Clean up docker-compose configuration

- Archive deploy-production directory as deploy-production-archived (legacy)
- Add DOCKER_COMPOSE_README.md for documentation
- Main configuration now uses compose.yml with working Paperless integration
- Paperless API URL configured as https://vhtv-stiftung.de/paperless

deploy-production-archived/MIGRATION_PLAN.md

@@ -0,0 +1,325 @@
+# Ubuntu Root Server Migration Plan (217.154.84.225)
+
+This document provides a comprehensive migration plan from your existing Synology deployment to a dedicated Ubuntu 22.04 server, incorporating all new features and lessons learned.
+
+## 🎯 Migration Overview
+
+**From**: Synology NAS (Docker containers)  
+**To**: Ubuntu 22.04 Root Server (217.154.84.225)  
+**Goal**: Production-ready deployment with improved performance and reliability
+
+## 📋 Pre-Migration Checklist
+
+### 1) Current System Assessment ✅
+- [ ] Document current Synology configuration
+- [ ] Create full backup of existing data
+- [ ] Export user accounts and permissions
+- [ ] Document custom configurations
+
+### 2) New Features Since Synology Deployment ✅
+- [ ] **HelpBox System**: Editable info boxes with Markdown support on all "New" creation pages
+- [ ] **Improved Förderung Search**: Enhanced search functionality
+- [ ] **Template Cleanup**: Orphaned recurring payment templates handling
+- [ ] **PDF Export Enhancements**: Better report generation
+- [ ] **Admin Interface Improvements**: Central help box management
+
+### 3) Server Preparation ✅
+- [ ] Ubuntu 22.04 server provisioned (217.154.84.225)
+- [ ] Root access confirmed
+- [ ] Network connectivity verified
+- [ ] DNS configuration planned
+
+## 🚀 Phase 1: Server Setup
+
+### 1.1) Initial Server Configuration
+```bash
+# Connect to server
+ssh root@217.154.84.225
+
+# Run comprehensive setup
+wget https://your-repo.com/server-setup.sh
+chmod +x server-setup.sh
+./server-setup.sh
+```
+
+### 1.2) Security Hardening
+```bash
+# Additional security measures
+apt install -y fail2ban logwatch unattended-upgrades
+
+# Configure fail2ban
+systemctl enable fail2ban
+systemctl start fail2ban
+
+# Set up automatic security updates
+dpkg-reconfigure unattended-upgrades
+```
+
+### 1.3) Monitoring Setup
+```bash
+# Install monitoring tools
+apt install -y htop iotop nethogs ncdu
+
+# Optional: Install monitoring stack
+# docker run -d --name=netdata -p 19999:19999 netdata/netdata
+```
+
+## 🗄️ Phase 2: Data Migration
+
+### 2.1) Backup Current System
+On your Synology NAS:
+```bash
+cd /volume1/docker/stiftung/deploy-synology
+
+# Create comprehensive backup
+sudo docker-compose exec web python manage.py dumpdata \
+  --format=json --indent=2 > full_backup_$(date +%Y%m%d).json
+
+# Create database backup
+sudo docker-compose exec db pg_dump -U stiftung_user -d stiftung \
+  > db_backup_$(date +%Y%m%d).sql
+
+# Backup media files
+tar -czf media_backup_$(date +%Y%m%d).tar.gz ./data/uploads/
+```
+
+### 2.2) Transfer Data to New Server
+```bash
+# From your local machine or Synology
+scp full_backup_*.json root@217.154.84.225:/tmp/
+scp db_backup_*.sql root@217.154.84.225:/tmp/
+scp media_backup_*.tar.gz root@217.154.84.225:/tmp/
+```
+
+## 🏗️ Phase 3: Application Deployment
+
+### 3.1) Code Deployment
+```bash
+# On the new server as stiftung user
+su - stiftung
+cd /opt/stiftung
+
+# Clone latest code
+git clone https://github.com/yourusername/stiftung-starter.git .
+
+# Copy production configuration
+cp deploy-production/docker-compose.prod.yml docker-compose.yml
+cp deploy-production/.env.production .env
+
+# Configure environment variables
+nano .env
+```
+
+### 3.2) Environment Configuration (Updated for Ubuntu)
+```bash
+# Production Environment (.env)
+DEBUG=False
+SECRET_KEY=your-new-production-secret-key
+ALLOWED_HOSTS=217.154.84.225,your-domain.com,localhost
+CSRF_TRUSTED_ORIGINS=https://your-domain.com,http://217.154.84.225
+
+# Database (PostgreSQL 15)
+POSTGRES_DB=stiftung_prod
+POSTGRES_USER=stiftung_user
+POSTGRES_PASSWORD=new-secure-production-password
+
+# Redis Configuration
+REDIS_URL=redis://redis:6379/0
+CELERY_BROKER_URL=redis://redis:6379/0
+CELERY_RESULT_BACKEND=redis://redis:6379/0
+
+# Email Configuration (Production)
+EMAIL_HOST=smtp.your-provider.com
+EMAIL_PORT=587
+EMAIL_HOST_USER=admin@your-domain.com
+EMAIL_HOST_PASSWORD=your-email-password
+EMAIL_USE_TLS=True
+DEFAULT_FROM_EMAIL=admin@your-domain.com
+
+# Backup Configuration
+BACKUP_RETENTION_DAYS=30
+BACKUP_STORAGE_PATH=/opt/stiftung/backups
+
+# New Features Configuration
+HELPBOX_ENABLED=True
+MARKDOWN_EXTENSIONS=nl2br,fenced_code,tables
