# Deploying to your cPanel server (backend + Next.js on the same box)

You said the Laravel backend and the Next.js site both live on the same
server, managed via cPanel, and the admin dashboard should live at
`demo.mavengroupglobal.com/admin` (a path on your existing site, not a
separate subdomain). Here's the concrete path:

```
demo.mavengroupglobal.com         → Next.js site (existing)
demo.mavengroupglobal.com/admin   → admin dashboard (bundled into the same Next.js app)
api.mavengroupglobal.com          → Laravel backend (needs its own subdomain — it's PHP, not Node)
```

The admin dashboard is a static build (no separate server process) that's
copied into the Next.js project's `public/admin-app/` folder, with
`next.config.js` rewriting `/admin` and everything under it to that bundle.
I've already wired and tested this — `/admin`, deep routes like
`/admin/pages`, and the JS/CSS assets all resolve correctly through the one
Next.js app. You only need to run and deploy **one** Node app.

## 1. Create the API subdomain

cPanel → **Domains** → **Create A New Domain** → `api.mavengroupglobal.com`.
(No subdomain needed for `/admin` — it rides along with your existing site.)

## 2. Database

cPanel → **MySQL Databases** → create a database + user, add the user with
**All Privileges**. Note the DB name/username/password (usually formatted as
`cpaneluser_dbname` / `cpaneluser_dbuser`).

## 3. Laravel backend → `api.mavengroupglobal.com`

**If you have SSH access** (ask your host — many cPanel VPS plans include it):

```bash
ssh youruser@yourserver
cd ~/api.mavengroupglobal.com   # or wherever the subdomain's folder is
composer create-project laravel/laravel:^11.0 .
# copy in the files from backend/ in this package (see backend/SETUP.md step 2)
composer require laravel/sanctum spatie/laravel-permission spatie/laravel-sluggable intervention/image
cp .env.example .env
php artisan key:generate
# edit .env: DB_DATABASE, DB_USERNAME, DB_PASSWORD, APP_URL, FRONTEND_URL
php artisan migrate --seed
php artisan blog:import-legacy        # imports your 268 existing posts
php artisan storage:link
```

Point the subdomain's **document root** at `api.mavengroupglobal.com/public`
(cPanel → Domains → edit the subdomain → Document Root) — Laravel must be
served from its `public/` folder, not the project root.

**If you don't have SSH** (pure shared hosting, no terminal):
1. Build the project locally on your own computer following the same steps
   above.
2. Zip the whole folder, upload via cPanel File Manager, extract into
   `api.mavengroupglobal.com`.
3. Set the document root to point at its `public/` folder.
4. Run the migrate/seed/import commands via cPanel's **Terminal** app if
   available (most cPanel hosts today include one even on shared plans), or
   ask your host to run them for you.

Set the subdomain's PHP version to **8.2+** in cPanel → **MultiPHP Manager**.

## 4. Admin dashboard → bundled into the Next.js site at `/admin`

Build it locally (or anywhere with Node), pointing it at your live API:

```bash
cd admin-frontend
npm install
echo "VITE_API_URL=https://api.mavengroupglobal.com/api" > .env.production
npm run build
```

Copy the output into the Next.js project, then rebuild/redeploy the site as
usual:

```bash
mkdir -p ../nextjs-frontend/public/admin-app
cp -r dist/* ../nextjs-frontend/public/admin-app/
```

(This copy already sits in `nextjs-frontend/public/admin-app/` in this
package, built against `https://api.mavengroupglobal.com/api` — if that's
the exact domain you use, you can skip straight to redeploying the Next.js
site. If you use a different API domain, rebuild with the correct
`VITE_API_URL` first.)

**Whenever you rebuild the admin dashboard, you must also rebuild and
redeploy the Next.js site** — the bundle lives inside its `public/` folder,
so it only goes live when the Next.js app itself redeploys.

## 5. Next.js site → `demo.mavengroupglobal.com` (already deployed)

Your host needs a **Node.js app** for this (cPanel → **Setup Node.js App**,
common on hosts like Hostinger, A2, Namecheap). If it's already running
there today, you just need to:

1. Add the env var in cPanel's Node.js app settings (or `.env.production`):
   ```
   NEXT_PUBLIC_API_URL=https://api.mavengroupglobal.com/api
   ```
2. Replace the changed files (see `CMS_INTEGRATION_CHANGELOG.md` in the
   frontend package) or the whole project folder — including the new
   `public/admin-app/` folder and the updated `next.config.js`.
3. `npm install && npm run build`, then restart the Node.js app from cPanel's
   Node.js App interface (there's a **Restart** button — Next.js apps don't
   pick up a new build automatically like static files do).

## 6. CORS — make sure the API will actually answer the browser

In `backend/.env`, set:
```
FRONTEND_URL=https://demo.mavengroupglobal.com
```
Since the admin dashboard now shares the same origin as the main site (both
served from `demo.mavengroupglobal.com`), this one value covers both —
`config/cors.php` (already in the package) reads it into the allowed
origins list. Without it, the browser blocks every request from the live
site with a CORS error even though the API itself is fine.

## 7. Smoke test, in order

1. `https://api.mavengroupglobal.com/` → should return the JSON
   `{"name":"Maven Group CMS API","status":"ok"}`.
2. `https://api.mavengroupglobal.com/api/public/settings/site` → should
   return your seeded settings JSON.
3. `https://demo.mavengroupglobal.com/admin` → log in with the seeded super
   admin, change the password immediately.
4. `https://demo.mavengroupglobal.com/blogs` → should now be listing posts
   from the dashboard (268 imported posts) instead of only the bundled
   static list.
5. Edit something trivial in the dashboard (e.g. the WhatsApp default
   message in Site Settings) and confirm it shows up on the live site after
   a refresh (allow up to the `revalidate` window in `lib/cms.ts`, currently
   5 minutes for most endpoints).

