# NIMBY Rails Progress Tracker - Self-Hosting Guide This application can be deployed to any server that supports Node.js and PostgreSQL. ## Requirements - Node.js 20+ - PostgreSQL 14+ - A reverse proxy (nginx, Caddy, etc.) for HTTPS in production ## Environment Variables Create a `.env` file with the following variables: ```bash # Database connection (required) DATABASE_URL=postgresql://user:password@localhost:5432/nimby_rails # Session secret (required - generate a random string) SESSION_SECRET=your-random-secret-string-at-least-32-characters # Port (optional, defaults to 5000) PORT=5000 # Node environment NODE_ENV=production ``` ## Installation ```bash # Install dependencies npm install # Push database schema npm run db:push # Build the application npm run build # Start the server npm start ``` ## First-Time Setup 1. Navigate to `/admin` in your browser 2. You'll see the "Setup Admin Account" screen 3. Create your first admin account with a username and password (min 8 characters) 4. You can now log in and manage your progress tracker ## Database Setup ### PostgreSQL Setup ```sql CREATE DATABASE nimby_rails; CREATE USER nimby_user WITH PASSWORD 'your_password'; GRANT ALL PRIVILEGES ON DATABASE nimby_rails TO nimby_user; ``` ### Running Migrations ```bash npm run db:push ``` ## Seed Data (Optional) To add initial Belgium data: ```bash npx tsx server/seed.ts ``` ## Production Deployment ### Using PM2 ```bash npm install -g pm2 pm2 start dist/index.cjs --name nimby-rails pm2 save pm2 startup ``` ### Using Docker ```dockerfile FROM node:20-alpine WORKDIR /app COPY package*.json ./ RUN npm ci --production COPY . . RUN npm run build EXPOSE 5000 CMD ["npm", "start"] ``` ### Nginx Reverse Proxy ```nginx server { listen 80; server_name your-domain.com; location / { proxy_pass http://localhost:5000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_cache_bypass $http_upgrade; } } ``` ## Security Notes 1. Always use HTTPS in production 2. Set a strong SESSION_SECRET (at least 32 random characters) 3. Use strong passwords for admin accounts 4. Keep your dependencies updated 5. Consider rate limiting for the login endpoint ## API Endpoints ### Public (Read-Only) - `GET /api/countries` - Get all countries with nested data ### Admin (Protected) - `POST /api/countries` - Create country - `DELETE /api/countries/:id` - Delete country - `POST /api/cities` - Create city - `DELETE /api/cities/:id` - Delete city - `POST /api/operators` - Create operator - `DELETE /api/operators/:id` - Delete operator - `POST /api/lines` - Create line - `PATCH /api/lines/:id` - Update line - `DELETE /api/lines/:id` - Delete line ### Authentication (Portable Auth) - `GET /api/auth/status` - Check auth status - `POST /api/auth/setup` - Create first admin (only works once) - `POST /api/auth/login` - Login with username/password - `POST /api/auth/logout` - Logout - `GET /api/auth/user` - Get current user ## Troubleshooting ### Database Connection Issues - Verify DATABASE_URL is correct - Check PostgreSQL is running - Ensure database user has proper permissions ### Session Issues - Make sure SESSION_SECRET is set - Check cookie settings if behind a proxy - Verify trust proxy settings if using a reverse proxy ### Build Errors - Clear node_modules and reinstall: `rm -rf node_modules && npm install` - Clear build directory: `rm -rf dist && npm run build`