.env.example

@@ -2,7 +2,7 @@
 APP_ENV=production
 APP_DEBUG=false
 APP_KEY=base64:YOUR_APP_KEY_HERE
-APP_URL=https://merchbay-admin.yourdomain.com
+APP_URL=https://merchbay.com
 
 # Database Configuration - External MySQL
 DB_CONNECTION=mysql
@@ -13,7 +13,7 @@ DB_USERNAME=your-mysql-user
 DB_PASSWORD=your-mysql-password
 
 # Traefik Domain Configuration
-DOMAIN=merchbay-admin.yourdomain.com
+DOMAIN=merchbay.com
 
 # Cache & Session
 CACHE_DRIVER=file

.gitea/workflows/deploy.yml

@@ -74,13 +74,13 @@ jobs:
             cat > .env << EOF
             APP_ENV=production
             APP_DEBUG=false
-            APP_URL=https://merchbay.app
+            APP_URL=https://merchbay.com
             DB_HOST=${{ secrets.PROD_DB_HOST }}
             DB_PORT=${{ secrets.PROD_DB_PORT || 3306 }}
             DB_DATABASE=${{ secrets.PROD_DB_DATABASE }}
             DB_USERNAME=${{ secrets.PROD_DB_USERNAME }}
             DB_PASSWORD=${{ secrets.PROD_DB_PASSWORD }}
-            DOMAIN=merchbay.app
+            DOMAIN=merchbay.com
             EOF
             
             # Stop existing container (disconnect from Traefik network gracefully)
@@ -93,8 +93,8 @@ jobs:
             docker network inspect traefik-public >/dev/null 2>&1 || docker network create traefik-public
             
             # Update docker-compose for production
-            export DOMAIN=merchbay.app
+            export DOMAIN=merchbay.com
-            export APP_URL=https://merchbay.app
+            export APP_URL=https://merchbay.com
             
             # Start the application (will auto-connect to Traefik with paid SSL)
             docker compose up -d
@@ -114,9 +114,9 @@ jobs:
             rm -rf /tmp/merchbay_admin_deploy
             
             echo "Production deployment completed successfully!"
-            echo "Application available at: https://merchbay.app"
+            echo "Application available at: https://merchbay.com"
 
       - name: Health Check
         run: |
           sleep 10
-          curl -f https://merchbay.app || exit 1
+          curl -f https://merchbay.com || exit 1

TRAEFIK-SSL-CONFIG.md

@@ -51,19 +51,17 @@ You should have these files from your SSL provider:
 Create a combined certificate file:
 
 ```bash
-# Create SSL directory in Traefik
+# Your SSL certificates are in /srv/certs
-mkdir -p /opt/traefik/certs
+# Verify files exist
-
+ls -la /srv/certs/
-# Copy your certificate and key
-sudo cp merchbay.app.crt /opt/traefik/certs/
-sudo cp merchbay.app.key /opt/traefik/certs/
 
 # If you have a CA bundle, create a full chain
-cat merchbay.app.crt ca-bundle.crt > /opt/traefik/certs/merchbay.app-fullchain.crt
+cd /srv/certs
+cat merchbay.app.crt ca-bundle.crt > merchbay.app-fullchain.crt
 
 # Set proper permissions
-sudo chmod 600 /opt/traefik/certs/*.key
+sudo chmod 600 /srv/certs/*.key
-sudo chmod 644 /opt/traefik/certs/*.crt
+sudo chmod 644 /srv/certs/*.crt
 ```
 
 ### Step 2: Configure Traefik File Provider
@@ -77,18 +75,18 @@ sudo nano /opt/traefik/dynamic/certs.yml
 Add:
 
 ```yaml
-# /opt/traefik/dynamic/certs.yml
+# /opt/traefik/dynamic/certs.yml or your Traefik dynamic config location
 tls:
   certificates:
-    - certFile: /certs/merchbay.app-fullchain.crt
+    - certFile: /srv/certs/merchbay.app-fullchain.crt
-      keyFile: /certs/merchbay.app.key
+      keyFile: /srv/certs/merchbay.app.key
       stores:
         - default
   stores:
     default:
       defaultCertificate:
-        certFile: /certs/merchbay.app-fullchain.crt
+        certFile: /srv/certs/merchbay.app-fullchain.crt
-        keyFile: /certs/merchbay.app.key
+        keyFile: /srv/certs/merchbay.app.key
 ```
 
