@powerhousedao/ph-cli 0.40.85-dev.0 → 0.40.85-dev.10

package/dist/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@powerhousedao/ph-cli",
-    "version": "0.40.85-dev.0",
+    "version": "0.40.85-dev.10",
     "description": "",
     "license": "AGPL-3.0-only",
     "type": "module",
@@ -17,6 +17,8 @@
         "generate-commands-md": "tsx scripts/generate-commands-md.ts",
         "generate-version": "tsx scripts/generate-version.ts",
         "prebuild": "npm run clean && npm run generate-commands-md && npm run generate-version",
+        "postbuild": "npm run copy-scripts",
+        "copy-scripts": "copyfiles scripts/* dist/",
         "build": "tsc --build",
         "dev": "concurrently -P 'pnpm -w run build:tsc --watch' 'nodemon --watch \"../..\" -e ts,tsx,js,json dist/src/cli.js -- {@}' --",
         "prepublishOnly": "npm run build",
@@ -32,6 +34,7 @@
     "devDependencies": {
         "@types/node": "^22.15.17",
         "concurrently": "^9.1.2",
+        "copyfiles": "^2.4.1",
         "nodemon": "^3.1.9",
         "vitest": "^3.1.2"
     },

package/dist/scripts/generate-commands-md.ts

@@ -0,0 +1,84 @@
+import * as fs from "fs";
+import * as path from "path";
+import { fileURLToPath } from "url";
+
+/**
+ * Generate COMMANDS.md file from the help texts in help.ts
+ */
+async function generateCommandsMd() {
+  try {
+    // Define paths for ES modules
+    const __filename = fileURLToPath(import.meta.url);
+    const __dirname = path.dirname(__filename);
+    const rootDir = path.resolve(__dirname, "..");
+    const helpFilePath = path.join(rootDir, "src", "help.ts");
+    const outputPath = path.join(rootDir, "COMMANDS.md");
+
+    // Read the help.ts file
+    const helpFileContent = fs.readFileSync(helpFilePath, "utf8");
+
+    // Extract all help text constants using regex
+    const helpTextRegex = /export const (\w+)Help = `([\s\S]+?)`;/g;
+    const commands: { name: string; content: string }[] = [];
+
+    let match;
+    while ((match = helpTextRegex.exec(helpFileContent)) !== null) {
+      const commandName = match[1];
+      const helpContent = match[2];
+      commands.push({ name: commandName, content: helpContent });
+    }
+
+    // Sort commands alphabetically
+    commands.sort((a, b) => a.name.localeCompare(b.name));
+
+    // Generate the markdown content
+    let markdown = "# Powerhouse CLI Commands\n\n";
+    markdown +=
+      "This document provides detailed information about the available commands in the Powerhouse CLI.\n\n";
+    markdown += "## Table of Contents\n\n";
+
+    // Add table of contents
+    commands.forEach((command) => {
+      const displayName = formatCommandName(command.name);
+      const anchor = displayName.toLowerCase().replace(/\s+/g, "-");
+      markdown += `- [${displayName}](#${anchor})\n`;
+    });
+
+    markdown += "\n";
+
+    // Add command details
+    commands.forEach((command) => {
+      const displayName = formatCommandName(command.name);
+      markdown += `## ${displayName}\n\n`;
+      markdown += "```\n";
+      markdown += command.content.trim();
+      markdown += "\n```\n\n";
+    });
+
+    // Add footer
+    markdown += "---\n\n";
+    markdown +=
+      "*This document was automatically generated from the help text in the codebase.*\n";
+
+    // Write to COMMANDS.md
+    fs.writeFileSync(outputPath, markdown);
+
+    console.log(`✅ COMMANDS.md has been generated at ${outputPath}`);
+  } catch (error) {
+    console.error("Failed to generate COMMANDS.md:", error);
+    process.exit(1);
+  }
+}
+
+/**
+ * Format command name for display (e.g., "setupGlobals" -> "Setup Globals")
+ */
+function formatCommandName(commandName: string): string {
+  // Convert camelCase to separate words with spaces
+  const name = commandName.replace(/([A-Z])/g, " $1").trim();
+  // Capitalize first letter and convert the rest to lowercase
+  return name.charAt(0).toUpperCase() + name.slice(1);
+}
+
+// Run the script
+generateCommandsMd();

