From a9388a5176585e673e8f8b886bd40a2276993458 Mon Sep 17 00:00:00 2001
From: candifloss <candifloss@candifloss.cc>
Date: Mon, 7 Apr 2025 12:15:51 +0530
Subject: [PATCH] Add: Example nginx conf & systemd service

- Add sample nginx conf file with ssl support
- Add systemd service that keeps app running
---
 extra/assettrack.nginx.conf | 36 ++++++++++++++++++++++++++++++++++++
 extra/assettrack.service    | 20 ++++++++++++++++++++
 2 files changed, 56 insertions(+)
 create mode 100644 extra/assettrack.nginx.conf
 create mode 100644 extra/assettrack.service

diff --git a/extra/assettrack.nginx.conf b/extra/assettrack.nginx.conf
new file mode 100644
index 0000000..72047a0
--- /dev/null
+++ b/extra/assettrack.nginx.conf
@@ -0,0 +1,36 @@
+# Example nginx config
+server {
+    listen 80;
+    server_name your-domain.com;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name your-domain.com;
+
+    # SSL Configuration (Replace with your paths)
+    ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
+    
+    # Security Headers
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    add_header X-Content-Type-Options nosniff;
+    add_header X-Frame-Options DENY;
+
+    # Proxy Configuration
+    location / {
+        proxy_pass http://unix:/opt/assettrack/assettrack.sock;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # Static Files
+    location /static {
+        alias /opt/assettrack/static;
+        expires 30d;
+        access_log off;
+    }
+}
\ No newline at end of file
diff --git a/extra/assettrack.service b/extra/assettrack.service
new file mode 100644
index 0000000..d012a10
--- /dev/null
+++ b/extra/assettrack.service
@@ -0,0 +1,20 @@
+[Unit]
+Description=AssetTrack Inventory System
+After=network.target mysql.service
+
+[Service]
+User=assettrack
+Group=assettrack
+WorkingDirectory=/opt/assettrack
+Environment="PATH=/usr/bin"
+Environment="FLASK_ENV=production"
+Environment="FLASK_SECRET_KEY=your-generated-secret-key-here"
+
+# Using Gunicorn as WSGI server
+ExecStart=/usr/bin/gunicorn --workers 3 --bind unix:/opt/assettrack/assettrack.sock -m 007 app:app
+
+Restart=always
+RestartSec=5
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file