Refactor Vite configuration for improved development experience; add support for hot module replacement and optimize build process

deployment-configs/INSTALL_CONFIGS.sh

@@ -0,0 +1,54 @@
+#!/bin/bash
+
+# =============================================================================
+# TimeClock v3 - Apache-Konfiguration installieren
+# =============================================================================
+
+set -e
+
+echo "🚀 Installiere TimeClock Apache-Konfiguration..."
+
+# 1. SSLStapling global aktivieren
+echo "📝 Konfiguriere SSLStapling..."
+if ! grep -q "SSLStaplingCache" /etc/apache2/mods-available/ssl.conf; then
+    sudo sed -i '/<\/IfModule>/i \    # OCSP Stapling Cache\n    SSLStaplingCache shmcb:\/var\/run\/ocsp(128000)' /etc/apache2/mods-available/ssl.conf
+    echo "✅ SSLStapling konfiguriert"
+else
+    echo "✅ SSLStapling bereits konfiguriert"
+fi
+
+# 2. Kopiere HTTP-Config
+echo "📝 Kopiere HTTP-VirtualHost..."
+sudo cp stechuhr3.tsschulz.de.conf /etc/apache2/sites-available/
+
+# 3. Kopiere HTTPS-Config
+echo "📝 Kopiere HTTPS-VirtualHost..."
+sudo cp stechuhr3.tsschulz.de-le-ssl.conf /etc/apache2/sites-available/
+
+# 4. Aktiviere Sites (falls noch nicht aktiv)
+echo "📝 Aktiviere VirtualHosts..."
+sudo a2ensite stechuhr3.tsschulz.de 2>/dev/null || echo "✅ HTTP bereits aktiviert"
+sudo a2ensite stechuhr3.tsschulz.de-le-ssl 2>/dev/null || echo "✅ HTTPS bereits aktiviert"
+
+# 5. Teste Konfiguration
+echo "🔍 Teste Apache-Konfiguration..."
+sudo apache2ctl configtest
+
+# 6. Apache neustarten
+echo "🔄 Starte Apache neu..."
+sudo systemctl restart apache2
+
+# 7. Status prüfen
+echo ""
+echo "📊 Apache Status:"
+sudo systemctl status apache2 --no-pager | head -n 10
+
+echo ""
+echo "✅ Installation abgeschlossen!"
+echo ""
+echo "🌐 Teste deine App:"
+echo "   https://stechuhr3.tsschulz.de"
+echo "   https://stechuhr3.tsschulz.de/api/health"
+
+exit 0
+

