feat: enhanced capture queue with multi-type conversion, and bottom menu bar for cell phones

project-docs/lifeos-setup.sh

@@ -0,0 +1,263 @@
+#!/bin/bash
+# =============================================================================
+# Life OS Infrastructure Setup Script
+# Server: defiant-01 (46.225.166.142) - Ubuntu 24.04 LTS
+# Run as: root
+# Purpose: Repeatable setup of Life OS DEV and PROD environments on Hetzner VM
+# =============================================================================
+# USAGE:
+#   Full run:        bash lifeos-setup.sh
+#   Single section:  bash lifeos-setup.sh network
+#                    bash lifeos-setup.sh database
+#                    bash lifeos-setup.sh app
+#                    bash lifeos-setup.sh nginx
+#                    bash lifeos-setup.sh ssl
+# =============================================================================
+
+set -e  # Exit on any error
+
+# --- Configuration -----------------------------------------------------------
+LIFEOS_NETWORK="lifeos_network"
+DB_CONTAINER="lifeos-db"
+DB_IMAGE="postgres:16-alpine"
+DB_PROD="lifeos_prod"
+DB_DEV="lifeos_dev"
+APP_PROD_CONTAINER="lifeos-prod"
+APP_DEV_CONTAINER="lifeos-dev"
+APP_PROD_PORT="8002"
+APP_DEV_PORT="8003"
+DOMAIN_PROD="lifeos.invixiom.com"
+DOMAIN_DEV="lifeos-dev.invixiom.com"
+CERT_PATH="/etc/letsencrypt/live/kasm.invixiom.com"
+LIFEOS_DIR="/opt/lifeos"
+# DB passwords - change these before running
+DB_PROD_PASSWORD="CHANGE_ME_PROD"
+DB_DEV_PASSWORD="CHANGE_ME_DEV"
+# -----------------------------------------------------------------------------
+
+section() {
+    echo ""
+    echo "=============================================="
+    echo "  $1"
+    echo "=============================================="
+}
+
+# =============================================================================
+# SECTION 1: Docker Network
+# =============================================================================
+setup_network() {
+    section "SECTION 1: Docker Network"
+
+    if docker network ls | grep -q "$LIFEOS_NETWORK"; then
+        echo "Network $LIFEOS_NETWORK already exists, skipping."
+    else
+        docker network create "$LIFEOS_NETWORK"
+        echo "Created network: $LIFEOS_NETWORK"
+    fi
+
+    docker network ls | grep lifeos
+}
+
+# =============================================================================
+# SECTION 2: PostgreSQL Container
+# =============================================================================
+setup_database() {
+    section "SECTION 2: PostgreSQL Container"
+
+    if docker ps -a | grep -q "$DB_CONTAINER"; then
+        echo "Container $DB_CONTAINER already exists, skipping creation."
+    else
+        docker run -d \
+            --name "$DB_CONTAINER" \
+            --network "$LIFEOS_NETWORK" \
+            --restart unless-stopped \
+            -e POSTGRES_PASSWORD="$DB_PROD_PASSWORD" \
+            -v lifeos_db_data:/var/lib/postgresql/data \
+            "$DB_IMAGE"
+        echo "Created container: $DB_CONTAINER"
+
+        echo "Waiting for Postgres to be ready..."
+        sleep 5
+    fi
+
+    # Create PROD database
+    docker exec "$DB_CONTAINER" psql -U postgres -tc \
+        "SELECT 1 FROM pg_database WHERE datname='$DB_PROD'" | grep -q 1 || \
+        docker exec "$DB_CONTAINER" psql -U postgres \
+        -c "CREATE DATABASE $DB_PROD;"
+
+    # Create DEV database
+    docker exec "$DB_CONTAINER" psql -U postgres -tc \
+        "SELECT 1 FROM pg_database WHERE datname='$DB_DEV'" | grep -q 1 || \
+        docker exec "$DB_CONTAINER" psql -U postgres \
+        -c "CREATE DATABASE $DB_DEV;"
+
+    # Create DEV user with separate password
+    docker exec "$DB_CONTAINER" psql -U postgres -tc \
+        "SELECT 1 FROM pg_roles WHERE rolname='lifeos_dev'" | grep -q 1 || \
+        docker exec "$DB_CONTAINER" psql -U postgres \
+        -c "CREATE USER lifeos_dev WITH PASSWORD '$DB_DEV_PASSWORD';"
+
+    docker exec "$DB_CONTAINER" psql -U postgres \
+        -c "GRANT ALL PRIVILEGES ON DATABASE $DB_DEV TO lifeos_dev;"
+
+    echo "Databases ready:"
+    docker exec "$DB_CONTAINER" psql -U postgres -c "\l" | grep lifeos
+}
+
+# =============================================================================
+# SECTION 3: Application Directory Structure
+# =============================================================================
+setup_app_dirs() {
+    section "SECTION 3: Application Directory Structure"
+
+    mkdir -p "$LIFEOS_DIR/prod"
+    mkdir -p "$LIFEOS_DIR/dev"
+    mkdir -p "$LIFEOS_DIR/prod/files"
+    mkdir -p "$LIFEOS_DIR/dev/files"
+
+    echo "Created directory structure:"
+    ls -la "$LIFEOS_DIR"
+}
+
+# =============================================================================
+# SECTION 4: Nginx Configuration
+# (Run after app containers are up and SSL cert is expanded)
+# =============================================================================
+setup_nginx() {
+    section "SECTION 4: Nginx Virtual Hosts"
+
+    # Add Life OS PROD and DEV server blocks to existing invixiom config
+    # We append to the existing file - kasm/files/code blocks remain untouched
+
+    if grep -q "$DOMAIN_PROD" /etc/nginx/sites-available/invixiom; then
+        echo "Nginx config for $DOMAIN_PROD already exists, skipping."
