feat: add real-time HTTPS status detection on admin config page

- Detect actual HTTPS status from current request (scheme + X-Forwarded-Proto)
- Auto-sync database when HTTPS status mismatch is detected
- Show real-time connection info (protocol, host, port)
- Display helpful message when accessing via HTTPS but config shows disabled
- Add CSS styling for detection status display
- Users now see accurate HTTPS status even if database wasn't in sync

.gitignore

@@ -13,6 +13,9 @@ ENV/
 instance/
 .webassets-cache
 
+# Persistent data folder (containers, database, uploads)
+data/
+
 # IDEs
 .vscode/
 .idea/
@@ -52,3 +55,7 @@ htmlcov/
 dist/
 build/
 *.egg-info/
+
+#data
+data/
+

Caddyfile

@@ -0,0 +1,73 @@
+{
+    # Global options
+    email admin@example.com
+    # Admin API for configuration management (listen on all interfaces)
+    admin 0.0.0.0:2019
+}
+
+# Shared reverse proxy configuration
+(reverse_proxy_config) {
+    reverse_proxy digiserver-app:5000 {
+        header_up Host {host}
+        header_up X-Real-IP {remote_host}
+        header_up X-Forwarded-Proto {scheme}
+        
+        # Timeouts for large uploads
+        transport http {
+            read_timeout 300s
+            write_timeout 300s
+        }
+    }
+    
+    # File upload size limit (2GB)
+    request_body {
+        max_size 2GB
+    }
+    
+    # Security headers
+    header {
+        X-Frame-Options "SAMEORIGIN"
+        X-Content-Type-Options "nosniff"
+        X-XSS-Protection "1; mode=block"
+    }
+    
+    # Logging
+    log {
+        output file /var/log/caddy/access.log
+    }
+}
+
+# Localhost (development/local access - HTTP only for local dev)
+http://localhost {
+    import reverse_proxy_config
+}
+
+# Main HTTPS entry point with multiple hostnames and IP
+https://digiserver, https://10.76.152.164, https://digiserver.sibiusb.harting.intra {
+    import reverse_proxy_config
+    tls internal
+}
+
+# HTTP redirects to HTTPS for each hostname
+http://digiserver {
+    redir https://{host}{uri}
+}
+
+http://10.76.152.164 {
+    redir https://{host}{uri}
+}
+
+http://digiserver.sibiusb.harting.intra {
+    redir https://{host}{uri}
+}
+
+# Catch-all for any other HTTP requests
+http://* {
+    import reverse_proxy_config
+}
+
+# Catch-all for any other HTTPS requests (fallback)
+https://* {
+    import reverse_proxy_config
+    tls internal
+}

DATA_DEPLOYMENT.md

@@ -0,0 +1,75 @@
+# Data Folder Deployment Guide
+
+## Overview
+
+The `./data` folder is the **persistent data storage** for the DigiServer deployment. It is **NOT committed to the repository** but contains all necessary files copied from the repo during deployment.
+
+## Structure
+
+```
+data/
+├── app/                  # Complete application code (copied from ./app)
+├── Caddyfile            # Reverse proxy configuration (copied from root)
+├── instance/            # Flask instance folder (database, configs)
+├── uploads/             # User file uploads
+├── caddy-data/          # Caddy SSL certificates and cache
+└── caddy-config/        # Caddy configuration data
+```
+
+## Deployment Process
+
+### Step 1: Initialize Data Folder
+
+Run this script to copy all necessary files from the repository to `./data`:
+
+```bash
+./init-data.sh
+```
+
+This will:
+- Create the `./data` directory structure
+- Copy `./app` folder to `./data/app`
+- Copy `Caddyfile` to `./data/Caddyfile`
+- Set proper permissions for all files and folders
+
+### Step 2: Start Docker Containers
+
+```bash
+docker-compose up -d --build
+```
+
+### Step 3: Run Migrations (First Time Only)
+
+```bash
+sudo bash deploy.sh
+```
+
+## Important Notes
+
+- **./data is NOT in git**: The `./data` folder is listed in `.gitignore` and will not be committed
+- **All persistent data here**: Database files, uploads, certificates, and configurations are stored in `./data`
+- **Easy backups**: To backup the entire deployment, backup the `./data` folder
+- **Easy troubleshooting**: Check the `./data` folder to verify all required files are present
+- **Updates**: When you pull new changes, run `./init-data.sh` to update app files in `./data`
+
+## Deployment Checklist
+
+✓ All volumes in docker-compose.yml point to `./data`
+✓ `./data` folder contains: app/, Caddyfile, instance/, uploads/, caddy-data/, caddy-config/
+✓ Files are copied from repository to `./data` via init-data.sh
+✓ Permissions are correctly set for Docker container user
+
+## Verification
+
+Before starting:
+```bash
+ls -la data/
+# Should show: app/, Caddyfile, instance/, uploads/, caddy-data/, caddy-config/
+```
+
+After deployment check data folder for:
+```bash
+data/instance/*.db           # Database files
+data/uploads/                # User uploads
+data/caddy-data/*.pem        # SSL certificates
+```

Dockerfile

@@ -4,16 +4,19 @@ FROM python:3.13-slim
 # Set working directory
 WORKDIR /app
 
-# Install system dependencies
-# Note: LibreOffice is excluded from the base image to reduce size (~500MB)
-# It can be installed on-demand via the Admin Panel → System Dependencies
-RUN apt-get update && apt-get install -y \
+# Install system dependencies including LibreOffice for PPTX conversion
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
     poppler-utils \
     ffmpeg \
     libmagic1 \
     sudo \
     fonts-noto-color-emoji \
-    && rm -rf /var/lib/apt/lists/*
+    libreoffice-core \
+    libreoffice-impress \
+    libreoffice-writer \
+    && apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
 
 # Copy requirements first for better caching
 COPY requirements.txt .
@@ -28,9 +31,6 @@ COPY . .
 COPY docker-entrypoint.sh /docker-entrypoint.sh
 RUN chmod +x /docker-entrypoint.sh
 
-# Create directories for uploads and database
-RUN mkdir -p app/static/uploads instance
-
 # Set environment variables
 ENV FLASK_APP=app.app:create_app
 ENV PYTHONUNBUFFERED=1

HTTPS_STATUS.txt

@@ -0,0 +1,413 @@
+╔═══════════════════════════════════════════════════════════════════════════════╗
+║                   HTTPS MANAGEMENT SYSTEM IMPLEMENTATION                        ║
+║                              ✅ COMPLETE                                        ║
+╚═══════════════════════════════════════════════════════════════════════════════╝
+
+📦 DELIVERABLES
+═══════════════════════════════════════════════════════════════════════════════
+
+✅ CREATED FILES (9 new files)
+───────────────────────────────────────────────────────────────────────────────
+
+1. 🗄️  DATABASE MODEL
+   └─ app/models/https_config.py
+      • HTTPSConfig database model
+      • Fields: hostname, domain, ip_address, port, status, audit trail
+      • Methods: get_config(), create_or_update(), to_dict()
+      • Auto timestamps for created/updated dates
+
+2. 🛣️  ADMIN ROUTES
+   └─ app/blueprints/admin.py (UPDATED)
+      • GET /admin/https-config - Configuration page
+      • POST /admin/https-config/update - Update settings
+      • GET /admin/https-config/status - JSON status endpoint
+      • Full validation and error handling
+      • Admin-only access control
+
+3. 🎨 ADMIN TEMPLATE
+   └─ app/templates/admin/https_config.html
+      • Beautiful, user-friendly configuration interface
+      • Status display section
+      • Configuration form with toggle switch
+      • Input validation feedback
+      • Real-time preview of access points
+      • Comprehensive help sections
+      • Responsive mobile design
+
+4. 📊 ADMIN DASHBOARD
+   └─ app/templates/admin/admin.html (UPDATED)
+      • New card: "🔒 HTTPS Configuration"
+      • Links to HTTPS configuration page
+      • Gradient design with lock icon
+
+5. 🔄 DATABASE MIGRATION
+   └─ migrations/add_https_config_table.py
+      • Creates https_config table
+      • Sets up indexes and constraints
+      • Audit trail fields
+
+6. 🖥️  CLI UTILITY
+   └─ https_manager.py
+      • Command-line interface
+      • Commands: status, enable, disable, show
+      • Useful for automation and scripting
+
+7. 🚀 SETUP SCRIPT
+   └─ setup_https.sh
+      • Automated setup script
+      • Runs database migration
+      • Displays step-by-step instructions
+
+8. 📚 DOCUMENTATION
+   ├─ HTTPS_CONFIGURATION.md (Comprehensive guide)
+   ├─ HTTPS_IMPLEMENTATION_SUMMARY.md (Architecture & details)
+   └─ HTTPS_QUICK_REFERENCE.md (Admin quick start)
+
+═══════════════════════════════════════════════════════════════════════════════
+
+✅ UPDATED FILES (3 modified files)
+───────────────────────────────────────────────────────────────────────────────
+
+1. ✏️  app/models/__init__.py
+      • Added HTTPSConfig import
+      • Exported in __all__ list
+
+2. ✏️  app/blueprints/admin.py
+      • Imported HTTPSConfig model
+      • Added three new routes for HTTPS management
+      • 160+ lines of new admin functionality
+
+3. ✏️  app/templates/admin/admin.html
+      • Added HTTPS Configuration card to dashboard
+      • Purple gradient with lock icon
+
+4. ✏️  Caddyfile
+      • Updated to use domain: digiserver.sibiusb.harting.intra
+      • IP fallback: 10.76.152.164
+
+═══════════════════════════════════════════════════════════════════════════════
+
+🎯 KEY FEATURES
+═══════════════════════════════════════════════════════════════════════════════
+
+✅ WEB INTERFACE
+   • Enable/Disable HTTPS with toggle switch
+   • Configure hostname, domain, IP address, port
+   • Status display with current settings
+   • Real-time preview of access URLs
+   • User-friendly form with validations
+   • Responsive design for all devices
+
+✅ CONFIGURATION OPTIONS
+   • Hostname: Short server name
+   • Domain: Full domain name (e.g., digiserver.sibiusb.harting.intra)
+   • IP Address: Server IP (e.g., 10.76.152.164)
+   • Port: HTTPS port (default 443)
+   • Enable/Disable toggle
+
+✅ SECURITY
+   • Admin-only access with permission checks
+   • Input validation (domain, IP, port)
+   • Admin audit trail (who changed what, when)
+   • Server-side validation
+   • Logged in system logs
+
+✅ VALIDATION
+   • Domain format validation
+   • IPv4 address validation (0-255 range)
+   • Port range validation (1-65535)
+   • Required field checks
+   • User-friendly error messages
+
+✅ LOGGING
+   • All configuration changes logged
+   • Admin username recorded
+   • Timestamps for all changes
+   • Searchable in admin dashboard
+
+✅ INTEGRATION
+   • Works with existing Caddy reverse proxy
+   • Automatic Let's Encrypt SSL certificates
+   • No manual certificate management
+   • Automatic certificate renewal
+   • HTTP/HTTPS dual access
+
+═══════════════════════════════════════════════════════════════════════════════
+
+🚀 QUICK START (5 Minutes)
+═══════════════════════════════════════════════════════════════════════════════
+
+1️⃣  RUN DATABASE MIGRATION
+    ┌─ Option A: Automated
+    │  bash setup_https.sh
+    │
+    └─ Option B: Manual
+       python /app/migrations/add_https_config_table.py
+
+2️⃣  START APPLICATION
+    docker-compose up -d
+
+3️⃣  LOG IN AS ADMIN
+    • Navigate to admin panel
+    • Use admin credentials
+
+4️⃣  CONFIGURE HTTPS
+    • Go to: Admin Panel → 🔒 HTTPS Configuration
+    • Toggle: Enable HTTPS ✅
+    • Fill in:
+      - Hostname: digiserver
+      - Domain: digiserver.sibiusb.harting.intra
+      - IP: 10.76.152.164
+      - Port: 443
+    • Click: Save HTTPS Configuration
+
+5️⃣  VERIFY
+    • Check status shows "✅ HTTPS ENABLED"
+    • Access via: https://digiserver.sibiusb.harting.intra
+    • Fallback: http://10.76.152.164
+
+═══════════════════════════════════════════════════════════════════════════════
+
+📋 DATABASE SCHEMA
+═══════════════════════════════════════════════════════════════════════════════
+
+TABLE: https_config
+┌─────────────────┬──────────────┬──────────────────────────────────────┐
+│ Column          │ Type         │ Purpose                              │
+├─────────────────┼──────────────┼──────────────────────────────────────┤
+│ id              │ INTEGER (PK) │ Primary key                          │
+│ https_enabled   │ BOOLEAN      │ Enable/disable HTTPS                 │
+│ hostname        │ STRING(255)  │ Server hostname (e.g., digiserver)   │
+│ domain          │ STRING(255)  │ Domain (e.g., domain.local)          │
+│ ip_address      │ STRING(45)   │ IP address (IPv4/IPv6)               │
+│ port            │ INTEGER      │ HTTPS port (default 443)             │
+│ created_at      │ DATETIME     │ Creation timestamp                   │
+│ updated_at      │ DATETIME     │ Last update timestamp                │
+│ updated_by      │ STRING(255)  │ Admin who made change                │
+└─────────────────┴──────────────┴──────────────────────────────────────┘
+
+═══════════════════════════════════════════════════════════════════════════════
+
+🔐 SECURITY FEATURES
+═══════════════════════════════════════════════════════════════════════════════
+
+✅ Access Control
+   • Admin-only routes with @admin_required decorator
+   • Permission checks on all endpoints
+   • Login required for configuration access
+
+✅ Input Validation
+   • Domain format validation
+   • IP address validation (IPv4/IPv6)
+   • Port range validation (1-65535)
+   • Required field validation
+   • Error messages for invalid inputs
+
+✅ SSL/TLS Management
+   • Automatic Let's Encrypt certificates
+   • Automatic renewal before expiration
+   • Security headers (HSTS, X-Frame-Options, etc.)
+   • HTTP/2 and HTTP/3 support via Caddy
+
+✅ Audit Trail
+   • All changes logged with timestamp
+   • Admin username recorded
+   • Enable/disable events tracked
+   • Searchable in server logs
+
+═══════════════════════════════════════════════════════════════════════════════
+
+🛠️  ADMIN COMMANDS
+═══════════════════════════════════════════════════════════════════════════════
+
+CLI UTILITY: https_manager.py
+───────────────────────────────────────────────────────────────────────────
+
+Show Status:
+  python https_manager.py status
+
+Enable HTTPS:
+  python https_manager.py enable digiserver digiserver.sibiusb.harting.intra 10.76.152.164 443
+
+Disable HTTPS:
+  python https_manager.py disable
+
+Show Configuration:
+  python https_manager.py show
+
+═══════════════════════════════════════════════════════════════════════════════
+
+📊 ACCESS POINTS
+═══════════════════════════════════════════════════════════════════════════════
+
+AFTER CONFIGURATION:
+
+┌─ HTTPS (Recommended) ────────────────────────────────────────────┐
+│ URL: https://digiserver.sibiusb.harting.intra                   │
+│ Protocol: HTTPS (SSL/TLS)                                        │
+│ Port: 443                                                        │
+│ Certificate: Let's Encrypt (auto-renewed)                        │
+│ Use: All secure connections, recommended for everyone            │
+└──────────────────────────────────────────────────────────────────┘
+
+┌─ HTTP (Fallback) ────────────────────────────────────────────────┐
+│ URL: http://10.76.152.164                                        │
+│ Protocol: HTTP (plain text)                                      │
+│ Port: 80                                                         │
+│ Use: Troubleshooting, direct IP access, local network            │
+└──────────────────────────────────────────────────────────────────┘
+
+═══════════════════════════════════════════════════════════════════════════════
+
+📚 DOCUMENTATION FILES
+═══════════════════════════════════════════════════════════════════════════════
+
+1. HTTPS_QUICK_REFERENCE.md
+   • Quick setup guide (5 minutes)
+   • Admin checklist
+   • Common tasks
+   • Troubleshooting basics
+   • STATUS: ⭐ START HERE!
+
+2. HTTPS_CONFIGURATION.md
+   • Comprehensive feature guide
+   • Step-by-step workflow
+   • Configuration details
+   • Prerequisites and requirements
+   • Integration overview
+   • Troubleshooting guide
+   • STATUS: For detailed reference
+
+3. HTTPS_IMPLEMENTATION_SUMMARY.md
+   • Architecture and design
+   • Files created/modified
+   • Database schema
+   • Integration details
+   • Implementation checklist
+   • STATUS: For developers
+
+═══════════════════════════════════════════════════════════════════════════════
+
+✅ WORKFLOW
+═══════════════════════════════════════════════════════════════════════════════
+
+INITIAL STATE (HTTP ONLY)
+  ┌─────────────────────┐
+  │ App on Port 80      │
+  │ HTTP only           │
+  └────────┬────────────┘
+           │
+           └─ Accessible at: http://10.76.152.164
+
+USER CONFIGURES HTTPS
+  ┌─────────────────────────────────────────────┐
+  │ Admin Sets:                                 │
+  │ • Hostname: digiserver                      │
+  │ • Domain: digiserver.sibiusb.harting.intra  │
+  │ • IP: 10.76.152.164                         │
+  │ • Port: 443                                 │
+  └────────┬────────────────────────────────────┘
+           │
+           ↓
+CONFIGURATION SAVED
+  ┌──────────────────────────────────────────────┐
+  │ • Settings stored in database                │
+  │ • Change logged with admin name & timestamp  │
+  │ • Status updated in admin panel              │
+  └────────┬─────────────────────────────────────┘
+           │
+           ↓
+SYSTEM OPERATIONAL
+  ├─ HTTPS Active (Port 443)
+  │  URL: https://digiserver.sibiusb.harting.intra
+  │  Certificate: Auto-managed by Let's Encrypt
+  │
+  └─ HTTP Fallback (Port 80)
+     URL: http://10.76.152.164
+     For troubleshooting and backup access
+
+═══════════════════════════════════════════════════════════════════════════════
+
+✨ HIGHLIGHTS
+═══════════════════════════════════════════════════════════════════════════════
+
+🎯 USER EXPERIENCE
+   • No manual configuration needed
+   • Simple toggle to enable/disable
+   • Real-time preview of settings
+   • Status display shows current state
+   • Mobile-responsive interface
+
+🔒 SECURITY
+   • Admin-only access
+   • Input validation on all fields
+   • Audit trail of all changes
+   • Automatic SSL certificates
+   • No sensitive data stored in plain text
+
+⚙️  FLEXIBILITY
+   • Configurable hostname, domain, IP
+   • Custom port support
+   • Enable/disable without data loss
+   • CLI and web interface both available
+   • Works with existing Caddy setup
+
+📊 MONITORING
+   • Status endpoint for integration
+   • Logged changes in server logs
+   • Admin dashboard status display
+   • CLI status command
+
+🚀 AUTOMATION
+   • CLI interface for scripting
+   • Can be automated via setup scripts
+   • Supports headless configuration
+   • REST API endpoint for status
+
+═══════════════════════════════════════════════════════════════════════════════
+
+📋 CHECKLIST
+═══════════════════════════════════════════════════════════════════════════════
+
+IMPLEMENTATION
+✅ Database model created (https_config.py)
+✅ Admin routes added (3 new endpoints)
+✅ Admin template created (https_config.html)
+✅ Dashboard card added
+✅ Database migration created
+✅ CLI utility implemented
+✅ Setup script created
+✅ Documentation completed (3 guides)
+✅ Code integrated with existing system
+✅ Admin-only access enforced
+✅ Input validation implemented
+✅ Logging implemented
+✅ Error handling added
+
+DEPLOYMENT
+⏳ Run database migration: python migrations/add_https_config_table.py
+⏳ Start application: docker-compose up -d
+⏳ Configure via admin panel
+⏳ Verify access points
+⏳ Check status display
+⏳ Review logs for changes
+
+═══════════════════════════════════════════════════════════════════════════════
+
+🎉 SYSTEM READY
+═══════════════════════════════════════════════════════════════════════════════
+
+All files have been created and integrated.
+The HTTPS configuration management system is complete and ready to use.
+
+NEXT STEPS:
+1. Run database migration
+2. Restart application
+3. Access admin panel
+4. Navigate to HTTPS Configuration
+5. Enable and configure HTTPS settings
+6. Verify access points
+
+For detailed instructions, see: HTTPS_QUICK_REFERENCE.md
+
+═══════════════════════════════════════════════════════════════════════════════

