fix: linting

.env.example

@@ -80,5 +80,5 @@ SENTRY_DSN=
 # GOTIFY_TOKEN=
 
 # Analytics (Umami)
-NEXT_PUBLIC_UMAMI_WEBSITE_ID=
+UMAMI_WEBSITE_ID=
-NEXT_PUBLIC_UMAMI_SCRIPT_URL=https://analytics.infra.mintel.me/script.js
+UMAMI_API_ENDPOINT=https://analytics.infra.mintel.me

.gitea/workflows/deploy.yml

@@ -26,6 +26,9 @@ jobs:
       next_public_base_url: ${{ steps.determine.outputs.next_public_base_url }}
       directus_url:     ${{ steps.determine.outputs.directus_url }}
       directus_host:    ${{ steps.determine.outputs.directus_host }}
+      gatekeeper_host:  ${{ steps.determine.outputs.gatekeeper_host }}
+      traefik_rule:     ${{ steps.determine.outputs.traefik_rule }}
+      gatekeeper_rule:  ${{ steps.determine.outputs.gatekeeper_rule }}
       project_name:     ${{ steps.determine.outputs.project_name }}
     steps:
       - name: 🔍 Debug Info
@@ -51,48 +54,82 @@ jobs:
         id: determine
         shell: bash
         run: |
-          TAG="${{ github.ref_name }}"
+          REF="${{ github.ref }}"
+          REF_NAME="${{ github.ref_name }}"
+          REF_TYPE="${{ github.ref_type }}"
           SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
           DOMAIN_BASE="mb-grid-solutions.com"
           PRJ_ID="mb-grid-solutions"
 
-          if [[ "${{ github.ref_type }}" == "branch" && "$TAG" == "main" ]]; then
+          echo "Detecting environment for ref: $REF ($REF_NAME, type: $REF_TYPE)"
+
+          # Fallback for REF_TYPE if missing
+          if [[ -z "$REF_TYPE" ]]; then
+            if [[ "$REF" == refs/tags/* ]]; then
+              REF_TYPE="tag"
+            elif [[ "$REF" == refs/heads/* ]]; then
+              REF_TYPE="branch"
+            fi
+          fi
+
+          if [[ "$REF_TYPE" == "branch" && "$REF_NAME" == "main" ]]; then
             TARGET="testing"
             IMAGE_TAG="testing-${SHORT_SHA}"
             ENV_FILE=".env.testing"
             TRAEFIK_HOST="testing.${DOMAIN_BASE}"
+            GATEKEEPER_HOST="gatekeeper.testing.${DOMAIN_BASE}"
             NEXT_PUBLIC_BASE_URL="https://testing.${DOMAIN_BASE}"
             DIRECTUS_URL="https://cms.testing.${DOMAIN_BASE}"
             DIRECTUS_HOST="cms.testing.${DOMAIN_BASE}"
-          elif [[ "${{ github.ref_type }}" == "tag" ]]; then
+          elif [[ "$REF_TYPE" == "tag" ]]; then
-            if [[ "$TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            if [[ "$REF_NAME" =~ ^v[0-9]+\.[0-9]+(\.[0-9]+)?$ ]]; then
               TARGET="production"
-              IMAGE_TAG="$TAG"
+              IMAGE_TAG="$REF_NAME"
               ENV_FILE=".env.prod"
-              TRAEFIK_HOST="${DOMAIN_BASE}, www.${DOMAIN_BASE}"
+              TRAEFIK_HOST="${DOMAIN_BASE}" # Primary domain
+              GATEKEEPER_HOST="gatekeeper.${DOMAIN_BASE}"
               NEXT_PUBLIC_BASE_URL="https://${DOMAIN_BASE}"
               DIRECTUS_URL="https://cms.${DOMAIN_BASE}"
               DIRECTUS_HOST="cms.${DOMAIN_BASE}"
-            elif [[ "$TAG" =~ -rc || "$TAG" =~ -beta || "$TAG" =~ -alpha ]]; then
+            elif [[ "$REF_NAME" =~ -rc || "$REF_NAME" =~ -beta || "$REF_NAME" =~ -alpha ]]; then
               TARGET="staging"
-              IMAGE_TAG="$TAG"
+              IMAGE_TAG="$REF_NAME"
               ENV_FILE=".env.staging"
               TRAEFIK_HOST="staging.${DOMAIN_BASE}"
+              GATEKEEPER_HOST="gatekeeper.staging.${DOMAIN_BASE}"
               NEXT_PUBLIC_BASE_URL="https://staging.${DOMAIN_BASE}"
               DIRECTUS_URL="https://cms.staging.${DOMAIN_BASE}"
               DIRECTUS_HOST="cms.staging.${DOMAIN_BASE}"
             else
               TARGET="skip"
+              echo "Tag $REF_NAME did not match any environment pattern."
             fi
           else
             TARGET="skip"
+            echo "Ref type $REF_TYPE is not handled for deployment."
+          fi
+
+          # Determine Rules based on target (if not skipped)
+          if [[ "$TARGET" != "skip" ]]; then
+            if [[ "$TARGET" == "production" ]]; then
+              TRAEFIK_RULE="Host(\`${DOMAIN_BASE}\`) || Host(\`www.${DOMAIN_BASE}\`)"
+              GATEKEEPER_RULE="(Host(\`${DOMAIN_BASE}\`) || Host(\`www.${DOMAIN_BASE}\`)) && PathPrefix(\`/gatekeeper\`) || Host(\`gatekeeper.${DOMAIN_BASE}\`)"
+            else
+              TRAEFIK_RULE="Host(\`${TRAEFIK_HOST}\`)"
+              GATEKEEPER_RULE="(Host(\`${TRAEFIK_HOST}\`) && PathPrefix(\`/gatekeeper\`)) || Host(\`gatekeeper.${TRAEFIK_HOST}\`)"
+            fi
           fi
 
           echo "Target determined: $TARGET"
+          echo "Image tag: $IMAGE_TAG"
+          
           echo "target=$TARGET" >> "$GITHUB_OUTPUT"
           echo "image_tag=$IMAGE_TAG" >> "$GITHUB_OUTPUT"
           echo "env_file=$ENV_FILE" >> "$GITHUB_OUTPUT"
           echo "traefik_host=$TRAEFIK_HOST" >> "$GITHUB_OUTPUT"
+          echo "traefik_rule=$TRAEFIK_RULE" >> "$GITHUB_OUTPUT"
+          echo "gatekeeper_rule=$GATEKEEPER_RULE" >> "$GITHUB_OUTPUT"
+          echo "gatekeeper_host=$GATEKEEPER_HOST" >> "$GITHUB_OUTPUT"
           echo "next_public_base_url=$NEXT_PUBLIC_BASE_URL" >> "$GITHUB_OUTPUT"
           echo "directus_url=$DIRECTUS_URL" >> "$GITHUB_OUTPUT"
           echo "directus_host=$DIRECTUS_HOST" >> "$GITHUB_OUTPUT"
@@ -158,6 +195,7 @@ jobs:
             --build-arg NEXT_PUBLIC_BASE_URL=${{ needs.prepare.outputs.next_public_base_url }} \
             --build-arg NEXT_PUBLIC_TARGET=${{ needs.prepare.outputs.target }} \
             --build-arg DIRECTUS_URL=${{ needs.prepare.outputs.directus_url }} \
+            --build-arg UMAMI_API_ENDPOINT=${{ secrets.UMAMI_API_ENDPOINT || secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL || vars.UMAMI_API_ENDPOINT || 'https://analytics.infra.mintel.me' }} \
             -t registry.infra.mintel.me/mintel/mb-grid-solutions:${{ needs.prepare.outputs.image_tag }} \
             --push .
 
