# Gooneral Wheelchair - Production Deployment Guide ## Prerequisites 1. **Server with Node.js** (v18+ recommended) 2. **Caddy web server** installed 3. **Domain name** pointing to your server 4. **SSH access** to your server ## Deployment Steps ### 1. Prepare the Production Environment On your server, create a directory for your application: ```bash # Create application directory sudo mkdir -p /opt/gooneral-wheelchair sudo chown $USER:$USER /opt/gooneral-wheelchair cd /opt/gooneral-wheelchair ``` ### 2. Upload Files Upload these files to your server: ``` /opt/gooneral-wheelchair/ ├── dist/ # Built frontend files ├── backend/ # Backend application │ ├── server.js │ ├── start-production.js │ ├── package.json │ ├── .env.production # Configure this! │ ├── auth.js │ ├── themes.js │ └── node_modules/ # Install dependencies ├── public/ │ └── posts/ # Your blog posts ├── Caddyfile # Caddy configuration └── DEPLOYMENT.md # This file ``` ### 3. Configure Environment Variables Edit `/opt/gooneral-wheelchair/backend/.env.production`: ```env # REQUIRED: Change these values! NODE_ENV=production PORT=3001 SESSION_SECRET=your-super-secret-session-key-generate-a-strong-one FRONTEND_URL=https://yourdomain.com # Optional: Customize paths if needed POSTS_DIR=../public/posts THEMES_FILE=./themes.json SESSIONS_DIR=./sessions # Security settings COOKIE_SECURE=true COOKIE_SAME_SITE=strict ``` **⚠️ IMPORTANT**: Generate a strong session secret: ```bash node -e "console.log(require('crypto').randomBytes(64).toString('hex'))" ``` ### 4. Install Backend Dependencies ```bash cd /opt/gooneral-wheelchair/backend npm install --production ``` ### 5. Create Required Directories ```bash mkdir -p sessions mkdir -p ../public/posts ``` ### 6. Set Up System User (Recommended) ```bash # Create a system user for the application sudo useradd --system --shell /bin/false --home /opt/gooneral-wheelchair gooneral # Change ownership sudo chown -R gooneral:gooneral /opt/gooneral-wheelchair # Make start script executable sudo chmod +x /opt/gooneral-wheelchair/backend/start-production.js ``` ### 7. Create Systemd Service Create `/etc/systemd/system/gooneral-wheelchair.service`: ```ini [Unit] Description=Gooneral Wheelchair CMS Backend After=network.target [Service] Type=simple User=gooneral WorkingDirectory=/opt/gooneral-wheelchair/backend Environment=NODE_ENV=production ExecStart=/usr/bin/node start-production.js Restart=always RestartSec=10 StandardOutput=syslog StandardError=syslog SyslogIdentifier=gooneral-wheelchair [Install] WantedBy=multi-user.target ``` Enable and start the service: ```bash sudo systemctl daemon-reload sudo systemctl enable gooneral-wheelchair sudo systemctl start gooneral-wheelchair sudo systemctl status gooneral-wheelchair ``` ### 8. Configure Caddy 1. Update the Caddyfile with your domain: ``` # Replace 'yourdomain.com' with your actual domain yourdomain.com { # ... rest of configuration } ``` 2. Copy Caddyfile to Caddy's configuration directory: ```bash sudo cp /opt/gooneral-wheelchair/Caddyfile /etc/caddy/Caddyfile ``` 3. Test and reload Caddy: ```bash sudo caddy validate --config /etc/caddy/Caddyfile sudo systemctl reload caddy ``` ### 9. Create Initial Admin User SSH into your server and create an admin user: ```bash cd /opt/gooneral-wheelchair/backend node -e " const bcrypt = require('bcryptjs'); const fs = require('fs'); const path = require('path'); const username = 'admin'; const password = 'your-secure-password'; // Change this! const hashedPassword = bcrypt.hashSync(password, 10); const usersFile = path.join(__dirname, 'users.json'); const users = [ { id: 1, username: username, password: hashedPassword, role: 'admin' } ]; fs.writeFileSync(usersFile, JSON.stringify(users, null, 2)); console.log('Admin user created:', username); " ``` ## Post-Deployment ### 1. Test Your Deployment 1. **Frontend**: Visit https://yourdomain.com 2. **Backend API**: Visit https://yourdomain.com/api/health 3. **Admin Login**: Visit https://yourdomain.com/login ### 2. Monitor Logs ```bash # Backend logs sudo journalctl -u gooneral-wheelchair -f # Caddy logs sudo journalctl -u caddy -f # Application logs (if configured) sudo tail -f /var/log/caddy/gooneral-wheelchair.log ``` ### 3. Security Checklist - ✅ Strong session secret configured - ✅ HTTPS enabled (automatic with Caddy) - ✅ Secure cookies enabled in production - ✅ Security headers configured - ✅ Admin user created with strong password - ✅ Service running as non-root user - ✅ Firewall configured (only ports 80, 443, SSH open) ## Updating Your Blog ### 1. Add New Posts Upload markdown files to `/opt/gooneral-wheelchair/public/posts/` ### 2. Update Application 1. Build new version locally 2. Upload new `dist/` directory 3. Update backend files if needed 4. Restart services: ```bash sudo systemctl restart gooneral-wheelchair sudo systemctl reload caddy ``` ## Troubleshooting ### Backend Won't Start ```bash sudo systemctl status gooneral-wheelchair sudo journalctl -u gooneral-wheelchair -n 50 ``` ### Frontend Not Loading - Check Caddy configuration - Verify `dist/` directory contains built files - Check Caddy logs ### API Not Working - Verify backend is running on port 3001 - Check CORS configuration matches your domain - Verify reverse proxy in Caddyfile ### Session Issues - Check session secret is set - Verify cookie settings for HTTPS - Clear browser cookies and try again ## Backup Regular backups should include: - `/opt/gooneral-wheelchair/public/posts/` (your blog posts) - `/opt/gooneral-wheelchair/backend/users.json` (user accounts) - `/opt/gooneral-wheelchair/backend/themes.json` (theme settings) - `/opt/gooneral-wheelchair/backend/sessions/` (active sessions - optional)