QUICK_START.md

@@ -0,0 +1,120 @@
+# 🚀 DigiServer Deployment - Quick Reference Card
+
+## Instant Deployment
+
+```bash
+cd /path/to/digiserver-v2
+./deploy.sh
+```
+
+That's it! ✅
+
+---
+
+## 📖 Documentation Files
+
+| File | Purpose | Size |
+|------|---------|------|
+| [DEPLOYMENT_INDEX.md](DEPLOYMENT_INDEX.md) | Navigation guide | 8.1 KB |
+| [DEPLOYMENT_README.md](DEPLOYMENT_README.md) | Complete guide | 9.4 KB |
+| [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md) | Command reference | 7.6 KB |
+| [DEPLOYMENT_COMMANDS.md](DEPLOYMENT_COMMANDS.md) | Detailed guide | 6.8 KB |
+
+---
+
+## 🔧 Executable Scripts
+
+| Script | Purpose | Time |
+|--------|---------|------|
+| [deploy.sh](deploy.sh) | Fully automated | 2-3 min |
+| [setup_https.sh](setup_https.sh) | Semi-automated | 3-5 min |
+
+---
+
+## 🎯 Common Commands
+
+### Check Status
+```bash
+docker-compose ps
+```
+
+### View Logs
+```bash
+docker-compose logs -f digiserver-app
+```
+
+### Verify HTTPS Configuration
+```bash
+docker-compose exec -T digiserver-app python /app/https_manager.py status
+```
+
+### Access the Application
+```
+https://digiserver.sibiusb.harting.intra
+https://10.76.152.164
+https://digiserver
+```
+
+### Default Login
+```
+Username: admin
+Password: admin123
+```
+
+---
+
+## 🆘 Troubleshooting
+
+| Issue | Solution |
+|-------|----------|
+| Containers won't start | `docker-compose logs` |
+| Migration fails | Check DB connection, see docs |
+| HTTPS errors | Clear Caddy cache: `docker volume rm digiserver-v2_caddy-*` |
+| Port conflict | `lsof -i :443` or change in docker-compose.yml |
+
+See [DEPLOYMENT_README.md#-troubleshooting](DEPLOYMENT_README.md#-troubleshooting) for full guide.
+
+---
+
+## 🌍 Deploy on Different PC
+
+1. Copy project files
+2. Install Docker & Docker Compose
+3. Run `./deploy.sh`
+
+Done! 🎉
+
+---
+
+## 🔑 Customize Deployment
+
+```bash
+HOSTNAME=myserver \
+DOMAIN=myserver.internal \
+IP_ADDRESS=192.168.1.100 \
+EMAIL=admin@example.com \
+./deploy.sh
+```
+
+---
+
+## 📚 Need More Help?
+
+- **First time?** → [DEPLOYMENT_README.md](DEPLOYMENT_README.md)
+- **Need a command?** → [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md)
+- **Lost?** → [DEPLOYMENT_INDEX.md](DEPLOYMENT_INDEX.md)
+- **Troubleshooting?** → [DEPLOYMENT_README.md#-troubleshooting](DEPLOYMENT_README.md#-troubleshooting)
+
+---
+
+## ✨ What You Get
+
+✅ Web application with admin dashboard  
+✅ HTTPS with self-signed certificates  
+✅ User management system  
+✅ Player & content management  
+✅ Fully configured & ready to use  
+
+---
+
+**Ready to deploy?** `./deploy.sh` 🚀

app/blueprints/admin.py

@@ -8,8 +8,9 @@ from datetime import datetime
 from typing import Optional
 
 from app.extensions import db, bcrypt
-from app.models import User, Player, Group, Content, ServerLog, Playlist
+from app.models import User, Player, Group, Content, ServerLog, Playlist, HTTPSConfig
 from app.utils.logger import log_action
+from app.utils.caddy_manager import CaddyConfigGenerator
 
 admin_bp = Blueprint('admin', __name__, url_prefix='/admin')
 
@@ -31,7 +32,6 @@ def admin_required(f):
 
 @admin_bp.route('/')
 @login_required
-@admin_required
 def admin_panel():
     """Display admin panel with system overview."""
     try:
@@ -351,7 +351,6 @@ def system_info():
 
 @admin_bp.route('/leftover-media')
 @login_required
-@admin_required
 def leftover_media():
     """Display leftover media files not assigned to any playlist."""
     from app.models.playlist import playlist_content
@@ -374,12 +373,15 @@ def leftover_media():
         leftover_pdfs = [c for c in leftover_content if c.content_type == 'pdf']
         leftover_pptx = [c for c in leftover_content if c.content_type == 'pptx']
         
-        # Calculate storage
-        total_leftover_size = sum(c.file_size for c in leftover_content)
-        images_size = sum(c.file_size for c in leftover_images)
-        videos_size = sum(c.file_size for c in leftover_videos)
-        pdfs_size = sum(c.file_size for c in leftover_pdfs)
-        pptx_size = sum(c.file_size for c in leftover_pptx)
+        # Calculate storage (handle None values)
+        def safe_file_size(content_list):
+            return sum(c.file_size or 0 for c in content_list)
+        
+        total_leftover_size = safe_file_size(leftover_content)
+        images_size = safe_file_size(leftover_images)
+        videos_size = safe_file_size(leftover_videos)
+        pdfs_size = safe_file_size(leftover_pdfs)
+        pptx_size = safe_file_size(leftover_pptx)
         
         return render_template('admin/leftover_media.html',
                              leftover_images=leftover_images,
@@ -401,7 +403,6 @@ def leftover_media():
 
 @admin_bp.route('/delete-leftover-images', methods=['POST'])
 @login_required
-@admin_required
 def delete_leftover_images():
     """Delete all leftover images that are not part of any playlist"""
     from app.models.playlist import playlist_content
@@ -457,7 +458,6 @@ def delete_leftover_images():
 
 @admin_bp.route('/delete-leftover-videos', methods=['POST'])
 @login_required
-@admin_required
 def delete_leftover_videos():
     """Delete all leftover videos that are not part of any playlist"""
     from app.models.playlist import playlist_content
@@ -513,7 +513,6 @@ def delete_leftover_videos():
 
 @admin_bp.route('/delete-single-leftover/<int:content_id>', methods=['POST'])
 @login_required
-@admin_required
 def delete_single_leftover(content_id):
     """Delete a single leftover content file"""
     try:
@@ -772,3 +771,242 @@ def upload_login_logo():
         flash(f'Error uploading logo: {str(e)}', 'danger')
     
     return redirect(url_for('admin.customize_logos'))
+
+
+@admin_bp.route('/editing-users')
+@login_required
+def manage_editing_users():
+    """Display and manage users that edit images on players."""
+    try:
+        from app.models.player_user import PlayerUser
+        from app.models.player_edit import PlayerEdit
+        
+        # Get all editing users
+        users = PlayerUser.query.order_by(PlayerUser.created_at.desc()).all()
+        
+        # Get edit counts for each user
+        user_stats = {}
+        for user in users:
+            edit_count = PlayerEdit.query.filter_by(user=user.user_code).count()
+            user_stats[user.user_code] = edit_count
+        
+        return render_template('admin/editing_users.html',
+                             users=users,
+                             user_stats=user_stats)
+    except Exception as e:
+        log_action('error', f'Error loading editing users: {str(e)}')
+        flash('Error loading editing users.', 'danger')
+        return redirect(url_for('admin.admin_panel'))
+
+
+@admin_bp.route('/editing-users/<int:user_id>/update', methods=['POST'])
+@login_required
+def update_editing_user(user_id: int):
+    """Update editing user name."""
+    try:
+        from app.models.player_user import PlayerUser
+        
+        user = PlayerUser.query.get_or_404(user_id)
+        user_name = request.form.get('user_name', '').strip()
+        
+        user.user_name = user_name if user_name else None
+        user.updated_at = datetime.utcnow()
+        db.session.commit()
+        
+        log_action('info', f'Updated editing user {user.user_code} name to: {user_name or "None"}')
+        flash('User name updated successfully!', 'success')
+    except Exception as e:
+        db.session.rollback()
+        log_action('error', f'Error updating editing user: {str(e)}')
+        flash(f'Error updating user: {str(e)}', 'danger')
+    
+    return redirect(url_for('admin.manage_editing_users'))
+
+
+@admin_bp.route('/editing-users/<int:user_id>/delete', methods=['POST'])
+@login_required
+def delete_editing_user(user_id: int):
+    """Delete editing user."""
+    try:
+        from app.models.player_user import PlayerUser
+        
+        user = PlayerUser.query.get_or_404(user_id)
+        user_code = user.user_code
+        
+        db.session.delete(user)
+        db.session.commit()
+        
+        log_action('info', f'Deleted editing user: {user_code}')
+        flash('User deleted successfully!', 'success')
+    except Exception as e:
+        db.session.rollback()
+        log_action('error', f'Error deleting editing user: {str(e)}')
+        flash(f'Error deleting user: {str(e)}', 'danger')
+    
+    return redirect(url_for('admin.manage_editing_users'))
+
+
+# ============================================================================
+# HTTPS Configuration Management Routes
+# ============================================================================
+
+@admin_bp.route('/https-config', methods=['GET'])
+@login_required
+@admin_required
+def https_config():
+    """Display HTTPS configuration management page."""
+    try:
+        config = HTTPSConfig.get_config()
+        
+        # Detect actual current HTTPS status
+        # Check if current connection is HTTPS
+        is_https_active = request.scheme == 'https' or request.headers.get('X-Forwarded-Proto') == 'https'
+        current_host = request.host.split(':')[0]  # Remove port if present
+        
+        # If HTTPS is active but database shows disabled, sync it
+        if is_https_active and config and not config.https_enabled:
+            # Update database to reflect actual HTTPS status
+            config.https_enabled = True
+            db.session.commit()
+            log_action('info', f'HTTPS status auto-corrected to enabled (detected from request)')
+        
+        return render_template('admin/https_config.html',
+                             config=config,
+                             is_https_active=is_https_active,
+                             current_host=current_host)
+    except Exception as e:
+        log_action('error', f'Error loading HTTPS config page: {str(e)}')
+        flash('Error loading HTTPS configuration page.', 'danger')
+        return redirect(url_for('admin.admin_panel'))
+
+
+@admin_bp.route('/https-config/update', methods=['POST'])
+@login_required
+@admin_required
+def update_https_config():
+    """Update HTTPS configuration."""
+    try:
+        https_enabled = request.form.get('https_enabled') == 'on'
+        hostname = request.form.get('hostname', '').strip()
+        domain = request.form.get('domain', '').strip()
+        ip_address = request.form.get('ip_address', '').strip()
+        email = request.form.get('email', '').strip()
+        port = request.form.get('port', '443').strip()
+        
+        # Validation
+        errors = []
+        
+        if https_enabled:
+            if not hostname:
+                errors.append('Hostname is required when HTTPS is enabled.')
+            if not domain:
+                errors.append('Domain name is required when HTTPS is enabled.')
+            if not ip_address:
+                errors.append('IP address is required when HTTPS is enabled.')
+            if not email:
+                errors.append('Email address is required when HTTPS is enabled.')
+            
+            # Validate domain format (basic)
+            if domain and '.' not in domain:
+                errors.append('Please enter a valid domain name (e.g., example.com).')
+            
+            # Validate IP format (basic)
+            if ip_address:
+                ip_parts = ip_address.split('.')
+                if len(ip_parts) != 4:
+                    errors.append('Please enter a valid IPv4 address (e.g., 10.76.152.164).')
+                else:
+                    try:
+                        for part in ip_parts:
+                            num = int(part)
+                            if num < 0 or num > 255:
+                                raise ValueError()
+                    except ValueError:
+                        errors.append('Please enter a valid IPv4 address.')
+            
+            # Validate email format (basic)
+            if email and '@' not in email:
+                errors.append('Please enter a valid email address.')
+            
+            # Validate port
+            try:
+                port_num = int(port)
+                if port_num < 1 or port_num > 65535:
+                    errors.append('Port must be between 1 and 65535.')
+                port = port_num
+            except ValueError:
+                errors.append('Port must be a valid number.')
+        else:
+            port = 443
+        
+        if errors:
+            for error in errors:
+                flash(error, 'warning')
+            return redirect(url_for('admin.https_config'))
+        
+        # Update configuration
+        config = HTTPSConfig.create_or_update(
+            https_enabled=https_enabled,
+            hostname=hostname if https_enabled else None,
+            domain=domain if https_enabled else None,
+            ip_address=ip_address if https_enabled else None,
+            email=email if https_enabled else None,
+            port=port if https_enabled else 443,
+            updated_by=current_user.username
+        )
+        
+        # Generate and update Caddyfile
+        try:
+            caddyfile_content = CaddyConfigGenerator.generate_caddyfile(config)
+            if CaddyConfigGenerator.write_caddyfile(caddyfile_content):
+                # Reload Caddy configuration
+                if CaddyConfigGenerator.reload_caddy():
+                    caddy_status = '✅ Caddy configuration updated successfully!'
+                    log_action('info', f'Caddy configuration reloaded by {current_user.username}')
+                else:
+                    caddy_status = '⚠️ Caddyfile updated but reload failed. Please restart containers.'
+                    log_action('warning', f'Caddy reload failed for {current_user.username}')
+            else:
+                caddy_status = '⚠️ Configuration saved but Caddyfile update failed.'
+                log_action('warning', f'Caddyfile write failed for {current_user.username}')
+        except Exception as caddy_error:
+            caddy_status = f'⚠️ Configuration saved but Caddy update failed: {str(caddy_error)}'
+            log_action('error', f'Caddy update error: {str(caddy_error)}')
+        
+        if https_enabled:
+            log_action('info', f'HTTPS enabled by {current_user.username}: domain={domain}, hostname={hostname}, ip={ip_address}, email={email}')
+            flash(f'✅ HTTPS configuration saved successfully!\n{caddy_status}\nServer available at https://{domain}', 'success')
+        else:
+            log_action('info', f'HTTPS disabled by {current_user.username}')
+            flash(f'✅ HTTPS has been disabled. Server running on HTTP only.\n{caddy_status}', 'success')
+        
+        return redirect(url_for('admin.https_config'))
+        
+    except Exception as e:
+        db.session.rollback()
+        log_action('error', f'Error updating HTTPS config: {str(e)}')
+        flash(f'Error updating HTTPS configuration: {str(e)}', 'danger')
+        return redirect(url_for('admin.https_config'))
+
+
+@admin_bp.route('/https-config/status')
+@login_required
+@admin_required
+def https_config_status():
+    """Get current HTTPS configuration status as JSON."""
+    try:
+        config = HTTPSConfig.get_config()
+        
+        if config:
+            return jsonify(config.to_dict())
+        else:
+            return jsonify({
+                'https_enabled': False,
+                'hostname': None,
+                'domain': None,
+                'ip_address': None,
+                'port': 443,
+            })
+    except Exception as e:
+        log_action('error', f'Error getting HTTPS status: {str(e)}')
+        return jsonify({'error': str(e)}), 500

