Refactor Vite configuration for improved development experience; add support for hot module replacement and optimize build process

2025-10-18 22:58:22 +02:00
parent 57b8b3435e
commit b066ffdeb4
4 changed files with 413 additions and 0 deletions
--- a/deployment-configs/stechuhr3.tsschulz.de-le-ssl.conf
+++ b/deployment-configs/stechuhr3.tsschulz.de-le-ssl.conf
@@ -0,0 +1,128 @@
+# TimeClock v3 - HTTPS VirtualHost
+# Speichern unter: /etc/apache2/sites-available/stechuhr3.tsschulz.de-le-ssl.conf
+
+<IfModule mod_ssl.c>
+<VirtualHost *:443>
+    ServerName stechuhr3.tsschulz.de
+    ServerAdmin admin@tsschulz.de
+
+    # =================================================================
+    # Frontend (Vue.js SPA)
+    # =================================================================
+    DocumentRoot /var/www/timeclock/frontend/dist
+    
+    <Directory /var/www/timeclock/frontend/dist>
+        Options -Indexes +FollowSymLinks
+        AllowOverride All
+        Require all granted
+        
+        # SPA Fallback - alle Requests zu index.html
+        <IfModule mod_rewrite.c>
+            RewriteEngine On
+            RewriteBase /
+            RewriteRule ^index\.html$ - [L]
+            RewriteCond %{REQUEST_FILENAME} !-f
+            RewriteCond %{REQUEST_FILENAME} !-d
+            RewriteCond %{REQUEST_URI} !^/api
+            RewriteRule . /index.html [L]
+        </IfModule>
+    </Directory>
+
+    # =================================================================
+    # API Reverse Proxy zum Backend
+    # =================================================================
+    <IfModule mod_proxy.c>
+        ProxyPreserveHost On
+        ProxyRequests Off
+        ProxyTimeout 60
+        
+        # API Proxy
+        ProxyPass /api http://localhost:3010/api retry=0
+        ProxyPassReverse /api http://localhost:3010/api
+        
+        <Location /api>
+            # Proxy Headers
+            RequestHeader set X-Forwarded-Proto "https"
+            RequestHeader set X-Forwarded-Port "443"
+            RequestHeader set X-Real-IP %{REMOTE_ADDR}s
+        </Location>
+    </IfModule>
+
+    # =================================================================
+    # Gzip Compression
+    # =================================================================
+    <IfModule mod_deflate.c>
+        AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript
+        AddOutputFilterByType DEFLATE application/javascript application/x-javascript application/json
+        AddOutputFilterByType DEFLATE application/xml application/xml+rss application/rss+xml
+        AddOutputFilterByType DEFLATE image/svg+xml
+        AddOutputFilterByType DEFLATE font/ttf font/woff font/woff2
+    </IfModule>
+
+    # =================================================================
+    # Security Headers
+    # =================================================================
+    <IfModule mod_headers.c>
+        Header always set X-Frame-Options "SAMEORIGIN"
+        Header always set X-Content-Type-Options "nosniff"
+        Header always set X-XSS-Protection "1; mode=block"
+        Header always set Referrer-Policy "strict-origin-when-cross-origin"
+        Header always set Permissions-Policy "geolocation=(), microphone=(), camera=()"
+        Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+    </IfModule>
+
+    # =================================================================
+    # Cache-Control
+    # =================================================================
+    # Cache für statische Assets
+    <FilesMatch "\.(js|css|png|jpg|jpeg|gif|ico|svg|webp|woff|woff2|ttf|eot)$">
+        <IfModule mod_headers.c>
+            Header set Cache-Control "public, max-age=31536000, immutable"
+        </IfModule>
+    </FilesMatch>
+    
+    # Kein Cache für HTML
+    <FilesMatch "\.(html|htm)$">
+        <IfModule mod_headers.c>
+            Header set Cache-Control "no-cache, no-store, must-revalidate"
+            Header set Pragma "no-cache"
+            Header set Expires "0"
+        </IfModule>
+    </FilesMatch>
+
+    # =================================================================
+    # Sicherheit: Verstecke sensible Dateien
+    # =================================================================
+    <DirectoryMatch "^\.|\/\.">
+        Require all denied
+    </DirectoryMatch>
+    
+    <FilesMatch "^\.">
+        Require all denied
+    </FilesMatch>
+    
+    <FilesMatch "\.env">
+        Require all denied
+    </FilesMatch>
+
+    # =================================================================
+    # Limits
+    # =================================================================
+    LimitRequestBody 10485760
+    TimeOut 300
+
+    # =================================================================
+    # Logging
+    # =================================================================
+    ErrorLog ${APACHE_LOG_DIR}/stechuhr3-error.log
+    CustomLog ${APACHE_LOG_DIR}/stechuhr3-access.log combined
+
+    # =================================================================
+    # SSL-Konfiguration (von Certbot verwaltet)
+    # =================================================================
+    SSLCertificateFile /etc/letsencrypt/live/stechuhr3.tsschulz.de/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/stechuhr3.tsschulz.de/privkey.pem
+    Include /etc/letsencrypt/options-ssl-apache.conf
+</VirtualHost>
+</IfModule>
+