@@ -189,6 +227,9 @@ jobs:
           ENV_FILE=${{ needs.prepare.outputs.env_file }}
           IMAGE_TAG=${{ needs.prepare.outputs.image_tag }}
           TRAEFIK_HOST=${{ needs.prepare.outputs.traefik_host }}
+          TRAEFIK_RULE=${{ needs.prepare.outputs.traefik_rule }}
+          GATEKEEPER_RULE=${{ needs.prepare.outputs.gatekeeper_rule }}
+          GATEKEEPER_HOST=${{ needs.prepare.outputs.gatekeeper_host }}
           PROJECT_NAME=${{ needs.prepare.outputs.project_name }}
           NEXT_PUBLIC_BASE_URL=${{ needs.prepare.outputs.next_public_base_url }}
           
@@ -223,8 +264,8 @@ jobs:
           SENTRY_DSN=${{ secrets.SENTRY_DSN || vars.SENTRY_DSN }}
           GOTIFY_URL=${{ secrets.GOTIFY_URL || vars.GOTIFY_URL }}
           GOTIFY_TOKEN=${{ secrets.GOTIFY_TOKEN || vars.GOTIFY_TOKEN }}
-          NEXT_PUBLIC_UMAMI_WEBSITE_ID=${{ secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID || vars.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
+          UMAMI_WEBSITE_ID=${{ secrets.UMAMI_WEBSITE_ID || secrets.NEXT_PUBLIC_UMAMI_WEBSITE_ID || vars.UMAMI_WEBSITE_ID || vars.NEXT_PUBLIC_UMAMI_WEBSITE_ID }}
-          NEXT_PUBLIC_UMAMI_SCRIPT_URL=${{ secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL || vars.NEXT_PUBLIC_UMAMI_SCRIPT_URL }}
+          UMAMI_API_ENDPOINT=${{ secrets.UMAMI_API_ENDPOINT || secrets.NEXT_PUBLIC_UMAMI_SCRIPT_URL || vars.UMAMI_API_ENDPOINT || 'https://analytics.infra.mintel.me' }}
           
           # Project
           PROJECT_COLOR=${{ secrets.PROJECT_COLOR || vars.PROJECT_COLOR || '#82ed20' }}

Dockerfile

@@ -8,15 +8,13 @@ RUN rm -rf packages apps pnpm-workspace.yaml 2>/dev/null || true
 
 # Build-time environment variables for Next.js
 ARG NEXT_PUBLIC_BASE_URL
-ARG NEXT_PUBLIC_UMAMI_WEBSITE_ID
+ARG UMAMI_API_ENDPOINT
-ARG NEXT_PUBLIC_UMAMI_SCRIPT_URL
 ARG NEXT_PUBLIC_TARGET
 ARG DIRECTUS_URL
 ARG NPM_TOKEN
 
 ENV NEXT_PUBLIC_BASE_URL=$NEXT_PUBLIC_BASE_URL
-ENV NEXT_PUBLIC_UMAMI_WEBSITE_ID=$NEXT_PUBLIC_UMAMI_WEBSITE_ID
+ENV UMAMI_API_ENDPOINT=$UMAMI_API_ENDPOINT
-ENV NEXT_PUBLIC_UMAMI_SCRIPT_URL=$NEXT_PUBLIC_UMAMI_SCRIPT_URL
 ENV NEXT_PUBLIC_TARGET=$NEXT_PUBLIC_TARGET
 ENV DIRECTUS_URL=$DIRECTUS_URL
 ENV NPM_TOKEN=$NPM_TOKEN

app/[locale]/layout.tsx

@@ -70,9 +70,9 @@ export default async function RootLayout({
   params,
 }: {
   children: React.ReactNode;
-  params: Promise<{ locale: string }>;
+  params: { locale: string };
 }) {
-  const { locale } = await params;
+  const { locale } = params;
 
   // Validate that the incoming `locale` is supported
   if (locale !== "de") {
@@ -105,6 +105,13 @@ export default async function RootLayout({
     },
   };
 
+  // Track pageview on the server
+  // This is safe to call here because layout is a Server Component
+  const services = (
+    await import("@/lib/services/create-services.server")
+  ).getServerAppServices();
+  services.analytics.trackPageview();
+
   return (
     <html lang={locale} className={`${inter.variable}`}>
       <head>

components/analytics/AnalyticsProvider.tsx

@@ -0,0 +1,48 @@
+"use client";
+
+import { useEffect } from "react";
+import { usePathname, useSearchParams } from "next/navigation";
+import { getAppServices } from "@/lib/services/create-services";
+
+/**
+ * AnalyticsProvider Component
+ *
+ * Automatically tracks pageviews on client-side route changes.
+ * This component should be placed inside your layout to handle navigation events.
+ *
+ * @param {Object} props - Component props
+ * @param {string} [props.websiteId] - The Umami website ID (passed from server config)
+ *
+ * @example
+ * ```tsx
+ * // In your layout.tsx
+ * const { websiteId } = config.analytics.umami;
+ * <AnalyticsProvider websiteId={websiteId} />
+ * ```
+ */
+export default function AnalyticsProvider({
+  websiteId,
+}: {
+  websiteId?: string;
+}) {
+  const pathname = usePathname();
+  const searchParams = useSearchParams();
+
+  useEffect(() => {
+    if (!pathname) return;
+
+    const services = getAppServices();
+    const url = `${pathname}${searchParams?.size ? `?${searchParams.toString()}` : ""}`;
+
+    // Track pageview with the full URL
+    services.analytics.trackPageview(url);
+
+    if (process.env.NODE_ENV === "development") {
+      console.log("[Umami] Tracked pageview:", url);
+    }
+  }, [pathname, searchParams]);
+
+  if (!websiteId) return null;
+
+  return null;
+}

docker-compose.yaml

@@ -8,7 +8,7 @@ services:
       - ${ENV_FILE:-.env}
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.${PROJECT_NAME}.rule=Host(`${TRAEFIK_HOST:-mb-grid-solutions.localhost}`)"
+      - "traefik.http.routers.${PROJECT_NAME}.rule=${TRAEFIK_RULE:-Host(`${TRAEFIK_HOST:-mb-grid-solutions.localhost}`)}"
       - "traefik.http.routers.${PROJECT_NAME}.entrypoints=websecure"
       - "traefik.http.routers.${PROJECT_NAME}.tls.certresolver=le"
       - "traefik.http.routers.${PROJECT_NAME}.tls=true"
@@ -17,7 +17,7 @@ services:
       - "traefik.docker.network=infra"
 
       # Gatekeeper Router (Shared Host + dedicated Subdomain)
-      - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.rule=(Host(`${TRAEFIK_HOST:-mb-grid-solutions.localhost}`) && PathPrefix(`/gatekeeper`)) || Host(`gatekeeper.${TRAEFIK_HOST:-mb-grid-solutions.localhost}`)"
+      - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.rule=${GATEKEEPER_RULE:-(Host(`${TRAEFIK_HOST:-mb-grid-solutions.localhost}`) && PathPrefix(`/gatekeeper`)) || Host(`gatekeeper.${TRAEFIK_HOST:-mb-grid-solutions.localhost}`)}"
       - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.entrypoints=websecure"
       - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.tls.certresolver=le"
       - "traefik.http.routers.${PROJECT_NAME}-gatekeeper.tls=true"
@@ -46,7 +46,7 @@ services:
       AUTH_COOKIE_NAME: ${AUTH_COOKIE_NAME:-mintel_gatekeeper_session}
       GATEKEEPER_PASSWORD: ${GATEKEEPER_PASSWORD:-mintel}
       # Dedicated Base URL for Gatekeeper subdomain to prevent redirect loops
-      NEXT_PUBLIC_BASE_URL: https://gatekeeper.${TRAEFIK_HOST:-mb-grid-solutions.localhost}
+      NEXT_PUBLIC_BASE_URL: https://${GATEKEEPER_HOST:-gatekeeper.mb-grid-solutions.localhost}
     labels:
       - "traefik.enable=true"
       - "traefik.http.services.${PROJECT_NAME}-gatekeeper.loadbalancer.server.port=3000"

lib/config.ts

@@ -27,11 +27,9 @@ function createConfig() {
 
     analytics: {
       umami: {
-        websiteId: env.NEXT_PUBLIC_UMAMI_WEBSITE_ID,
+        websiteId: env.UMAMI_WEBSITE_ID,
-        scriptUrl: env.NEXT_PUBLIC_UMAMI_SCRIPT_URL,
+        apiEndpoint: env.UMAMI_API_ENDPOINT,
-        // The proxied path used in the frontend
+        enabled: Boolean(env.UMAMI_WEBSITE_ID),
-        proxyPath: "/stats/script.js",
-        enabled: Boolean(env.NEXT_PUBLIC_UMAMI_WEBSITE_ID),
       },
     },
 