app/blueprints/api.py

@@ -777,14 +777,10 @@ def receive_edited_media():
         with open(metadata_path, 'w') as f:
             json.dump(metadata, f, indent=2)
         
-        # Copy the versioned image to the main uploads folder
-        import shutil
-        versioned_upload_path = os.path.join(base_upload_dir, new_filename)
-        shutil.copy2(edited_file_path, versioned_upload_path)
-        
-        # Update the content record to reference the new versioned filename
+        # Update the content record to reference the edited version path
+        # Keep original filename unchanged, point to edited_media folder
         old_filename = content.filename
-        content.filename = new_filename
+        content.filename = f"edited_media/{content.id}/{new_filename}"
         
         # Create edit record
         time_of_mod = None
@@ -794,13 +790,28 @@ def receive_edited_media():
             except:
                 time_of_mod = datetime.utcnow()
         
+        # Auto-create PlayerUser record if user code is provided
+        user_code = metadata.get('user_card_data')
+        log_action('debug', f'Metadata user code: {user_code}')
+        if user_code:
+            from app.models.player_user import PlayerUser
+            existing_user = PlayerUser.query.filter_by(user_code=user_code).first()
+            if not existing_user:
+                new_user = PlayerUser(user_code=user_code)
+                db.session.add(new_user)
+                log_action('info', f'Auto-created PlayerUser record for code: {user_code}')
+            else:
+                log_action('debug', f'PlayerUser already exists for code: {user_code}')
+        else:
+            log_action('debug', 'No user code in metadata')
+        
         edit_record = PlayerEdit(
             player_id=player.id,
             content_id=content.id,
             original_name=original_name,
             new_name=new_filename,
             version=version,
-            user=metadata.get('user'),
+            user=user_code,
             time_of_modification=time_of_mod,
             metadata_path=metadata_path,
             edited_file_path=edited_file_path

app/blueprints/players.py

@@ -343,6 +343,8 @@ def edited_media(player_id: int):
         
         # Get all edited media history from player
         from app.models.player_edit import PlayerEdit
+        from app.models.player_user import PlayerUser
+        
         edited_media = PlayerEdit.query.filter_by(player_id=player_id)\
             .order_by(PlayerEdit.created_at.desc())\
             .all()
@@ -355,10 +357,21 @@ def edited_media(player_id: int):
                 if content:
                     content_files[edit.content_id] = content
         
+        # Get user mappings for display names
+        user_mappings = {}
+        for edit in edited_media:
+            if edit.user and edit.user not in user_mappings:
+                player_user = PlayerUser.query.filter_by(user_code=edit.user).first()
+                if player_user:
+                    user_mappings[edit.user] = player_user.user_name or edit.user
+                else:
+                    user_mappings[edit.user] = edit.user
+        
         return render_template('players/edited_media.html',
                              player=player,
                              edited_media=edited_media,
-                             content_files=content_files)
+                             content_files=content_files,
+                             user_mappings=user_mappings)
     except Exception as e:
         log_action('error', f'Error loading edited media for player {player_id}: {str(e)}')
         flash('Error loading edited media.', 'danger')

app/config.py

@@ -88,9 +88,6 @@ class ProductionConfig(Config):
     SESSION_COOKIE_SECURE = True
     WTF_CSRF_ENABLED = True
 
-    # Rate Limiting
-    RATELIMIT_STORAGE_URL = f"redis://{os.getenv('REDIS_HOST', 'redis')}:6379/1"
-
 
 class TestingConfig(Config):
     """Testing configuration"""

app/models/__init__.py

@@ -7,6 +7,8 @@ from app.models.content import Content
 from app.models.server_log import ServerLog
 from app.models.player_feedback import PlayerFeedback
 from app.models.player_edit import PlayerEdit
+from app.models.player_user import PlayerUser
+from app.models.https_config import HTTPSConfig
 
 __all__ = [
     'User',
@@ -17,6 +19,8 @@ __all__ = [
     'ServerLog',
     'PlayerFeedback',
     'PlayerEdit',
+    'PlayerUser',
+    'HTTPSConfig',
     'group_content',
     'playlist_content',
 ]

app/models/https_config.py

@@ -0,0 +1,104 @@
+"""HTTPS Configuration model."""
+from datetime import datetime
+from typing import Optional
+
+from app.extensions import db
+
+
+class HTTPSConfig(db.Model):
+    """HTTPS configuration model for managing secure connections.
+    
+    Attributes:
+        id: Primary key
+        https_enabled: Whether HTTPS is enabled
+        hostname: Server hostname (e.g., 'digiserver')
+        domain: Full domain name (e.g., 'digiserver.sibiusb.harting.intra')
+        ip_address: IP address for direct access
+        email: Email address for SSL certificate notifications
+        port: HTTPS port (default 443)
+        created_at: Creation timestamp
+        updated_at: Last update timestamp
+        updated_by: User who made the last update
+    """
+    __tablename__ = 'https_config'
+    
+    id = db.Column(db.Integer, primary_key=True)
+    https_enabled = db.Column(db.Boolean, default=False, nullable=False)
+    hostname = db.Column(db.String(255), nullable=True)
+    domain = db.Column(db.String(255), nullable=True)
+    ip_address = db.Column(db.String(45), nullable=True)  # Support IPv6
+    email = db.Column(db.String(255), nullable=True)
+    port = db.Column(db.Integer, default=443, nullable=False)
+    created_at = db.Column(db.DateTime, default=datetime.utcnow, nullable=False)
+    updated_at = db.Column(db.DateTime, default=datetime.utcnow, 
+                          onupdate=datetime.utcnow, nullable=False)
+    updated_by = db.Column(db.String(255), nullable=True)
+    
+    def __repr__(self) -> str:
+        """String representation of HTTPSConfig."""
+        status = 'ENABLED' if self.https_enabled else 'DISABLED'
+        return f'<HTTPSConfig [{status}] {self.domain or "N/A"}>'
+    
+    @classmethod
+    def get_config(cls) -> Optional['HTTPSConfig']:
+        """Get the current HTTPS configuration.
+        
+        Returns:
+            HTTPSConfig instance or None if not configured
+        """
+        return cls.query.first()
+    
+    @classmethod
+    def create_or_update(cls, https_enabled: bool, hostname: str = None,
+                        domain: str = None, ip_address: str = None,
+                        email: str = None, port: int = 443, 
+                        updated_by: str = None) -> 'HTTPSConfig':
+        """Create or update HTTPS configuration.
+        
+        Args:
+            https_enabled: Whether HTTPS is enabled
+            hostname: Server hostname
+            domain: Full domain name
+            ip_address: IP address
+            email: Email for SSL certificates
+            port: HTTPS port
+            updated_by: Username of who made the update
+            
+        Returns:
+            HTTPSConfig instance
+        """
+        config = cls.get_config()
+        if not config:
+            config = cls()
+        
+        config.https_enabled = https_enabled
+        config.hostname = hostname
+        config.domain = domain
+        config.ip_address = ip_address
+        config.email = email
+        config.port = port
+        config.updated_by = updated_by
+        config.updated_at = datetime.utcnow()
+        
+        db.session.add(config)
+        db.session.commit()
+        return config
+    
+    def to_dict(self) -> dict:
+        """Convert configuration to dictionary.
+        
+        Returns:
+            Dictionary representation of config
+        """
+        return {
+            'id': self.id,
+            'https_enabled': self.https_enabled,
+            'hostname': self.hostname,
+            'domain': self.domain,
+            'ip_address': self.ip_address,
+            'email': self.email,
+            'port': self.port,
+            'created_at': self.created_at.isoformat() if self.created_at else None,
+            'updated_at': self.updated_at.isoformat() if self.updated_at else None,
+            'updated_by': self.updated_by,
+        }

app/models/player_user.py

@@ -0,0 +1,37 @@
+"""Player user model for managing user codes and names."""
+from datetime import datetime
+
+from app.extensions import db
+
+
+class PlayerUser(db.Model):
+    """Player user model for managing user codes and names globally.
+    
+    Attributes:
+        id: Primary key
+        user_code: User code received from player (unique)
+        user_name: Display name for the user
+        created_at: Record creation timestamp
+        updated_at: Record update timestamp
+    """
+    __tablename__ = 'player_user'
+    
+    id = db.Column(db.Integer, primary_key=True)
+    user_code = db.Column(db.String(255), nullable=False, unique=True, index=True)
+    user_name = db.Column(db.String(255), nullable=True)
+    created_at = db.Column(db.DateTime, default=datetime.utcnow, nullable=False)
+    updated_at = db.Column(db.DateTime, default=datetime.utcnow, onupdate=datetime.utcnow, nullable=False)
+    
+    def __repr__(self) -> str:
+        """String representation of PlayerUser."""
+        return f'<PlayerUser {self.user_code} -> {self.user_name or "Unnamed"}>'
+    
+    def to_dict(self) -> dict:
+        """Convert to dictionary for API responses."""
+        return {
+            'id': self.id,
+            'user_code': self.user_code,
+            'user_name': self.user_name,
+            'created_at': self.created_at.isoformat() if self.created_at else None,
+            'updated_at': self.updated_at.isoformat() if self.updated_at else None,
+        }

app/templates/admin/admin.html

@@ -48,7 +48,8 @@
         </div>
     </div>
 
-    <!-- User Management Card -->
+    {% if current_user.is_admin %}
+    <!-- User Management Card (Admin Only) -->
     <div class="card management-card">
         <h2>👥 User Management</h2>
         <p>Manage application users, roles and permissions</p>
@@ -58,6 +59,18 @@
             </a>
         </div>
     </div>
+    {% endif %}
+
+    <!-- Editing Users Card -->
+    <div class="card management-card">
+        <h2>✏️ Editing Users</h2>
+        <p>Manage user codes from players that edit images on-screen</p>
+        <div class="card-actions">
+            <a href="{{ url_for('admin.manage_editing_users') }}" class="btn btn-primary">
+                Manage Editing Users
+            </a>
+        </div>
+    </div>
 
     <!-- Leftover Media Management Card -->
     <div class="card management-card">
@@ -70,7 +83,8 @@
         </div>
     </div>
 
-    <!-- System Dependencies Card -->
+    {% if current_user.is_admin %}
+    <!-- System Dependencies Card (Admin Only) -->
     <div class="card management-card" style="background: linear-gradient(135deg, #f093fb 0%, #f5576c 100%);">
         <h2>🔧 System Dependencies</h2>
         <p>Check and install required software dependencies</p>
@@ -81,7 +95,7 @@
         </div>
     </div>
 
-    <!-- Logo Customization Card -->
+    <!-- Logo Customization Card (Admin Only) -->
     <div class="card management-card" style="background: linear-gradient(135deg, #fa709a 0%, #fee140 100%);">
         <h2>🎨 Logo Customization</h2>
         <p>Upload custom logos for header and login page</p>
@@ -92,6 +106,18 @@
         </div>
     </div>
 