package/dist/scripts/generate-version.ts

@@ -0,0 +1,22 @@
+import { readFileSync, writeFileSync } from "fs";
+import { join } from "path";
+import { fileURLToPath } from "url";
+
+interface PackageJson {
+  version: string;
+}
+
+const __dirname = fileURLToPath(new URL(".", import.meta.url));
+
+// Read package.json
+const packageJson = JSON.parse(
+  readFileSync(join(__dirname, "../package.json"), "utf-8"),
+) as PackageJson;
+
+// Generate version.ts content
+const versionFileContent = `// This file is auto-generated. DO NOT EDIT.
+export const version = "${packageJson.version}";
+`;
+
+// Write version.ts
+writeFileSync(join(__dirname, "../src/version.ts"), versionFileContent);

package/dist/scripts/manage-environment

@@ -0,0 +1,158 @@
+#!/usr/bin/env bash
+
+# =============================================================================
+# Configuration
+# =============================================================================
+PROJECT_NAME=${1:-"global"}
+ACTION=${2:-"status"}
+
+# =============================================================================
+# OS Detection and Windows Handling
+# =============================================================================
+if [[ "$OSTYPE" == "msys" || "$OSTYPE" == "win32" ]]; then
+    if [ -f "$0.ps1" ]; then
+        powershell -ExecutionPolicy Bypass -File "$0.ps1" -PROJECT_NAME "$PROJECT_NAME" -ACTION "$ACTION"
+    else
+        echo "Error: Windows management script (manage-environment.ps1) not found"
+        exit 1
+    fi
+else
+    # =============================================================================
+    # Service Management
+    # =============================================================================
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo "  Managing project: $PROJECT_NAME"
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+
+    # Function to check if service is properly set up
+    check_setup() {
+        local project_name=$1
+        local error=0
+
+        # Check if .env file exists
+        if [ ! -f ".env" ]; then
+            echo "Error: .env file not found in project directory"
+            error=1
+        fi
+
+        # Check if Nginx configuration exists
+        if [ ! -f "/etc/nginx/sites-available/$project_name" ]; then
+            echo "Error: Nginx configuration not found"
+            error=1
+        fi
+
+        # Check if database is configured
+        if ! grep -q "DATABASE_URL" ".env"; then
+            echo "Error: Database configuration not found in .env file"
+            error=1
+        fi
+
+        if [ $error -eq 1 ]; then
+            echo "Please run 'ph setup-environment' first to set up the service"
+            exit 1
+        fi
+    }
+
+    # Function to enable/disable Nginx site
+    manage_nginx_site() {
+        local action=$1
+        local site_path="/etc/nginx/sites-available/$PROJECT_NAME"
+        local enabled_path="/etc/nginx/sites-enabled/$PROJECT_NAME"
+        
+        if [ ! -f "$site_path" ]; then
+            echo "Error: Nginx site configuration for $PROJECT_NAME not found"
+            return 1
+        fi
+        
+        case "$action" in
+            "enable")
+                if [ ! -L "$enabled_path" ]; then
+                    sudo ln -sf "$site_path" "$enabled_path"
+                    sudo nginx -t && sudo nginx -s reload
+                fi
+                ;;
+            "disable")
+                if [ -L "$enabled_path" ]; then
+                    sudo rm -f "$enabled_path"
+                    sudo nginx -t && sudo nginx -s reload
+                fi
+                ;;
+        esac
+    }
+
+    case "$ACTION" in
+        "start")
+            check_setup "$PROJECT_NAME"
+            echo "Starting services..."
+            # Build Connect
+            echo "Building Connect..."
+            ph connect build
+            
+            # Enable Nginx site
+            manage_nginx_site "enable"
+            
+            # Start Switchboard via PM2
+            if ! pm2 list | grep -q "switchboard_${PROJECT_NAME}"; then
+                cd $PROJECT_NAME
+                pm2 start "pnpm switchboard" --name "switchboard_${PROJECT_NAME}"
+                pm2 save
+            else
+                pm2 start "switchboard_${PROJECT_NAME}"
+            fi
+            ;;
+            
+        "stop")
+            check_setup "$PROJECT_NAME"
+            echo "Stopping services..."
+            # Stop Switchboard via PM2
+            if pm2 list | grep -q "switchboard_${PROJECT_NAME}"; then
+                pm2 stop "switchboard_${PROJECT_NAME}"
+            fi
+            
+            # Disable Nginx site
+            manage_nginx_site "disable"
+            ;;
+            
+        "restart")
+            check_setup "$PROJECT_NAME"
+            echo "Restarting services..."
+            # Build Connect
+            echo "Building Connect..."
+            ph connect build
+            
+            # Restart Nginx site
+            manage_nginx_site "disable"
+            manage_nginx_site "enable"
+            
+            # Restart Switchboard via PM2
+            if pm2 list | grep -q "switchboard_${PROJECT_NAME}"; then
+                pm2 restart "switchboard_${PROJECT_NAME}"
+            else
+                cd $PROJECT_NAME
+                pm2 start "pnpm switchboard" --name "switchboard_${PROJECT_NAME}"
+                pm2 save
+            fi
+            ;;
+            
+        "status")
+            check_setup "$PROJECT_NAME"
+            echo "Checking service status..."
+            echo "Nginx site status:"
+            if [ -L "/etc/nginx/sites-enabled/$PROJECT_NAME" ]; then
+                echo "Site is enabled"
+            else
+                echo "Site is disabled"
+            fi
+            
+            echo -e "\nSwitchboard status:"
+            pm2 list | grep "switchboard_${PROJECT_NAME}"
+            ;;
+            
+        *)
+            echo "Usage: $0 [project_name] {start|stop|restart|status}"
+            echo "Default project_name: global"
+            echo "Default action: status"
+            exit 1
+            ;;
+    esac
+fi 

