Cloudcore

Deploy CMS

Deploy the CMS API and admin UI to Cloudflare's global edge network.

1. Create Cloudflare resources

# Create D1 database
npx wrangler d1 create cloudcore-cms
# Copy the database_id into wrangler.toml

# Create R2 bucket for media storage
npx wrangler r2 bucket create cloudcore-cms

2. Update wrangler.toml

Replace database_id = "local" with the real ID from step 1.

3. Set secrets

# Required: admin API token
npx wrangler secret put ADMIN_TOKEN

# Recommended: one-time setup protection
npx wrangler secret put SETUP_TOKEN

# Optional: OAuth (if using)
npx wrangler secret put GITHUB_CLIENT_ID
npx wrangler secret put GITHUB_CLIENT_SECRET
npx wrangler secret put GOOGLE_CLIENT_ID
npx wrangler secret put GOOGLE_CLIENT_SECRET

# Optional: SMTP for magic links
npx wrangler secret put SMTP_HOST
npx wrangler secret put SMTP_USER
npx wrangler secret put SMTP_PASS

4. Set environment variables

Add to [vars] in wrangler.toml:

[vars]
SECURE_COOKIES = "true"
ALLOWED_ORIGINS = "https://admin.yourdomain.com,https://yourdomain.com"
SMTP_FROM = "noreply@yourdomain.com"
SMTP_FROM_NAME = "Your Site"

5. Deploy

# Deploy the worker
npx wrangler deploy

# Run database migrations
npx wrangler d1 migrations apply cloudcore-cms --remote

Your API is now live at https://cloudcore-cms.your-subdomain.workers.dev

6. Deploy the Public API (recommended)

The Public API is a separate read-only worker. Deploy it as the internet-facing endpoint for your frontend while keeping the CMS locked behind Cloudflare Access.

cd ../api
npm install

# Update wrangler.toml with the same database_id as the CMS

npx wrangler deploy
# Live at https://cloudcore-api.your-subdomain.workers.dev

Set ALLOWED_ORIGINS in the Public API's wrangler.toml to restrict CORS to your frontend domain(s).

7. Deploy admin UI

Build and deploy the admin as a static site:

cd ../cms/admin
npm run build
npx wrangler pages deploy dist --project-name cloudcore-admin

Or deploy to Vercel/Netlify — it's a standard Vite React app.

8. Lock down the CMS

With the Public API serving your frontend, you can now restrict access to the CMS worker using Cloudflare Access. Only your admin team needs access to the CMS — everything else goes through the read-only Public API.

9. Create your admin account

Open the admin UI and create your first account. If you set SETUP_TOKEN, you'll need to provide it during setup.

Custom domains

Add custom domains in the Cloudflare dashboard under Workers > your worker > Settings > Domains & Routes. A typical setup:

  • api.yourdomain.com — Public API (read-only, internet-facing)
  • cms.yourdomain.com — CMS admin (behind Cloudflare Access)
  • www.yourdomain.com — Frontend (Cloudflare Pages, Vercel, or Netlify)