Skip to main content
Skip to content

Last updated on 4 June 2026

Nexus - Admin Dashboard Template (Next.js)

Invite-only admin dashboard template built on Next.js 16, PostgreSQL, Drizzle, RBAC, audit logging, data-table operations, CSV import/export, security controls, and the Template Empire Gate 17 compliance scaffold.

Quick Start

Prerequisites: Node.js 22.13+, pnpm 10+, PostgreSQL 15+.

  1. Copy .env.example to .env:
    powershell
    # PowerShell
    Copy-Item .env.example .env -Force
    # macOS/Linux
    cp -f .env.example .env
    
  2. Start Postgres:
    bash
    docker compose -f docker-compose.demo.yml up -d
    
  3. Install dependencies:
    bash
    pnpm install
    
  4. Apply migrations and seed demo data:
    bash
    pnpm db:migrate
    pnpm db:seed:demo
    
  5. Start the app:
    bash
    pnpm dev
    
  6. Open http://localhost:3000.

Demo Credentials

  • Admin: admin@example.com / Password123!!
  • Demo user: demo@example.com / Password123!!

For public demo deployments, set SEED_PASSWORD before seeding.

What Ships

  • Invite-only email/password auth with password reset, session refresh, account lockout, failed-login audit events, and admin force-logout controls.
  • User and role management with invitations, status changes, predefined Admin/Editor/Viewer roles, and permission-matrix data.
  • Operational data-table surfaces with search, filtering, bulk actions, CSV import preview/validation, and CSV export.
  • Audit-log viewer with filters, entity metadata, export support, and per-user login activity.
  • Security console with active sessions, password policy copy, and account activity.
  • System settings editor backed by a typed key/value store.
  • API keys, user webhooks, notifications, analytics, uploads, and dashboard metrics.
  • UK/EU/US compliance scaffold: legal pages, cookie consent with reject-all parity, server-side GPC honour, DSAR export, account deletion with 30-day soft-delete, audit log table, and COMPLIANCE.md.

TL02 is an invite-only admin template. It does not ship anonymous account creation, social sign-in, public one-click email sign-in, public offer pages, checkout, or payment webhook handling.

Tech Stack

  • Framework: Next.js 16 App Router
  • Database: PostgreSQL via Drizzle ORM
  • Auth: JWT access tokens + httpOnly refresh cookies
  • Validation: Zod at API boundaries
  • Styling: Tailwind CSS v4 + shadcn/ui primitives
  • Theme: Nexus design tokens
  • Testing: Vitest + Playwright

Project Structure

text
src/
  app/
    (auth)/           - Login, forgot-password, reset-password, accept-invite
    (dashboard)/      - Admin dashboard, users, roles, data, security, system, audit
    (marketing)/      - Legal pages and template showcase routes
    api/              - Auth, admin, account, consent, analytics, webhooks, uploads
    page.tsx          - Template showcase page with demo credentials
  components/
    dashboard/        - Dashboard-specific UI
    forms/            - Auth and admin forms
    landing/          - Showcase/header/footer components
    layout/           - Admin shell, sidebar, topbar, theme provider
    ui/               - shadcn/ui primitives
  lib/
    compliance/       - DSAR + consent helpers
    db/               - Drizzle schema, migrations, seed scripts
    email/            - Transactional email templates
    site-config.ts    - Buyer-facing branding and compliance config
  services/           - Business logic layer
  validators/         - Zod schemas

Environment Variables

See .env.example for every variable the app reads.

Production deployments must set:

  • DATABASE_URL or the split POSTGRES_* values.
  • JWT_SECRET with at least 32 characters.
  • NEXT_PUBLIC_APP_URL with the public origin.
  • SMTP variables if transactional emails should send instead of logging in dev.
  • WEBHOOK_ENCRYPTION_KEY to rotate webhook secret encryption independently from JWT signing keys.

Verification

bash
pnpm typecheck
pnpm lint
pnpm build
pnpm audit:prod

Documentation

  • INSTALLATION.md - local setup and troubleshooting
  • DEPLOYMENT.md - production deployment and maintenance
  • CUSTOMIZATION.md - branding, legal copy, theme, and demo data
  • COMPLIANCE.md - Gate 17 compliance scaffold
  • LICENCE.md - commercial licence terms

Version

  • Version: 1.23.3
  • Edition: Nexus
  • Stack: Next.js