package/dist/scripts/setup-environment

@@ -0,0 +1,378 @@
+#!/usr/bin/env bash
+
+# =============================================================================
+# Configuration
+# =============================================================================
+TARGET_TAG=${1:-"latest"}
+PROJECT_NAME=${2:-"global"}
+
+# =============================================================================
+# OS Detection and Windows Handling
+# =============================================================================
+if [[ "$OSTYPE" == "msys" || "$OSTYPE" == "win32" ]]; then
+    if [ -f "$0.ps1" ]; then
+        powershell -ExecutionPolicy Bypass -File "$0.ps1" -TARGET_TAG "$TARGET_TAG"
+    else
+        echo "Error: Windows setup script (setup-environment.ps1) not found"
+        exit 1
+    fi
+else
+    # =============================================================================
+    # Package Installation
+    # =============================================================================
+    sudo apt install -y postgresql postgresql-contrib nginx
+
+    # =============================================================================
+    # Interactive Package Installation
+    # =============================================================================
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo "  Package Installation"
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    while true; do
+        read -p "Enter package name to install (or press Enter to skip): " package_name
+        if [ -z "$package_name" ]; then
+            break
+        fi
+        ph install "$package_name"
+    done
+
+    # =============================================================================
+    # Connect Build
+    # =============================================================================
+    ph connect build
+
+    # =============================================================================
+    # Database Configuration
+    # =============================================================================
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo "  Database Configuration"
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo "Choose database type:"
+    echo "1) Local PostgreSQL database"
+    echo "2) Remote PostgreSQL database"
+    read -p "Enter your choice (1 or 2): " db_choice
+
+    if [ "$db_choice" = "1" ]; then
+        echo "Setting up local PostgreSQL database..."
+        
+        # Generate database credentials
+        DB_PASSWORD="powerhouse"
+        DB_USER="powerhouse"
+        DB_NAME="powerhouse_${PROJECT_NAME}"
+        
+        # Check if database already exists
+        if sudo -u postgres psql -lqt | cut -d \| -f 1 | grep -qw $DB_NAME; then
+            echo "Database $DB_NAME already exists"
+            read -p "Do you want to recreate it? (y/n): " recreate_db
+            if [ "$recreate_db" = "y" ]; then
+                sudo -u postgres psql -c "DROP DATABASE $DB_NAME;"
+            else
+                echo "Using existing database"
+            fi
+        fi
+        
+        # Create database and user if they don't exist
+        sudo -u postgres psql << EOF
+DO
+\$do\$
+BEGIN
+   IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = '$DB_USER') THEN
+      CREATE USER $DB_USER WITH PASSWORD '$DB_PASSWORD';
+   END IF;
+END
+\$do\$;
+
+CREATE DATABASE $DB_NAME OWNER $DB_USER;
+GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;
+EOF
+        
+        # Configure PostgreSQL
+        sudo sed -i "s/#listen_addresses = 'localhost'/listen_addresses = 'localhost'/" /etc/postgresql/*/main/postgresql.conf
+        
+        # Set DATABASE_URL for local database
+        DATABASE_URL="postgresql://$DB_USER:$DB_PASSWORD@localhost:5432/$DB_NAME"
+        
+        echo "Local database configured successfully!"
+        echo "Database URL: $DATABASE_URL"
+        echo "Please save these credentials securely!"
+    else
+        echo "Enter remote PostgreSQL URL (format: postgresql://user:password@host:port/db)"
+        echo "Example: postgresql://powerhouse:password@db.example.com:5432/powerhouse"
+        read -p "DATABASE_URL: " DATABASE_URL
+    fi
+
+    # Save DATABASE_URL to .env file
+    echo "DATABASE_URL=$DATABASE_URL" | sudo tee -a .env
+
+    # =============================================================================
+    # SSL Configuration