@@ -153,7 +151,7 @@ export function getMaskedConfig() {
     analytics: {
       umami: {
         websiteId: mask(c.analytics.umami.websiteId),
-        scriptUrl: c.analytics.umami.scriptUrl,
+        apiEndpoint: c.analytics.umami.apiEndpoint,
         enabled: c.analytics.umami.enabled,
       },
     },

lib/env.ts

@@ -8,78 +8,99 @@ const preprocessEmptyString = (val: unknown) => (val === "" ? undefined : val);
 /**
  * Environment variable schema.
  */
-export const envSchema = z.object({
+export const envSchema = z
-  NODE_ENV: z
+  .object({
-    .enum(["development", "production", "test"])
+    NODE_ENV: z
-    .default("development"),
+      .enum(["development", "production", "test"])
-  NEXT_PUBLIC_BASE_URL: z.preprocess(
+      .default("development"),
-    preprocessEmptyString,
+    NEXT_PUBLIC_BASE_URL: z.preprocess(
-    z.string().url().optional(),
+      preprocessEmptyString,
-  ),
+      z.string().url().optional(),
-  NEXT_PUBLIC_TARGET: z
+    ),
-    .enum(["development", "testing", "staging", "production"])
+    NEXT_PUBLIC_TARGET: z
-    .optional(),
+      .enum(["development", "testing", "staging", "production"])
+      .optional(),
 
-  // Analytics
+    // Analytics
-  NEXT_PUBLIC_UMAMI_WEBSITE_ID: z.preprocess(
+    UMAMI_WEBSITE_ID: z.preprocess(
-    preprocessEmptyString,
+      preprocessEmptyString,
-    z.string().optional(),
+      z.string().optional(),
-  ),
+    ),
-  NEXT_PUBLIC_UMAMI_SCRIPT_URL: z.preprocess(
+    UMAMI_API_ENDPOINT: z.preprocess(
-    preprocessEmptyString,
+      preprocessEmptyString,
-    z.string().url().default("https://analytics.infra.mintel.me/script.js"),
+      z.string().url().default("https://analytics.infra.mintel.me"),
-  ),
+    ),
 
-  // Error Tracking
+    // Error Tracking
-  SENTRY_DSN: z.preprocess(preprocessEmptyString, z.string().optional()),
+    SENTRY_DSN: z.preprocess(preprocessEmptyString, z.string().optional()),
 
-  // Logging
+    // Logging
-  LOG_LEVEL: z.enum(["debug", "info", "warn", "error"]).default("info"),
+    LOG_LEVEL: z.enum(["debug", "info", "warn", "error"]).default("info"),
 
-  // Mail
+    // Mail
-  MAIL_HOST: z.preprocess(preprocessEmptyString, z.string().optional()),
+    MAIL_HOST: z.preprocess(preprocessEmptyString, z.string().optional()),
-  MAIL_PORT: z.preprocess(
+    MAIL_PORT: z.preprocess(
-    preprocessEmptyString,
+      preprocessEmptyString,
-    z.coerce.number().default(587),
+      z.coerce.number().default(587),
-  ),
+    ),
-  MAIL_USERNAME: z.preprocess(preprocessEmptyString, z.string().optional()),
+    MAIL_USERNAME: z.preprocess(preprocessEmptyString, z.string().optional()),
-  MAIL_PASSWORD: z.preprocess(preprocessEmptyString, z.string().optional()),
+    MAIL_PASSWORD: z.preprocess(preprocessEmptyString, z.string().optional()),
-  MAIL_FROM: z.preprocess(preprocessEmptyString, z.string().optional()),
+    MAIL_FROM: z.preprocess(preprocessEmptyString, z.string().optional()),
-  MAIL_RECIPIENTS: z.preprocess(
+    MAIL_RECIPIENTS: z.preprocess(
-    (val) => (typeof val === "string" ? val.split(",").filter(Boolean) : val),
+      (val) => (typeof val === "string" ? val.split(",").filter(Boolean) : val),
-    z.array(z.string()).default([]),
+      z.array(z.string()).default([]),
-  ),
+    ),
 
-  // Directus
+    // Directus
-  DIRECTUS_URL: z.preprocess(
+    DIRECTUS_URL: z.preprocess(
-    preprocessEmptyString,
+      preprocessEmptyString,
-    z.string().url().default("http://localhost:8055"),
+      z.string().url().default("http://localhost:8055"),
-  ),
+    ),
-  DIRECTUS_ADMIN_EMAIL: z.preprocess(
+    DIRECTUS_ADMIN_EMAIL: z.preprocess(
-    preprocessEmptyString,
+      preprocessEmptyString,
-    z.string().optional(),
+      z.string().optional(),
-  ),
+    ),
-  DIRECTUS_ADMIN_PASSWORD: z.preprocess(
+    DIRECTUS_ADMIN_PASSWORD: z.preprocess(
-    preprocessEmptyString,
+      preprocessEmptyString,
-    z.string().optional(),
+      z.string().optional(),
-  ),
+    ),
-  DIRECTUS_API_TOKEN: z.preprocess(
+    DIRECTUS_API_TOKEN: z.preprocess(
-    preprocessEmptyString,
+      preprocessEmptyString,
-    z.string().optional(),
+      z.string().optional(),
-  ),
+    ),
-  INTERNAL_DIRECTUS_URL: z.preprocess(
+    INTERNAL_DIRECTUS_URL: z.preprocess(
-    preprocessEmptyString,
+      preprocessEmptyString,
-    z.string().url().optional(),
+      z.string().url().optional(),
-  ),
+    ),
 
-  // Deploy Target
+    // Deploy Target
-  TARGET: z
+    TARGET: z
-    .enum(["development", "testing", "staging", "production"])
+      .enum(["development", "testing", "staging", "production"])
-    .optional(),
+      .optional(),
-  // Gotify
+    // Gotify
-  GOTIFY_URL: z.preprocess(preprocessEmptyString, z.string().url().optional()),
+    GOTIFY_URL: z.preprocess(
-  GOTIFY_TOKEN: z.preprocess(preprocessEmptyString, z.string().optional()),
+      preprocessEmptyString,
-});
+      z.string().url().optional(),
+    ),
+    GOTIFY_TOKEN: z.preprocess(preprocessEmptyString, z.string().optional()),
+  })
+  .superRefine((data, ctx) => {
+    const target = data.NEXT_PUBLIC_TARGET || data.TARGET;
+    const isDev = target === "development" || !target;
+    const isBuildTimeValidation =
+      process.env.SKIP_RUNTIME_ENV_VALIDATION === "true";
+    const isServer = typeof window === "undefined";
+
+    // Only enforce server-only variables when running on the server.
+    // In the browser, non-NEXT_PUBLIC_ variables are undefined and should not trigger validation errors.
+    if (isServer && !isDev && !isBuildTimeValidation && !data.MAIL_HOST) {
+      ctx.addIssue({
+        code: z.ZodIssueCode.custom,
+        message: "MAIL_HOST is required in non-development environments",
+        path: ["MAIL_HOST"],
+      });
+    }
+  });
 
 export type Env = z.infer<typeof envSchema>;
 
@@ -92,8 +113,12 @@ export function getRawEnv() {
     NODE_ENV: process.env.NODE_ENV,
     NEXT_PUBLIC_BASE_URL: process.env.NEXT_PUBLIC_BASE_URL,
     NEXT_PUBLIC_TARGET: process.env.NEXT_PUBLIC_TARGET,
-    NEXT_PUBLIC_UMAMI_WEBSITE_ID: process.env.NEXT_PUBLIC_UMAMI_WEBSITE_ID,
+    UMAMI_WEBSITE_ID:
-    NEXT_PUBLIC_UMAMI_SCRIPT_URL: process.env.NEXT_PUBLIC_UMAMI_SCRIPT_URL,
+      process.env.UMAMI_WEBSITE_ID || process.env.NEXT_PUBLIC_UMAMI_WEBSITE_ID,
+    UMAMI_API_ENDPOINT:
+      process.env.UMAMI_API_ENDPOINT ||
+      process.env.UMAMI_SCRIPT_URL ||
+      process.env.NEXT_PUBLIC_UMAMI_SCRIPT_URL,
     SENTRY_DSN: process.env.SENTRY_DSN,
     LOG_LEVEL: process.env.LOG_LEVEL,
     MAIL_HOST: process.env.MAIL_HOST,

