From 987badbf8d23d3e3ebdab97edde69e573db80da4 Mon Sep 17 00:00:00 2001
From: Torben Sorensen <torben.sorensen@gmail.com>
Date: Tue, 13 Jan 2026 07:59:27 -0800
Subject: [PATCH] use port 3002 in test

---
 .claude/settings.local.json                   |  3 +-
 .gitignore                                    |  1 +
 ecosystem-test.config.cjs                     |  1 +
 ...able-flyer-crawler-test-projectium-com.txt | 69 +++++++++++++++++++
 4 files changed, 73 insertions(+), 1 deletion(-)
 create mode 100644 etc-nginx-sites-available-flyer-crawler-test-projectium-com.txt

diff --git a/.claude/settings.local.json b/.claude/settings.local.json
index a518a24..e5daaed 100644
--- a/.claude/settings.local.json
+++ b/.claude/settings.local.json
@@ -94,7 +94,8 @@
       "mcp__filesystem__edit_file",
       "Bash(timeout 300 tail:*)",
       "mcp__filesystem__list_allowed_directories",
-      "mcp__memory__add_observations"
+      "mcp__memory__add_observations",
+      "Bash(ssh:*)"
     ]
   }
 }
diff --git a/.gitignore b/.gitignore
index 57be537..20e4bc0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -37,3 +37,4 @@ test-output.txt
 Thumbs.db
 .claude
 nul
+tmpclaude*
diff --git a/ecosystem-test.config.cjs b/ecosystem-test.config.cjs
index 39c3c7f..2090c27 100644
--- a/ecosystem-test.config.cjs
+++ b/ecosystem-test.config.cjs
@@ -72,6 +72,7 @@ module.exports = {
       min_uptime: '10s',
       env: {
         NODE_ENV: 'test',
+        PORT: 3002,
         WORKER_LOCK_DURATION: '120000',
         ...sharedEnv,
       },
diff --git a/etc-nginx-sites-available-flyer-crawler-test-projectium-com.txt b/etc-nginx-sites-available-flyer-crawler-test-projectium-com.txt
new file mode 100644
index 0000000..e317e03
--- /dev/null
+++ b/etc-nginx-sites-available-flyer-crawler-test-projectium-com.txt
@@ -0,0 +1,69 @@
+# HTTPS Server Block (main)
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name flyer-crawler-test.projectium.com;
+
+    # SSL Configuration (managed by Certbot)
+    ssl_certificate /etc/letsencrypt/live/flyer-crawler-test.projectium.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/flyer-crawler-test.projectium.com/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    # Allow large file uploads (e.g., for flyers)
+    client_max_body_size 100M;
+
+    # Root directory for built application files
+    root /var/www/flyer-crawler-test.projectium.com;
+    index index.html;
+
+    # Deny access to all dotfiles
+    location ~ /\. {
+        deny all;
+        return 404;
+    }
+
+    # Coverage report (must come before generic location /)
+    location /coverage/ {
+        try_files $uri $uri/ =404;
+    }
+
+    # SPA fallback for React Router
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+
+    # Reverse proxy for backend API
+    location /api/ {
+        proxy_connect_timeout 300s;
+        proxy_send_timeout    300s;
+        proxy_read_timeout    300s;
+
+        proxy_pass http://localhost:3002;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+    }
+
+    # Correct MIME type for .mjs files
+    location ~ \.mjs$ {
+        include /etc/nginx/mime.types;
+        default_type application/javascript;
+    }
+
+    # Security headers
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header X-Content-Type-Options "nosniff" always;
+}
+
+# HTTP to HTTPS Redirect
+server {
+    listen 80;
+    listen [::]:80;
+    server_name flyer-crawler-test.projectium.com;
+
+    return 301 https://$host$request_uri;
+}