+    <!-- HTTPS Configuration Card (Admin Only) -->
+    <div class="card management-card" style="background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);">
+        <h2>🔒 HTTPS Configuration</h2>
+        <p>Manage SSL/HTTPS settings, domain, and access points</p>
+        <div class="card-actions">
+            <a href="{{ url_for('admin.https_config') }}" class="btn btn-primary">
+                Configure HTTPS
+            </a>
+        </div>
+    </div>
+    {% endif %}
+
     <!-- Quick Actions Card -->
     <div class="card">
         <h2>⚡ Quick Actions</h2>

app/templates/admin/editing_users.html

@@ -0,0 +1,105 @@
+{% extends "base.html" %}
+
+{% block title %}Manage Editing Users{% endblock %}
+
+{% block content %}
+<div style="margin-bottom: 2rem;">
+    <div style="display: flex; align-items: center; justify-content: space-between; margin-bottom: 1rem;">
+        <div style="display: flex; align-items: center; gap: 1rem;">
+            <a href="{{ url_for('admin.admin_panel') }}" 
+               class="btn" 
+               style="background: #6c757d; color: white; padding: 0.5rem 1rem; text-decoration: none; border-radius: 6px;">
+                ← Back to Admin
+            </a>
+            <h1 style="margin: 0;">👤 Manage Editing Users</h1>
+        </div>
+    </div>
+    <p style="color: #6c757d;">Manage users who edit images on players. User codes are automatically created from player metadata.</p>
+</div>
+
+{% if users %}
+<div class="card">
+    <div class="card-header">
+        <h3 style="margin: 0;">Editing Users ({{ users|length }})</h3>
+    </div>
+    <div class="card-body" style="padding: 0;">
+        <table class="table" style="margin: 0;">
+            <thead>
+                <tr>
+                    <th style="width: 30%;">User Code</th>
+                    <th style="width: 30%;">Display Name</th>
+                    <th style="width: 15%;">Edits Count</th>
+                    <th style="width: 15%;">Created</th>
+                    <th style="width: 10%;">Actions</th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for user in users %}
+                <tr>
+                    <td style="font-family: monospace; font-weight: 600;">{{ user.user_code }}</td>
+                    <td>
+                        <form method="POST" action="{{ url_for('admin.update_editing_user', user_id=user.id) }}" style="display: flex; gap: 0.5rem; align-items: center;">
+                            <input type="text" 
+                                   name="user_name" 
+                                   value="{{ user.user_name or '' }}" 
+                                   placeholder="Enter display name"
+                                   class="form-control" 
+                                   style="flex: 1;">
+                            <button type="submit" class="btn btn-sm btn-primary">Save</button>
+                        </form>
+                    </td>
+                    <td>
+                        <span class="badge badge-info">{{ user_stats.get(user.user_code, 0) }} edits</span>
+                    </td>
+                    <td>{{ user.created_at | localtime('%Y-%m-%d %H:%M') }}</td>
+                    <td>
+                        <form method="POST" 
+                              action="{{ url_for('admin.delete_editing_user', user_id=user.id) }}" 
+                              style="display: inline;"
+                              onsubmit="return confirm('Are you sure you want to delete this user? This will not delete their edit history.');">
+                            <button type="submit" class="btn btn-sm btn-danger">Delete</button>
+                        </form>
+                    </td>
+                </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    </div>
+</div>
+{% else %}
+<div class="card" style="text-align: center; padding: 4rem 2rem;">
+    <div style="font-size: 4rem; margin-bottom: 1rem; opacity: 0.5;">👤</div>
+    <h2 style="color: #6c757d; margin-bottom: 1rem;">No Editing Users Yet</h2>
+    <p style="color: #6c757d; font-size: 1.1rem;">
+        User codes will appear here automatically when players edit media files.
+    </p>
+</div>
+{% endif %}
+
+<style>
+body.dark-mode .table {
+    color: #e2e8f0;
+}
+
+body.dark-mode .table thead th {
+    background: #2d3748;
+    color: #e2e8f0;
+    border-color: #4a5568;
+}
+
+body.dark-mode .table tbody tr {
+    border-color: #4a5568;
+}
+
+body.dark-mode .table tbody tr:hover {
+    background: #2d3748;
+}
+
+body.dark-mode .form-control {
+    background: #2d3748;
+    color: #e2e8f0;
+    border-color: #4a5568;
+}
+</style>
+
+{% endblock %}

app/templates/admin/https_config.html

@@ -0,0 +1,526 @@
+{% extends "base.html" %}
+
+{% block title %}HTTPS Configuration - DigiServer v2{% endblock %}
+
+{% block content %}
+<div class="container">
+    <div class="page-header">
+        <a href="{{ url_for('admin.admin_panel') }}" class="back-link">← Back to Admin Panel</a>
+        <h1>🔒 HTTPS Configuration</h1>
+    </div>
+
+    <div class="https-config-container">
+        <!-- Status Display -->
+        <div class="card status-card">
+            <h2>Current Status</h2>
+            
+            <!-- Real-time HTTPS detection -->
+            <div class="status-detection">
+                <p class="detection-info">
+                    <strong>🔍 Detected Connection:</strong> 
+                    {% if is_https_active %}
+                        <span class="badge badge-success">🔒 HTTPS ({{ request.scheme.upper() }})</span>
+                    {% else %}
+                        <span class="badge badge-warning">🔓 HTTP</span>
+                    {% endif %}
+                    <br>
+                    <small>Current host: <code>{{ current_host }}</code> via {{ request.host }}</small>
+                </p>
+            </div>
+            
+            {% if config and config.https_enabled %}
+                <div class="status-enabled">
+                    <span class="status-badge">✅ HTTPS ENABLED</span>
+                    <div class="status-details">
+                        <p><strong>Domain:</strong> {{ config.domain }}</p>
+                        <p><strong>Hostname:</strong> {{ config.hostname }}</p>
+                        <p><strong>Email:</strong> {{ config.email }}</p>
+                        <p><strong>IP Address:</strong> {{ config.ip_address }}</p>
+                        <p><strong>Port:</strong> {{ config.port }}</p>
+                        <p><strong>Access URL:</strong> <code>https://{{ config.domain }}</code></p>
+                        <p><strong>Last Updated:</strong> {{ config.updated_at.strftime('%Y-%m-%d %H:%M:%S') }} by {{ config.updated_by }}</p>
+                    </div>
+                </div>
+            {% else %}
+                <div class="status-disabled">
+                    <span class="status-badge-inactive">⚠️ HTTPS DISABLED</span>
+                    {% if is_https_active %}
+                        <p style="color: #156b2e; background: #d1f0e0; padding: 10px; border-radius: 4px; margin: 10px 0;">
+                            ✅ <strong>Note:</strong> You are currently accessing this page via HTTPS, but the configuration shows as disabled. 
+                            This configuration will be automatically updated. Please refresh the page.
+                        </p>
+                    {% else %}
+                        <p>The application is currently running on HTTP only (port 80)</p>
+                        <p>Enable HTTPS below to secure your application.</p>
+                    {% endif %}
+                </div>
+            {% endif %}
+        </div>
+
+        <!-- Configuration Form -->
+        <div class="card config-card">
+            <h2>Configure HTTPS Settings</h2>
+            <p class="info-text">
+                💡 <strong>Workflow:</strong> First, the app runs on HTTP (port 80). After you configure the HTTPS settings below,
+                the application will be available over HTTPS (port 443) using the domain and hostname you specify.
+            </p>
+
+            <form method="POST" action="{{ url_for('admin.update_https_config') }}" class="https-form">
+                <!-- Enable HTTPS Toggle -->
+                <div class="form-group">
+                    <label class="toggle-label">
+                        <input type="checkbox" name="https_enabled" id="https_enabled"
+                               {% if config and config.https_enabled %}checked{% endif %} 
+                               class="toggle-input">
+                        <span class="toggle-slider"></span>
+                        <span class="toggle-text">Enable HTTPS</span>
+                    </label>
+                    <p class="form-hint">Check this box to enable HTTPS/SSL for your application</p>
+                </div>
+
+                <!-- Hostname Field -->
+                <div class="form-group">
+                    <label for="hostname">Hostname <span class="required">*</span></label>
+                    <input type="text" id="hostname" name="hostname" 
+                           value="{{ config.hostname or 'digiserver' }}"
+                           placeholder="e.g., digiserver"
+                           class="form-input"
+                           required>
+                    <p class="form-hint">Short name for your server (e.g., 'digiserver')</p>
+                </div>
+
+                <!-- Domain Field -->
+                <div class="form-group">
+                    <label for="domain">Full Domain Name <span class="required">*</span></label>
+                    <input type="text" id="domain" name="domain" 
+                           value="{{ config.domain or 'digiserver.sibiusb.harting.intra' }}"
+                           placeholder="e.g., digiserver.sibiusb.harting.intra"
+                           class="form-input"
+                           required>
+                    <p class="form-hint">Complete domain name (e.g., digiserver.sibiusb.harting.intra)</p>
+                </div>
+
+                <!-- IP Address Field -->
+                <div class="form-group">
+                    <label for="ip_address">IP Address <span class="required">*</span></label>
+                    <input type="text" id="ip_address" name="ip_address" 
+                           value="{{ config.ip_address or '10.76.152.164' }}"
+                           placeholder="e.g., 10.76.152.164"
+                           class="form-input"
+                           required>
+                    <p class="form-hint">Server's IP address for direct access (e.g., 10.76.152.164)</p>
+                </div>
+
+                <!-- Email Field -->
+                <div class="form-group">
+                    <label for="email">Email Address <span class="required">*</span></label>
+                    <input type="email" id="email" name="email" 
+                           value="{{ config.email or '' }}"
+                           placeholder="e.g., admin@example.com"
+                           class="form-input"
+                           required>
+                    <p class="form-hint">Email address for SSL certificate notifications and Let's Encrypt communications</p>
+                </div>
+
+                <!-- Port Field -->
+                <div class="form-group">
+                    <label for="port">HTTPS Port</label>
+                    <input type="number" id="port" name="port" 
+                           value="{{ config.port or 443 }}"
+                           placeholder="443"
+                           min="1" max="65535"
+                           class="form-input">
+                    <p class="form-hint">Port for HTTPS connections (default: 443)</p>
+                </div>
+
+                <!-- Preview Section -->
+                <div class="preview-section">
+                    <h3>Access Points After Configuration:</h3>
+                    <ul class="access-points">
+                        <li>
+                            <strong>HTTPS (Recommended):</strong>
+                            <code>https://<span id="preview-domain">digiserver.sibiusb.harting.intra</span></code>
+                        </li>
+                        <li>
+                            <strong>HTTP (Fallback):</strong>
+                            <code>http://<span id="preview-ip">10.76.152.164</span></code>
+                        </li>
+                    </ul>
+                </div>
+
+                <!-- Form Actions -->
+                <div class="form-actions">
+                    <button type="submit" class="btn btn-primary btn-lg">
+                        💾 Save HTTPS Configuration
+                    </button>
+                    <a href="{{ url_for('admin.admin_panel') }}" class="btn btn-secondary">
+                        Cancel
+                    </a>
+                </div>
+            </form>
+        </div>
+
+        <!-- Information Section -->
+        <div class="card info-card">
+            <h2>ℹ️ Important Information</h2>
+            <div class="info-sections">
+                <div class="info-section">
+                    <h3>📝 Before You Start</h3>
+                    <ul>
+                        <li>Ensure your DNS is configured to resolve the domain to your server</li>
+                        <li>Verify the IP address matches your server's actual network interface</li>
+                        <li>Check that ports 80, 443, and 443/UDP are open for traffic</li>
+                    </ul>
+                </div>
+                <div class="info-section">
+                    <h3>🔐 HTTPS Setup</h3>
+                    <ul>
+                        <li>SSL certificates are automatically managed by Caddy</li>
+                        <li>Certificates are obtained from Let's Encrypt</li>
+                        <li>Automatic renewal is handled by the system</li>
+                    </ul>
+                </div>
+                <div class="info-section">
+                    <h3>✅ After Configuration</h3>
+                    <ul>
+                        <li>Your app will restart with the new settings</li>
+                        <li>Both HTTP and HTTPS access points will be available</li>
+                        <li>HTTP requests will be redirected to HTTPS</li>
+                        <li>Check the status above for current configuration</li>
+                    </ul>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<style>
+.https-config-container {
+    max-width: 800px;
+    margin: 0 auto;
+    padding: 20px;
+}
+
+.page-header {
+    margin-bottom: 30px;
+}
+
+.back-link {
+    display: inline-block;
+    margin-bottom: 15px;
+    color: #0066cc;
+    text-decoration: none;
+    font-weight: 500;
+}
+
+.back-link:hover {
+    text-decoration: underline;
+}
+
+.status-detection {
+    background: #f0f7ff;
+    border-left: 4px solid #0066cc;
+    padding: 15px;
+    margin-bottom: 20px;
+    border-radius: 4px;
+}
+
+.detection-info {
+    margin: 0;
+    font-size: 14px;
+    line-height: 1.6;
+}
+
+.badge {
+    display: inline-block;
+    padding: 4px 12px;
+    border-radius: 4px;
+    font-size: 12px;
+    font-weight: 600;
+    margin-left: 8px;
+}
+
+.badge-success {
+    background: #d1f0e0;
+    color: #156b2e;
+}
+
+.badge-warning {
+    background: #fff3cd;
+    color: #856404;
+}
+
+.status-card {
+    margin-bottom: 30px;
+    border-left: 5px solid #ddd;
+}
+
+.status-enabled {
+    background: linear-gradient(135deg, #d4edda 0%, #c3e6cb 100%);
+    border-radius: 8px;
+    padding: 20px;
+    border-left: 5px solid #28a745;
+}
+
+.status-disabled {
+    background: linear-gradient(135deg, #fff3cd 0%, #ffeaa7 100%);
+    border-radius: 8px;
+    padding: 20px;
+    border-left: 5px solid #ffc107;
+}
+
+.status-badge {
+    display: inline-block;
+    background: #28a745;
+    color: white;
+    padding: 8px 16px;
+    border-radius: 20px;
+    font-weight: bold;
+    margin-bottom: 15px;
+    font-size: 14px;
+}
+
+.status-badge-inactive {
+    display: inline-block;
+    background: #ffc107;
+    color: #333;
+    padding: 8px 16px;
+    border-radius: 20px;
+    font-weight: bold;
+    margin-bottom: 15px;
+    font-size: 14px;
+}
+
+.status-details {
+    margin-top: 15px;
+}
+
+.status-details p {
+    margin: 8px 0;
+    font-size: 14px;
+}
+
+.status-details code {
+    background: rgba(0,0,0,0.1);
+    padding: 4px 8px;
+    border-radius: 4px;
+    font-family: 'Courier New', monospace;
+}
+
+.config-card {
+    margin-bottom: 30px;
+}
+
+.info-text {
+    background: #e7f3ff;
+    border-left: 4px solid #0066cc;
+    padding: 12px 16px;
+    border-radius: 4px;
+    margin-bottom: 25px;
+    font-size: 14px;
+}
+
+.https-form {
+    padding: 20px 0;
+}
+
+.form-group {
+    margin-bottom: 25px;
+}
+
+.form-group label {
+    display: block;
+    font-weight: 600;
+    margin-bottom: 8px;
+    color: #333;
+}
+
+.required {
+    color: #dc3545;
+}
+
+.form-input {
+    width: 100%;
+    padding: 12px;
+    border: 1px solid #ddd;
+    border-radius: 6px;
+    font-size: 14px;
+    font-family: inherit;
+    transition: all 0.2s;
+}
+
+.form-input:focus {
+    outline: none;
+    border-color: #0066cc;
+    box-shadow: 0 0 0 3px rgba(0, 102, 204, 0.1);
+}
+
+.form-hint {
+    font-size: 13px;
+    color: #666;
+    margin-top: 6px;
+}
+
+/* Toggle Switch Styling */
+.toggle-label {
+    display: flex;
+    align-items: center;
+    gap: 12px;
+    cursor: pointer;
+    user-select: none;
+}
+
+.toggle-input {
+    display: none;
+}
+
+.toggle-slider {
+    display: inline-block;
+    width: 50px;
+    height: 28px;
+    background: #ccc;
+    border-radius: 14px;
+    position: relative;
+    transition: all 0.3s;
+}
+
+.toggle-slider::after {
+    content: '';
+    position: absolute;
+    width: 24px;
+    height: 24px;
+    background: white;
+    border-radius: 50%;
+    top: 2px;
+    left: 2px;
+    transition: all 0.3s;
+}
+
+.toggle-input:checked + .toggle-slider {
+    background: #28a745;
+}
+
+.toggle-input:checked + .toggle-slider::after {
+    left: 24px;
+}
+
+.toggle-text {
+    font-weight: 600;
+    color: #333;
+}
+
+.preview-section {
+    background: #f8f9fa;
+    border: 2px dashed #0066cc;
+    border-radius: 8px;
+    padding: 20px;
+    margin: 25px 0;
+}
+
+.preview-section h3 {
+    margin-top: 0;
+    color: #0066cc;
+}
+
+.access-points {
+    list-style: none;
+    padding: 0;
+    margin: 0;
+}
+
+.access-points li {
+    padding: 10px;
+    background: white;
+    border-radius: 4px;
+    margin-bottom: 8px;
+    border-left: 4px solid #0066cc;
+}
+
+.access-points code {
+    background: #e7f3ff;
+    padding: 6px 10px;
+    border-radius: 4px;
+    font-family: 'Courier New', monospace;
+    color: #0066cc;
+}
+
+.form-actions {
+    display: flex;
+    gap: 10px;
+    margin-top: 30px;
+    padding-top: 25px;
+    border-top: 1px solid #ddd;
+}
+
+.btn-lg {
+    padding: 12px 30px;
+    font-size: 16px;
+    font-weight: 600;
+}
+
+.info-card {
+    background: linear-gradient(135deg, #e7f3ff 0%, #f0f7ff 100%);
+}
+
+.info-card h2 {
+    color: #0066cc;
+}
+
+.info-sections {
+    display: grid;
+    grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
+    gap: 20px;
+    margin-top: 20px;
+}
+
+.info-section h3 {
+    color: #0066cc;
+    margin-top: 0;
+    font-size: 16px;
+}
+
+.info-section ul {
+    padding-left: 20px;
+    margin: 0;
+}
+
+.info-section li {
+    margin-bottom: 8px;
+    font-size: 14px;
+    color: #555;
+}
+
+@media (max-width: 768px) {
+    .https-config-container {
+        padding: 10px;
+    }
+
+    .info-sections {
+        grid-template-columns: 1fr;
+    }
+
+    .form-actions {
+        flex-direction: column;
+    }
+
+    .btn-lg {
+        width: 100%;
+    }
+}
+</style>
+
+<script>
+// Update preview in real-time
+document.getElementById('domain').addEventListener('input', function() {
+    document.getElementById('preview-domain').textContent = this.value || 'digiserver.sibiusb.harting.intra';
+});
+
+document.getElementById('ip_address').addEventListener('input', function() {
+    document.getElementById('preview-ip').textContent = this.value || '10.76.152.164';
+});
+
+// Load initial preview
+document.getElementById('preview-domain').textContent = document.getElementById('domain').value || 'digiserver.sibiusb.harting.intra';
+document.getElementById('preview-ip').textContent = document.getElementById('ip_address').value || '10.76.152.164';
+</script>
+{% endblock %}