+```
+
+### 3.3) First Deployment
+```bash
+# Make deploy script executable
+chmod +x deploy-production/deploy.sh
+
+# Run deployment
+./deploy-production/deploy.sh
+```
+
+## 📊 Phase 4: Data Restoration
+
+### 4.1) Database Restoration
+```bash
+# Wait for containers to be ready
+sleep 30
+
+# Restore database structure
+docker compose exec web python manage.py migrate
+
+# Optional: Load data from JSON backup
+docker compose exec web python manage.py loaddata /tmp/full_backup_*.json
+
+# Or restore from SQL dump
+docker compose exec -T db psql -U stiftung_user -d stiftung_prod < /tmp/db_backup_*.sql
+```
+
+### 4.2) Media Files Restoration
+```bash
+# Extract media files
+cd /opt/stiftung
+tar -xzf /tmp/media_backup_*.tar.gz -C app/media/
+
+# Fix permissions
+chown -R stiftung:stiftung app/media/
+```
+
+### 4.3) Create Superuser
+```bash
+# Create new admin user for production
+docker compose exec web python manage.py createsuperuser
+```
+
+## 🌐 Phase 5: Web Server Configuration
+
+### 5.1) Nginx Setup
+```bash
+# Copy nginx configuration
+sudo cp deploy-production/nginx.conf /etc/nginx/sites-available/stiftung
+sudo ln -s /etc/nginx/sites-available/stiftung /etc/nginx/sites-enabled/
+sudo rm -f /etc/nginx/sites-enabled/default
+
+# Test configuration
+sudo nginx -t
+
+# Restart nginx
+sudo systemctl restart nginx
+```
+
+### 5.2) SSL Certificate (Let's Encrypt)
+```bash
+# Install certbot
+sudo apt install -y certbot python3-certbot-nginx
+
+# Obtain SSL certificate
+sudo certbot --nginx -d your-domain.com
+
+# Test auto-renewal
+sudo certbot renew --dry-run
+```
+
+## ✅ Phase 6: Feature Verification
+
+### 6.1) New Features Testing
+- [ ] **HelpBox System**: Test on all creation pages
+  - Destinatär creation page
+  - Unterstützung creation page  
+  - Förderung creation page
+  - Pächter creation page
+  - Länderei creation page
+- [ ] **HelpBox Admin**: Test central management at `/help-box/admin/`
+- [ ] **Förderung Search**: Verify improved search functionality
+- [ ] **PDF Exports**: Test all report generations
+- [ ] **Backup System**: Test backup creation and restoration
+
+### 6.2) Performance Testing
+```bash
+# Test application responsiveness
+curl -I http://217.154.84.225
+
+# Check container resource usage
+docker stats
+
+# Monitor logs
+docker compose logs -f web
+```
+
+## 🔄 Phase 7: Cutover Plan
+
+### 7.1) DNS Update
+- [ ] Update DNS records to point to `217.154.84.225`
+- [ ] Configure reverse DNS if available
+- [ ] Test DNS propagation
+
+### 7.2) Final Data Sync
+```bash
+# Create final backup on Synology
+# Transfer and restore on Ubuntu server
+# Verify data consistency
+```
+
+### 7.3) Go-Live Checklist
+- [ ] All services running (`docker compose ps`)
+- [ ] Application accessible via domain
+- [ ] SSL certificate valid
+- [ ] Admin interface accessible
+- [ ] All new features functional
+- [ ] Backup system operational
+- [ ] Monitoring active
+
+## 📈 Phase 8: Post-Migration
+
+### 8.1) Monitoring Setup
+```bash
+# Set up log rotation
+sudo nano /etc/logrotate.d/stiftung
+
+# Configure system monitoring
+# Set up alerting for critical issues
+```
+
+### 8.2) Backup Strategy
+```bash
+# Configure automated backups
+docker compose exec web python manage.py backup_database
+
+# Set up off-site backup sync
+# Test restore procedures
+```
+
+### 8.3) Performance Optimization
+- [ ] Database query optimization
+- [ ] Static file serving optimization
+- [ ] Container resource tuning
+- [ ] Cache configuration review
+
+## 🚨 Rollback Plan
+
+If issues arise during migration:
+
+1. **Immediate Rollback**: Point DNS back to Synology NAS
+2. **Data Recovery**: Restore from pre-migration backups
+3. **Service Restoration**: Restart Synology services
+4. **Issue Analysis**: Document problems for retry
+
+## 📝 Migration Timeline
+
+**Estimated Duration**: 4-6 hours
+
+- **Phase 1-3**: 2 hours (Setup & Deployment)
+- **Phase 4**: 1 hour (Data Migration)
+- **Phase 5-6**: 1-2 hours (Web Server & Testing)
+- **Phase 7-8**: 1 hour (Cutover & Verification)
+
+## 🔍 Key Improvements vs. Synology
+
+1. **Performance**: Dedicated resources, better I/O
+2. **Reliability**: Professional hosting infrastructure
+3. **Security**: Enhanced firewall and monitoring
+4. **Scalability**: Easy resource upgrades
+5. **Features**: All latest HelpBox and search improvements
+6. **Maintenance**: Simplified backup and update procedures
+
+---
+
+**Migration Date**: `________________`  
+**Migrated By**: `________________`  
+**Verification**: `________________`  
+**Notes**: `________________`