+    # =============================================================================
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo "  SSL Configuration"
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo "Choose SSL configuration:"
+    echo "1) Let's Encrypt certificates for domains"
+    echo "2) Self-signed certificate for machine hostname"
+    read -p "Enter your choice (1 or 2): " ssl_choice
+
+    if [ "$ssl_choice" = "1" ]; then
+        # Install certbot
+        sudo apt install -y certbot python3-certbot-nginx
+        
+        # =============================================================================
+        # Domain Setup
+        # =============================================================================
+        echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+        echo "  Domain Setup"
+        echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+        read -p "Enter Connect domain (e.g. connect.google.com): " connect_domain
+        read -p "Enter Switchboard domain (e.g. switchboard.google.com): " switchboard_domain
+
+        echo "Using domains:"
+        echo "Connect: $connect_domain"
+        echo "Switchboard: $switchboard_domain"
+
+        # Generate temporary SSL certificates
+        echo "Generating temporary SSL certificates..."
+        sudo mkdir -p /etc/nginx/ssl
+        sudo openssl req -x509 -nodes -days 1 -newkey rsa:2048 \
+            -keyout /etc/nginx/ssl/temp.key \
+            -out /etc/nginx/ssl/temp.crt \
+            -subj "/CN=$connect_domain" \
+            -addext "subjectAltName = DNS:$connect_domain,DNS:$switchboard_domain"
+
+        # Check if Nginx configuration already exists
+        if [ -f "/etc/nginx/sites-available/$PROJECT_NAME" ]; then
+            echo "Nginx configuration for $PROJECT_NAME already exists"
+            read -p "Do you want to overwrite it? (y/n): " overwrite_nginx
+            if [ "$overwrite_nginx" != "y" ]; then
+                echo "Keeping existing Nginx configuration"
+            else
+                # Create Nginx configuration for domains
+                echo "Creating Nginx configuration..."
+                sudo tee /etc/nginx/sites-available/$PROJECT_NAME > /dev/null << EOF
+# Security headers
+add_header Strict-Transport-Security "max-age=63072000" always;
+add_header X-Frame-Options DENY;
+add_header X-Content-Type-Options nosniff;
+add_header X-XSS-Protection "1; mode=block";
+
+server {
+    listen 80;
+    server_name $connect_domain $switchboard_domain;
+    return 301 https://\$host\$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name $connect_domain;
+    
+    ssl_certificate /etc/nginx/ssl/temp.crt;
+    ssl_certificate_key /etc/nginx/ssl/temp.key;
+    
+    # SSL configuration
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers off;
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:SSL:50m;
+    ssl_session_tickets off;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    if (\$http_x_forwarded_proto = "http") {
+        return 301 https://\$server_name\$request_uri;
+    }
+    
+    location / {
+        root $PWD/.ph/connect-build/dist;
+        try_files \$uri \$uri/ /index.html;
+        add_header Cache-Control "no-cache";
+        add_header X-Forwarded-Proto \$scheme;
+        add_header X-Forwarded-Host \$host;
+        add_header X-Forwarded-Port \$server_port;
+    }
+}
+
+server {
+    listen 443 ssl http2;
+    server_name $switchboard_domain;
+    
+    ssl_certificate /etc/nginx/ssl/temp.crt;
+    ssl_certificate_key /etc/nginx/ssl/temp.key;
+    
+    location / {
+        proxy_pass http://localhost:4001;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade \$http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host \$host;
+        proxy_cache_bypass \$http_upgrade;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+    }
+}
+EOF
+            fi
+        else
+            # Create Nginx configuration for domains
+            echo "Creating Nginx configuration..."
+            sudo tee /etc/nginx/sites-available/$PROJECT_NAME > /dev/null << EOF
+# Security headers
+add_header Strict-Transport-Security "max-age=63072000" always;
+add_header X-Frame-Options DENY;
+add_header X-Content-Type-Options nosniff;
+add_header X-XSS-Protection "1; mode=block";
+
+server {
+    listen 80;
+    server_name $connect_domain $switchboard_domain;
