feat: complete memorial website features

- Add user contribution system (memories, timeline entries) - Add AI content moderation with Ollama (bad word detection + qwen3:4b) - Add family photo/video upload with admin approval - Add candle lighting feature - Add timeline and recipe sections - Add QR code page and OG image - Add site authentication (password-protected access) - Add proxy middleware for auth routing - Add admin dashboard for content management - Remove email fields, make name optional (default: Anonym) - Add CI/CD pipeline for Gitea Actions - Add Docker deployment configuration - Optimize Ollama RAM usage (42GB → 2.9GB) - Fix API routes accessibility through proxy middleware Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
2026-02-18 12:20:33 +01:00
parent 43e9d49620
commit a34d406375
54 changed files with 5989 additions and 248 deletions
@@ -0,0 +1,117 @@
+# OMA Memorial - Deployment Guide
+
+## CI/CD Pipeline
+
+### Gitea Actions Workflow
+Located at `.gitea/workflows/deploy.yml`
+
+**Triggers:** Push to `main` branch
+
+**Steps:**
+1. Checkout code
+2. Build Docker image
+3. Stop old container
+4. Run new container in `proxy` network
+5. Health check
+6. Show logs
+
+### Docker Setup
+
+**Image:** Multi-stage build with Node 20 Alpine
+**Container name:** `oma-memorial`
+**Network:** `proxy` (no ports exposed externally)
+**Port:** 3000 (internal only)
+
+### Requirements
+
+1. **Docker Network:**
+   ```bash
+   docker network create proxy
+   ```
+
+2. **Data Persistence:**
+   - Volume mount: `./data:/app/data`
+   - SQLite database persists across deployments
+
+3. **Ollama (optional):**
+   - Must be running on host or accessible
+   - URL: `http://localhost:11434` or `http://host.docker.internal:11434`
+
+### Manual Deployment
+
+```bash
+# Build
+docker build -t oma-memorial:latest .
+
+# Run
+docker run -d \
+  --name oma-memorial \
+  --network proxy \
+  --restart unless-stopped \
+  -e NODE_ENV=production \
+  -v $(pwd)/data:/app/data \
+  oma-memorial:latest
+
+# Check logs
+docker logs -f oma-memorial
+
+# Health check
+docker exec oma-memorial curl -f http://localhost:3000
+```
+
+### Proxy Integration
+
+The container runs in the `proxy` network and does **not** expose ports directly. Use a reverse proxy (nginx, Traefik, Caddy) to route traffic:
+
+**Example nginx config:**
+```nginx
+server {
+    listen 80;
+    server_name oma.example.com;
+    
+    location / {
+        proxy_pass http://oma-memorial:3000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+    }
+}
+```
+
+**Example Traefik labels:**
+```yaml
+labels:
+  - "traefik.enable=true"
+  - "traefik.http.routers.oma.rule=Host(`oma.example.com`)"
+  - "traefik.http.services.oma.loadbalancer.server.port=3000"
+```
+
+### Environment Variables
+
+- `NODE_ENV=production` (required)
+- `PORT=3000` (default)
+- `ADMIN_PASSWORD` (optional, defaults to hash of "Oma2024!")
+
+### Troubleshooting
+
+**Container won't start:**
+```bash
+docker logs oma-memorial
+```
+
+**Database issues:**
+```bash
+# Check data volume
+docker exec oma-memorial ls -la /app/data
+```
+
+**Network not found:**
+```bash
+docker network create proxy
+```
+
+**Build fails:**
+```bash
+# Clean build
+docker system prune -af
+docker build --no-cache -t oma-memorial:latest .
+```