app/templates/base.html

@@ -376,7 +376,7 @@
     <header>
         <div class="container">
             <h1>
-                <img src="{{ url_for('static', filename='uploads/header_logo.png') }}" alt="DigiServer" style="height: 32px; width: auto;" onerror="this.src='{{ url_for('static', filename='icons/monitor.svg') }}'; this.style.filter='brightness(0) invert(1)'; this.style.width='28px'; this.style.height='28px';">
+                <img src="{{ url_for('static', filename='uploads/header_logo.png?v=1') }}" alt="DigiServer" style="height: 32px; width: auto; margin-right: 8px;" onerror="this.style.display='none';" onload="this.style.display='inline';">
                 DigiServer
             </h1>
             <nav>
@@ -393,9 +393,7 @@
                         <img src="{{ url_for('static', filename='icons/playlist.svg') }}" alt="">
                         Playlists
                     </a>
-                    {% if current_user.is_admin %}
-                        <a href="{{ url_for('admin.admin_panel') }}">Admin</a>
-                    {% endif %}
+                    <a href="{{ url_for('admin.admin_panel') }}">Admin</a>
                     <a href="{{ url_for('auth.logout') }}">Logout ({{ current_user.username }})</a>
                     <button class="dark-mode-toggle" onclick="toggleDarkMode()" title="Toggle Dark Mode">
                         <img id="theme-icon" src="{{ url_for('static', filename='icons/moon.svg') }}" alt="Toggle theme">

app/templates/players/edited_media.html

@@ -376,7 +376,7 @@
                         </div>
                         <div class="preview-info-item">
                             <span class="preview-info-label">👤 Edited by:</span>
-                            <span class="preview-info-value" id="info-user-{{ content_id }}">{{ latest.user or 'Unknown' }}</span>
+                            <span class="preview-info-value" id="info-user-{{ content_id }}">{{ user_mappings.get(latest.user, latest.user or 'Unknown') }}</span>
                         </div>
                         <div class="preview-info-item">
                             <span class="preview-info-label">🕒 Modified:</span>
@@ -398,7 +398,7 @@
                         {% for edit in data.versions|sort(attribute='version', reverse=True) %}
                         <div class="version-item {% if loop.first %}active{% endif %}" 
                              id="version-{{ content_id }}-{{ edit.version }}"
-                             onclick="event.stopPropagation(); selectVersion({{ content_id }}, {{ edit.version }}, '{{ edit.new_name }}', '{{ edit.user or 'Unknown' }}', '{{ edit.time_of_modification | localtime('%Y-%m-%d %H:%M') if edit.time_of_modification else 'N/A' }}', '{{ edit.created_at | localtime('%Y-%m-%d %H:%M') }}', '{{ url_for('static', filename='uploads/edited_media/' ~ edit.content_id ~ '/' ~ edit.new_name) }}')">
+                             onclick="event.stopPropagation(); selectVersion({{ content_id }}, {{ edit.version }}, '{{ edit.new_name }}', '{{ user_mappings.get(edit.user, edit.user or 'Unknown') }}', '{{ edit.time_of_modification | localtime('%Y-%m-%d %H:%M') if edit.time_of_modification else 'N/A' }}', '{{ edit.created_at | localtime('%Y-%m-%d %H:%M') }}', '{{ url_for('static', filename='uploads/edited_media/' ~ edit.content_id ~ '/' ~ edit.new_name) }}')">
                             <div class="version-thumbnail">
                                 {% if edit.new_name.lower().endswith(('.jpg', '.jpeg', '.png', '.gif', '.webp')) %}
                                 <img src="{{ url_for('static', filename='uploads/edited_media/' ~ edit.content_id ~ '/' ~ edit.new_name) }}" 

app/utils/caddy_manager.py

@@ -0,0 +1,154 @@
+"""Caddy configuration generator and manager."""
+import os
+from typing import Optional
+from app.models.https_config import HTTPSConfig
+
+
+class CaddyConfigGenerator:
+    """Generate Caddyfile configuration based on HTTPSConfig."""
+    
+    @staticmethod
+    def generate_caddyfile(config: Optional[HTTPSConfig] = None) -> str:
+        """Generate complete Caddyfile content.
+        
+        Args:
+            config: HTTPSConfig instance or None
+            
+        Returns:
+            Complete Caddyfile content as string
+        """
+        # Get config from database if not provided
+        if config is None:
+            config = HTTPSConfig.get_config()
+        
+        # Base configuration
+        email = "admin@localhost"
+        if config and config.email:
+            email = config.email
+        
+        base_config = f"""{{
+    # Global options
+    email {email}
+    # Admin API for configuration management (listen on all interfaces)
+    admin 0.0.0.0:2019
+    # Uncomment for testing to avoid rate limits
+    # acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
+}}
+
+# Shared reverse proxy configuration
+(reverse_proxy_config) {{
+    reverse_proxy digiserver-app:5000 {{
+        header_up Host {{host}}
+        header_up X-Real-IP {{remote_host}}
+        header_up X-Forwarded-Proto {{scheme}}
+        
+        # Timeouts for large uploads
+        transport http {{
+            read_timeout 300s
+            write_timeout 300s
+        }}
+    }}
+    
+    # File upload size limit (2GB)
+    request_body {{
+        max_size 2GB
+    }}
+    
+    # Security headers
+    header {{
+        X-Frame-Options "SAMEORIGIN"
+        X-Content-Type-Options "nosniff"
+        X-XSS-Protection "1; mode=block"
+    }}
+    
+    # Logging
+    log {{
+        output file /var/log/caddy/access.log
+    }}
+}}
+
+# Localhost (development/local access)
+http://localhost {{
+    import reverse_proxy_config
+}}
+"""
+        
+        # Add main domain/IP configuration if HTTPS is enabled
+        if config and config.https_enabled and config.domain and config.ip_address:
+            # Internal domain configuration
+            domain_config = f"""
+# Internal domain (HTTP only - internal use)
+http://{config.domain} {{
+    import reverse_proxy_config
+}}
+
+# Handle IP address access
+http://{config.ip_address} {{
+    import reverse_proxy_config
+}}
+"""
+            base_config += domain_config
+        else:
+            # Default fallback configuration
+            base_config += """
+# Internal domain (HTTP only - internal use)
+http://digiserver.sibiusb.harting.intra {
+    import reverse_proxy_config
+}
+
+# Handle IP address access
+http://10.76.152.164 {
+    import reverse_proxy_config
+}
+"""
+        
+        # Add catch-all for any other HTTP requests
+        base_config += """
+# Catch-all for any other HTTP requests
+http://* {
+    import reverse_proxy_config
+}
+"""
+        
+        return base_config
+    
+    @staticmethod
+    def write_caddyfile(caddyfile_content: str, path: str = '/app/Caddyfile') -> bool:
+        """Write Caddyfile to disk.
+        
+        Args:
+            caddyfile_content: Content to write
+            path: Path to Caddyfile
+            
+        Returns:
+            True if successful, False otherwise
+        """
+        try:
+            with open(path, 'w') as f:
+                f.write(caddyfile_content)
+            return True
+        except Exception as e:
+            print(f"Error writing Caddyfile: {str(e)}")
+            return False
+    
+    @staticmethod
+    def reload_caddy() -> bool:
+        """Reload Caddy configuration without restart.
+        
+        Note: Caddy monitoring is handled via file watching. After writing the Caddyfile,
+        Caddy should automatically reload. If it doesn't, you may need to restart the
+        Caddy container manually.
+        
+        Returns:
+            True if configuration was written successfully (Caddy will auto-reload)
+        """
+        try:
+            # Just verify that Caddy is reachable
+            import urllib.request
+            response = urllib.request.urlopen('http://caddy:2019/config/', timeout=2)
+            return response.status == 200
+        except Exception as e:
+            # Caddy might not be reachable, but Caddyfile was already written
+            # Caddy should reload automatically when it detects file changes
+            print(f"Note: Caddy reload check returned: {str(e)}")
+            return True  # Return True anyway since Caddyfile was written

deploy.sh

@@ -0,0 +1,174 @@
+#!/bin/bash
+# Automated deployment script for DigiServer on a new PC
+# Run this script to completely set up DigiServer with all configurations
+
+set -e  # Exit on any error
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+echo -e "${BLUE}╔════════════════════════════════════════════════════════════════╗${NC}"
+echo -e "${BLUE}║         DigiServer Automated Deployment                        ║${NC}"
+echo -e "${BLUE}╚════════════════════════════════════════════════════════════════╝${NC}"
+echo ""
+
+# Check if docker-compose is available
+if ! command -v docker-compose &> /dev/null; then
+    echo -e "${RED}❌ docker-compose not found!${NC}"
+    echo "Please install docker-compose first"
+    exit 1
+fi
+
+# Check if we're in the project directory
+if [ ! -f "docker-compose.yml" ]; then
+    echo -e "${RED}❌ docker-compose.yml not found!${NC}"
+    echo "Please run this script from the digiserver-v2 directory"
+    exit 1
+fi
+
+# ============================================================================
+# CONFIGURATION VARIABLES
+# ============================================================================
+HOSTNAME="${HOSTNAME:-digiserver}"
+DOMAIN="${DOMAIN:-digiserver.sibiusb.harting.intra}"
+IP_ADDRESS="${IP_ADDRESS:-10.76.152.164}"
+EMAIL="${EMAIL:-admin@example.com}"
+PORT="${PORT:-443}"
+
+echo -e "${BLUE}Configuration:${NC}"
+echo "  Hostname:   $HOSTNAME"
+echo "  Domain:     $DOMAIN"
+echo "  IP Address: $IP_ADDRESS"
+echo "  Email:      $EMAIL"
+echo "  Port:       $PORT"
+echo ""
+
+# ============================================================================
+# STEP 1: Start containers
+# ============================================================================
+echo -e "${YELLOW}📦 [1/6] Starting containers...${NC}"
+docker-compose up -d
+
+echo -e "${YELLOW}⏳ Waiting for containers to be healthy...${NC}"
+sleep 10
+
+# Verify containers are running
+if ! docker-compose ps | grep -q "Up"; then
+    echo -e "${RED}❌ Containers failed to start!${NC}"
+    docker-compose logs
+    exit 1
+fi
+echo -e "${GREEN}✅ Containers started successfully${NC}"
+echo ""
+
+# ============================================================================
+# STEP 2: Run database migrations
+# ============================================================================
+echo -e "${YELLOW}📊 [2/6] Running database migrations...${NC}"
+
+echo -e "  • Creating https_config table..."
+docker-compose exec -T digiserver-app python /app/migrations/add_https_config_table.py
+echo -e "  • Creating player_user table..."
+docker-compose exec -T digiserver-app python /app/migrations/add_player_user_table.py
+echo -e "  • Adding email to https_config..."
+docker-compose exec -T digiserver-app python /app/migrations/add_email_to_https_config.py
+echo -e "  • Migrating player_user global settings..."
+docker-compose exec -T digiserver-app python /app/migrations/migrate_player_user_global.py
+
+echo -e "${GREEN}✅ All database migrations completed${NC}"
+echo ""
+
+# ============================================================================
+# STEP 3: Configure HTTPS
+# ============================================================================
+echo -e "${YELLOW}🔒 [3/6] Configuring HTTPS...${NC}"
+
+docker-compose exec -T digiserver-app python /app/https_manager.py enable \
+    "$HOSTNAME" \
+    "$DOMAIN" \
+    "$EMAIL" \
+    "$IP_ADDRESS" \
+    "$PORT"
+
+echo -e "${GREEN}✅ HTTPS configured successfully${NC}"
+echo ""
+
+# ============================================================================
+# STEP 4: Verify database setup
+# ============================================================================
+echo -e "${YELLOW}🔍 [4/6] Verifying database setup...${NC}"
+
+docker-compose exec -T digiserver-app python -c "
+from app.app import create_app
+from sqlalchemy import inspect
+
+app = create_app()
+with app.app_context():
+    inspector = inspect(app.extensions.db.engine)
+    tables = inspector.get_table_names()
+    print('  Database tables:')
+    for table in sorted(tables):
+        print(f'    ✓ {table}')
+    print(f'')
+    print(f'  ✅ Total tables: {len(tables)}')
+" 2>/dev/null || echo "  ⚠️  Database verification skipped"
+echo ""
+
+# ============================================================================
+# STEP 5: Verify Caddy configuration
+# ============================================================================
+echo -e "${YELLOW}🔧 [5/6] Verifying Caddy configuration...${NC}"
+
+docker-compose exec -T caddy caddy validate --config /etc/caddy/Caddyfile >/dev/null 2>&1
+if [ $? -eq 0 ]; then
+    echo -e "  ${GREEN}✅ Caddy configuration is valid${NC}"
+else
+    echo -e "  ${YELLOW}⚠️  Caddy validation skipped${NC}"
+fi
+echo ""
+
+# ============================================================================
+# STEP 6: Display summary
+# ============================================================================
+echo -e "${YELLOW}📋 [6/6] Displaying configuration summary...${NC}"
+echo ""
+
+docker-compose exec -T digiserver-app python /app/https_manager.py status
+
+echo ""
+echo -e "${GREEN}╔════════════════════════════════════════════════════════════════╗${NC}"
+echo -e "${GREEN}║              🎉 Deployment Complete!                          ║${NC}"
+echo -e "${GREEN}╚════════════════════════════════════════════════════════════════╝${NC}"
+echo ""
+
+echo -e "${BLUE}📍 Access Points:${NC}"
+echo "  🔒 https://$HOSTNAME"
+echo "  🔒 https://$IP_ADDRESS"
+echo "  🔒 https://$DOMAIN"
+echo ""
+
+echo -e "${BLUE}📝 Default Credentials:${NC}"
+echo "  Username: admin"
+echo "  Password: admin123 (⚠️  CHANGE IN PRODUCTION)"
+echo ""
+
+echo -e "${BLUE}📚 Documentation:${NC}"
+echo "  • DEPLOYMENT_COMMANDS.md - Detailed docker exec commands"
+echo "  • HTTPS_CONFIGURATION.md - HTTPS setup details"
+echo "  • setup_https.sh          - Manual configuration script"
+echo ""
+
+echo -e "${YELLOW}Next Steps:${NC}"
+echo "1. Access the application at one of the URLs above"
+echo "2. Log in with admin credentials"
+echo "3. Change the default password immediately"
+echo "4. Configure your players and content"
+echo ""
+
+echo -e "${BLUE}📞 Support:${NC}"
+echo "For troubleshooting, see DEPLOYMENT_COMMANDS.md section 7"
+echo ""

docker-compose.http.yml

@@ -0,0 +1,27 @@
+version: '3.8'
+
+services:
+  digiserver:
+    build: .
+    container_name: digiserver-v2-http
+    ports:
+      - "80:5000"  # Direct HTTP exposure on port 80
+    volumes:
+      - ./instance:/app/instance
+      - ./app/static/uploads:/app/app/static/uploads
+    environment:
+      - FLASK_ENV=production
+      - SECRET_KEY=${SECRET_KEY:-your-secret-key-change-this}
+      - ADMIN_USERNAME=${ADMIN_USERNAME:-admin}
+      - ADMIN_PASSWORD=${ADMIN_PASSWORD:-admin123}
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:5000/').read()"]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 40s
+
+# Usage: docker-compose -f docker-compose.http.yml up -d
+# Access at: http://localhost or http://your-server-ip
+# Note: This is for development/testing only. Use docker-compose.yml for production HTTPS.