 ### Step 3: Update Traefik docker-compose.yml
@@ -112,7 +110,7 @@ services:
       - "--certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web"
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
-      - /opt/traefik/certs:/certs:ro
+      - /srv/certs:/srv/certs:ro
       - /opt/traefik/dynamic:/etc/traefik/dynamic:ro
       - traefik-letsencrypt:/letsencrypt
     networks:
@@ -221,7 +219,7 @@ echo | openssl s_client -servername merchbay.app -connect merchbay.app:443 2>/de
 1. Visit https://dev.merchbay.app
    - Certificate should be issued by "Let's Encrypt Authority X3"
    
-2. Visit https://merchbay.app
+2. Visit https://merchbay.com
    - Certificate should be issued by your paid SSL provider
 
 ## Troubleshooting
@@ -245,24 +243,24 @@ dig dev.merchbay.app +short
 
 ```bash
 # Verify Traefik can read certificates
-docker exec traefik ls -l /certs/
+docker exec traefik ls -l /srv/certs/
 
 # Check dynamic configuration is loaded
 docker exec traefik cat /etc/traefik/dynamic/certs.yml
 
 # Verify certificate format
-openssl x509 -in /opt/traefik/certs/merchbay.app-fullchain.crt -text -noout
+openssl x509 -in /srv/certs/merchbay.app-fullchain.crt -text -noout
 
 # Check private key
-openssl rsa -in /opt/traefik/certs/merchbay.app.key -check
+openssl rsa -in /srv/certs/merchbay.app.key -check
 ```
 
 ### Certificate Mismatch
 
 ```bash
 # Verify certificate and key match
-openssl x509 -noout -modulus -in /opt/traefik/certs/merchbay.app.crt | openssl md5
+openssl x509 -noout -modulus -in /srv/certs/merchbay.app.crt | openssl md5
-openssl rsa -noout -modulus -in /opt/traefik/certs/merchbay.app.key | openssl md5
+openssl rsa -noout -modulus -in /srv/certs/merchbay.app.key | openssl md5
 # Both should output the same hash
 ```
 
@@ -277,7 +275,7 @@ Automatic renewal every 60 days. No action needed.
 Before certificate expiration:
 
 1. Download new certificate from your SSL provider
-2. Update files in `/opt/traefik/certs/`
+2. Update files in `/srv/certs/`
 3. Restart Traefik: `docker compose restart traefik`
 4. Verify: `curl -vI https://merchbay.app`
 

docker-compose.portainer.yml

@@ -12,7 +12,7 @@ services:
     environment:
       - APP_ENV=production
       - APP_DEBUG=false
-      - APP_URL=https://merchbay.app
+      - APP_URL=https://merchbay.com
       - DB_CONNECTION=mysql
       - DB_HOST=your-mysql-host
       - DB_PORT=3306
@@ -22,18 +22,16 @@ services:
     volumes:
       - app_storage:/var/www/html/storage
       - app_uploads:/var/www/html/public/uploads
-      # Mount paid SSL certificates
-      - /path/to/ssl/certs:/etc/ssl/certs:ro
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.merchbay-admin.rule=Host(`merchbay.app`)"
+      - "traefik.http.routers.merchbay-admin.rule=Host(`merchbay.com`)"
       - "traefik.http.routers.merchbay-admin.entrypoints=websecure"
       - "traefik.http.routers.merchbay-admin.tls=true"
       # Use custom TLS configuration (file provider for paid cert)
       # Ensure Traefik has file provider configured with your paid SSL cert
       - "traefik.http.services.merchbay-admin.loadbalancer.server.port=80"
       # HTTP to HTTPS redirect
-      - "traefik.http.routers.merchbay-admin-http.rule=Host(`merchbay.app`)"
+      - "traefik.http.routers.merchbay-admin-http.rule=Host(`merchbay.com`)"
       - "traefik.http.routers.merchbay-admin-http.entrypoints=web"
       - "traefik.http.routers.merchbay-admin-http.middlewares=https-redirect"
       - "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"