lib/services/analytics/README.md

@@ -0,0 +1,445 @@
+# Analytics Service Layer
+
+This directory contains the service layer implementation for analytics tracking in the KLZ Cables application.
+
+## Overview
+
+The analytics service layer provides a clean abstraction over different analytics implementations (Umami, Google Analytics, etc.) while maintaining a consistent API.
+
+## Architecture
+
+```
+lib/services/analytics/
+├── analytics-service.ts          # Interface definition
+├── umami-analytics-service.ts    # Umami implementation
+├── noop-analytics-service.ts     # No-op fallback implementation
+└── README.md                     # This file
+```
+
+## Components
+
+### 1. AnalyticsService Interface (`analytics-service.ts`)
+
+Defines the contract for all analytics services:
+
+```typescript
+export interface AnalyticsService {
+  track(eventName: string, props?: AnalyticsEventProperties): void;
+  trackPageview(url?: string): void;
+}
+```
+
+**Key Features:**
+
+- Type-safe event properties
+- Consistent API across implementations
+- Well-documented with JSDoc comments
+
+### 2. UmamiAnalyticsService (`umami-analytics-service.ts`)
+
+Implements the `AnalyticsService` interface for Umami analytics.
+
+**Features:**
+
+- Type-safe event tracking
+- Automatic pageview tracking
+- Browser environment detection
+- Graceful error handling
+- Comprehensive JSDoc documentation
+
+**Usage:**
+
+```typescript
+import { UmamiAnalyticsService } from "@/lib/services/analytics/umami-analytics-service";
+
+const service = new UmamiAnalyticsService({ enabled: true });
+service.track("button_click", { button_id: "cta" });
+service.trackPageview("/products/123");
+```
+
+### 3. NoopAnalyticsService (`noop-analytics-service.ts`)
+
+A no-op implementation used as a fallback when analytics are disabled.
+
+**Features:**
+
+- Maintains the same API as other services
+- Safe to call even when analytics are disabled
+- No performance impact
+- Comprehensive JSDoc documentation
+
+**Usage:**
+
+```typescript
+import { NoopAnalyticsService } from "@/lib/services/analytics/noop-analytics-service";
+
+const service = new NoopAnalyticsService();
+service.track("button_click", { button_id: "cta" }); // Does nothing
+service.trackPageview("/products/123"); // Does nothing
+```
+
+## Service Selection
+
+The service layer automatically selects the appropriate implementation based on environment variables:
+
+```typescript
+// In lib/services/create-services.ts
+const umamiEnabled = Boolean(process.env.NEXT_PUBLIC_UMAMI_WEBSITE_ID);
+
+const analytics = umamiEnabled
+  ? new UmamiAnalyticsService({ enabled: true })
+  : new NoopAnalyticsService();
+```
+
+## Environment Variables
+
+### Required for Umami
+
+```bash
+NEXT_PUBLIC_UMAMI_WEBSITE_ID=59a7db94-0100-4c7e-98ef-99f45b17f9c3
+```
+
+### Optional (defaults provided)
+
+```bash
+NEXT_PUBLIC_UMAMI_SCRIPT_URL=https://analytics.infra.mintel.me/script.js
+```
+
+## API Reference
+
+### AnalyticsService Interface
+
+#### `track(eventName: string, props?: AnalyticsEventProperties): void`
+
+Track a custom event with optional properties.
+
+**Parameters:**
+
+- `eventName` - The name of the event to track
+- `props` - Optional event properties (metadata)
+
+**Example:**
+
+```typescript
+service.track("product_add_to_cart", {
+  product_id: "123",
+  product_name: "Cable",
+  price: 99.99,
+  quantity: 1,
+});
+```
+
+#### `trackPageview(url?: string): void`
+
+Track a pageview.
+
+**Parameters:**
+
+- `url` - The URL to track (defaults to current location)
+
+**Example:**
+
+```typescript
+// Track current page
+service.trackPageview();
+
+// Track custom URL
+service.trackPageview("/products/123?category=cables");
+```
+
+### UmamiAnalyticsService
+
+#### Constructor
+
+```typescript
+new UmamiAnalyticsService(options: UmamiAnalyticsServiceOptions)
+```
+
+**Options:**
+
+- `enabled: boolean` - Whether analytics are enabled
+
+**Example:**
+
+```typescript
+const service = new UmamiAnalyticsService({ enabled: true });
+```
+
+### NoopAnalyticsService
+
+#### Constructor
+
+```typescript
+new NoopAnalyticsService();
+```
+
+**Example:**
+
+```typescript
+const service = new NoopAnalyticsService();
+```
+
+## Type Definitions
+
+### AnalyticsEventProperties
+
+```typescript
+type AnalyticsEventProperties = Record<
+  string,
+  string | number | boolean | null | undefined
+>;
+```
+
+**Example:**
+
+```typescript
+const properties: AnalyticsEventProperties = {
+  product_id: "123",
+  product_name: "Cable",
+  price: 99.99,
+  quantity: 1,
+  in_stock: true,
+  discount: null,
+};
+```
+
+### UmamiAnalyticsServiceOptions
+
+```typescript
+type UmamiAnalyticsServiceOptions = {
+  enabled: boolean;
+};
+```
+
+## Best Practices
+
+### 1. Use the Service Layer
+
+Always use the service layer instead of calling Umami directly:
+
+```typescript
+// ✅ Good
+import { getAppServices } from "@/lib/services/create-services";
+
+const services = getAppServices();
+services.analytics.track("button_click", { button_id: "cta" });
+
+// ❌ Avoid
+(window as any).umami?.track("button_click", { button_id: "cta" });
+```
+
+### 2. Check Environment
+
+The service layer automatically handles environment detection:
+
+```typescript
+// ✅ Safe - works in both server and client
+const services = getAppServices();
+services.analytics.track("event", { prop: "value" });
+
+// ❌ Unsafe - may fail in server environment
+if (typeof window !== "undefined") {
+  window.umami?.track("event", { prop: "value" });
+}
+```
+
+### 3. Use Type-Safe Events
+
+Import events from the centralized definitions:
+
+```typescript
+import { AnalyticsEvents } from "@/components/analytics/analytics-events";
+
+// ✅ Type-safe
+services.analytics.track(AnalyticsEvents.BUTTON_CLICK, {
+  button_id: "cta",
+});
+
+// ❌ Prone to typos
+services.analytics.track("button_click", {
+  button_id: "cta",
+});
+```
+
+### 4. Handle Disabled Analytics
+
+The service layer gracefully handles disabled analytics:
+
+```typescript
+// When NEXT_PUBLIC_UMAMI_WEBSITE_ID is not set:
+// - NoopAnalyticsService is used
+// - All calls are safe (no-op)
+// - No errors are thrown
+
+const services = getAppServices();
+services.analytics.track("event", { prop: "value" }); // Safe, does nothing
+```
+
+## Testing
+
+### Mocking for Tests
+
+```typescript
+// __tests__/analytics-mock.ts
+export const mockAnalytics = {
+  track: jest.fn(),
+  trackPageview: jest.fn(),
+};
+
+jest.mock("@/lib/services/create-services", () => ({
+  getAppServices: () => ({
+    analytics: mockAnalytics,
+  }),
+}));
+
+// Usage in tests
+import { mockAnalytics } from "./analytics-mock";
+
+test("tracks button click", () => {
+  // ... test code ...
+  expect(mockAnalytics.track).toHaveBeenCalledWith("button_click", {
+    button_id: "cta",
+  });
+});
+```
+
+### Development Mode
+
+In development, the service layer logs to console:
+
+```bash
+# Console output:
+[Umami] Tracked event: button_click { button_id: 'cta' }
+[Umami] Tracked pageview: /products/123
+```
+
+## Error Handling
+
+The service layer includes built-in error handling:
+
+1. **Environment Detection** - Checks for browser environment
+2. **Service Availability** - Checks if Umami is loaded
+3. **Graceful Degradation** - Falls back to NoopAnalyticsService if needed
+
+```typescript
+// These are all safe:
+const services = getAppServices();
+services.analytics.track("event", { prop: "value" }); // Works or does nothing
+services.analytics.trackPageview("/path"); // Works or does nothing
+```
+
+## Performance
+
+### Singleton Pattern
+
+The service layer uses a singleton pattern for performance:
+
+```typescript
+// First call creates the singleton
+const services1 = getAppServices();
+
+// Subsequent calls return the cached singleton
+const services2 = getAppServices();
+
+// services1 === services2 (same instance)
+```
+
+### Lazy Initialization
+
+Services are only created when first accessed:
+
+```typescript
+// Services are not created until getAppServices() is called
+// This keeps initial bundle size minimal
+```
+
+## Integration with Components
+
+### Client Components
+
+```typescript
+'use client';
+
+import { getAppServices } from '@/lib/services/create-services';
+
+function MyComponent() {
+  const handleClick = () => {
+    const services = getAppServices();
+    services.analytics.track('button_click', { button_id: 'my-button' });
+  };
+
+  return <button onClick={handleClick}>Click Me</button>;
+}
+```
+
+### Server Components
+
+```typescript
+import { getAppServices } from '@/lib/services/create-services';
+
+async function MyServerComponent() {
+  const services = getAppServices();
+
+  // Note: Analytics won't work in server components
+  // Use client components for analytics tracking
+  // But you can still access other services like cache
+
+  const data = await services.cache.get('key');
+
+  return <div>{data}</div>;
+}
+```
+
+## Troubleshooting
+
+### Analytics Not Working
+
+1. **Check environment variables:**
+
+   ```bash
+   echo $NEXT_PUBLIC_UMAMI_WEBSITE_ID
+   ```
+
+2. **Verify service selection:**
+
+   ```typescript
+   import { getAppServices } from "@/lib/services/create-services";
+
+   const services = getAppServices();
+   console.log(services.analytics); // Should be UmamiAnalyticsService
+   ```
+
+3. **Check Umami dashboard:**
+   - Log into Umami
+   - Verify website ID matches
+   - Check if data is being received
+
+### Common Issues
+
+| Issue               | Solution                            |
+| ------------------- | ----------------------------------- |
+| No data in Umami    | Check website ID and script URL     |
+| Events not tracking | Verify service is being used        |
+| Script not loading  | Check network connection, CORS      |
+| Wrong data          | Verify event properties are correct |
+
+## Related Files
+
+- [`components/analytics/useAnalytics.ts`](../components/analytics/useAnalytics.ts) - Custom hook for easy event tracking
+- [`components/analytics/analytics-events.ts`](../components/analytics/analytics-events.ts) - Event definitions
+- [`components/analytics/UmamiScript.tsx`](../components/analytics/UmamiScript.tsx) - Script loader component
+- [`components/analytics/AnalyticsProvider.tsx`](../components/analytics/AnalyticsProvider.tsx) - Route change tracker
+- [`lib/services/create-services.ts`](../lib/services/create-services.ts) - Service factory
+
+## Summary
+
+The analytics service layer provides:
+
+- ✅ **Type-safe API** - TypeScript throughout
+- ✅ **Clean abstraction** - Easy to switch analytics providers
+- ✅ **Graceful degradation** - Safe no-op fallback
+- ✅ **Comprehensive documentation** - JSDoc comments and examples
+- ✅ **Performance optimized** - Singleton pattern, lazy initialization
+- ✅ **Error handling** - Safe in all environments
+
+This layer is the foundation for all analytics tracking in the application.

