From 434859b60684d2e06c67511cde6e9b6273b0a3e7 Mon Sep 17 00:00:00 2001
From: Kirill <mpak8501@yandex.ru>
Date: Thu, 14 May 2026 20:33:59 +0500
Subject: [PATCH] docs: add SERVER_SETUP.md, update README with new deploy
 section

---
 README.md               |  21 ++++-
 scripts/SERVER_SETUP.md | 166 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 184 insertions(+), 3 deletions(-)
 create mode 100644 scripts/SERVER_SETUP.md

diff --git a/README.md b/README.md
index 14d1b56..e1ca463 100644
--- a/README.md
+++ b/README.md
@@ -73,9 +73,6 @@ npm run dev             # переменные из `.dev_env`
 
 Сервер: `http://127.0.0.1:3333`. Проверка: `GET /health`.
 
-Черновик деплоя на Proxmox: [docs/test-deploy-proxmox.md](docs/test-deploy-proxmox.md).  
-Обновление уже развёрнутого стенда: [docs/deploy-changes.md](docs/deploy-changes.md).
-
 ### Фронтенд
 
 В другом терминале:
@@ -124,3 +121,21 @@ npm run dev
 - `PATCH /api/admin/products/:id`
 - `DELETE /api/admin/products/:id`
 - `POST /api/admin/categories`
+
+## Деплой
+
+```bash
+# Заполнить scripts/deploy.env (DEPLOY_HOST, DEPLOY_PATH и т.д.)
+
+# Первичная настройка LXC: см. scripts/SERVER_SETUP.md
+
+# Деплой только изменившихся компонентов:
+./scripts/deploy-auto.sh
+
+# Полный деплой (игнорировать diff):
+./scripts/deploy-auto.sh --force
+
+# Только фронт или только бэкенд:
+./scripts/deploy-auto.sh --frontend-only
+./scripts/deploy-auto.sh --backend-only
+```
diff --git a/scripts/SERVER_SETUP.md b/scripts/SERVER_SETUP.md
new file mode 100644
index 0000000..b025689
--- /dev/null
+++ b/scripts/SERVER_SETUP.md
@@ -0,0 +1,166 @@
+# Первичная настройка LXC для Craftshop
+
+Выполнять от **root** на свежем Debian/Ubuntu LXC.
+
+---
+
+## 1. Базовые пакеты и Node.js
+
+```bash
+apt-get update -y
+apt-get install -y ca-certificates curl gnupg curl git
+
+curl -fsSL https://deb.nodesource.com/setup_22.x | bash -
+apt-get install -y nodejs
+
+node --version  # ожидается >= 22
+npm --version
+```
+
+## 2. Пользователь и каталоги
+
+```bash
+useradd --create-home --shell /bin/bash deploy
+mkdir -p /opt/craftshop/server/uploads /opt/craftshop/www
+chown -R deploy:deploy /opt/craftshop
+chmod 755 /opt/craftshop /opt/craftshop/server /opt/craftshop/www
+```
+
+## 3. systemd unit
+
+```bash
+cat >/etc/systemd/system/craftshop-api.service <<'UNIT'
+[Unit]
+Description=Craftshop API (Fastify)
+After=network.target
+
+[Service]
+Type=simple
+User=deploy
+Group=deploy
+WorkingDirectory=/opt/craftshop/server
+EnvironmentFile=-/opt/craftshop/server/.env
+ExecStart=/usr/bin/node src/index.js
+Restart=on-failure
+RestartSec=5
+LimitNOFILE=65535
+
+[Install]
+WantedBy=multi-user.target
+UNIT
+
+systemctl daemon-reload
+systemctl enable craftshop-api.service
+```
+
+## 4. Nginx
+
+```bash
+apt-get install -y nginx
+
+cat >/etc/nginx/sites-available/craftshop <<'NGX'
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+
+    server_name _;
+
+    root /opt/craftshop/www;
+    index index.html;
+
+    location /api/ {
+        client_max_body_size 250m;
+        proxy_pass http://127.0.0.1:3333;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    location /uploads/ {
+        proxy_pass http://127.0.0.1:3333;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+}
+NGX
+
+rm -f /etc/nginx/sites-enabled/default
+ln -sf /etc/nginx/sites-available/craftshop /etc/nginx/sites-enabled/craftshop
+nginx -t && systemctl reload nginx
+```
+
+## 5. NetBird VPN
+
+```bash
+curl -fsSL https://pkgs.netbird.io/install.sh | sh
+netbird up
+```
+
+После `netbird up` появится интерфейс `wt0` с IP из твоей NetBird-сети. Запомни его — он понадобится для NPM.
+
+## 6. Переменные окружения
+
+Сгенерируй JWT_SECRET:
+
+```bash
+node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
+```
+
+Создай `.env`:
+
+```bash
+cat >/opt/craftshop/server/.env <<'ENV'
+DATABASE_URL="file:./prod.db"
+PORT=3333
+JWT_SECRET=<вставь сгенерированную строку>
+ADMIN_EMAIL=<твой email>
+CORS_ORIGIN=https://<твой-домен>
+IS_DEFAULT_CODE_ENABLED=false
+ENV
+chown deploy:deploy /opt/craftshop/server/.env
+chmod 600 /opt/craftshop/server/.env
+```
+
+## 7. Первый деплой
+
+На машине разработчика (после заполнения `scripts/deploy.env`):
+
+```bash
+./scripts/deploy-auto.sh --force
+```
+
+После завершения — на сервере:
+
+```bash
+systemctl start craftshop-api
+systemctl status craftshop-api
+curl http://127.0.0.1:3333/health
+```
+
+## 8. VPS с Nginx Proxy Manager
+
+На VPS (где установлен NPM):
+
+1. DNS-запись A: `craftshop.твой-домен` → IP VPS
+2. В NPM → Proxy Hosts → Add:
+   - Domain: `craftshop.твой-домен`
+   - Forward Hostname: `<NetBird-IP-LXC>` (IP wt0 на LXC)
+   - Forward Port: `80`
+   - SSL: Let's Encrypt
+3. Сохрани
+
+Проверка:
+
+```bash
+curl https://craftshop.твой-домен/api/health
+```