docker-compose.yml

@@ -1,14 +1,16 @@
 #version: '3.8'
 
 services:
-  digiserver:
+  digiserver-app:
     build: .
     container_name: digiserver-v2
-    ports:
-      - "80:5000"
+    # Don't expose directly; use Caddy reverse proxy instead
+    expose:
+      - "5000"
     volumes:
-      - ./instance:/app/instance
-      - ./app/static/uploads:/app/app/static/uploads
+      - ./data:/app
+      - ./data/instance:/app/instance
+      - ./data/uploads:/app/app/static/uploads
     environment:
       - FLASK_ENV=production
       - SECRET_KEY=${SECRET_KEY:-your-secret-key-change-this}
@@ -21,14 +23,32 @@ services:
       timeout: 10s
       retries: 3
       start_period: 40s
+    networks:
+      - digiserver-network
 
-  # Optional: Redis for caching (uncomment if needed)
-  # redis:
-  #   image: redis:7-alpine
-  #   container_name: digiserver-redis
-  #   restart: unless-stopped
-  #   volumes:
-  #     - redis-data:/data
+  # Caddy reverse proxy with automatic HTTPS
+  caddy:
+    image: caddy:2-alpine
+    container_name: digiserver-caddy
+    ports:
+      - "80:80"
+      - "443:443"
+      - "443:443/udp"  # HTTP/3 support
+      - "2019:2019"     # Caddy admin API
+    volumes:
+      - ./data/Caddyfile:/etc/caddy/Caddyfile:ro
+      - ./data/caddy-data:/data
+      - ./data/caddy-config:/config
+    environment:
+      - DOMAIN=${DOMAIN:-localhost}
+      - EMAIL=${EMAIL:-admin@localhost}
+    depends_on:
+      digiserver-app:
+        condition: service_started
+    restart: unless-stopped
+    networks:
+      - digiserver-network
 
-# volumes:
-#   redis-data:
+networks:
+  digiserver-network:
+    driver: bridge

fix_player_user_schema.py

@@ -0,0 +1,25 @@
+#!/usr/bin/env python3
+"""Fix player_user table schema by dropping and recreating it."""
+import sys
+sys.path.insert(0, '/app')
+
+from app.app import create_app
+from app.extensions import db
+from app.models.player_user import PlayerUser
+
+def main():
+    app = create_app('production')
+    with app.app_context():
+        # Drop the old table
+        print("Dropping player_user table...")
+        db.session.execute(db.text('DROP TABLE IF EXISTS player_user'))
+        db.session.commit()
+        
+        # Recreate with new schema
+        print("Creating player_user table with new schema...")
+        PlayerUser.__table__.create(db.engine)
+        
+        print("Done! player_user table recreated successfully.")
+
+if __name__ == '__main__':
+    main()

https_manager.py

@@ -0,0 +1,157 @@
+"""Utility script for managing HTTPS configuration from command line."""
+import sys
+import os
+sys.path.insert(0, '/app')
+
+from app.app import create_app
+from app.models.https_config import HTTPSConfig
+
+def show_help():
+    """Display help information."""
+    print("""
+HTTPS Configuration Management Utility
+======================================
+
+Usage:
+    python https_manager.py <command> [arguments]
+
+Commands:
+    status              Show current HTTPS configuration status
+    enable <hostname> <domain> <email> <ip> [port]
+                       Enable HTTPS with specified settings
+    disable            Disable HTTPS
+    show               Show detailed configuration
+
+Examples:
+    # Show current status
+    python https_manager.py status
+    
+    # Enable HTTPS
+    python https_manager.py enable digiserver digiserver.sibiusb.harting.intra admin@example.com 10.76.152.164 443
+    
+    # Disable HTTPS
+    python https_manager.py disable
+    
+    # Show detailed config
+    python https_manager.py show
+""")
+
+def show_status():
+    """Show current HTTPS status."""
+    app = create_app()
+    with app.app_context():
+        config = HTTPSConfig.get_config()
+        if config:
+            print("\n" + "=" * 50)
+            print("HTTPS Configuration Status")
+            print("=" * 50)
+            print(f"Status:        {'✅ ENABLED' if config.https_enabled else '⚠️ DISABLED'}")
+            print(f"Hostname:      {config.hostname or 'N/A'}")
+            print(f"Domain:        {config.domain or 'N/A'}")
+            print(f"IP Address:    {config.ip_address or 'N/A'}")
+            print(f"Port:          {config.port}")
+            print(f"Updated:       {config.updated_at.strftime('%Y-%m-%d %H:%M:%S')} by {config.updated_by or 'N/A'}")
+            if config.https_enabled:
+                print(f"\nAccess URL:    https://{config.domain}")
+                print(f"Fallback:      http://{config.ip_address}")
+            print("=" * 50 + "\n")
+        else:
+            print("\n⚠️  No HTTPS configuration found. Use 'enable' command to create one.\n")
+
+def enable_https(hostname: str, domain: str, ip_address: str, email: str, port: str = '443'):
+    """Enable HTTPS with specified settings."""
+    app = create_app()
+    with app.app_context():
+        try:
+            port_num = int(port)
+            config = HTTPSConfig.create_or_update(
+                https_enabled=True,
+                hostname=hostname,
+                domain=domain,
+                ip_address=ip_address,
+                email=email,
+                port=port_num,
+                updated_by='cli_admin'
+            )
+            print("\n" + "=" * 50)
+            print("✅ HTTPS Configuration Updated")
+            print("=" * 50)
+            print(f"Hostname:      {hostname}")
+            print(f"Domain:        {domain}")
+            print(f"Email:         {email}")
+            print(f"IP Address:    {ip_address}")
+            print(f"Port:          {port_num}")
+            print(f"\nAccess URL:    https://{domain}")
+            print(f"Fallback:      http://{ip_address}")
+            print("=" * 50 + "\n")
+        except Exception as e:
+            print(f"\n❌ Error: {str(e)}\n")
+            sys.exit(1)
+
+def disable_https():
+    """Disable HTTPS."""
+    app = create_app()
+    with app.app_context():
+        try:
+            config = HTTPSConfig.create_or_update(
+                https_enabled=False,
+                updated_by='cli_admin'
+            )
+            print("\n" + "=" * 50)
+            print("⚠️  HTTPS Disabled")
+            print("=" * 50)
+            print("The application is now running on HTTP only (port 80)")
+            print("=" * 50 + "\n")
+        except Exception as e:
+            print(f"\n❌ Error: {str(e)}\n")
+            sys.exit(1)
+
+def show_config():
+    """Show detailed configuration."""
+    app = create_app()
+    with app.app_context():
+        config = HTTPSConfig.get_config()
+        if config:
+            print("\n" + "=" * 50)
+            print("Detailed HTTPS Configuration")
+            print("=" * 50)
+            for key, value in config.to_dict().items():
+                print(f"{key:.<30} {value}")
+            print("=" * 50 + "\n")
+        else:
+            print("\n⚠️  No HTTPS configuration found.\n")
+
+def main():
+    """Main entry point."""
+    if len(sys.argv) < 2:
+        show_help()
+        sys.exit(1)
+    
+    command = sys.argv[1].lower()
+    
+    if command == 'status':
+        show_status()
+    elif command == 'enable':
+        if len(sys.argv) < 6:
+            print("\nError: 'enable' requires: hostname domain email ip_address [port]\n")
+            show_help()
+            sys.exit(1)
+        hostname = sys.argv[2]
+        domain = sys.argv[3]
+        email = sys.argv[4]
+        ip_address = sys.argv[5]
+        port = sys.argv[6] if len(sys.argv) > 6 else '443'
+        enable_https(hostname, domain, ip_address, email, port)
+    elif command == 'disable':
+        disable_https()
+    elif command == 'show':
+        show_config()
+    elif command in ['help', '-h', '--help']:
+        show_help()
+    else:
+        print(f"\nUnknown command: {command}\n")
+        show_help()
+        sys.exit(1)
+
+if __name__ == '__main__':
+    main()

init-data.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+# Initialize ./data folder with all necessary files for deployment
+
+set -e
+
+echo "🔧 Initializing data folder..."
+mkdir -p data/{app,instance,uploads,caddy-data,caddy-config}
+
+echo "📁 Copying app folder..."
+rm -rf data/app
+mkdir -p data/app
+cp -r app/* data/app/
+
+echo "📋 Copying migrations..."
+rm -rf data/migrations
+cp -r migrations data/
+
+echo "🔧 Copying utility scripts..."
+cp https_manager.py player_auth_module.py fix_player_user_schema.py data/
+
+echo "📄 Copying Caddyfile..."
+cp Caddyfile data/
+
+echo "🔐 Setting permissions..."
+chmod 755 data/{app,instance,uploads,caddy-data,caddy-config}
+chmod 644 data/Caddyfile
+chmod -R 755 data/app/
+find data/app -type f \( -name "*.py" -o -name "*.html" -o -name "*.css" -o -name "*.js" \) -exec chmod 644 {} \;
+chmod 777 data/instance data/uploads
+
+echo "✅ Data folder initialized successfully!"
+echo "📊 Data folder contents:"
+du -sh data/*/

migrations/add_email_to_https_config.py

@@ -0,0 +1,33 @@
+"""Add email field to https_config table."""
+import sys
+sys.path.insert(0, '/app')
+
+from app.app import create_app
+from app.extensions import db
+from sqlalchemy import text
+
+app = create_app()
+
+with app.app_context():
+    print("Adding email column to https_config table...")
+    
+    try:
+        # Check if column already exists
+        inspector = db.inspect(db.engine)
+        columns = [col['name'] for col in inspector.get_columns('https_config')]
+        
+        if 'email' not in columns:
+            # Add the column
+            with db.engine.connect() as conn:
+                conn.execute(text('ALTER TABLE https_config ADD COLUMN email VARCHAR(255)'))
+                conn.commit()
+            print("✓ Email column added to https_config table!")
+        else:
+            print("✓ Email column already exists in https_config table.")
+            
+    except Exception as e:
+        print(f"ℹ️  Note: If table doesn't exist, run add_https_config_table.py first")
+        print(f"Error details: {str(e)}")
+        print("\nAlternatively, you can reset the database:")
+        print("  rm instance/digiserver.db")
+        print("  python migrations/add_https_config_table.py")

migrations/add_https_config_table.py

@@ -0,0 +1,14 @@
+"""Add https_config table for HTTPS configuration management."""
+import sys
+sys.path.insert(0, '/app')
+
+from app.app import create_app
+from app.extensions import db
+from app.models.https_config import HTTPSConfig
+
+app = create_app()
+
+with app.app_context():
+    print("Creating https_config table...")
+    db.create_all()
+    print("✓ https_config table created successfully!")

migrations/add_player_user_table.py

@@ -0,0 +1,14 @@
+"""Add player_user table for user code mappings."""
+import sys
+sys.path.insert(0, '/app')
+
+from app.app import create_app
+from app.extensions import db
+from app.models.player_user import PlayerUser
+
+app = create_app()
+
+with app.app_context():
+    print("Creating player_user table...")
+    db.create_all()
+    print("✓ player_user table created successfully!")

migrations/migrate_player_user_global.py

@@ -0,0 +1,24 @@
+"""Migrate player_user table to remove player_id and make user_code unique globally."""
+import sys
+sys.path.insert(0, '/app')
+
+from app.app import create_app
+from app.extensions import db
+from sqlalchemy import text
+
+app = create_app('production')
+
+with app.app_context():
+    print("Migrating player_user table...")
+    
+    # Drop existing table and recreate with new schema
+    db.session.execute(text('DROP TABLE IF EXISTS player_user'))
+    db.session.commit()
+    
+    # Create new table
+    db.create_all()
+    
+    print("✓ player_user table migrated successfully!")
+    print("  - Removed player_id foreign key")
+    print("  - Made user_code unique globally")
+    print("  - user_name is now nullable")

old_code_documentation/.env.example

@@ -5,13 +5,13 @@ FLASK_ENV=development
 # Security
 SECRET_KEY=change-this-to-a-random-secret-key
 
+# Domain & SSL (for HTTPS with Caddy)
+DOMAIN=your-domain.com
+EMAIL=admin@your-domain.com
+
 # Database
 DATABASE_URL=sqlite:///instance/dev.db
 
-# Redis (for production)
-REDIS_HOST=redis
-REDIS_PORT=6379
-
 # Admin User Credentials (used during initial Docker deployment)
 # These credentials are set when the database is first created
 ADMIN_USERNAME=admin