lib/services/analytics/analytics-service.ts

@@ -1,3 +1,76 @@
+/**
+ * Type definition for analytics event properties.
+ *
+ * @example
+ * ```typescript
+ * const properties: AnalyticsEventProperties = {
+ *   product_id: '123',
+ *   product_name: 'Cable',
+ *   price: 99.99,
+ *   quantity: 1,
+ *   in_stock: true,
+ * };
+ * ```
+ */
+export type AnalyticsEventProperties = Record<
+  string,
+  string | number | boolean | null | undefined
+>;
+
+/**
+ * Interface for analytics service implementations.
+ *
+ * This interface defines the contract for all analytics services,
+ * allowing for different implementations (Umami, Google Analytics, etc.)
+ * while maintaining a consistent API.
+ *
+ * @example
+ * ```typescript
+ * // Using the service directly
+ * const service = new UmamiAnalyticsService({ enabled: true });
+ * service.track('button_click', { button_id: 'cta' });
+ * service.trackPageview('/products/123');
+ * ```
+ *
+ * @example
+ * ```typescript
+ * // Using the useAnalytics hook (recommended)
+ * const { trackEvent, trackPageview } = useAnalytics();
+ * trackEvent('button_click', { button_id: 'cta' });
+ * trackPageview('/products/123');
+ * ```
+ */
 export interface AnalyticsService {
-  trackEvent(name: string, properties?: Record<string, unknown>): void;
+  /**
+   * Track a custom event with optional properties.
+   *
+   * @param eventName - The name of the event to track
+   * @param props - Optional event properties (metadata)
+   *
+   * @example
+   * ```typescript
+   * track('product_add_to_cart', {
+   *   product_id: '123',
+   *   product_name: 'Cable',
+   *   price: 99.99,
+   * });
+   * ```
+   */
+  track(eventName: string, props?: AnalyticsEventProperties): void;
+
+  /**
+   * Track a pageview.
+   *
+   * @param url - The URL to track (defaults to current location)
+   *
+   * @example
+   * ```typescript
+   * // Track current page
+   * trackPageview();
+   *
+   * // Track custom URL
+   * trackPageview('/products/123?category=cables');
+   * ```
+   */
+  trackPageview(url?: string): void;
 }

lib/services/analytics/noop-analytics-service.ts

@@ -1,5 +1,71 @@
-import type { AnalyticsService } from "./analytics-service";
+/* eslint-disable @typescript-eslint/no-unused-vars */
+import type {
+  AnalyticsEventProperties,
+  AnalyticsService,
+} from "./analytics-service";
 
+/**
+ * No-op Analytics Service Implementation.
+ *
+ * This service implements the AnalyticsService interface but does nothing.
+ * It's used as a fallback when analytics are disabled or not configured.
+ *
+ * @example
+ * ```typescript
+ * // Service creation (usually done by create-services.ts)
+ * const service = new NoopAnalyticsService();
+ *
+ * // These calls do nothing but are safe to execute
+ * service.track('button_click', { button_id: 'cta' });
+ * service.trackPageview('/products/123');
+ * ```
+ *
+ * @example
+ * ```typescript
+ * // Automatic fallback in create-services.ts
+ * const umamiEnabled = Boolean(process.env.NEXT_PUBLIC_UMAMI_WEBSITE_ID);
+ * const analytics = umamiEnabled
+ *   ? new UmamiAnalyticsService({ enabled: true })
+ *   : new NoopAnalyticsService(); // Fallback when no website ID
+ * ```
+ */
 export class NoopAnalyticsService implements AnalyticsService {
-  trackEvent() {}
+  /**
+   * No-op implementation of track.
+   *
+   * This method does nothing but maintains the same signature as other
+   * analytics services for consistency.
+   *
+   * @param _eventName - Event name (ignored)
+   * @param _props - Event properties (ignored)
+   *
+   * @example
+   * ```typescript
+   * // Safe to call even when analytics are disabled
+   * service.track('button_click', { button_id: 'cta' });
+   * // No error, no action taken
+   * ```
+   */
+  track(_eventName: string, _props?: AnalyticsEventProperties) {
+    // intentionally noop - analytics are disabled
+  }
+
+  /**
+   * No-op implementation of trackPageview.
+   *
+   * This method does nothing but maintains the same signature as other
+   * analytics services for consistency.
+   *
+   * @param _url - URL to track (ignored)
+   *
+   * @example
+   * ```typescript
+   * // Safe to call even when analytics are disabled
+   * service.trackPageview('/products/123');
+   * // No error, no action taken
+   * ```
+   */
+  trackPageview(_url?: string) {
+    // intentionally noop - analytics are disabled
+  }
 }

lib/services/analytics/umami-analytics-service.ts

@@ -0,0 +1,112 @@
+import type {
+  AnalyticsEventProperties,
+  AnalyticsService,
+} from "./analytics-service";
+import { config } from "../../config";
+
+/**
+ * Configuration options for UmamiAnalyticsService.
+ *
+ * @property enabled - Whether analytics are enabled
+ */
+export type UmamiAnalyticsServiceOptions = {
+  enabled: boolean;
+};
+
+/**
+ * Umami Analytics Service Implementation (Script-less/Proxy edition).
+ *
+ * This version implements the Umami tracking protocol directly via fetch,
+ * eliminating the need to load an external script.js file.
+ *
+ * In the browser, it gathers standard metadata (screen, language, referrer)
+ * and sends it to the proxied '/stats/api/send' endpoint.
+ */
+export class UmamiAnalyticsService implements AnalyticsService {
+  private websiteId?: string;
+  private endpoint: string;
+
+  constructor(private readonly options: UmamiAnalyticsServiceOptions) {
+    this.websiteId = config.analytics.umami.websiteId;
+
+    // On server, use the full internal URL; on client, use the proxied path
+    this.endpoint =
+      typeof window === "undefined"
+        ? config.analytics.umami.apiEndpoint
+        : "/stats";
+  }
+
+  /**
+   * Internal method to send the payload to Umami API.
+   */
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  private async sendPayload(type: "event", data: Record<string, unknown>) {
+    if (!this.options.enabled || !this.websiteId) return;
+
+    try {
+      const payload = {
+        website: this.websiteId,
+        hostname:
+          typeof window !== "undefined" ? window.location.hostname : "server",
+        screen:
+          typeof window !== "undefined"
+            ? `${window.screen.width}x${window.screen.height}`
+            : undefined,
+        language:
+          typeof window !== "undefined" ? navigator.language : undefined,
+        referrer: typeof window !== "undefined" ? document.referrer : undefined,
+        ...data,
+      };
+
+      const response = await fetch(`${this.endpoint}/api/send`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "User-Agent":
+            typeof window === "undefined" ? "KLZ-Server" : navigator.userAgent,
+        },
+        body: JSON.stringify({ type, payload }),
+        keepalive: true,
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      } as any);
+
+      if (!response.ok && process.env.NODE_ENV === "development") {
+        const errorText = await response.text();
+        console.warn(
+          `[Umami] API responded with ${response.status}: ${errorText}`,
+        );
+      }
+    } catch (error) {
+      if (process.env.NODE_ENV === "development") {
+        console.error("[Umami] Failed to send analytics:", error);
+      }
+    }
+  }
+
+  /**
+   * Track a custom event.
+   */
+  track(eventName: string, props?: AnalyticsEventProperties) {
+    this.sendPayload("event", {
+      name: eventName,
+      data: props,
+      url:
+        typeof window !== "undefined"
+          ? window.location.pathname + window.location.search
+          : undefined,
+    });
+  }
+
+  /**
+   * Track a pageview.
+   */
+  trackPageview(url?: string) {
+    this.sendPayload("event", {
+      url:
+        url ||
+        (typeof window !== "undefined"
+          ? window.location.pathname + window.location.search
+          : undefined),
+    });
+  }
+}

