fix: deploy

.gitea/workflows/deploy.yml

@@ -251,14 +251,13 @@ jobs:
           DIRECTUS_KEY=${{ secrets.DIRECTUS_KEY || vars.DIRECTUS_KEY }}
           DIRECTUS_SECRET=${{ secrets.DIRECTUS_SECRET || vars.DIRECTUS_SECRET }}
           
-          # SMTP Config
+          # Mail
-          SMTP_HOST=${{ secrets.SMTP_HOST || vars.SMTP_HOST }}
+          MAIL_HOST=${{ secrets.SMTP_HOST || vars.SMTP_HOST }}
-          SMTP_PORT=${{ secrets.SMTP_PORT || vars.SMTP_PORT || '587' }}
+          MAIL_PORT=${{ secrets.SMTP_PORT || vars.SMTP_PORT || '587' }}
-          SMTP_SECURE=${{ secrets.SMTP_SECURE || vars.SMTP_SECURE || 'false' }}
+          MAIL_USERNAME=${{ secrets.SMTP_USER || vars.SMTP_USER }}
-          SMTP_USER=${{ secrets.SMTP_USER || vars.SMTP_USER }}
+          MAIL_PASSWORD=${{ secrets.SMTP_PASS || vars.SMTP_PASS }}
-          SMTP_PASS=${{ secrets.SMTP_PASS || vars.SMTP_PASS }}
+          MAIL_FROM=${{ secrets.SMTP_FROM || vars.SMTP_FROM }}
-          SMTP_FROM=${{ secrets.SMTP_FROM || vars.SMTP_FROM }}
+          MAIL_RECIPIENTS=${{ secrets.CONTACT_RECIPIENT || vars.CONTACT_RECIPIENT }}
-          CONTACT_RECIPIENT=${{ secrets.CONTACT_RECIPIENT || vars.CONTACT_RECIPIENT }}
 
           # Authentication
           GATEKEEPER_PASSWORD=${{ secrets.GATEKEEPER_PASSWORD || vars.GATEKEEPER_PASSWORD }}
@@ -289,7 +288,7 @@ jobs:
             
             echo "${{ secrets.REGISTRY_PASS }}" | docker login registry.infra.mintel.me -u "${{ secrets.REGISTRY_USER }}" --password-stdin
             docker compose -p "${{ needs.prepare.outputs.project_name }}" --env-file ${{ needs.prepare.outputs.env_file }} pull
-            docker compose -p "${{ needs.prepare.outputs.project_name }}" --env-file ${{ needs.prepare.outputs.env_file }} up -d --remove-orphans
+            docker compose -p "${{ needs.prepare.outputs.project_name }}" --env-file ${{ needs.prepare.outputs.env_file }} up -d --wait --remove-orphans
             docker system prune -f --filter "until=24h"
           EOF
 

Dockerfile

@@ -38,13 +38,19 @@ RUN pnpm build
 
 # Production runner image
 FROM registry.infra.mintel.me/mintel/runtime:latest AS runner
-WORKDIR /app
+# Production environment configuration
+ENV HOSTNAME="0.0.0.0"
+ENV PORT=3000
+ENV NODE_ENV=production
 
 # Copy standalone output and static files
 COPY --from=builder --chown=nextjs:nodejs /app/public ./public
 COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
 COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
 
+# Ensure the cache directory specifically is writeable (Mintel Standard #16)
+RUN mkdir -p .next/cache && chown -R nextjs:nodejs .next/cache
+
 USER nextjs
 
 CMD ["node", "server.js"]

app/api/contact/route.ts

@@ -47,7 +47,14 @@ export async function POST(req: Request) {
       logger.info("Contact submission saved to Directus");
       directusSaved = true;
     } catch (directusError) {
-      logger.error("Failed to save to Directus", { error: directusError });
+      const errorMessage =
+        directusError instanceof Error
+          ? directusError.message
+          : String(directusError);
+      logger.error("Failed to save to Directus", {
+        error: errorMessage,
+        details: directusError,
+      });
       services.errors.captureException(directusError, {
         phase: "directus_save",
       });
@@ -56,19 +63,20 @@ export async function POST(req: Request) {
 