+    else
+        cat >> /etc/nginx/sites-available/invixiom << EOF
+
+server {
+    listen 443 ssl;
+    server_name $DOMAIN_PROD;
+    ssl_certificate $CERT_PATH/fullchain.pem;
+    ssl_certificate_key $CERT_PATH/privkey.pem;
+    location / {
+        proxy_pass http://127.0.0.1:$APP_PROD_PORT;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade \$http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host \$host;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+    }
+}
+
+server {
+    listen 443 ssl;
+    server_name $DOMAIN_DEV;
+    ssl_certificate $CERT_PATH/fullchain.pem;
+    ssl_certificate_key $CERT_PATH/privkey.pem;
+    location / {
+        proxy_pass http://127.0.0.1:$APP_DEV_PORT;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade \$http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host \$host;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+    }
+}
+EOF
+        echo "Added Nginx config for $DOMAIN_PROD and $DOMAIN_DEV"
+    fi
+
+    # Add new domains to the HTTP->HTTPS redirect block
+    # (manual step - see notes below)
+    echo ""
+    echo "NOTE: Also add $DOMAIN_PROD and $DOMAIN_DEV to the server_name line"
+    echo "in the HTTP redirect block at the top of /etc/nginx/sites-available/invixiom"
+
+    # Test and reload
+    nginx -t && systemctl reload nginx
+    echo "Nginx reloaded."
+}
+
+# =============================================================================
+# SECTION 5: SSL Certificate Expansion
+# (Expand Let's Encrypt cert to cover new subdomains)
+# =============================================================================
+setup_ssl() {
+    section "SECTION 5: SSL Certificate Expansion"
+
+    certbot certonly --nginx \
+        -d kasm.invixiom.com \
+        -d files.invixiom.com \
+        -d code.invixiom.com \
+        -d "$DOMAIN_PROD" \
+        -d "$DOMAIN_DEV" \
+        --expand
+
+    systemctl reload nginx
+    echo "SSL cert expanded and Nginx reloaded."
+}
+
+# =============================================================================
+# MAIN
+# =============================================================================
+case "${1:-all}" in
+    network)   setup_network ;;
+    database)  setup_database ;;
+    dirs)      setup_app_dirs ;;
+    nginx)     setup_nginx ;;
+    ssl)       setup_ssl ;;
+    all)
+        setup_network
+        setup_database
+        setup_app_dirs
+        # nginx and ssl run after app containers are built
+        echo ""
+        echo "=============================================="
+        echo "  Sections 1-3 complete."
+        echo "  Next: build Life OS Docker image, then run:"
+        echo "    bash lifeos-setup.sh ssl"
+        echo "    bash lifeos-setup.sh nginx"
+        echo "=============================================="
+        ;;
+    *)
+        echo "Unknown section: $1"
+        echo "Usage: bash lifeos-setup.sh [network|database|dirs|nginx|ssl|all]"
+        exit 1
+        ;;
+esac
+
+# =============================================================================
+# SECTION 6: Data Migration (reference - already completed)
+# Documents the steps used to migrate Supabase prod data to lifeos_prod
+# =============================================================================
+setup_migration_notes() {
+    section "SECTION 6: Data Migration Notes"
+    echo "Migration completed 2026-02-27"
+    echo ""
+    echo "Steps used:"
+    echo "  1. Exported data from Supabase using Python supabase client (supabase_export.py)"
+    echo "  2. Applied schema: docker exec -i lifeos-db psql -U postgres -d lifeos_prod < lifeos_schema_r0.sql"
+    echo "  3. Imported data: docker exec -i lifeos-db psql -U postgres -d lifeos_prod < lifeos_export.sql"
+    echo ""
+    echo "Final row counts:"
+    docker exec lifeos-db psql -U postgres -d lifeos_prod -c "
+        SELECT 'domains' as table_name, count(*) FROM domains UNION ALL
+        SELECT 'areas', count(*) FROM areas UNION ALL
+        SELECT 'projects', count(*) FROM projects UNION ALL
+        SELECT 'tasks', count(*) FROM tasks UNION ALL
+        SELECT 'notes', count(*) FROM notes UNION ALL
+        SELECT 'links', count(*) FROM links UNION ALL
+        SELECT 'files', count(*) FROM files UNION ALL
+        SELECT 'daily_focus', count(*) FROM daily_focus UNION ALL
+        SELECT 'capture', count(*) FROM capture UNION ALL
+        SELECT 'context_types', count(*) FROM context_types;
+    "
+    echo ""
+    echo "Note: files table is empty - Supabase Storage paths are obsolete."
+    echo "File uploads start fresh in Release 1 using local storage."
+}