deployment-configs/stechuhr3.tsschulz.de-le-ssl.conf

@@ -0,0 +1,128 @@
+# TimeClock v3 - HTTPS VirtualHost
+# Speichern unter: /etc/apache2/sites-available/stechuhr3.tsschulz.de-le-ssl.conf
+
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+    ServerName stechuhr3.tsschulz.de
+    ServerAdmin admin@tsschulz.de
+
+    # =================================================================
+    # Frontend (Vue.js SPA)
+    # =================================================================
+    DocumentRoot /var/www/timeclock/frontend/dist
+    
+    <Directory /var/www/timeclock/frontend/dist>
+        Options -Indexes +FollowSymLinks
+        AllowOverride All
+        Require all granted
+        
+        # SPA Fallback - alle Requests zu index.html
+        <IfModule mod_rewrite.c>
+            RewriteEngine On
+            RewriteBase /
+            RewriteRule ^index\.html$ - [L]
+            RewriteCond %{REQUEST_FILENAME} !-f
+            RewriteCond %{REQUEST_FILENAME} !-d
+            RewriteCond %{REQUEST_URI} !^/api
+            RewriteRule . /index.html [L]
+        </IfModule>
+    </Directory>
+
+    # =================================================================
+    # API Reverse Proxy zum Backend
+    # =================================================================
+    <IfModule mod_proxy.c>
+        ProxyPreserveHost On
+        ProxyRequests Off
+        ProxyTimeout 60
+        
+        # API Proxy
+        ProxyPass /api http://localhost:3010/api retry=0
+        ProxyPassReverse /api http://localhost:3010/api
+        
+        <Location /api>
+            # Proxy Headers
+            RequestHeader set X-Forwarded-Proto "https"
+            RequestHeader set X-Forwarded-Port "443"
+            RequestHeader set X-Real-IP %{REMOTE_ADDR}s
+        </Location>
+    </IfModule>
+
+    # =================================================================
+    # Gzip Compression
+    # =================================================================
+    <IfModule mod_deflate.c>
+        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
+        AddOutputFilterByType DEFLATE application/javascript application/x-javascript application/json
+        AddOutputFilterByType DEFLATE application/xml application/xml+rss application/rss+xml
+        AddOutputFilterByType DEFLATE image/svg+xml
+        AddOutputFilterByType DEFLATE font/ttf font/woff font/woff2
+    </IfModule>
+
+    # =================================================================
+    # Security Headers
+    # =================================================================
+    <IfModule mod_headers.c>
+        Header always set X-Frame-Options "SAMEORIGIN"
+        Header always set X-Content-Type-Options "nosniff"
+        Header always set X-XSS-Protection "1; mode=block"
+        Header always set Referrer-Policy "strict-origin-when-cross-origin"
+        Header always set Permissions-Policy "geolocation=(), microphone=(), camera=()"
+        Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+    </IfModule>
+
+    # =================================================================
+    # Cache-Control
+    # =================================================================
+    # Cache für statische Assets
+    <FilesMatch "\.(js|css|png|jpg|jpeg|gif|ico|svg|webp|woff|woff2|ttf|eot)$">
+        <IfModule mod_headers.c>
+            Header set Cache-Control "public, max-age=31536000, immutable"
+        </IfModule>
+    </FilesMatch>
+    
+    # Kein Cache für HTML
+    <FilesMatch "\.(html|htm)$">
+        <IfModule mod_headers.c>
+            Header set Cache-Control "no-cache, no-store, must-revalidate"
+            Header set Pragma "no-cache"
+            Header set Expires "0"
+        </IfModule>
+    </FilesMatch>
+
+    # =================================================================
+    # Sicherheit: Verstecke sensible Dateien
+    # =================================================================
+    <DirectoryMatch "^\.|\/\.">
+        Require all denied
+    </DirectoryMatch>
+    
+    <FilesMatch "^\.">
+        Require all denied
+    </FilesMatch>
+    
+    <FilesMatch "\.env">
+        Require all denied
+    </FilesMatch>
+
+    # =================================================================
+    # Limits
+    # =================================================================
+    LimitRequestBody 10485760
+    TimeOut 300
+
+    # =================================================================
+    # Logging
+    # =================================================================
+    ErrorLog ${APACHE_LOG_DIR}/stechuhr3-error.log
+    CustomLog ${APACHE_LOG_DIR}/stechuhr3-access.log combined
+
+    # =================================================================
+    # SSL-Konfiguration (von Certbot verwaltet)
+    # =================================================================
+    SSLCertificateFile /etc/letsencrypt/live/stechuhr3.tsschulz.de/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/stechuhr3.tsschulz.de/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+</VirtualHost>
+</IfModule>
+

deployment-configs/stechuhr3.tsschulz.de.conf

@@ -0,0 +1,18 @@
+# TimeClock v3 - HTTP VirtualHost
+# Speichern unter: /etc/apache2/sites-available/stechuhr3.tsschulz.de.conf
+
+<VirtualHost *:80>
+    ServerName stechuhr3.tsschulz.de
+    ServerAdmin admin@tsschulz.de
+
+    DocumentRoot /var/www/timeclock/frontend/dist
+
+    ErrorLog ${APACHE_LOG_DIR}/stechuhr3-error.log
+    CustomLog ${APACHE_LOG_DIR}/stechuhr3-access.log combined
+
+    # Redirect zu HTTPS
+    RewriteEngine On
+    RewriteCond %{SERVER_NAME} =stechuhr3.tsschulz.de
+    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
+</VirtualHost>
+