diff --git a/deploy-production.sh b/deploy-production.sh index 6a91c36..bea563f 100755 --- a/deploy-production.sh +++ b/deploy-production.sh @@ -48,9 +48,24 @@ ensure_symlink_dir() { echo " Linked $src -> $target" } +has_tracked_files_under() { + local prefix="$1" # e.g. public/data + # If any file is tracked under this path, symlinking the directory will break git operations + git ls-files "$prefix" | head -n 1 | grep -q . +} + echo "0. Ensuring persistent data directories (recommended)..." ensure_symlink_dir "server/data" "$DATA_ROOT/server-data" -ensure_symlink_dir "public/data" "$DATA_ROOT/public-data" + +# IMPORTANT: Only symlink public/data if it's not tracked by git. +# Otherwise git will error with "path is beyond a symbolic link". +if has_tracked_files_under "public/data"; then + echo " Skipping symlink for public/data (tracked files detected in git)." + echo " Recommendation: remove public/data/*.csv from git history and keep them only as production data." +else + ensure_symlink_dir "public/data" "$DATA_ROOT/public-data" +fi + ensure_symlink_dir "public/uploads" "$DATA_ROOT/public-uploads" echo "" @@ -89,9 +104,13 @@ if [ -n "$(git status --porcelain | grep '^UU\|^AA\|^DD')" ]; then git reset --hard HEAD fi -# Stash any local changes (including production data) -echo " Stashing local changes..." -git stash push -m "Production deployment stash $(date)" || true +# Ensure a clean working tree (we avoid git stash because it breaks with symlinked data paths) +if [ -n "$(git status --porcelain)" ]; then + echo "ERROR: Working tree is not clean. Please commit/revert changes before deployment." + echo "Hint: If this is caused by tracked production data files, remove them from git tracking." + git status --porcelain + exit 1 +fi # Pull latest changes echo " Pulling latest changes..." @@ -144,12 +163,9 @@ if [ ! -s server/data/users.json ]; then exit 1 fi -# 7. Cleanup stash (Backups werden bewusst behalten) +# 7. Cleanup (Backups werden bewusst behalten) echo "" -echo "7. Cleaning up stash (keeping backups in $BACKUP_ROOT)..." -# Clear the deployment stash (keep other stashes) -echo " Clearing deployment stash..." -git stash list | grep "Production deployment stash" | head -1 | cut -d: -f1 | xargs -r git stash drop +echo "7. Keeping backups in $BACKUP_ROOT (no git stash used)." # 8. Restart PM2 echo "" diff --git a/harheimertc.config.cjs b/harheimertc.config.cjs index 8785ae1..71b7b99 100644 --- a/harheimertc.config.cjs +++ b/harheimertc.config.cjs @@ -9,8 +9,9 @@ try { module.exports = { apps: [{ name: 'harheimertc', - script: 'npm', - args: 'run start', + // Nuxt 4 production build: direkt den Node-Server starten (kein "preview mode") + script: 'node', + args: '.output/server/index.mjs', cwd: '/var/www/harheimertc', instances: 1, autorestart: true, diff --git a/harheimertc.simple.cjs b/harheimertc.simple.cjs index c0f3c90..c21175c 100644 --- a/harheimertc.simple.cjs +++ b/harheimertc.simple.cjs @@ -9,8 +9,8 @@ try { module.exports = { apps: [{ name: 'harheimertc', - script: 'npm', - args: 'run start', + script: 'node', + args: '.output/server/index.mjs', instances: 1, autorestart: true, watch: false, diff --git a/server/api/auth/passkeys/registration-options.post.js b/server/api/auth/passkeys/registration-options.post.js index 208674c..88bf970 100644 --- a/server/api/auth/passkeys/registration-options.post.js +++ b/server/api/auth/passkeys/registration-options.post.js @@ -31,7 +31,8 @@ export default defineEventHandler(async (event) => { const options = await generateRegistrationOptions({ rpName, rpID: rpId, - userID: String(user.id), + // @simplewebauthn/server erwartet inzwischen Uint8Array/Buffer statt String + userID: new TextEncoder().encode(String(user.id)), userName: user.email, // Keine Attestation-Daten speichern attestationType: 'none',