zerp/DEPLOYMENT_GUIDE.md

# Z.CRM Deployment Guide

## Server Information
- **IP**: 37.60.249.71
- **SSH User**: root
- **Domain**: zerp.atmata-group.com

## Deployment Steps

### Step 1: Connect to Server
```bash
ssh root@37.60.249.71
```

### Step 2: Install Prerequisites (if not already installed)
```bash
# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
systemctl enable docker
systemctl start docker

# Install Docker Compose
curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
```

### Step 3: Create Application Directory
```bash
mkdir -p /opt/zerp
cd /opt/zerp
```

### Step 4: Upload Project Files
From your LOCAL machine, run:
```bash
# Navigate to project directory
cd /Users/talalsharabi/z_crm

# Copy files to server (exclude node_modules and build artifacts)
rsync -avz --exclude 'node_modules' \
  --exclude '.git' \
  --exclude 'frontend/.next' \
  --exclude 'backend/dist' \
  --exclude 'backend/node_modules' \
  --exclude 'frontend/node_modules' \
  ./ root@37.60.249.71:/opt/zerp/
```

### Step 5: Create Production Environment File
On the SERVER, create `/opt/zerp/.env`:
```bash
cat > /opt/zerp/.env << 'EOF'
# PostgreSQL
POSTGRES_PASSWORD=YourSecurePassword123!

# Backend JWT - CHANGE THIS!
JWT_SECRET=your-super-secure-jwt-secret-change-this-now-2024-$(openssl rand -hex 32)

# Domain
DOMAIN=zerp.atmata-group.com
EOF
```

### Step 6: Build and Start Services
```bash
cd /opt/zerp

# Build and start all services
docker-compose up -d --build

# Check logs
docker-compose logs -f
```

### Step 7: Run Database Migrations
```bash
# The migrations run automatically on backend startup
# But you can also run them manually:
docker-compose exec backend npx prisma migrate deploy

# Seed initial data (optional)
docker-compose exec backend npx prisma db seed
```

### Step 8: Configure Nginx Proxy Manager

Access your Nginx Proxy Manager and add a new Proxy Host:

**Details Tab:**
- Domain Names: `zerp.atmata-group.com`
- Scheme: `http`
- Forward Hostname/IP: `localhost` (or your server IP)
- Forward Port: `3000`
- Cache Assets: ✓ (enabled)
- Block Common Exploits: ✓ (enabled)
- Websockets Support: ✓ (enabled)

**SSL Tab:**
- SSL Certificate: Request a new SSL certificate (Let's Encrypt)
- Force SSL: ✓ (enabled)
- HTTP/2 Support: ✓ (enabled)
- HSTS Enabled: ✓ (enabled)

**Advanced Tab (optional):**
```nginx
# API Proxy Configuration
location /api {
    proxy_pass http://localhost:5001;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}
```

## Port Configuration

The application uses the following ports:

| Service    | Internal Port | Exposed Port | Description |
|------------|---------------|--------------|-------------|
| Frontend   | 3000          | 3000         | Next.js frontend application |
| Backend    | 5001          | 5001         | Express backend API |
| PostgreSQL | 5432          | 5432         | Database server |

**For Nginx Proxy Manager:**
- Point your domain `zerp.atmata-group.com` to port **3000** (Frontend)
- The frontend will automatically proxy API requests to the backend on port 5001

## Useful Commands

### View Logs
```bash
# All services
docker-compose logs -f

# Specific service
docker-compose logs -f frontend
docker-compose logs -f backend
docker-compose logs -f postgres
```

### Restart Services
```bash
# Restart all
docker-compose restart

# Restart specific service
docker-compose restart backend
```

### Stop Services
```bash
docker-compose down
```

### Update Application
```bash
# From local machine, upload new files
rsync -avz --exclude 'node_modules' --exclude '.git' \
  ./ root@37.60.249.71:/opt/zerp/

# On server, rebuild and restart
cd /opt/zerp
docker-compose down
docker-compose up -d --build
```

### Database Backup
```bash
# Backup database
docker-compose exec postgres pg_dump -U postgres mind14_crm > backup_$(date +%Y%m%d).sql

# Restore database
docker-compose exec -T postgres psql -U postgres mind14_crm < backup_20240101.sql
```

### Access Database
```bash
docker-compose exec postgres psql -U postgres mind14_crm
```

## Monitoring

### Check Service Status
```bash
docker-compose ps
```

### Check Resource Usage
```bash
docker stats
```

### Check Disk Space
```bash
df -h
docker system df
```

## Troubleshooting

### Frontend Can't Connect to Backend
1. Check backend logs: `docker-compose logs backend`
2. Verify CORS configuration in backend
3. Check frontend environment variable `NEXT_PUBLIC_API_URL`

### Database Connection Issues
1. Check postgres logs: `docker-compose logs postgres`
2. Verify DATABASE_URL in backend container
3. Ensure postgres is healthy: `docker-compose ps`

### Port Already in Use
```bash
# Find process using port
netstat -tulpn | grep :3000

# Kill process
kill -9 <PID>
```

### Reset Everything
```bash
cd /opt/zerp
docker-compose down -v
docker-compose up -d --build
```

## Security Recommendations

1. **Change default passwords** in `.env` file
2. **Configure firewall** to only allow ports 80, 443, and 22
   ```bash
   ufw allow 22/tcp
   ufw allow 80/tcp
   ufw allow 443/tcp
   ufw enable
   ```
3. **Enable automatic updates**
4. **Regular backups** of database and uploads
5. **Monitor logs** for suspicious activity

## Support

For issues or questions, refer to the project documentation or contact support.