# Deploying MindScreen AI on cPanel

This project is now set up so it needs only **one** cPanel "Python App"
(FastAPI serves both the API and the frontend, at `/app`), plus one MySQL
database. You do NOT need Node.js or a separate static host.

Requires a host where "Setup Python App" appears under cPanel's Software
section (most shared hosts with Python support have it — see the "no
Setup Python App?" note at the bottom if yours doesn't).

## 1. Upload the code

- In cPanel File Manager (or via SFTP), create a folder outside `public_html`,
  e.g. `/home/youruser/mindscreen_ai`, and upload/extract this whole project
  there. (Passenger apps don't need to live in `public_html`; the Python App
  tool wires the URL for you.)

## 2. Create the MySQL database

- cPanel → **MySQL® Databases**
- Create a database, e.g. `mindscreen` → becomes `youruser_mindscreen`
- Create a user, e.g. `mindscreen_user` → becomes `youruser_mindscreen_user`, set a strong password
- Add that user to that database with **ALL PRIVILEGES**
- Optional but recommended: cPanel → **phpMyAdmin** → select the new
  database → Import → upload `database/schema.sql` to pre-create the 7
  tables (the app will also auto-create them on first run if you skip this)

## 3. Create the Python App

- cPanel → **Setup Python App** → Create Application
  - Python version: 3.10+ (avoid an "experimental"-labeled latest version)
  - Application root: `mindscreen_ai` (the folder you uploaded)
  - Application URL: your domain or subdomain, e.g. `app.yourdomain.com`
  - Application startup file: `passenger_wsgi.py` (already included)
  - Application Entry point: `application` (already the variable name in `passenger_wsgi.py`)
- Click **Create**. cPanel builds a virtualenv and shows you an "Enter to
  the virtual environment" command — copy it, you'll want it for step 5.

## 4. Install dependencies

- On the Setup Python App page, your app now shows a **Run Pip Install**
  button once it detects `requirements.txt` in the app root — click it.
- If it fails or you prefer the terminal: cPanel → **Terminal**, paste the
  "Enter to the virtual environment" command from step 3, then:
  ```bash
  pip install -r requirements.txt
  ```

## 5. Configure environment variables

```bash
cd ~/mindscreen_ai
cp backend/.env.production.example backend/.env
```
Edit `backend/.env` (File Manager or `nano backend/.env` in Terminal):
- Set `DATABASE_URL` to the MySQL user/password/db you made in step 2
- Set `JWT_SECRET_KEY` to a real random string:
  ```bash
  python3 -c "import secrets; print(secrets.token_urlsafe(48))"
  ```
- Set `ALLOWED_ORIGINS` and `APP_BASE_URL` to your real domain
- Leave `EMAIL_SENDING_ENABLED=false` unless you've set up SMTP

## 6. Restart the app

- Setup Python App → your app → **Restart**
- Visit `https://yourdomain.com/health` → should return `{"status":"ok"}`
- Visit `https://yourdomain.com/docs` → interactive API docs
- Visit `https://yourdomain.com/app` → the chat UI

## 7. (Optional) Seed demo data for the dashboard

```bash
cd ~/mindscreen_ai
source /home/youruser/virtualenv/mindscreen_ai/3.10/bin/activate  # path from step 3
python3 -m database.seed_data
```

## 8. HTTPS

Most cPanel hosts include free AutoSSL — cPanel → **SSL/TLS Status** →
select your domain → **Run AutoSSL**. Do this before going live; the
frontend sends login credentials, so it must be served over HTTPS.

## Things worth doing before real (non-demo) use

These are called out in the project's own `README.md` / `docs/INSTALLATION.md`
too:
- No role-based access control yet on `/dashboard/*` — any logged-in user
  can see aggregate stats. Fine for a small pilot, not for public signup.
- No rate limiting on the auth/chat endpoints.
- In-memory conversation state won't survive an app restart or work across
  multiple worker processes — fine for a single Passenger process (the
  default), but revisit if you ever scale to multiple workers.
- This is a research/educational screening prototype, not a diagnostic or
  clinical tool — keep the in-app disclaimer intact.

## If your host doesn't have "Setup Python App"

Some budget shared-hosting plans don't expose it. In that case you have two
options: ask your host to move you to a server that supports it (common,
often free), or deploy the backend elsewhere (a small VPS, Railway, Render,
Fly.io — anywhere that can run `uvicorn backend.main:app`) and point
`ALLOWED_ORIGINS` / `window.MINDSCREEN_API_BASE` at it while still hosting
the static `frontend/` folder on cPanel's regular `public_html`.