+    return 301 https://\$host\$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name $connect_domain;
+    
+    ssl_certificate /etc/nginx/ssl/temp.crt;
+    ssl_certificate_key /etc/nginx/ssl/temp.key;
+    
+    # SSL configuration
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers off;
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:SSL:50m;
+    ssl_session_tickets off;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    if (\$http_x_forwarded_proto = "http") {
+        return 301 https://\$server_name\$request_uri;
+    }
+    
+    location / {
+        root $PWD/.ph/connect-build/dist;
+        try_files \$uri \$uri/ /index.html;
+        add_header Cache-Control "no-cache";
+        add_header X-Forwarded-Proto \$scheme;
+        add_header X-Forwarded-Host \$host;
+        add_header X-Forwarded-Port \$server_port;
+    }
+}
+
+server {
+    listen 443 ssl http2;
+    server_name $switchboard_domain;
+    
+    ssl_certificate /etc/nginx/ssl/temp.crt;
+    ssl_certificate_key /etc/nginx/ssl/temp.key;
+    
+    location / {
+        proxy_pass http://localhost:4001;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade \$http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host \$host;
+        proxy_cache_bypass \$http_upgrade;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+    }
+}
+EOF
+        fi
+
+        # Enable the site
+        sudo ln -sf /etc/nginx/sites-available/$PROJECT_NAME /etc/nginx/sites-enabled/
+        sudo rm -f /etc/nginx/sites-enabled/default
+
+        # Test Nginx configuration
+        sudo nginx -t
+
+        # Obtain SSL certificates
+        echo "Obtaining SSL certificates..."
+        sudo certbot --nginx -d $connect_domain -d $switchboard_domain --non-interactive --agree-tos --email admin@$connect_domain
+
+        # Remove temporary certificates
+        sudo rm -f /etc/nginx/ssl/temp.*
+
+    else
+        # Get machine hostname
+        hostname=$(hostname)
+        
+        # Generate self-signed certificate
+        echo "Generating self-signed certificate for $hostname..."
+        sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+            -keyout /etc/ssl/private/$hostname.key \
+            -out /etc/ssl/certs/$hostname.crt \
+            -subj "/CN=$hostname" \
+            -addext "subjectAltName = DNS:$hostname"
+
+        # Create Nginx configuration for self-signed
+        echo "Creating Nginx configuration..."
+        sudo tee /etc/nginx/sites-available/$PROJECT_NAME > /dev/null << EOF
+# Security headers
+add_header Strict-Transport-Security "max-age=63072000" always;
+add_header X-Frame-Options DENY;
+add_header X-Content-Type-Options nosniff;
+add_header X-XSS-Protection "1; mode=block";
+
+server {
+    listen 80;
+    server_name $hostname;
+    return 301 https://\$host\$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name $hostname;
+    
+    ssl_certificate /etc/ssl/certs/$hostname.crt;
+    ssl_certificate_key /etc/ssl/private/$hostname.key;
+    
+    location /connect {
+        proxy_pass http://localhost:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade \$http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host \$host;
+        proxy_cache_bypass \$http_upgrade;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+    }
+
+    location /switchboard {
+        proxy_pass http://localhost:4001;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade \$http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host \$host;
+        proxy_cache_bypass \$http_upgrade;
+        proxy_set_header X-Real-IP \$remote_addr;
+        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto \$scheme;
+    }
+}
+EOF
+
+        # Enable the site
+        sudo ln -sf /etc/nginx/sites-available/$PROJECT_NAME /etc/nginx/sites-enabled/
+        sudo rm -f /etc/nginx/sites-enabled/default
+
+        # Test Nginx configuration
+        sudo nginx -t
+    fi
+
+    # =============================================================================
+    # Database Schema Setup
+    # =============================================================================
+    pnpm prisma db push --schema node_modules/document-drive/dist/prisma/schema.prisma
+
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+    echo "  Environment setup complete!"
+    echo "  Use 'ph service start' to start services"
+    echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
+fi