old_code_documentation/CADDY_DYNAMIC_CONFIG.md

@@ -0,0 +1,295 @@
+# Caddy Dynamic Configuration Management
+
+## Overview
+
+The HTTPS configuration system now automatically generates and manages the Caddy configuration in real-time. When an admin updates settings through the admin panel, the Caddyfile is regenerated and reloaded without requiring a full container restart.
+
+## How It Works
+
+### 1. **Configuration Generation**
+When admin saves HTTPS settings:
+1. Settings are saved to database (HTTPSConfig table)
+2. `CaddyConfigGenerator` creates a new Caddyfile based on settings
+3. Generated Caddyfile is written to disk
+
+### 2. **Configuration Reload**
+After Caddyfile is written:
+1. Caddy reload API is called via `docker-compose exec`
+2. Caddy validates and applies new configuration
+3. No downtime - live configuration update
+
+### 3. **Fallback Configuration**
+If HTTPS is disabled:
+1. System uses default hardcoded configuration
+2. Supports localhost, internal domain, and IP address
+3. Catch-all configuration for any other requests
+
+## Files Involved
+
+### New Files
+- **`app/utils/caddy_manager.py`** - CaddyConfigGenerator class with:
+  - `generate_caddyfile()` - Generates Caddyfile content
+  - `write_caddyfile()` - Writes to disk
+  - `reload_caddy()` - Reloads via Docker
+
+### Updated Files
+- **`app/blueprints/admin.py`** - HTTPS config route now:
+  - Generates new Caddyfile
+  - Writes to disk
+  - Reloads Caddy automatically
+  - Reports status to user
+
+## Admin Panel Workflow
+
+### Step 1: User Fills Form
+```
+Admin Panel → HTTPS Configuration
+- Hostname: digiserver
+- Domain: digiserver.sibiusb.harting.intra
+- Email: admin@example.com
+- IP: 10.76.152.164
+- Port: 443
+```
+
+### Step 2: Admin Saves Configuration
+- POST /admin/https-config/update
+- Settings validated and saved to database
+- Caddyfile generated dynamically
+- Caddy reloaded with new configuration
+
+### Step 3: User Sees Confirmation
+```
+✅ HTTPS configuration saved successfully!
+✅ Caddy configuration updated successfully!
+Server available at https://digiserver.sibiusb.harting.intra
+```
+
+### Step 4: Configuration Live
+- New domain/IP immediately active
+- No container restart needed
+- Caddy applying new routes in real-time
+
+## Generated Caddyfile Structure
+
+**When HTTPS Enabled:**
+```caddyfile
+{
+    email admin@example.com
+}
+
+(reverse_proxy_config) {
+    reverse_proxy digiserver-app:5000 { ... }
+    request_body { max_size 2GB }
+    header { ... }
+    log { ... }
+}
+
+http://localhost { import reverse_proxy_config }
+http://digiserver.sibiusb.harting.intra { import reverse_proxy_config }
+http://10.76.152.164 { import reverse_proxy_config }
+http://* { import reverse_proxy_config }
+```
+
+**When HTTPS Disabled:**
+```caddyfile
+{
+    email admin@localhost
+}
+
+(reverse_proxy_config) { ... }
+
+http://localhost { import reverse_proxy_config }
+http://digiserver.sibiusb.harting.intra { import reverse_proxy_config }
+http://10.76.152.164 { import reverse_proxy_config }
+http://* { import reverse_proxy_config }
+```
+
+## Key Features
+
+### ✅ No Restart Required
+- Caddyfile changes applied without restarting containers
+- Caddy reload API handles configuration hot-swap
+- Zero downtime configuration updates
+
+### ✅ Dynamic Configuration
+- Settings in admin panel → Generated Caddyfile
+- Database is source of truth
+- Easy to modify in admin UI
+
+### ✅ Automatic Fallbacks
+- Catch-all `http://*` handles any host
+- Always has localhost access
+- Always has IP address access
+
+### ✅ User Feedback
+- Admin sees status of Caddy reload
+- Error messages if Caddy reload fails
+- Logging of all changes
+
+### ✅ Safe Updates
+- Caddyfile validation before reload
+- Graceful error handling
+- Falls back to previous config if reload fails
+
+## Error Handling
+
+If Caddy reload fails:
+1. Database still has updated settings
+2. Old Caddyfile may still be in use
+3. User sees warning with status
+4. Admin can manually restart: `docker-compose restart caddy`
+
+## Admin Panel Status Messages
+
+### Success (✅)
+```
+✅ HTTPS configuration saved successfully!
+✅ Caddy configuration updated successfully!
+Server available at https://domain.local
+```
+
+### Partial Success (⚠️)
+```
+✅ HTTPS configuration saved successfully!
+⚠️ Caddyfile updated but reload failed. Please restart containers.
+Server available at https://domain.local
+```
+
+### Configuration Saved, Update Failed (⚠️)
+```
+⚠️ Configuration saved but Caddy update failed: [error details]
+```
+
+## Testing Configuration
+
+### Check Caddyfile Content
+```bash
+cat /srv/digiserver-v2/Caddyfile
+```
+
+### Manually Reload Caddy
+```bash
+docker-compose exec caddy caddy reload --config /etc/caddy/Caddyfile
+```
+
+### Check Caddy Status
+```bash
+docker-compose logs caddy --tail=20
+```
+
+### Test Access Points
+```bash
+# Test all configured domains/IPs
+curl http://localhost
+curl http://digiserver.sibiusb.harting.intra
+curl http://10.76.152.164
+```
+
+## Configuration Database
+
+Settings stored in `https_config` table:
+```
+https_enabled: boolean
+hostname: string
+domain: string
+ip_address: string
+email: string
+port: integer
+updated_at: datetime
+updated_by: string
+```
+
+When admin updates form → Database updated → Caddyfile regenerated → Caddy reloaded
+
+## Workflow Diagram
+
+```
+┌─────────────────────┐
+│  Admin Panel Form    │
+│  (HTTPS Config)     │
+└──────────┬──────────┘
+           │ Submit
+           ↓
+┌─────────────────────┐
+│  Validate Input     │
+└──────────┬──────────┘
+           │ Valid
+           ↓
+┌─────────────────────┐
+│  Save to Database   │
+│ (HTTPSConfig)       │
+└──────────┬──────────┘
+           │ Saved
+           ↓
+┌─────────────────────┐
+│  Generate Caddyfile │
+│ (CaddyConfigGen)    │
+└──────────┬──────────┘
+           │ Generated
+           ↓
+┌─────────────────────┐
+│  Write to Disk      │
+│ (/Caddyfile)        │
+└──────────┬──────────┘
+           │ Written
+           ↓
+┌─────────────────────┐
+│  Reload Caddy       │
+│ (Docker exec)       │
+└──────────┬──────────┘
+           │ Reloaded
+           ↓
+┌─────────────────────┐
+│  Show Status to     │
+│  Admin (Success)    │
+└─────────────────────┘
+```
+
+## Implementation Details
+
+### CaddyConfigGenerator Class
+
+**generate_caddyfile(config)**
+- Takes HTTPSConfig from database
+- Generates complete Caddyfile content
+- Uses shared reverse proxy configuration template
+- Returns full Caddyfile as string
+
+**write_caddyfile(content, path)**
+- Writes generated content to disk
+- Path defaults to /srv/digiserver-v2/Caddyfile
+- Returns True on success, False on error
+
+**reload_caddy()**
+- Runs: `docker-compose exec -T caddy caddy reload`
+- Validates config and applies live
+- Returns True on success, False on error
+
+## Advantages Over Manual Configuration
+
+| Manual | Dynamic |
+|--------|---------|
+| Edit Caddyfile manually | Change via admin panel |
+| Restart container | No restart needed |
+| Risk of syntax errors | Validated generation |
+| No audit trail | Logged with username |
+| Each change is manual | One-time setup |
+
+## Future Enhancements
+
+Potential improvements:
+- Configuration history/backup
+- Rollback to previous config
+- Health check after reload
+- Automatic backup before update
+- Configuration templates
+- Multi-domain support
+
+## Support
+
+For issues:
+1. Check admin panel messages for Caddy reload status
+2. Review logs: `docker-compose logs caddy`
+3. Check Caddyfile: `cat /srv/digiserver-v2/Caddyfile`
+4. Manual reload: `docker-compose exec caddy caddy reload --config /etc/caddy/Caddyfile`
+5. Full restart: `docker-compose restart caddy`

old_code_documentation/DEPLOYMENT_COMMANDS.md

@@ -0,0 +1,272 @@
+# DigiServer Deployment Commands
+
+This document contains all necessary `docker exec` commands to deploy and configure DigiServer on a new PC with the same settings as the production system.
+
+## Prerequisites
+
+```bash
+# Ensure you're in the project directory
+cd /path/to/digiserver-v2
+
+# Start the containers
+docker-compose up -d
+```
+
+## 1. Database Initialization and Migrations
+
+### Run all database migrations in sequence:
+
+```bash
+# Create https_config table
+docker-compose exec -T digiserver-app python /app/migrations/add_https_config_table.py
+
+# Create player_user table  
+docker-compose exec -T digiserver-app python /app/migrations/add_player_user_table.py
+
+# Add email to https_config table
+docker-compose exec -T digiserver-app python /app/migrations/add_email_to_https_config.py
+
+# Migrate player_user global settings
+docker-compose exec -T digiserver-app python /app/migrations/migrate_player_user_global.py
+```
+
+**Note:** The `-T` flag prevents Docker from allocating a pseudo-terminal, which is useful for automated deployments.
+
+## 2. HTTPS Configuration via CLI
+
+### Check HTTPS Configuration Status:
+
+```bash
+docker-compose exec -T digiserver-app python /app/https_manager.py status
+```
+
+### Enable HTTPS with Production Settings:
+
+```bash
+docker-compose exec -T digiserver-app python /app/https_manager.py enable \
+    digiserver \
+    digiserver.sibiusb.harting.intra \
+    admin@example.com \
+    10.76.152.164 \
+    443
+```
+
+### Show Detailed Configuration:
+
+```bash
+docker-compose exec -T digiserver-app python /app/https_manager.py show
+```
+
+## 3. Admin User Setup
+
+### Create/Reset Admin User (if needed):
+
+```bash
+docker-compose exec -T digiserver-app python -c "
+from app.app import create_app
+from app.models.user import User
+from app.extensions import db
+
+app = create_app()
+with app.app_context():
+    # Check if admin exists
+    admin = User.query.filter_by(username='admin').first()
+    if admin:
+        print('✅ Admin user already exists')
+    else:
+        # Create new admin user
+        admin = User(username='admin', email='admin@example.com')
+        admin.set_password('admin123')  # Change this password!
+        admin.is_admin = True
+        db.session.add(admin)
+        db.session.commit()
+        print('✅ Admin user created with username: admin')
+"
+```
+
+## 4. Database Verification
+
+### Check Database Tables:
+
+```bash
+docker-compose exec -T digiserver-app python -c "
+from app.app import create_app
+from app.extensions import db
+from sqlalchemy import inspect
+
+app = create_app()
+with app.app_context():
+    inspector = inspect(db.engine)
+    tables = inspector.get_table_names()
+    print('📊 Database Tables:')
+    for table in sorted(tables):
+        print(f'  ✓ {table}')
+    print(f'\\n✅ Total tables: {len(tables)}')
+"
+```
+
+### Check HTTPS Configuration in Database:
+
+```bash
+docker-compose exec -T digiserver-app python -c "
+from app.app import create_app
+from app.models.https_config import HTTPSConfig
+
+app = create_app()
+with app.app_context():
+    config = HTTPSConfig.get_config()
+    if config:
+        print('✅ HTTPS Configuration Found:')
+        print(f'   Status: {\"ENABLED\" if config.https_enabled else \"DISABLED\"}')
+        print(f'   Hostname: {config.hostname}')
+        print(f'   Domain: {config.domain}')
+        print(f'   IP Address: {config.ip_address}')
+        print(f'   Port: {config.port}')
+    else:
+        print('⚠️  No HTTPS configuration found')
+"
+```
+
+## 5. Health Checks
+
+### Test Caddy Configuration:
+
+```bash
+docker-compose exec -T caddy caddy validate --config /etc/caddy/Caddyfile
+```
+
+### Test Flask Application Health:
+
+```bash
+docker-compose exec -T digiserver-app python -c "
+import urllib.request
+try:
+    response = urllib.request.urlopen('http://localhost:5000/health', timeout=5)
+    print('✅ Application is responding')
+    print(f'   Status: {response.status}')
+except Exception as e:
+    print(f'❌ Application health check failed: {e}')
+"
+```
+
+### Check Docker Container Logs:
+
+```bash
+# Flask app logs
+docker-compose logs digiserver-app | tail -50
+
+# Caddy logs  
+docker-compose logs caddy | tail -50
+```
+
+## 6. Complete Deployment Script
+
+Create a file called `deploy.sh` to run all steps automatically:
+
+```bash
+#!/bin/bash
+set -e
+
+echo "🚀 DigiServer Deployment Script"
+echo "=================================="
+echo ""
+
+# Change to project directory
+cd /path/to/digiserver-v2
+
+# Step 1: Start containers
+echo "📦 Starting containers..."
+docker-compose up -d
+sleep 5
+
+# Step 2: Run migrations
+echo "📊 Running database migrations..."
+docker-compose exec -T digiserver-app python /app/migrations/add_https_config_table.py
+docker-compose exec -T digiserver-app python /app/migrations/add_player_user_table.py
+docker-compose exec -T digiserver-app python /app/migrations/add_email_to_https_config.py
+docker-compose exec -T digiserver-app python /app/migrations/migrate_player_user_global.py
+
+# Step 3: Configure HTTPS
+echo "🔒 Configuring HTTPS..."
+docker-compose exec -T digiserver-app python /app/https_manager.py enable \
+    digiserver \
+    digiserver.sibiusb.harting.intra \
+    admin@example.com \
+    10.76.152.164 \
+    443
+
+# Step 4: Verify setup
+echo "✅ Verifying setup..."
+docker-compose exec -T digiserver-app python /app/https_manager.py status
+
+echo ""
+echo "🎉 Deployment Complete!"
+echo "=================================="
+echo "Access your application at:"
+echo "  - https://digiserver"
+echo "  - https://10.76.152.164"
+echo "  - https://digiserver.sibiusb.harting.intra"
+echo ""
+echo "Login with:"
+echo "  Username: admin"
+echo "  Password: (check your password settings)"
+```
+
+Make it executable:
+```bash
+chmod +x deploy.sh
+```
+
+Run it:
+```bash
+./deploy.sh
+```
+
+## 7. Troubleshooting
+
+### Restart Services:
+
+```bash
+# Restart all containers
+docker-compose restart
+
+# Restart just the app
+docker-compose restart digiserver-app
+
+# Restart just Caddy
+docker-compose restart caddy
+```
+
+### View Caddy Configuration:
+
+```bash
+docker-compose exec -T caddy cat /etc/caddy/Caddyfile
+```
+
+### Test HTTPS Endpoints:
+
+```bash
+# Test from host machine (if accessible)
+curl -k https://digiserver.sibiusb.harting.intra
+
+# Test from within containers
+docker-compose exec -T caddy wget --no-check-certificate -qO- https://localhost/ | head -20
+```
+
+### Clear Caddy Cache (if certificate issues occur):
+
+```bash
+docker volume rm digiserver-v2_caddy-data
+docker volume rm digiserver-v2_caddy-config
+docker-compose restart caddy
+```
+
+## Important Notes
+
+- Always use `-T` flag with `docker-compose exec` in automated scripts to prevent TTY issues
+- Change default passwords (`admin123`) in production environments
+- Adjust email address in HTTPS configuration as needed
+- For different network setups, modify the IP address and domain in the enable HTTPS command
+- Keep database backups before running migrations
+- Test all three access points after deployment
+

