GenerateSaaSSwitch to Separate
Move a fullstack project to a standalone backend in place - no CLI re-run, no clobbered config.
Fullstack ships apps/backend dormant. Activating it is an in-place rewiring - do it by hand. Re-running the CLI regenerates packages/config/src/index.ts and .env wholesale and overwrites your edits.
The backend needs a long-running host (Docker on Render, Fly.io, Railway, Coolify, Dokploy, or a VPS). separate + vercel is blocked. The frontend can stay on Vercel.
Unmount the API - delete
apps/web-next/app/api/[[...rest]]/route.ts. The frontend stops serving @repo/api; apps/backend/src/index.ts (already present) now owns it.Demote
@repo/api - move "@repo/api": "workspace:*" from dependencies to devDependencies in apps/web-next/package.json, then pnpm install. Only the AppType type stays; the Hono runtime leaves the frontend bundle.Repoint the client - set
NEXT_PUBLIC_API_URL to the backend origin (http://localhost:3010 dev, https://api.yourdomain.com prod). This one value re-derives apiBasePath, auth baseURL, CORS, and SSR rewrites - no source edits.Set backend env -
API_PORT=3010, TRUSTED_ORIGINS=<every frontend origin>, plus AUTH_COOKIE_DOMAIN for cross-subdomain cookies. See Separate backend.Move DB ownership - move the schema step (
pnpm -F @repo/database migrate) and DATABASE_URL off the frontend's start/buildCommand onto apps/backend, keeping DATABASE_URL out of the frontend host.Deploy & proxy - deploy
apps/backend (its Dockerfile is ready) and front both apps by host/path. See Reverse proxy.Optional - set
performanceMonitor.enabled: true in packages/config/src/index.ts. Fullstack Next disables it to avoid double-logging the in-process mount; standalone, the API should log its own requests.| Concern | Fullstack | Separate |
|---|---|---|
| API mount | frontend catch-all route | apps/backend process |
@repo/api | dependencies | devDependencies (types only) |
NEXT_PUBLIC_API_URL | …/api (same origin) | backend origin |
| DB schema step | frontend | backend |
| Cross-origin env | - | TRUSTED_ORIGINS, AUTH_COOKIE_DOMAIN |
Verify: run both apps and confirm an authenticated browser call succeeds cross-origin.