# Deployment Guide for parking.rocketscale.it

## Prerequisites

- org-stack running on rocky@rocketscale.it
- Git repository on git.rocketscale.it

## Step 1: Push to Git

```bash
# On development machine
cd /mnt/code/boilerplate/org-parking
git init
git add .
git commit -m "Initial commit: Parking Manager"
git remote add origin git@git.rocketscale.it:rocky/parking-manager.git
git push -u origin main
```

## Step 2: Clone on Server

```bash
# SSH to server
ssh rocky@rocketscale.it

# Clone into org-stack
cd ~/org-stack
git clone git@git.rocketscale.it:rocky/parking-manager.git parking
```

## Step 3: Add to .env

Add to `~/org-stack/.env`:

```bash
# Parking Manager
PARKING_SECRET_KEY=your-random-secret-key-here
```

Generate a secret key:
```bash
python3 -c "import secrets; print(secrets.token_hex(32))"
```

## Step 4: Add to compose.yml

Add the parking service to `~/org-stack/compose.yml`:

```yaml
  # ===========================================================================
  # Parking Manager - Parking Spot Management
  # ===========================================================================
  parking:
    build: ./parking
    container_name: parking
    restart: unless-stopped
    volumes:
      - parking_data:/app/data
    environment:
      - SECRET_KEY=${PARKING_SECRET_KEY}
      - DATABASE_PATH=/app/data/parking.db
      - AUTHELIA_ENABLED=true
      - ALLOWED_ORIGINS=https://parking.rocketscale.it
      - SMTP_HOST=${SMTP_HOST:-}
      - SMTP_PORT=${SMTP_PORT:-587}
      - SMTP_USER=${SMTP_USER:-}
      - SMTP_PASSWORD=${SMTP_PASSWORD:-}
      - SMTP_FROM=${SMTP_FROM:-}
    networks:
      - org-network
    depends_on:
      - authelia
```

Add to volumes section:
```yaml
  parking_data:       # Parking SQLite database
```

Add `parking` to Caddy's depends_on list.

## Step 5: Add to Caddyfile

Add to `~/org-stack/Caddyfile`:

```
# Parking Manager - Protected by Authelia
parking.rocketscale.it {
    import auth
    reverse_proxy parking:8000
}
```

## Step 6: Create LLDAP Groups

In lldap (https://ldap.rocketscale.it):

1. Create group: `parking_admins` (follows lldap naming convention)
2. Create group: `managers` (reusable across apps)
3. Add yourself to `parking_admins`

## Step 7: Deploy

```bash
cd ~/org-stack

# Build and start parking service
docker compose build parking
docker compose up -d parking

# Reload Caddy to pick up new domain
docker compose exec caddy caddy reload --config /etc/caddy/Caddyfile

# Check logs
docker compose logs -f parking
```

## Step 8: Verify

1. Go to https://parking.rocketscale.it
2. You should be redirected to Authelia for login
3. After login, you should see the parking app
4. Your user should be auto-created with `admin` role (if in parking-admins group)

## Troubleshooting

### 401 Unauthorized
- Check Authelia headers are being passed
- Check `docker compose logs authelia`

### User has wrong role
- Verify LLDAP group membership
- Roles sync on each login

### Database errors
- Check volume mount: `docker compose exec parking ls -la /app/data`
- Check permissions: `docker compose exec parking id`