Initial commit: enterprise digital platform with portal SSO, DigiServer, IT Assets, NetworkView, Server Monitor

digiserver-v2/old_code_documentation/HTTPS_SETUP.md

@@ -0,0 +1,75 @@
+# DigiServer v2 - HTTPS Setup with Caddy
+
+This setup uses **Caddy** as a reverse proxy with automatic HTTPS via Let's Encrypt.
+
+## Quick Setup
+
+### 1. Configure Domain
+Create a `.env` file or edit the existing one:
+
+```bash
+cp .env.example .env
+```
+
+Edit `.env` and set:
+```
+DOMAIN=your-domain.com
+EMAIL=admin@your-domain.com
+```
+
+### 2. Point Your Domain
+Make sure your domain's DNS A record points to your server's IP address.
+
+### 3. Start Services
+```bash
+docker compose up -d
+```
+
+That's it! Caddy will **automatically**:
+- Obtain SSL certificates from Let's Encrypt
+- Renew certificates before expiration
+- Redirect HTTP to HTTPS
+- Enable HTTP/2 and HTTP/3
+
+## Access Your Site
+
+- **HTTP**: http://your-domain.com (redirects to HTTPS)
+- **HTTPS**: https://your-domain.com
+
+## Testing Locally (Without Domain)
+
+If you don't have a domain yet, leave DOMAIN as `localhost`:
+```
+DOMAIN=localhost
+```
+
+Then access: http://localhost (no HTTPS, but app works)
+
+## Certificate Storage
+
+SSL certificates are stored in Docker volumes:
+- `caddy-data` - Certificate data
+- `caddy-config` - Caddy configuration
+
+## Troubleshooting
+
+### Check Caddy logs:
+```bash
+docker logs digiserver-caddy
+```
+
+### Verify certificates:
+```bash
+docker exec digiserver-caddy caddy list-certificates
+```
+
+### Force certificate renewal:
+```bash
+docker exec digiserver-caddy caddy reload --config /etc/caddy/Caddyfile
+```
+
+## Port Forwarding
+
+Make sure your firewall/router allows:
+- Port 80 (HTTP - for Let's Encrypt challenge)
+- Port 443 (HTTPS)