lib/services/app-services.ts

@@ -4,6 +4,7 @@ import type { ErrorReportingService } from "./errors/error-reporting-service";
 import type { LoggerService } from "./logging/logger-service";
 import type { NotificationService } from "./notifications/notification-service";
 
+// Simple constructor-based DI container.
 export class AppServices {
   constructor(
     public readonly analytics: AnalyticsService,

lib/services/cache/cache-service.ts

@@ -1,5 +1,9 @@
+export type CacheSetOptions = {
+  ttlSeconds?: number;
+};
+
 export interface CacheService {
-  get<T>(key: string): Promise<T | null>;
+  get<T>(key: string): Promise<T | undefined>;
-  set<T>(key: string, value: T, ttlSeconds?: number): Promise<void>;
+  set<T>(key: string, value: T, options?: CacheSetOptions): Promise<void>;
-  delete(key: string): Promise<void>;
+  del(key: string): Promise<void>;
 }

lib/services/cache/memory-cache-service.ts

@@ -1,26 +1,30 @@
-import type { CacheService } from "./cache-service";
+import type { CacheService, CacheSetOptions } from "./cache-service";
+
+type Entry = {
+  value: unknown;
+  expiresAt?: number;
+};
 
 export class MemoryCacheService implements CacheService {
-  private cache = new Map<string, { value: unknown; expiry: number | null }>();
+  private readonly store = new Map<string, Entry>();
 
-  async get<T>(key: string): Promise<T | null> {
+  async get<T>(key: string) {
-    const item = this.cache.get(key);
+    const entry = this.store.get(key);
-    if (!item) return null;
+    if (!entry) return undefined;
-
+    if (entry.expiresAt && Date.now() > entry.expiresAt) {
-    if (item.expiry && item.expiry < Date.now()) {
+      this.store.delete(key);
-      this.cache.delete(key);
+      return undefined;
-      return null;
     }
-
+    return entry.value as T;
-    return item.value as T;
   }
 
-  async set<T>(key: string, value: T, ttlSeconds?: number): Promise<void> {
+  async set<T>(key: string, value: T, options?: CacheSetOptions) {
-    const expiry = ttlSeconds ? Date.now() + ttlSeconds * 1000 : null;
+    const ttl = options?.ttlSeconds;
-    this.cache.set(key, { value, expiry });
+    const expiresAt = ttl ? Date.now() + ttl * 1000 : undefined;
+    this.store.set(key, { value, expiresAt });
   }
 
-  async delete(key: string): Promise<void> {
+  async del(key: string) {
-    this.cache.delete(key);
+    this.store.delete(key);
   }
 }

lib/services/create-services.server.ts

@@ -1,18 +1,21 @@
 import { AppServices } from "./app-services";
 import { NoopAnalyticsService } from "./analytics/noop-analytics-service";
+import { UmamiAnalyticsService } from "./analytics/umami-analytics-service";
 import { MemoryCacheService } from "./cache/memory-cache-service";
 import { GlitchtipErrorReportingService } from "./errors/glitchtip-error-reporting-service";
 import { NoopErrorReportingService } from "./errors/noop-error-reporting-service";
-import { GotifyNotificationService } from "./notifications/gotify-notification-service";
+import {
-import { NoopNotificationService } from "./notifications/noop-notification-service";
+  GotifyNotificationService,
+  NoopNotificationService,
+} from "./notifications/gotify-notification-service";
 import { PinoLoggerService } from "./logging/pino-logger-service";
 import { config, getMaskedConfig } from "../config";
 
 let singleton: AppServices | undefined;
-
 export function getServerAppServices(): AppServices {
   if (singleton) return singleton;
 
+  // Create logger first to log initialization
   const logger = new PinoLoggerService("server");
 
   logger.info("Initializing server application services", {
@@ -20,7 +23,22 @@ export function getServerAppServices(): AppServices {
     timestamp: new Date().toISOString(),
   });
 
-  const analytics = new NoopAnalyticsService();
+  logger.info("Service configuration", {
+    umamiEnabled: config.analytics.umami.enabled,
+    sentryEnabled: config.errors.glitchtip.enabled,
+    mailEnabled: Boolean(config.mail.host && config.mail.user),
+    gotifyEnabled: config.notifications.gotify.enabled,
+  });
+
+  const analytics = config.analytics.umami.enabled
+    ? new UmamiAnalyticsService({ enabled: true })
+    : new NoopAnalyticsService();
+
+  if (config.analytics.umami.enabled) {
+    logger.info("Umami analytics service initialized");
+  } else {
+    logger.info("Noop analytics service initialized (analytics disabled)");
+  }
 
   const notifications = config.notifications.gotify.enabled
     ? new GotifyNotificationService({
@@ -30,11 +48,35 @@ export function getServerAppServices(): AppServices {
       })
     : new NoopNotificationService();
 
+  if (config.notifications.gotify.enabled) {
+    logger.info("Gotify notification service initialized");
+  } else {
+    logger.info(
+      "Noop notification service initialized (notifications disabled)",
+    );
+  }
+
   const errors = config.errors.glitchtip.enabled
     ? new GlitchtipErrorReportingService({ enabled: true }, notifications)
     : new NoopErrorReportingService();
 
+  if (config.errors.glitchtip.enabled) {
+    logger.info("GlitchTip error reporting service initialized", {
+      dsnPresent: Boolean(config.errors.glitchtip.dsn),
+    });
+  } else {
+    logger.info(
+      "Noop error reporting service initialized (error reporting disabled)",
+    );
+  }
+
   const cache = new MemoryCacheService();
+  logger.info("Memory cache service initialized");
+
+  logger.info("Pino logger service initialized", {
+    name: "server",
+    level: config.logging.level,
+  });
 
   singleton = new AppServices(analytics, errors, cache, logger, notifications);
 