     // 2. Email sending
     try {
+      const { config } = await import("@/lib/config");
       const transporter = nodemailer.createTransport({
-        host: process.env.SMTP_HOST,
+        host: config.mail.host,
-        port: parseInt(process.env.SMTP_PORT || "587"),
+        port: config.mail.port,
-        secure: process.env.SMTP_SECURE === "true",
+        secure: config.mail.port === 465,
         auth: {
-          user: process.env.SMTP_USER,
+          user: config.mail.user,
-          pass: process.env.SMTP_PASS,
+          pass: config.mail.pass,
         },
       });
 
       await transporter.sendMail({
-        from: process.env.SMTP_FROM,
+        from: config.mail.from,
-        to: process.env.CONTACT_RECIPIENT || "info@mb-grid-solutions.com",
+        to: config.mail.recipients.join(",") || "info@mb-grid-solutions.com",
         replyTo: email,
         subject: `Kontaktanfrage von ${name}`,
         text: `

docker-compose.yaml

@@ -27,6 +27,12 @@ services:
       - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.trustForwardHeader=true"
       - "traefik.http.middlewares.${PROJECT_NAME}-auth.forwardauth.authResponseHeaders=X-Auth-User"
       - "traefik.docker.network=infra"
+    healthcheck:
+      test: [ "CMD", "node", "-e", "fetch('http://127.0.0.1:3000/api/health').then(r => r.ok ? process.exit(0) : process.exit(1)).catch(() => process.exit(1))" ]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 30s
 
   gatekeeper:
     image: registry.infra.mintel.me/mintel/gatekeeper:latest

lib/directus.ts

@@ -23,15 +23,21 @@ export async function ensureAuthenticated() {
   if (adminEmail && password) {
     try {
       await client.login({ email: adminEmail, password: password });
+      return;
     } catch (e) {
       if (typeof window === "undefined") {
         getServerAppServices().errors.captureException(e, {
-          phase: "directus_auth",
+          phase: "directus_auth_fallback",
         });
       }
       console.error("Failed to authenticate with Directus login fallback:", e);
+      throw e;
     }
   }
+
+  throw new Error(
+    "Missing Directus authentication credentials (token or admin email/password)",
+  );
 }
 
 export default client;

scripts/sync-directus.sh

@@ -25,7 +25,7 @@ REMOTE_DIR="/home/deploy/sites/${PRJ_ID}.com"
 case $ENV in
   testing)    PROJECT_NAME="${PRJ_ID}-testing"; ENV_FILE=".env.testing" ;;
   staging)    PROJECT_NAME="${PRJ_ID}-staging"; ENV_FILE=".env.staging" ;;
-  production) PROJECT_NAME="${PRJ_ID}-prod";    ENV_FILE=".env.prod"    ;;
+  production) PROJECT_NAME="${PRJ_ID}-production"; ENV_FILE=".env.prod"    ;;
   *) echo "❌ Invalid environment: $ENV"; exit 1 ;;
 esac
 
@@ -35,8 +35,21 @@ DB_NAME="directus"
 
 echo "🔍 Detecting local database..."
 LOCAL_DB_CONTAINER=$(docker compose ps -q directus-db)
+
 if [ -z "$LOCAL_DB_CONTAINER" ]; then
-    echo "❌ Local directus-db container not found. Is it running? (npm run dev)"
+    # Check if it exists but is stopped
+    LOCAL_DB_EXISTS=$(docker compose ps -a -q directus-db)
+    if [ -n "$LOCAL_DB_EXISTS" ]; then
+        echo "⏳ Local directus-db is stopped. Starting it..."
+        docker compose up -d directus-db
+        # Wait a few seconds for PG to be ready
+        sleep 2
+        LOCAL_DB_CONTAINER=$(docker compose ps -q directus-db)
+    fi
+fi
+
+if [ -z "$LOCAL_DB_CONTAINER" ]; then
+    echo "❌ Local directus-db container not found. Is it defined in docker-compose.yaml?"
     exit 1
 fi