Initial commit: Nexus Mission Control Platform

- ASP.NET Core 10 Backend (JWT Auth, Agent config API) - Vue 3 Frontend (Dashboard, Team, Agents, Config Editor) - PostgreSQL Database - Docker Compose setup - Mission Control Dashboard redesign
2026-06-09 16:31:42 +02:00
commit eeb6174de0
248 changed files with 19706 additions and 0 deletions
@@ -0,0 +1,107 @@
+#!/bin/bash
+# HTTPS-Setup für nexus.noveria.net
+# Auf dem VPS-HOST ausführen!
+
+set -e
+
+echo "=== HTTPS Setup für nexus.noveria.net ==="
+
+SCRIPT_DIR="$(dirname "$(readlink -f "$0")")"
+
+# 1. Zuerst nur HTTP-Config ausrollen (keine SSL-Referenz!)
+echo "[1/5] Installiere HTTP-only Nginx-Config..."
+sudo tee /etc/nginx/sites-available/nexus.noveria.net > /dev/null << 'NGINXEOF'
+server {
+    listen 80;
+    server_name nexus.noveria.net;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/html;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:18880;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+NGINXEOF
+
+sudo ln -sf /etc/nginx/sites-available/nexus.noveria.net /etc/nginx/sites-enabled/
+sudo nginx -t && sudo systemctl reload nginx
+echo "  ✅ HTTP-Config aktiv"
+
+# 2. Firewall
+echo "[2/5] Firewall..."
+if command -v ufw &>/dev/null; then
+    sudo ufw allow 80/tcp 2>/dev/null || true
+    sudo ufw allow 443/tcp 2>/dev/null || true
+    echo "  ✅ ufw: 80+443 offen"
+else
+    echo "  ⏭ ufw nicht installiert"
+fi
+
+# 3. HTTP-Test
+echo "[3/5] Teste HTTP..."
+sleep 1
+STATUS=$(curl -s -o /dev/null -w "%{http_code}" http://nexus.noveria.net)
+echo "  HTTP-Status: $STATUS"
+
+# 4. Zertifikat holen
+echo "[4/5] Fordere Let's-Encrypt-Zertifikat an..."
+sudo certbot certonly --webroot -w /var/www/html -d nexus.noveria.net --non-interactive --agree-tos --email vmbao62@hotmail.de 2>&1 || {
+    echo "  ⚠️  certbot fehlgeschlagen – manuell nachholen:"
+    echo "     sudo certbot --nginx -d nexus.noveria.net"
+    exit 1
+}
+echo "  ✅ Zertifikat erhalten"
+
+# 5. HTTPS-Config ausrollen
+echo "[5/5] Aktiviere HTTPS-Config..."
+sudo tee /etc/nginx/sites-available/nexus.noveria.net > /dev/null << 'NGINXSSL'
+server {
+    listen 80;
+    server_name nexus.noveria.net;
+    location /.well-known/acme-challenge/ {
+        root /var/www/html;
+    }
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl http2;
+    server_name nexus.noveria.net;
+
+    ssl_certificate     /etc/letsencrypt/live/nexus.noveria.net/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/nexus.noveria.net/privkey.pem;
+
+    add_header Strict-Transport-Security "max-age=63072000" always;
+    add_header X-Content-Type-Options nosniff;
+    add_header X-Frame-Options DENY;
+
+    client_max_body_size 16m;
+
+    location / {
+        proxy_pass http://127.0.0.1:18880;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+NGINXSSL
+
+sudo nginx -t && sudo systemctl reload nginx
+echo "  ✅ HTTPS aktiv"
+
+# Test
+echo ""
+sleep 2
+curl -s -o /dev/null -w "HTTPS-Status: %{http_code}\n" https://nexus.noveria.net
+echo ""
+echo "=== Fertig ==="
+echo "Nexus: https://nexus.noveria.net"