lib/services/create-services.ts

@@ -0,0 +1,154 @@
+import { AppServices } from "./app-services";
+import { NoopAnalyticsService } from "./analytics/noop-analytics-service";
+import { MemoryCacheService } from "./cache/memory-cache-service";
+import { GlitchtipErrorReportingService } from "./errors/glitchtip-error-reporting-service";
+import { NoopErrorReportingService } from "./errors/noop-error-reporting-service";
+import { NoopLoggerService } from "./logging/noop-logger-service";
+import { PinoLoggerService } from "./logging/pino-logger-service";
+import { NoopNotificationService } from "./notifications/gotify-notification-service";
+import { config, getMaskedConfig } from "../config";
+
+/**
+ * Singleton instance of AppServices.
+ *
+ * In Next.js, module singletons are per-process (server) and per-tab (client).
+ * This is sufficient for a small service layer and provides better performance
+ * than creating new instances on every request.
+ *
+ * @private
+ */
+let singleton: AppServices | undefined;
+
+/**
+ * Get the application services singleton.
+ *
+ * This function creates and caches the application services, including:
+ * - Analytics service (Umami or no-op)
+ * - Error reporting service (GlitchTip/Sentry or no-op)
+ * - Cache service (in-memory)
+ *
+ * The services are configured based on environment variables:
+ * - `UMAMI_WEBSITE_ID` - Enables Umami analytics
+ * - `NEXT_PUBLIC_SENTRY_DSN` - Enables client-side error reporting
+ * - `SENTRY_DSN` - Enables server-side error reporting
+ *
+ * @returns {AppServices} The application services singleton
+ *
+ * @example
+ * ```typescript
+ * // Get services in a client component
+ * import { getAppServices } from '@/lib/services/create-services';
+ *
+ * const services = getAppServices();
+ * services.analytics.track('button_click', { button_id: 'cta' });
+ * ```
+ *
+ * @example
+ * ```typescript
+ * // Get services in a server component or API route
+ * import { getAppServices } from '@/lib/services/create-services';
+ *
+ * const services = getAppServices();
+ * await services.cache.set('key', 'value');
+ * ```
+ *
+ * @example
+ * ```typescript
+ * // Automatic service selection based on environment
+ * // If NEXT_PUBLIC_UMAMI_WEBSITE_ID is set:
+ * //   services.analytics = UmamiAnalyticsService
+ * // If not set:
+ * //   services.analytics = NoopAnalyticsService (safe no-op)
+ * ```
+ *
+ * @see {@link UmamiAnalyticsService} for analytics implementation
+ * @see {@link NoopAnalyticsService} for no-op fallback
+ * @see {@link GlitchtipErrorReportingService} for error reporting
+ * @see {@link MemoryCacheService} for caching
+ */
+export function getAppServices(): AppServices {
+  // Return cached instance if available
+  if (singleton) return singleton;
+
+  // Create logger first to log initialization
+  const logger =
+    typeof window === "undefined"
+      ? new PinoLoggerService("server")
+      : new NoopLoggerService();
+
+  // Log initialization
+  if (typeof window === "undefined") {
+    // Server-side
+    logger.info("Initializing server application services", {
+      environment: getMaskedConfig(),
+      timestamp: new Date().toISOString(),
+    });
+  } else {
+    // Client-side
+    logger.info("Initializing client application services", {
+      environment: getMaskedConfig(),
+      timestamp: new Date().toISOString(),
+    });
+  }
+
+  // Determine which services to enable based on environment variables
+  const umamiEnabled = config.analytics.umami.enabled;
+  const sentryEnabled = config.errors.glitchtip.enabled;
+
+  logger.info("Service configuration", {
+    umamiEnabled,
+    sentryEnabled,
+    isServer: typeof window === "undefined",
+  });
+
+  // Create analytics service (Umami or no-op)
+  // Use dynamic import to avoid importing server-only code in client components
+  const analytics = umamiEnabled
+    ? (() => {
+        const { UmamiAnalyticsService } =
+          // eslint-disable-next-line @typescript-eslint/no-require-imports
+          require("./analytics/umami-analytics-service");
+        return new UmamiAnalyticsService({ enabled: true });
+      })()
+    : new NoopAnalyticsService();
+
+  if (umamiEnabled) {
+    logger.info("Umami analytics service initialized");
+  } else {
+    logger.info("Noop analytics service initialized (analytics disabled)");
+  }
+
+  // Create error reporting service (GlitchTip/Sentry or no-op)
+  const errors = sentryEnabled
+    ? new GlitchtipErrorReportingService({ enabled: true })
+    : new NoopErrorReportingService();
+
+  if (sentryEnabled) {
+    logger.info(
+      `GlitchTip error reporting service initialized (${typeof window === "undefined" ? "server" : "client"})`,
+    );
+  } else {
+    logger.info(
+      "Noop error reporting service initialized (error reporting disabled)",
+    );
+  }
+
+  // IMPORTANT: This module is imported by client components.
+  // Do not import Node-only modules (like the `redis` client) here.
+  // Use [`getServerAppServices()`](lib/services/create-services.server.ts:1) on the server.
+  const cache = new MemoryCacheService();
+  logger.info("Memory cache service initialized");
+
+  logger.info("Pino logger service initialized", {
+    name: typeof window === "undefined" ? "server" : "client",
+    level: config.logging.level,
+  });
+
+  // Create and cache the singleton
+  const notifications = new NoopNotificationService();
+  singleton = new AppServices(analytics, errors, cache, logger, notifications);
+
+  logger.info("All application services initialized successfully");
+
+  return singleton;
+}

lib/services/errors/error-reporting-service.ts

@@ -1,4 +1,27 @@
+export type ErrorReportingUser = {
+  id?: string;
+  email?: string;
+  username?: string;
+};
+
+export type ErrorReportingLevel =
+  | "fatal"
+  | "error"
+  | "warning"
+  | "info"
+  | "debug"
+  | "log";
+
 export interface ErrorReportingService {
-  captureException(error: unknown, context?: Record<string, unknown>): void;
+  captureException(
-  captureMessage(message: string, context?: Record<string, unknown>): void;
+    error: unknown,
+    context?: Record<string, unknown>,
+  ): Promise<string | undefined> | string | undefined;
+  captureMessage(
+    message: string,
+    level?: ErrorReportingLevel,
+  ): Promise<string | undefined> | string | undefined;
+  setUser(user: ErrorReportingUser | null): void;
+  setTag(key: string, value: string): void;
+  withScope<T>(fn: () => T, context?: Record<string, unknown>): T;
 }

lib/services/errors/glitchtip-error-reporting-service.ts

@@ -1,48 +1,77 @@
 import * as Sentry from "@sentry/nextjs";
-import type { ErrorReportingService } from "./error-reporting-service";
+import type {
+  ErrorReportingLevel,
+  ErrorReportingService,
+  ErrorReportingUser,
+} from "./error-reporting-service";
 import type { NotificationService } from "../notifications/notification-service";
 
-export interface GlitchtipConfig {
+type SentryLike = typeof Sentry;
-  enabled: boolean;
-}
 
+export type GlitchtipErrorReportingServiceOptions = {
+  enabled: boolean;
+};
+
+// GlitchTip speaks the Sentry protocol; @sentry/nextjs can send to GlitchTip via DSN.
 export class GlitchtipErrorReportingService implements ErrorReportingService {
   constructor(
-    private readonly config: GlitchtipConfig,
+    private readonly options: GlitchtipErrorReportingServiceOptions,
     private readonly notifications?: NotificationService,
+    private readonly sentry: SentryLike = Sentry,
   ) {}
 
-  captureException(error: unknown, context?: Record<string, unknown>) {
+  async captureException(error: unknown, context?: Record<string, unknown>) {
-    if (!this.config.enabled) return;
+    if (!this.options.enabled) return undefined;
-
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    Sentry.withScope((scope) => {
+    const result = this.sentry.captureException(error, context as any) as any;
-      if (context) {
-        scope.setExtras(context);
-      }
-      Sentry.captureException(error);
-    });
 
+    // Send to Gotify if it's considered critical or if we just want all exceptions there
+    // For now, let's send all exceptions to Gotify as requested "notify me via gotify about critical error messages"
+    // We'll treat all captureException calls as potentially critical or at least noteworthy
     if (this.notifications) {
-      this.notifications
+      const errorMessage =
-        .notify({
+        error instanceof Error ? error.message : String(error);
-          title: "🚨 Exception Captured",
+      const contextStr = context
-          message: error instanceof Error ? error.message : String(error),
+        ? `\nContext: ${JSON.stringify(context, null, 2)}`
-          priority: 10,
+        : "";
-        })
+
-        .catch((err) =>
+      await this.notifications.notify({
-          console.error("Failed to send notification for exception", err),
+        title: "🔥 Critical Error Captured",
-        );
+        message: `Error: ${errorMessage}${contextStr}`,
+        priority: 7,
+      });
     }
+
+    return result;
   }
 
-  captureMessage(message: string, context?: Record<string, unknown>) {
+  captureMessage(message: string, level: ErrorReportingLevel = "error") {
-    if (!this.config.enabled) return;
+    if (!this.options.enabled) return undefined;
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    return this.sentry.captureMessage(message, level as any) as any;
+  }
 
