# Deployment Guide - CustomerFeedback.org

## 🚀 Production Deployment

### Choose Your Hosting Platform

#### Option 1: Heroku (Easiest for beginners)
1. Install Heroku CLI
2. Create app: `heroku create your-app-name`
3. Set MongoDB Atlas as database
4. Set environment variables: `heroku config:set KEY=VALUE`
5. Deploy: `git push heroku main`

#### Option 2: DigitalOcean (Affordable VPS)
1. Create Ubuntu 20.04 Droplet
2. SSH into server
3. Install Node.js: `curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -`
4. Install PM2: `npm install -g pm2`
5. Clone repo and setup
6. Start app: `pm2 start server.js`
7. Setup Nginx reverse proxy

#### Option 3: AWS (ECS/EC2)
1. Create EC2 instance
2. Setup security groups
3. Install dependencies
4. Use RDS for MongoDB
5. Use CloudFront for CDN

#### Option 4: Railway/Render (Simple deployment)
1. Connect GitHub repository
2. Set environment variables
3. Deploy automatically on push

### Environment Setup

```bash
# Production .env
NODE_ENV=production
PORT=5000
BASE_URL=https://www.customerfeedback.org

# Use MongoDB Atlas
MONGODB_ATLAS_URI=mongodb+srv://user:pass@cluster.mongodb.net/customerfeedback

# Strong JWT secret (generate: openssl rand -hex 32)
JWT_SECRET=your_very_long_random_secret_here

# Production SMTP (use SendGrid, AWS SES, etc)
SMTP_HOST=smtp.sendgrid.net
SMTP_PORT=587
SMTP_USER=apikey
SMTP_PASS=your_sendgrid_api_key

# Google OAuth from Google Cloud Console
GOOGLE_CLIENT_ID=xxxxx.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=xxxxx

# Session
SESSION_SECRET=another_random_secret_here
```

### Database Migration

```bash
# Backup current database
mongodump --uri "mongodb://localhost:27017/customerfeedback" --out ./backup

# Restore to Atlas
mongorestore --uri "mongodb+srv://user:pass@cluster.mongodb.net" ./backup
```

### Security Checklist

- [ ] Use HTTPS only (SSL certificate from Let's Encrypt)
- [ ] Update all npm dependencies: `npm audit fix`
- [ ] Enable CORS for specific domains only
- [ ] Set strong JWT secret (minimum 32 characters)
- [ ] Enable MongoDB authentication
- [ ] Use environment variables for all secrets
- [ ] Setup rate limiting on auth endpoints
- [ ] Enable CSRF protection
- [ ] Setup firewall rules
- [ ] Enable logging and monitoring
- [ ] Regular database backups
- [ ] Setup CDN for static files
- [ ] Enable password hashing verification

### Nginx Configuration Example

```nginx
server {
    listen 80;
    server_name www.customerfeedback.org customerfeedback.org;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    server_name www.customerfeedback.org customerfeedback.org;
    
    ssl_certificate /etc/letsencrypt/live/customerfeedback.org/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/customerfeedback.org/privkey.pem;
    
    location / {
        proxy_pass http://localhost:5000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
    
    location /uploads {
        alias /var/www/customerfeedback/uploads;
    }
}
```

### PM2 Configuration

Create `ecosystem.config.js`:
```javascript
module.exports = {
  apps: [{
    name: 'customerfeedback',
    script: './server.js',
    instances: 'max',
    exec_mode: 'cluster',
    env: {
      NODE_ENV: 'production'
    },
    error_file: './logs/error.log',
    out_file: './logs/out.log'
  }]
};
```

Start: `pm2 start ecosystem.config.js`

### SSL Certificate Setup (Let's Encrypt)

```bash
sudo apt-get install certbot python3-certbot-nginx
sudo certbot certonly --standalone -d www.customerfeedback.org -d customerfeedback.org
```

### Monitoring & Maintenance

- Monitor server resources: `htop`, `df`, `free -h`
- Monitor application: Use PM2 Web: `pm2 web`
- Log rotation: Setup logrotate for log files
- Regular backups: Daily MongoDB backups
- Updates: Regular npm package updates
- Health checks: Setup uptime monitoring (e.g., UptimeRobot)

### Performance Optimization

1. **Enable Compression**: Add gzip to Nginx
2. **CDN**: Setup Cloudflare or AWS CloudFront
3. **Database Indexes**: Already configured in models
4. **Caching**: Implement Redis for sessions
5. **Image Optimization**: Already using Sharp
6. **Minification**: Minify CSS/JS before deployment

### Backup Strategy

```bash
# Daily backup script
#!/bin/bash
DATE=$(date +%Y-%m-%d)
mongodump --uri "mongodb+srv://user:pass@cluster.mongodb.net" \
  --out ./backups/backup_$DATE
tar -czf ./backups/backup_$DATE.tar.gz ./backups/backup_$DATE
rm -rf ./backups/backup_$DATE
```

### Domain & DNS Setup

1. Register domain: www.customerfeedback.org
2. Update DNS:
   - A record → Your server IP
   - MX record → Email service (if using custom email)
   - TXT record → SPF/DKIM for email

### Post-Deployment

1. Test all features
2. Setup email notifications
3. Configure admin account
4. Setup automated backups
5. Monitor error logs
6. Test payment processing (if applicable)
7. Setup CDN
8. Configure analytics

---

**Deployment is complete!** 🎉

Your application is now live at `https://www.customerfeedback.org`