, Week 4 — testing + launch. Stack: Next.js 14 · Prisma · PostgreSQL (RDS) · NextAuth · Square · AWS SES.
9
Phase 4B — Go-Live Final Checklist
Critical items before you announce the site to the public
Do NOT share the site publicly until all red/critical items are checked. These protect your customers, your data, and your reputation.
✅ DoneAdmin password updated to Goals2026!SD
Password updated to
Goals2026!SD. Already updated in admin.html, uploaded to S3, and CloudFront cache invalidated. ✅SecurityRestrict admin.html to staff IPs only (CloudFront)
CloudFront → Behaviors → create separate behavior for
/admin.html with a WAF rule that only allows your IP range. Or simply rename admin.html to something unpredictable like staff-cx9k2m.html.EasyConfirm all 5 pages load on HTTPS with no errors
Open browser DevTools (F12) on each page — zero red console errors, no mixed content warnings, all images load, fonts display correctly.
EasyTest on mobile (iPhone + Android)
Visit sharifdyson.com on your phone. Check: navigation menu works, order form is usable, text is readable, hero section looks correct. Check on both iOS Safari and Android Chrome.
SEOSubmit sitemap to Google Search Console
Create a
sitemap.xml (5 public pages). Add sharifdyson.com to Google Search Console. Submit the sitemap. Google will start indexing within 24–48 hours.EasyValidate social share (OG tags) on all 5 pages
Visit Facebook Sharing Debugger and enter each page URL. Verify the title, description, and OG image appear correctly. Repeat with Twitter Card Validator.
EasyUpload real OG images to images/ folder
Replace placeholder OG images with real 1200×630 px images:
og-home.jpg, og-book.jpg, og-author.jpg, og-order.jpg. See /images/image-upload-guide.html for exact specs and upload instructions.EasyConfirm goalsthebook.com redirects to sharifdyson.com
Visit
http://goalsthebook.com and http://www.goalsthebook.com — both should redirect to https://sharifdyson.com with a 301 permanent redirect.EasyPlace a test order to confirm the full flow
Use Square's sandbox credentials in order.html — place a test order and verify: form submission works, confirmation screen appears, order shows in admin.html dashboard.
EasySet up CloudWatch billing alarm
AWS Console → CloudWatch → Alarms → Create Alarm → Billing → set threshold $20/month. This prevents surprise AWS bills. Estimated monthly cost at low traffic: ~$5–15.
★
Quick Reference
Key URLs, credentials, and estimated costs
| Item | Value | Notes |
|---|---|---|
| Primary domain | sharifdyson.com | Network Solutions → Route 53 → CloudFront → S3 |
| Redirect domain | goalsthebook.com | Lightsail → redirects to sharifdyson.com |
| Admin URL | /admin.html | Change password before launch! |
| Admin password | Goals2026!SD | ✅ Updated — already in S3 |
| AWS Region | us-east-1 | N. Virginia — required for ACM + CloudFront |
| S3 bucket name | sharifdyson.com | Must match domain exactly |
| SES sender (orders) | [email protected] | Must be verified in SES |
| SES sender (broadcast) | [email protected] | Must be verified in SES |
| CloudFront domain | (assigned after creation) | Looks like d1abc123.cloudfront.net |
Estimated Monthly AWS Costs (Low Traffic)
| Service | Est. Cost/Month | Notes |
|---|---|---|
| S3 Storage (site files) | ~$0.02 | <1 GB static files |
| CloudFront | ~$1–5 | First 1TB/month free tier applies |
| Route 53 Hosted Zone | $0.50 | Per hosted zone/month |
| Lambda (4 functions) | ~$0 | 1M requests/month free tier |
| API Gateway | ~$0 | 1M calls/month free tier |
| SES Email | ~$0 | 62K emails/month free from EC2; $0.10/1000 otherwise |
| RDS PostgreSQL | ~$15–25 | db.t3.micro, only needed for Next.js backend |
| Total (static site only) | ~$2–7 | Before Next.js backend |