Deploying Spartans Gym to production involves four independent concerns: provisioning a MySQL database, deploying the Node.js backend, publishing the static frontend, and wiring the two together through environment variables and CORS configuration. This guide walks through each concern in sequence, ending with a full production checklist and backup recommendations sourced directly from the project’sDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/azahel79/Spartans-gym/llms.txt
Use this file to discover all available pages before exploring further.
PRODUCTION_DEPLOY.md.
Required Services
Before you write a single environment variable, confirm you have access to the following infrastructure:MySQL 8+ Database
A managed MySQL instance. Railway, PlanetScale, and AWS RDS are all supported. The user in
DATABASE_URL must have CREATE, ALTER, and DROP privileges for Prisma migrations.Node.js Hosting
Any platform that can run a Node.js 20+ process or a Docker container. Railway (with its built-in Docker support) is the recommended choice.
Static Hosting
Netlify, Vercel, or Cloudflare Pages for the compiled
dist/ output. All three support the SPA fallback rewrite required for client-side routing.HTTPS Domain
A domain with TLS termination. Never serve Spartans Gym over plain HTTP in production — JWT cookies and API requests must travel over HTTPS.
A Cloudinary account is required only if you intend to use logo or product image uploads. The rest of the application works without it.
Environment Variables
Backend (backend/.env)
Set these variables in your hosting provider’s environment dashboard — never in a committed file.
| Variable | Required | Description |
|---|---|---|
NODE_ENV | ✅ | Must be production |
PORT | ✅ | Port the Express server listens on (default 3000) |
DATABASE_URL | ✅ | Full MySQL connection string: mysql://USER:PASSWORD@HOST:3306/DATABASE |
JWT_SECRET | ✅ | Random string of at least 32 characters. Rotate immediately if ever exposed. |
JWT_EXPIRES_IN | ✅ | Token lifetime, e.g. 7d |
FRONTEND_URL | ✅ | Primary public frontend URL, e.g. https://your-domain.com |
ALLOWED_ORIGINS | ✅ | Comma-separated list of all allowed frontend origins |
CLOUDINARY_CLOUD_NAME | Optional | Required for image uploads |
CLOUDINARY_API_KEY | Optional | Required for image uploads |
CLOUDINARY_API_SECRET | Optional | Required for image uploads |
SEED_ADMIN_EMAIL | Optional | Email for the seeded admin (default: admin@spartansgym.com) |
SEED_ADMIN_PASSWORD | Optional | Password for the seeded admin (default: ChangeMe123!) |
Frontend (frontend-spartans-gym/.env)
The frontend only needs one variable at build time:
Database Setup & Backend Deploy
Install dependencies and generate the Prisma Client
From the
backend/ directory (or your CI/CD pipeline):Apply migrations to the production database
Use
migrate deploy — not migrate dev — in production. It applies pending migrations without prompting and never resets data:Seed the initial admin and default plans
SEED_ADMIN_EMAIL / SEED_ADMIN_PASSWORD and four default membership plans. It is safe to run multiple times.Change the seeded admin password
Log in immediately after the first deploy and update the admin password from the Configuration module. Do not leave the default
ChangeMe123! active.Build and start the backend
Most hosting platforms let you specify a build command and a start command separately:The Docker container handles migrations automatically on startup via the
CMD in the Dockerfile:Frontend Deploy
Build the frontend
tsc -b && vite build and outputs the compiled SPA into frontend-spartans-gym/dist/.Publish the dist/ directory
Configure your static host to serve
frontend-spartans-gym/dist/ as the web root.- Netlify
- Vercel
- Cloudflare Pages
Set Publish directory to
frontend-spartans-gym/dist and add a _redirects file:CORS Configuration
The backend’s CORS middleware reads theALLOWED_ORIGINS variable at startup. List every frontend origin that must be allowed to send authenticated requests:
ALLOWED_ORIGINS and restart the backend before requests from that origin will succeed.
Recommended Hosting Providers
Railway — Backend + MySQL
Railway supports Docker deployments natively and provides managed MySQL add-ons. Deploy the
backend/ directory with the Docker build pack, attach a MySQL service, and set the environment variables in the Railway dashboard.Netlify / Vercel / Cloudflare Pages — Frontend
All three services build and publish static sites automatically from your Git repository. Connect the repo, set
VITE_API_URL, configure the dist/ output directory, and enable SPA fallback rewrites.Production Checklist
Work through this checklist after every new production deployment to confirm the system is functioning correctly end to end.Functional verification
- Login works with the seeded admin account
- A receptionist user can be created from Configuration
- Membership plans can be created and edited
- A new client can be registered
- Attendance can be recorded for a client
- Membership renewal flow completes successfully
- POS sale works with Efectivo (cash) payment
- POS sale works with Tarjeta (card) payment
- Transaction history filters return correct results
- CSV export downloads a valid file
- Receipts and tickets open and print correctly
- Dark mode persists after a page refresh
- Mobile layout verified at 375 × 667
- Tablet layout verified at 768 × 1024
- iPad Pro layout verified
- Desktop layout verified
- Cloudinary upload works (if credentials are configured)
-
GET /api/healthreturns{ "success": true } - Automatic database backups are enabled
- Admin password has been changed from the default
Backup Recommendations
Configure automatic MySQL backups on your database provider. The recommended retention schedule fromPRODUCTION_DEPLOY.md is:
| Frequency | Retention |
|---|---|
| Daily | Last 7 backups |
| Weekly | Last 4 backups |
| Monthly | Last 3 backups |