diff --git a/.gitea/workflows/code-analysis.yml b/.gitea/workflows/code-analysis.yml
index f3fe56c..5cba5f7 100644
--- a/.gitea/workflows/code-analysis.yml
+++ b/.gitea/workflows/code-analysis.yml
@@ -101,21 +101,21 @@ jobs:
           mkdir -p ~/.ssh
           printf "%s" "${{ secrets.PROD_SSH_KEY }}" > ~/.ssh/id_ed25519
           chmod 600 ~/.ssh/id_ed25519
-          ssh-keyscan -p "${{ secrets.PROD_PORT }}" "${{ secrets.PROD_HOST }}" >> ~/.ssh/known_hosts
+          ssh-keyscan -p "${{ vars.PROD_PORT }}" "${{ vars.PROD_HOST }}" >> ~/.ssh/known_hosts
 
       - name: Test SSH connection
         run: |
           ssh -i ~/.ssh/id_ed25519 \
             -o StrictHostKeyChecking=no \
             -o BatchMode=yes \
-            -p "${{ secrets.PROD_PORT }}" \
-            "${{ secrets.PROD_USER }}@${{ secrets.PROD_HOST }}" \
+            -p "${{ vars.PROD_PORT }}" \
+            "${{ vars.PROD_USER }}@${{ vars.PROD_HOST }}" \
             "echo SSH OK"
 
       - name: Run production deployment script
         run: |
           ssh -i ~/.ssh/id_ed25519 \
             -o BatchMode=yes \
-            -p "${{ secrets.PROD_PORT }}" \
-            "${{ secrets.PROD_USER }}@${{ secrets.PROD_HOST }}" \
+            -p "${{ vars.PROD_PORT }}" \
+            "${{ vars.PROD_USER }}@${{ vars.PROD_HOST }}" \
             "bash -lc 'cd /var/www/harheimertc && ./deploy-production.sh'"
diff --git a/deploy-production.sh b/deploy-production.sh
index 440a2aa..560ab94 100755
--- a/deploy-production.sh
+++ b/deploy-production.sh
@@ -54,6 +54,16 @@ has_tracked_files_under() {
   git ls-files "$prefix" | head -n 1 | grep -q .
 }
 
+install_dependencies() {
+  if [ -f "package-lock.json" ]; then
+    echo "   Running: npm ci"
+    npm ci
+  else
+    echo "   WARNING: package-lock.json fehlt. Führe npm install aus..."
+    npm install
+  fi
+}
+
 echo "0. Ensuring persistent data directories (recommended)..."
 # IMPORTANT: Only symlink server/data if it's not tracked by git.
 if has_tracked_files_under "server/data"; then
@@ -164,7 +174,7 @@ fi
 # 3. Install dependencies
 echo ""
 echo "3. Installing dependencies..."
-npm install
+install_dependencies
 
 # 4. Remove old build (but keep data!)
 echo ""
@@ -181,38 +191,6 @@ if [ -d ".output" ]; then
     if [ -d ".output" ]; then
       echo "ERROR: .output konnte auch nach erneutem Versuch nicht gelöscht werden!"
       echo "Bitte manuell prüfen und löschen: rm -rf .output"
-  if ls "$BACKUP_DIR/public-data"/*.csv >/dev/null 2>&1; then
-    # Restore into internal storage (server/data/public-data)
-    mkdir -p server/data/public-data
-    for csv_file in "$BACKUP_DIR/public-data"/*.csv; do
-      filename=$(basename "$csv_file")
-      cp -f "$csv_file" "server/data/public-data/$filename"
-      if [ -f "server/data/public-data/$filename" ]; then
-        backup_size=$(stat -f%z "$csv_file" 2>/dev/null || stat -c%s "$csv_file" 2>/dev/null || echo "0")
-        restored_size=$(stat -f%z "server/data/public-data/$filename" 2>/dev/null || stat -c%s "server/data/public-data/$filename" 2>/dev/null || echo "0")
-        if [ "$backup_size" = "$restored_size" ] && [ "$backup_size" != "0" ]; then
-          echo "   \u2713 Restored server/data/public-data/$filename from backup ($backup_size bytes)"
-        else
-          echo "   \u26a0 WARNING: server/data/public-data/$filename size mismatch (Backup: $backup_size, Restored: $restored_size)"
-        fi
-      else
-        echo "   \u274c ERROR: Konnte server/data/public-data/$filename nicht wiederherstellen!"
-      fi
-    done
-
-    echo "   \u2713 All public-data files restored into server/data/public-data ($BACKUP_DIR/public-data)."
-
-    # Optional: synchronize internal public-data into public/data for legacy builds
-    # This uses the project's sync script and forces overwrite in public/data.
-    if command -v node >/dev/null 2>&1 && [ -f scripts/sync-public-data.js ]; then
-      echo "   Synchronizing server/data/public-data -> public/data (using scripts/sync-public-data.js --force)"
-      node scripts/sync-public-data.js --force || echo "   WARNING: sync script failed"
-    else
-      echo "   Note: To publish CSVs to public/data run: node scripts/sync-public-data.js --force"
-    fi
-  else
-    echo "   No public CSVs to restore"
-  fi
       exit 1
     fi
   fi
@@ -230,7 +208,7 @@ fi
 if [ ! -d "node_modules" ]; then
   echo ""
   echo "WARNING: node_modules fehlt. Installiere Dependencies..."
-  npm install
+  install_dependencies
 fi
 
 # 5. Build
@@ -243,7 +221,7 @@ echo "   (This may take a few minutes...)"
 echo "   Checking dependencies..."
 if [ ! -f "node_modules/.package-lock.json" ] && [ ! -f "package-lock.json" ]; then
   echo "   WARNING: package-lock.json fehlt. Führe npm install aus..."
-  npm install
+  install_dependencies
 fi
 
 # Build mit expliziter Fehlerbehandlung und Output-Capture
@@ -498,4 +476,3 @@ echo "  pm2 status                     # View status"
 echo "  pm2 restart harheimertc        # Restart instance on port 3100"
 echo "  pm2 restart harheimertc-3102   # Restart instance on port 3102"
 echo "  pm2 restart all                # Restart all instances"
-