-    Sentry.withScope((scope) => {
+  setUser(user: ErrorReportingUser | null) {
+    if (!this.options.enabled) return;
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    this.sentry.setUser(user as any);
+  }
+
+  setTag(key: string, value: string) {
+    if (!this.options.enabled) return;
+    this.sentry.setTag(key, value);
+  }
+
+  withScope<T>(fn: () => T, context?: Record<string, unknown>) {
+    if (!this.options.enabled) return fn();
+
+    return this.sentry.withScope((scope) => {
       if (context) {
-        scope.setExtras(context);
+        for (const [key, value] of Object.entries(context)) {
+          scope.setExtra(key, value);
+        }
       }
-      Sentry.captureMessage(message);
+      return fn();
     });
   }
 }

lib/services/errors/noop-error-reporting-service.ts

@@ -1,6 +1,23 @@
-import type { ErrorReportingService } from "./error-reporting-service";
+/* eslint-disable @typescript-eslint/no-unused-vars */
+import type {
+  ErrorReportingLevel,
+  ErrorReportingService,
+  ErrorReportingUser,
+} from "./error-reporting-service";
 
 export class NoopErrorReportingService implements ErrorReportingService {
-  captureException() {}
+  async captureException(_error: unknown, _context?: Record<string, unknown>) {
-  captureMessage() {}
+    return undefined;
+  }
+
+  async captureMessage(_message: string, _level?: ErrorReportingLevel) {
+    return undefined;
+  }
+
+  setUser(_user: ErrorReportingUser | null) {}
+  setTag(_key: string, _value: string) {}
+
+  withScope<T>(fn: () => T, _context?: Record<string, unknown>) {
+    return fn();
+  }
 }

lib/services/logging/logger-service.ts

@@ -1,7 +1,11 @@
+export type LogLevel = "trace" | "debug" | "info" | "warn" | "error" | "fatal";
+
 export interface LoggerService {
-  debug(message: string, context?: Record<string, unknown>): void;
+  trace(msg: string, ...args: unknown[]): void;
-  info(message: string, context?: Record<string, unknown>): void;
+  debug(msg: string, ...args: unknown[]): void;
-  warn(message: string, context?: Record<string, unknown>): void;
+  info(msg: string, ...args: unknown[]): void;
-  error(message: string, context?: Record<string, unknown>): void;
+  warn(msg: string, ...args: unknown[]): void;
-  child(context: Record<string, unknown>): LoggerService;
+  error(msg: string, ...args: unknown[]): void;
+  fatal(msg: string, ...args: unknown[]): void;
+  child(bindings: Record<string, unknown>): LoggerService;
 }

lib/services/logging/noop-logger-service.ts

@@ -0,0 +1,13 @@
+import type { LoggerService } from "./logger-service";
+
+export class NoopLoggerService implements LoggerService {
+  trace() {}
+  debug() {}
+  info() {}
+  warn() {}
+  error() {}
+  fatal() {}
+  child() {
+    return this;
+  }
+}

lib/services/logging/pino-logger-service.ts

@@ -1,14 +1,17 @@
-import { pino, type Logger as PinoLogger } from "pino";
+import pino, { Logger as PinoLogger } from "pino";
 import type { LoggerService } from "./logger-service";
 import { config } from "../../config";
 
 export class PinoLoggerService implements LoggerService {
-  private logger: PinoLogger;
+  private readonly logger: PinoLogger;
 
   constructor(name?: string, parent?: PinoLogger) {
     if (parent) {
       this.logger = parent.child({ name });
     } else {
+      // In Next.js, especially in the Edge runtime or during instrumentation,
+      // pino transports (which use worker threads) can cause issues.
+      // We disable transport in production and during instrumentation.
       const useTransport =
         config.isDevelopment && typeof window === "undefined";
 
@@ -27,30 +30,41 @@ export class PinoLoggerService implements LoggerService {
     }
   }
 
-  debug(message: string, context?: Record<string, unknown>) {
+  trace(msg: string, ...args: unknown[]) {
-    if (context) this.logger.debug(context, message);
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    else this.logger.debug(message);
+    this.logger.trace(msg, ...(args as any));
   }
 
-  info(message: string, context?: Record<string, unknown>) {
+  debug(msg: string, ...args: unknown[]) {
-    if (context) this.logger.info(context, message);
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    else this.logger.info(message);
+    this.logger.debug(msg, ...(args as any));
   }
 
-  warn(message: string, context?: Record<string, unknown>) {
+  info(msg: string, ...args: unknown[]) {
-    if (context) this.logger.warn(context, message);
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    else this.logger.warn(message);
+    this.logger.info(msg, ...(args as any));
   }
 
-  error(message: string, context?: Record<string, unknown>) {
+  warn(msg: string, ...args: unknown[]) {
-    if (context) this.logger.error(context, message);
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    else this.logger.error(message);
+    this.logger.warn(msg, ...(args as any));
   }
 
-  child(context: Record<string, unknown>): LoggerService {
+  error(msg: string, ...args: unknown[]) {
-    const childPino = this.logger.child(context);
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    this.logger.error(msg, ...(args as any));
+  }
+
+  fatal(msg: string, ...args: unknown[]) {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    this.logger.fatal(msg, ...(args as any));
+  }
+
+  child(bindings: Record<string, unknown>): LoggerService {
+    const childPino = this.logger.child(bindings);
     const service = new PinoLoggerService();
-    service.logger = childPino;
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    (service as any).logger = childPino;
     return service;
   }
 }

lib/services/notifications/gotify-notification-service.ts

@@ -1,5 +1,5 @@
-import type {
+import {
-  NotificationMessage,
+  NotificationOptions,
   NotificationService,
 } from "./notification-service";
 
@@ -10,35 +10,44 @@ export interface GotifyConfig {
 }
 
 export class GotifyNotificationService implements NotificationService {
-  constructor(private readonly config: GotifyConfig) {}
+  constructor(private config: GotifyConfig) {}
 
-  async notify(message: NotificationMessage): Promise<void> {
+  async notify(options: NotificationOptions): Promise<void> {
     if (!this.config.enabled) return;
 
     try {
-      const response = await fetch(
+      const { title, message, priority = 4 } = options;
-        `${this.config.url}/message?token=${this.config.token}`,
+      const url = new URL("message", this.config.url);
-        {
+      url.searchParams.set("token", this.config.token);
-          method: "POST",
+
-          headers: {
+      const response = await fetch(url.toString(), {
-            "Content-Type": "application/json",
+        method: "POST",
-          },
+        headers: {
-          body: JSON.stringify({
+          "Content-Type": "application/json",
-            title: message.title,
-            message: message.message,
-            priority: message.priority ?? 5,
-          }),
         },
-      );
+        body: JSON.stringify({
+          title,
+          message,
+          priority,
+        }),
+      });
 
       if (!response.ok) {
-        console.error(
+        const errorText = await response.text();
-          "Failed to send Gotify notification",
+        console.error("Gotify notification failed:", {
-          await response.text(),
+          status: response.status,
-        );
+          error: errorText,
+        });
       }
     } catch (error) {
-      console.error("Error sending Gotify notification", error);
+      console.error("Gotify notification error:", error);
     }
   }
 }
+
+export class NoopNotificationService implements NotificationService {
+  // eslint-disable-next-line @typescript-eslint/no-unused-vars
+  async notify(_options: NotificationOptions): Promise<void> {
+    // Do nothing
+  }
+}

lib/services/notifications/noop-notification-service.ts

@@ -1,5 +0,0 @@
-import type { NotificationService } from "./notification-service";
-
-export class NoopNotificationService implements NotificationService {
-  async notify() {}
-}

lib/services/notifications/notification-service.ts

@@ -1,9 +1,9 @@
-export interface NotificationMessage {
+export interface NotificationOptions {
   title: string;
   message: string;
-  priority?: number; // 0-10, Gotify style
+  priority?: number;
 }
 
 export interface NotificationService {
-  notify(message: NotificationMessage): Promise<void>;
+  notify(options: NotificationOptions): Promise<void>;
 }

next-env.d.ts

@@ -1,6 +1,6 @@
 /// <reference types="next" />
 /// <reference types="next/image-types/global" />
-import "./.next/dev/types/routes.d.ts";
+import "./.next/types/routes.d.ts";
 
 // NOTE: This file should not be edited
 // see https://nextjs.org/docs/app/api-reference/config/typescript for more information.

next.config.mjs

@@ -1,6 +1,28 @@
 import withMintelConfig from "@mintel/next-config";
 
 /** @type {import('next').NextConfig} */
-const nextConfig = {};
+const nextConfig = {
+    async rewrites() {
+        const umamiUrl =
+            process.env.UMAMI_API_ENDPOINT ||
+            process.env.UMAMI_SCRIPT_URL ||
+            process.env.NEXT_PUBLIC_UMAMI_SCRIPT_URL ||
+            "https://analytics.infra.mintel.me";
+        const glitchtipUrl = process.env.SENTRY_DSN
+            ? new URL(process.env.SENTRY_DSN).origin
+            : "https://errors.infra.mintel.me";
+
+        return [
+            {
+                source: "/stats/:path*",
+                destination: `${umamiUrl}/:path*`,
+            },
+            {
+                source: "/errors/:path*",
+                destination: `${glitchtipUrl}/:path*`,
+            },
+        ];
+    },
+};
 
 export default withMintelConfig(nextConfig);

pnpm-workspace.yaml

@@ -0,0 +1,7 @@
+onlyBuiltDependencies:
+  - '@parcel/watcher'
+  - '@sentry/cli'
+  - '@swc/core'
+  - esbuild
+  - sharp
+  - unrs-resolver