Add Nixpacks configuration files for backend and frontend services; create Coolify deployment guide and Nginx reverse proxy configuration

Co-authored-by: Copilot <copilot@github.com>

docs/deployment/coolify.md

@@ -0,0 +1,197 @@
+# Coolify Deployment Guide
+
+This guide covers deploying `ai.allucanget.biz` using [Coolify](https://coolify.io) from the repository `https://git.allucanget.biz/allucanget/ai.allucanget.biz.git`.
+
+## Architecture Overview
+
+The application consists of two Python services:
+
+| Service  | Framework         | Port | Description                                |
+| -------- | ----------------- | ---- | ------------------------------------------ |
+| Backend  | FastAPI + uvicorn | 8000 | REST API, auth, AI generation, DuckDB      |
+| Frontend | Flask + gunicorn  | 5000 | SSR web UI, session auth, proxy to backend |
+
+Coolify's built-in reverse proxy routes traffic:
+
+- `/api/*` → Backend (port 8000)
+- `/` → Frontend (port 5000)
+
+## Prerequisites
+
+- A Coolify instance (self-hosted or Cloud)
+- Git repository pushed to `https://git.allucanget.biz/allucanget/ai.allucanget.biz.git`
+- Domain configured to point to your Coolify server
+
+## Step 1: Create Backend Service
+
+1. In Coolify, click **Add Resource** → **Deploy a new resource** → **Git**
+2. Connect your Git repository (`git.allucanget.biz`)
+3. Select the `ai.allucanget.biz` repository
+4. Choose the `main` branch
+5. Set **Build Pack** to `nixpacks`
+6. Set **Base Directory** to `/backend`
+7. Set **Ports Exposed** to `8000`
+8. Set **Start Command** to:
+   ```txt
+   uvicorn backend.app.main:app --host 0.0.0.0 --port 8000
+   ```
+9. Click **Create Resource**
+
+### Backend Environment Variables
+
+Add these as **Runtime** environment variables in Coolify:
+
+| Variable             | Description                          | Example                              |
+| -------------------- | ------------------------------------ | ------------------------------------ |
+| `OPENROUTER_API_KEY` | OpenRouter API key for AI generation | `sk-or-v1-...`                       |
+| `JWT_SECRET`         | Secret key for JWT token signing     | Generate with `openssl rand -hex 32` |
+| `APP_URL`            | Public URL of the backend            | `https://api.ai.allucanget.biz`      |
+| `APP_NAME`           | Application name                     | `AI Allucanget`                      |
+| `CORS_ORIGINS`       | Comma-separated allowed origins      | `https://ai.allucanget.biz`          |
+
+## Step 2: Create Frontend Service
+
+1. In Coolify, click **Add Resource** → **Deploy a new resource** → **Git**
+2. Select the same repository
+3. Choose the `main` branch
+4. Set **Build Pack** to `nixpacks`
+5. Set **Base Directory** to `/frontend`
+6. Set **Ports Exposed** to `5000`
+7. Set **Start Command** to:
+   ```txt
+   gunicorn frontend.app.main:app --bind 0.0.0.0:5000 --workers 2 --timeout 120
+   ```
+8. Click **Create Resource**
+
+### Frontend Environment Variables
+
+Add these as **Runtime** environment variables in Coolify:
+
+| Variable           | Description                               | Example                                                        |
+| ------------------ | ----------------------------------------- | -------------------------------------------------------------- |
+| `FLASK_SECRET_KEY` | Flask session cookie signing key          | Generate with `openssl rand -hex 32`                           |
+| `BACKEND_URL`      | Internal URL to reach the backend service | `http://localhost:8000` (or use Coolify's internal networking) |
+
+## Step 3: Configure Reverse Proxy
+
+Coolify provides a built-in reverse proxy. Configure routing rules:
+
+### Backend Proxy Rules
+
+- **Domain**: `api.ai.allucanget.biz` (or subdomain of your choice)
+- **Port**: `8000`
+- **Path**: `/api/*` → forward to backend
+
+### Frontend Proxy Rules
+
+- **Domain**: `ai.allucanget.biz`
+- **Port**: `5000`
+- **Path**: `/` → forward to frontend
+
+### Nginx Configuration (Optional)
+
+If you need custom Nginx configuration, create `nginx/coolify.conf`:
+
+```nginx
+# Reverse proxy configuration for Coolify
+# This file is for reference — Coolify's built-in proxy handles routing
+
+# Backend API proxy
+location /api/ {
+    proxy_pass http://backend:8000;
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+}
+
+# Frontend proxy
+location / {
+    proxy_pass http://frontend:5000;
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+}
+```
+
+## Step 4: SSL/TLS
+
+Enable HTTPS in Coolify for both services:
+
+1. Go to each service's settings
+2. Enable **Auto HTTPS** (Let's Encrypt)
+3. Configure domain names
+4. Coolify automatically handles certificate renewal
+
+## Step 5: Persistent Storage (Optional)
+
+If you want to persist DuckDB data:
+
+1. In Coolify, go to the **Backend** service
+2. Navigate to **Persistent Storage**
+3. Add a volume mount:
+   - **Host Path**: `/data` (or any path on the host)
+   - **Container Path**: `/app/data`
+   - **Type**: `Bind Mount` or `Volume`
+
+## Troubleshooting
+
+### Backend won't start
+
+- Check that `OPENROUTER_API_KEY` is set
+- Verify `JWT_SECRET` is a sufficiently long random string
+- Check logs in Coolify's **Logs** tab
+
+### Frontend can't reach backend
+
+- Ensure `BACKEND_URL` points to the correct internal URL
+- If both services are on the same Coolify server, use `http://localhost:8000`
+- Check that the backend service is running and healthy
+
+### CORS errors
+
+- Set `CORS_ORIGINS` to include your frontend domain
+- Example: `https://ai.allucanget.biz`
+
+### Nixpacks build fails
+
+- Verify the base directory is correct (`/backend` or `/frontend`)
+- Check that `requirements.txt` exists in the base directory
+- Review build logs in Coolify
+
+## Environment Variable Summary
+
+All required environment variables:
+
+| Variable             | Service  | Required                         |
+| -------------------- | -------- | -------------------------------- |
+| `OPENROUTER_API_KEY` | Backend  | Yes                              |
+| `JWT_SECRET`         | Backend  | Yes                              |
+| `APP_URL`            | Backend  | Yes                              |
+| `APP_NAME`           | Backend  | No (defaults to "AI Allucanget") |
+| `CORS_ORIGINS`       | Backend  | Yes                              |
+| `FLASK_SECRET_KEY`   | Frontend | Yes                              |
+| `BACKEND_URL`        | Frontend | Yes                              |
+
+## Deployment Checklist
+
+- [ ] Repository pushed to Git
+- [ ] Backend service created with correct base directory (`/backend`)
+- [ ] Backend environment variables configured
+- [ ] Frontend service created with correct base directory (`/frontend`)
+- [ ] Frontend environment variables configured
+- [ ] SSL certificates enabled
+- [ ] Domain names configured
+- [ ] Health checks passing
+- [ ] Logs reviewed for errors
+
+## Nixpacks Configuration
+
+The project includes Nixpacks configuration files for both services:
+
+- `nixpacks.toml` — Shared configuration (Python version, packages)
+- `backend/nixpacks.toml` — Backend-specific (uvicorn, port 8000)
+- `frontend/nixpacks.toml` — Frontend-specific (gunicorn, port 5000)
+
+Nixpacks automatically detects Python projects and installs dependencies from `requirements.txt`. No additional configuration is needed for basic deployments.