old_code_documentation/DEPLOYMENT_INDEX.md

@@ -0,0 +1,278 @@
+# 📚 DigiServer Deployment Documentation Index
+
+Complete documentation for deploying and maintaining DigiServer. Choose your path below:
+
+---
+
+## 🚀 I Want to Deploy Now!
+
+### Quick Start (2 minutes)
+```bash
+cd /path/to/digiserver-v2
+./deploy.sh
+```
+→ See [DEPLOYMENT_README.md](DEPLOYMENT_README.md)
+
+### Or Step-by-Step Setup
+```bash
+./setup_https.sh
+```
+
+---
+
+## 📖 Documentation Files
+
+### 1. **[DEPLOYMENT_README.md](DEPLOYMENT_README.md)** ⭐ START HERE
+   - **Size**: 9.4 KB
+   - **Purpose**: Complete deployment guide for beginners
+   - **Contains**:
+     - Quick start instructions
+     - Prerequisites checklist
+     - 3 deployment methods (auto, semi-auto, manual)
+     - Verification procedures
+     - First access setup
+     - Troubleshooting guide
+   - **Read time**: 15-20 minutes
+
+### 2. **[DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md)** ⭐ REFERENCE GUIDE
+   - **Size**: 7.6 KB
+   - **Purpose**: Quick reference for all docker exec commands
+   - **Contains**:
+     - Database migrations
+     - HTTPS configuration
+     - User management
+     - Database inspection
+     - Health checks
+     - Maintenance commands
+     - Troubleshooting commands
+   - **Use when**: You need a specific command
+   - **Read time**: 5-10 minutes (or search for what you need)
+
+### 3. **[DEPLOYMENT_COMMANDS.md](DEPLOYMENT_COMMANDS.md)**
+   - **Size**: 6.8 KB
+   - **Purpose**: Detailed deployment command explanations
+   - **Contains**:
+     - Individual command explanations
+     - Complete deployment script template
+     - Health check procedures
+     - Verification steps
+     - Advanced troubleshooting
+   - **Read time**: 20-30 minutes
+
+---
+
+## 🔧 Executable Scripts
+
+### 1. **[deploy.sh](deploy.sh)** - Fully Automated
+   - **Size**: 6.7 KB
+   - **Purpose**: One-command deployment
+   - **Does**:
+     1. Starts Docker containers
+     2. Runs all migrations
+     3. Configures HTTPS
+     4. Verifies setup
+     5. Shows access URLs
+   - **Usage**:
+     ```bash
+     ./deploy.sh
+     ```
+   - **With custom settings**:
+     ```bash
+     HOSTNAME=server1 DOMAIN=server1.internal ./deploy.sh
+     ```
+
+### 2. **[setup_https.sh](setup_https.sh)** - Semi-Automated
+   - **Size**: 5.9 KB
+   - **Purpose**: Setup script that works in or outside Docker
+   - **Does**:
+     - Detects environment (Docker container or host)
+     - Runs migrations
+     - Configures HTTPS
+     - Shows status
+   - **Usage**:
+     ```bash
+     ./setup_https.sh
+     ```
+
+---
+
+## 🎯 Quick Navigation by Task
+
+### "I need to deploy on a new PC"
+1. Read: [DEPLOYMENT_README.md](DEPLOYMENT_README.md#prerequisites)
+2. Run: `./deploy.sh`
+3. Access: https://digiserver.sibiusb.harting.intra
+
+### "I need a specific docker exec command"
+→ Search [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md)
+
+### "I want to understand what's being deployed"
+→ Read [DEPLOYMENT_COMMANDS.md](DEPLOYMENT_COMMANDS.md#prerequisites)
+
+### "Something went wrong, help!"
+→ See [DEPLOYMENT_README.md](DEPLOYMENT_README.md#-troubleshooting) or [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md#-troubleshooting)
+
+### "I need to configure custom settings"
+→ Read [DEPLOYMENT_README.md](DEPLOYMENT_README.md#-environment-variables)
+
+### "I want to manage HTTPS"
+→ See [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md#-https-configuration-management)
+
+---
+
+## 📋 Deployment Checklist
+
+- [ ] Docker and Docker Compose installed
+- [ ] Project files copied to new PC
+- [ ] Run `./deploy.sh` or `./setup_https.sh`
+- [ ] Verify with `docker-compose ps`
+- [ ] Access https://digiserver.sibiusb.harting.intra
+- [ ] Log in with admin/admin123
+- [ ] Change default password
+- [ ] Configure players and content
+
+---
+
+## 🔑 Configuration Options
+
+### Default Settings
+```
+Hostname:    digiserver
+Domain:      digiserver.sibiusb.harting.intra
+IP Address:  10.76.152.164
+Port:        443
+Email:       admin@example.com
+Username:    admin
+Password:    admin123
+```
+
+### Customize During Deployment
+```bash
+HOSTNAME=myserver \
+DOMAIN=myserver.internal \
+IP_ADDRESS=192.168.1.100 \
+EMAIL=admin@myserver.com \
+./deploy.sh
+```
+
+---
+
+## 🆘 Common Tasks
+
+| Task | Command |
+|------|---------|
+| **Start containers** | `docker-compose up -d` |
+| **Stop containers** | `docker-compose stop` |
+| **View logs** | `docker-compose logs -f` |
+| **Check HTTPS status** | `docker-compose exec -T digiserver-app python /app/https_manager.py status` |
+| **Reset password** | See [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md#reset-admin-password) |
+| **View all tables** | See [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md#list-all-tables) |
+| **Create admin user** | See [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md#create-admin-user) |
+
+---
+
+## 📊 File Structure
+
+```
+digiserver-v2/
+├── DEPLOYMENT_README.md ..................... Main deployment guide
+├── DOCKER_EXEC_COMMANDS.md ................. Quick reference (BEST FOR COMMANDS)
+├── DEPLOYMENT_COMMANDS.md .................. Detailed explanations
+├── deploy.sh ............................. Fully automated deployment
+├── setup_https.sh ......................... Semi-automated setup
+├── docker-compose.yml ..................... Docker services config
+├── Caddyfile .............................. Reverse proxy config
+├── requirements.txt ....................... Python dependencies
+│
+├── app/
+│   ├── app.py ............................ Flask application
+│   ├── models/ ........................... Database models
+│   │   ├── https_config.py
+│   │   ├── user.py
+│   │   └── ...
+│   └── ...
+│
+├── migrations/
+│   ├── add_https_config_table.py
+│   ├── add_player_user_table.py
+│   ├── add_email_to_https_config.py
+│   └── migrate_player_user_global.py
+│
+└── old_code_documentation/
+    ├── HTTPS_CONFIGURATION.md
+    └── ...
+```
+
+---
+
+## 🚀 Deployment Methods Comparison
+
+| Method | Time | Effort | Best For |
+|--------|------|--------|----------|
+| `./deploy.sh` | 2-3 min | Click & wait | First-time setup, automation |
+| `./setup_https.sh` | 3-5 min | Manual review | Learning, step debugging |
+| Manual commands | 10-15 min | Full control | Advanced users, scripting |
+
+---
+
+## ✨ What Gets Deployed
+
+✅ Flask web application with admin dashboard
+✅ HTTPS with self-signed certificates
+✅ Caddy reverse proxy for routing
+✅ SQLite database with all tables
+✅ User management system
+✅ HTTPS configuration management
+✅ Player and content management
+✅ Group and playlist management
+✅ Admin audit trail
+
+---
+
+## 🎓 Learning Path
+
+1. **Total Beginner?**
+   - Start: [DEPLOYMENT_README.md](DEPLOYMENT_README.md)
+   - Run: `./deploy.sh`
+   - Learn: Browse [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md) for available commands
+
+2. **Want to Understand Everything?**
+   - Read: [DEPLOYMENT_README.md](DEPLOYMENT_README.md#-deployment-methods) (all 3 methods)
+   - Study: [DEPLOYMENT_COMMANDS.md](DEPLOYMENT_COMMANDS.md)
+   - Reference: [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md)
+
+3. **Need to Troubleshoot?**
+   - Check: [DEPLOYMENT_README.md](DEPLOYMENT_README.md#-troubleshooting)
+   - Or: [DOCKER_EXEC_COMMANDS.md](DOCKER_EXEC_COMMANDS.md#-troubleshooting)
+
+---
+
+## 💡 Pro Tips
+
+1. **Use `-T` flag** in docker-compose exec for scripts (prevents TTY issues)
+2. **Keep backups** before major changes
+3. **Check logs often**: `docker-compose logs -f`
+4. **Use environment variables** for custom deployments
+5. **Verify after deployment** using health check commands
+
+---
+
+## 🔗 Related Documentation
+
+- **HTTPS Setup**: `old_code_documentation/HTTPS_CONFIGURATION.md`
+- **Admin Features**: Check admin panel after login
+- **API Documentation**: See `old_code_documentation/PLAYER_EDIT_MEDIA_API.md`
+
+---
+
+## 📞 Support
+
+- Logs: `docker-compose logs digiserver-app`
+- Health Check: See [DOCKER_EXEC_COMMANDS.md#-health-checks](DOCKER_EXEC_COMMANDS.md#-health-checks)
+- Troubleshooting: See [DEPLOYMENT_README.md#-troubleshooting](DEPLOYMENT_README.md#-troubleshooting)
+
+---
+
+**Ready? Start with:** `./deploy.sh` 🚀
+
+Or read [DEPLOYMENT_README.md](DEPLOYMENT_README.md) for the full guide.

old_code_documentation/DEPLOYMENT_README.md

@@ -0,0 +1,433 @@
+# DigiServer Deployment Guide
+
+Complete guide for deploying DigiServer on a new PC with automatic or manual configuration.
+
+## 📋 Table of Contents
+
+1. [Quick Start](#quick-start)
+2. [Prerequisites](#prerequisites)
+3. [Deployment Methods](#deployment-methods)
+4. [Verification](#verification)
+5. [Documentation Files](#documentation-files)
+6. [Troubleshooting](#troubleshooting)
+
+---
+
+## 🚀 Quick Start
+
+The fastest way to deploy DigiServer on a new PC:
+
+```bash
+# 1. Clone or copy the project to your new PC
+cd /path/to/digiserver-v2
+
+# 2. Run the automated deployment script
+./deploy.sh
+```
+
+That's it! The script will:
+- ✅ Start all Docker containers
+- ✅ Run all database migrations
+- ✅ Configure HTTPS with self-signed certificates
+- ✅ Verify the setup
+- ✅ Display access URLs
+
+---
+
+## 📋 Prerequisites
+
+Before deploying, ensure you have:
+
+### 1. Docker & Docker Compose
+```bash
+# Check Docker installation
+docker --version
+
+# Check Docker Compose installation
+docker-compose --version
+```
+
+If not installed, follow the official guides:
+- [Docker Installation](https://docs.docker.com/install/)
+- [Docker Compose Installation](https://docs.docker.com/compose/install/)
+
+### 2. Project Files
+```bash
+# You should have these files in the project directory:
+ls -la
+# Caddyfile          - Reverse proxy configuration
+# docker-compose.yml - Docker services definition
+# setup_https.sh     - Manual setup script
+# deploy.sh          - Automated deployment script
+# requirements.txt   - Python dependencies
+```
+
+### 3. Sufficient Disk Space
+- ~2GB for Docker images and volumes
+- Additional space for your content/uploads
+
+### 4. Network Access
+- Ports 80, 443 available (or configure in docker-compose.yml)
+- Port 2019 for Caddy admin API (internal only)
+
+---
+
+## 🎯 Deployment Methods
+
+### Method 1: Fully Automated (Recommended)
+
+```bash
+cd /path/to/digiserver-v2
+./deploy.sh
+```
+
+**What it does:**
+1. Starts Docker containers
+2. Runs all migrations
+3. Configures HTTPS
+4. Verifies setup
+5. Shows access URLs
+
+**Configuration variables** (can be customized):
+```bash
+# Use environment variables to customize
+HOSTNAME=digiserver \
+DOMAIN=digiserver.sibiusb.harting.intra \
+IP_ADDRESS=10.76.152.164 \
+EMAIL=admin@example.com \
+PORT=443 \
+./deploy.sh
+```
+
+---
+
+### Method 2: Semi-Automated Setup
+
+```bash
+cd /path/to/digiserver-v2
+./setup_https.sh
+```
+
+**What it does:**
+1. Starts containers (if needed)
+2. Runs all migrations
+3. Configures HTTPS with production settings
+4. Shows status
+
+---
+
+### Method 3: Manual Step-by-Step
+
+#### Step 1: Start Containers
+```bash
+cd /path/to/digiserver-v2
+docker-compose up -d
+```
+
+Wait for containers to be ready (check with `docker-compose ps`).
+
+#### Step 2: Run Migrations
+```bash
+# Migration 1: HTTPS Config
+docker-compose exec -T digiserver-app python /app/migrations/add_https_config_table.py
+
+# Migration 2: Player User
+docker-compose exec -T digiserver-app python /app/migrations/add_player_user_table.py
+
+# Migration 3: Email
+docker-compose exec -T digiserver-app python /app/migrations/add_email_to_https_config.py
+
+# Migration 4: Player User Global
+docker-compose exec -T digiserver-app python /app/migrations/migrate_player_user_global.py
+```
+
+#### Step 3: Configure HTTPS
+```bash
+docker-compose exec -T digiserver-app python /app/https_manager.py enable \
+    digiserver \
+    digiserver.sibiusb.harting.intra \
+    admin@example.com \
+    10.76.152.164 \
+    443
+```
+
+#### Step 4: Verify Status
+```bash
+docker-compose exec -T digiserver-app python /app/https_manager.py status
+```
+
+---
+
+## ✅ Verification
+
+### Check Container Status
+```bash
+docker-compose ps
+```
+
+Expected output:
+```
+NAME               SERVICE         STATUS                    PORTS
+digiserver-v2      digiserver-app  Up (healthy)              5000/tcp
+digiserver-caddy   caddy           Up                        80, 443, 2019/tcp
+```
+
+### Test HTTPS Access
+```bash
+# From the same network (if DNS configured)
+curl -k https://digiserver.sibiusb.harting.intra
+
+# Or from container
+docker-compose exec -T caddy wget --no-check-certificate -qO- https://localhost/ | head -10
+```
+
+### Expected Response
+Should show HTML login page with "DigiServer" in the title.
+
+### Check Database
+```bash
+docker-compose exec -T digiserver-app python -c "
+from app.app import create_app
+from sqlalchemy import inspect
+
+app = create_app()
+with app.app_context():
+    inspector = inspect(app.extensions.db.engine)
+    tables = inspector.get_table_names()
+    print('Database tables:', len(tables))
+    for t in sorted(tables):
+        print(f'  ✓ {t}')
+"
+```
+
+---
+
+## 📚 Documentation Files
+
+### 1. `DOCKER_EXEC_COMMANDS.md` ⭐ **START HERE**
+Quick reference for all docker exec commands
+- Database operations
+- User management
+- HTTPS configuration
+- Health checks
+- Maintenance tasks
+
+### 2. `DEPLOYMENT_COMMANDS.md`
+Comprehensive deployment guide
+- Prerequisites
+- Each deployment step explained
+- Complete deployment script template
+- Troubleshooting section
+
+### 3. `deploy.sh` 
+Automated deployment script (executable)
+- Runs all steps automatically
+- Shows progress with colors
+- Configurable via environment variables
+
+### 4. `setup_https.sh`
+Semi-automated setup script (executable)
+- Detects if running in Docker or on host
+- Manual configuration option
+- Detailed output
+
+### 5. `Caddyfile`
+Reverse proxy configuration
+- HTTPS certificate management
+- Domain routing
+- Security headers
+
+### 6. `docker-compose.yml`
+Docker services definition
+- Flask application
+- Caddy reverse proxy
+- Volumes and networks
+
+---
+
+## 🔐 First Access
+
+After deployment:
+
+1. **Access the application**
+   - https://digiserver.sibiusb.harting.intra
+   - https://10.76.152.164
+   - https://digiserver
+
+2. **Log in with default credentials**
+   ```
+   Username: admin
+   Password: admin123
+   ```
+
+3. **⚠️ IMPORTANT: Change the password immediately**
+   - Click on admin user settings
+   - Change default password to a strong password
+
+4. **Configure your system**
+   - Set up players
+   - Upload content
+   - Create groups
+   - Configure playlists
+
+---
+
+## 🆘 Troubleshooting
+
+### Containers Won't Start
+```bash
+# Check logs
+docker-compose logs
+
+# Try rebuilding
+docker-compose down
+docker-compose up -d --build
+```
+
+### Migration Fails
+```bash
+# Check database connection
+docker-compose exec -T digiserver-app python -c "
+from app.app import create_app
+app = create_app()
+print('Database OK')
+"
+
+# Check if tables already exist
+docker-compose exec -T digiserver-app python -c "
+from app.app import create_app
+from sqlalchemy import inspect
+app = create_app()
+with app.app_context():
+    inspector = inspect(app.extensions.db.engine)
+    print('Existing tables:', inspector.get_table_names())
+"
+```
+
+### HTTPS Certificate Issues
+```bash
+# Clear Caddy certificate cache
+docker volume rm digiserver-v2_caddy-data
+docker volume rm digiserver-v2_caddy-config
+
+# Restart Caddy
+docker-compose restart caddy
+```
+
+### Port 80/443 Already in Use
+```bash
+# Find what's using the port
+lsof -i :80  # For port 80
+lsof -i :443 # For port 443
+
+# Stop the conflicting service or change ports in docker-compose.yml
+```
+
+### Can't Access via IP Address
+```bash
+# Verify Caddy is listening
+docker-compose exec -T caddy netstat -tlnp 2>/dev/null | grep -E ':(80|443)'
+
+# Test from container
+docker-compose exec -T caddy wget --no-check-certificate -qO- https://localhost/
+```
+
+### Database Corruption
+```bash
+# Backup current database
+docker-compose exec -T digiserver-app cp /app/instance/digiserver.db /app/instance/digiserver.db.backup
+
+# Reset database (CAUTION: This deletes all data)
+docker-compose exec -T digiserver-app rm /app/instance/digiserver.db
+
+# Restart and re-run migrations
+docker-compose restart digiserver-app
+./setup_https.sh
+```
+
+---
+
+## 📞 More Help
+
+See the detailed documentation files:
+- **Quick Commands**: `DOCKER_EXEC_COMMANDS.md`
+- **Full Guide**: `DEPLOYMENT_COMMANDS.md`
+- **HTTPS Details**: `old_code_documentation/HTTPS_CONFIGURATION.md`
+
+---
+
+## 🔄 Deployment on Different PC
+
+To deploy on a different PC:
+
+1. **Copy project files** to the new PC (or clone from git)
+2. **Ensure Docker and Docker Compose are installed**
+3. **Run deployment script**:
+   ```bash
+   cd /path/to/digiserver-v2
+   ./deploy.sh
+   ```
+4. **Access the application** on the new PC at the configured URLs
+
+All settings will be automatically configured! 🎉
+
+---
+
+## 📋 Environment Variables
+
+You can customize deployment using environment variables:
+
+```bash
+# Customize hostname
+HOSTNAME=myserver ./deploy.sh
+
+# Customize domain
+DOMAIN=myserver.example.com ./deploy.sh
+
+# Customize IP address
+IP_ADDRESS=192.168.1.100 ./deploy.sh
+
+# Customize email
+EMAIL=admin@myserver.com ./deploy.sh
+
+# Customize port
+PORT=8443 ./deploy.sh
+
+# All together
+HOSTNAME=server1 \
+DOMAIN=server1.internal \
+IP_ADDRESS=192.168.1.100 \
+EMAIL=admin@server1.com \
+PORT=443 \
+./deploy.sh
+```
+
+---
+
+## ✨ Features
+
+✅ Automated HTTPS with self-signed certificates
+✅ Multi-access (hostname, domain, IP address)
+✅ Automatic reverse proxy with Caddy
+✅ Docker containerized (easy deployment)
+✅ Complete database schema with migrations
+✅ Admin dashboard for configuration
+✅ User management
+✅ Player management
+✅ Content/Playlist management
+✅ Group management
+
+---
+
+## 📝 Notes
+
+- Default SSL certificates are **self-signed** (internal use)
+- For production with Let's Encrypt, edit the Caddyfile
+- Keep database backups before major changes
+- Default credentials are in the code; change them in production
+- All logs available via `docker-compose logs`
+
+---
+
+**Ready to deploy? Run:** `./deploy.sh` 🚀
+