TanStack Start on Cloudflare
Build a complete full-stack app from nothing. Claude generates every file β no template clone, no scaffold command. Each project gets exactly what it needs.
What You Get
| Layer |
Technology |
| Framework |
TanStack Start v1 (SSR, file-based routing, server functions) |
| Frontend |
React 19, Tailwind v4, shadcn/ui |
| Backend |
Server functions (via Nitro on Cloudflare Workers) |
| Database |
D1 + Drizzle ORM |
| Auth |
better-auth (Google OAuth + email/password) |
| Deployment |
Cloudflare Workers |
Project File Tree
PROJECT_NAME/
βββ src/
β βββ routes/
β β βββ __root.tsx # Root layout (HTML shell, theme, CSS import)
β β βββ index.tsx # Landing / auth redirect
β β βββ login.tsx # Login page
β β βββ register.tsx # Register page
β β βββ _authed.tsx # Auth guard layout route
β β βββ _authed/
β β β βββ dashboard.tsx # Dashboard with stat cards
β β β βββ items.tsx # Items list table
β β β βββ items.$id.tsx # Edit item
β β β βββ items.new.tsx # Create item
β β βββ api/
β β βββ auth/
β β βββ $.ts # better-auth API catch-all
β βββ components/
β β βββ ui/ # shadcn/ui components (auto-installed)
β β βββ app-sidebar.tsx # Navigation sidebar
β β βββ theme-toggle.tsx # Light/dark/system toggle
β β βββ user-nav.tsx # User dropdown menu
β β βββ stat-card.tsx # Dashboard stat card
β βββ db/
β β βββ schema.ts # Drizzle schema (all tables)
β β βββ index.ts # Drizzle client factory
β βββ lib/
β β βββ auth.server.ts # better-auth server config
β β βββ auth.client.ts # better-auth React hooks
β β βββ utils.ts # cn() helper for shadcn/ui
β βββ server/
β β βββ functions.ts # Server functions (CRUD, auth checks)
β βββ styles/
β β βββ app.css # Tailwind v4 + shadcn/ui CSS variables
β βββ router.tsx # TanStack Router configuration
β βββ client.tsx # Client entry (hydrateRoot)
β βββ ssr.tsx # SSR entry
β βββ routeTree.gen.ts # Auto-generated route tree (do not edit)
βββ drizzle/ # Generated migrations
βββ public/ # Static assets (favicon, etc.)
βββ vite.config.ts
βββ wrangler.jsonc
βββ drizzle.config.ts
βββ tsconfig.json
βββ package.json
βββ .dev.vars # Local env vars (NOT committed)
βββ .gitignore
Dependencies
Runtime:
{
"react": "^19.0.0",
"react-dom": "^19.0.0",
"@tanstack/react-router": "^1.120.0",
"@tanstack/react-start": "^1.120.0",
"drizzle-orm": "^0.38.0",
"better-auth": "^1.2.0",
"zod": "^3.24.0",
"class-variance-authority": "^0.7.0",
"clsx": "^2.1.0",
"tailwind-merge": "^3.0.0",
"lucide-react": "^0.480.0"
}
Dev:
{
"@cloudflare/vite-plugin": "^1.0.0",
"@tailwindcss/vite": "^4.0.0",
"@vitejs/plugin-react": "^4.4.0",
"tailwindcss": "^4.0.0",
"typescript": "^5.7.0",
"drizzle-kit": "^0.30.0",
"wrangler": "^4.0.0",
"tw-animate-css": "^1.2.0"
}
Scripts:
{
"dev": "vite",
"build": "vite build",
"preview": "vite preview",
"deploy": "wrangler deploy",
"db:generate": "drizzle-kit generate",
"db:migrate:local": "wrangler d1 migrations apply PROJECT_NAME-db --local",
"db:migrate:remote": "wrangler d1 migrations apply PROJECT_NAME-db --remote"
}
Workflow
Step 1: Gather Project Info
| Required |
Optional |
| Project name (kebab-case) |
Google OAuth credentials |
| One-line description |
Custom domain |
| Cloudflare account |
R2 storage needed? |
| Auth method: Google OAuth, email/password, or both |
Admin email |
Step 2: Initialise Project
Create the project directory and all config files from scratch.
vite.config.ts β Plugin order matters. Cloudflare MUST be first:
import { defineConfig } from "vite";
import { cloudflare } from "@cloudflare/vite-plugin";
import { tanstackStart } from "@tanstack/react-start/plugin/vite";
import tailwindcss from "@tailwindcss/vite";
import viteReact from "@vitejs/plugin-react";
export default defineConfig({
plugins: [
cloudflare({ viteEnvironment: { name: "ssr" } }),
tailwindcss(),
tanstackStart(),
viteReact(),
],
});
wrangler.jsonc:
{
"$schema": "node_modules/wrangler/config-schema.json",
"name": "PROJECT_NAME",
"compatibility_date": "2025-04-01",
"compatibility_flags": ["nodejs_compat"],
"main": "@tanstack/react-start/server-entry",
"account_id": "ACCOUNT_ID",
"d1_databases": [
{
"binding": "DB",
"database_name": "PROJECT_NAME-db",
"database_id": "DATABASE_ID",
"migrations_dir": "drizzle"
}
]
}
Key points: main MUST be "@tanstack/react-start/server-entry" (Nitro server entry). Use nodejs_compat (NOT node_compat). Add account_id to avoid interactive prompts.
tsconfig.json:
{
"compilerOptions": {
"target": "ES2022",
"module": "ESNext",
"moduleResolution": "bundler",
"jsx": "react-jsx",
"strict": true,
"skipLibCheck": true,
"esModuleInterop": true,
"resolveJsonModule": true,
"isolatedModules": true,
"noEmit": true,
"paths": { "@/*": ["./src/*"] },
"types": ["@cloudflare/workers-types/2023-07-01"]
},
"include": ["src/**/*", "vite.config.ts"]
}
.dev.vars β generate BETTER_AUTH_SECRET with openssl rand -hex 32:
BETTER_AUTH_SECRET=<generated-hex-32>
BETTER_AUTH_URL=http://localhost:3000
TRUSTED_ORIGINS=http://localhost:3000
# GOOGLE_CLIENT_ID=
# GOOGLE_CLIENT_SECRET=
.gitignore β node_modules, .wrangler, dist, .output, .dev.vars, .vinxi, .DS_Store
Then install and create the D1 database:
cd PROJECT_NAME && pnpm install
npx wrangler d1 create PROJECT_NAME-db
Step 3: Database Schema
src/db/schema.ts β All tables. better-auth requires: users, sessions, accounts, verifications. Add application tables (e.g. items) for CRUD demo.
D1-specific rules:
- Use
integer for timestamps (Unix epoch), NOT Date objects
- Use
text for primary keys (nanoid/cuid2), NOT autoincrement
- Keep bound parameters under 100 per query (batch large inserts)
- Foreign keys are always ON in D1
src/db/index.ts β Drizzle client factory:
import { drizzle } from "drizzle-orm/d1";
import { env } from "cloudflare:workers";
import * as schema from "./schema";
export function getDb() {
return drizzle(env.DB, { schema });
}
CRITICAL: Use import { env } from "cloudflare:workers" β NOT process.env. Create the Drizzle client inside each server function (per-request), not at module level.
drizzle.config.ts:
import { defineConfig } from "drizzle-kit";
export default defineConfig({
schema:
