Initial commit: ROA2WEB - FastAPI + Vue.js + Telegram Bot

Modern ERP Reports Application with microservices architecture

Tech Stack:
- Backend: FastAPI + python-oracledb (Oracle DB integration)
- Frontend: Vue.js 3 + PrimeVue + Vite
- Telegram Bot: python-telegram-bot + SQLite
- Infrastructure: Shared database pool, JWT authentication, SSH tunnel

Features:
- FastAPI backend with async Oracle connection pool
- Vue.js 3 responsive frontend with PrimeVue components
- Telegram bot alternative interface
- Microservices architecture with shared components
- Complete deployment support (Linux Docker + Windows IIS)
- Comprehensive testing (Playwright E2E + pytest)

Repository Structure:
- reports-app/ - Main application (backend, frontend, telegram-bot)
- shared/ - Shared components (database pool, auth, utils)
- deployment/ - Deployment scripts (Linux & Windows)
- docs/ - Project documentation
- security/ - Security scanning and git hooks

setup_production.sh

@@ -0,0 +1,338 @@
+#!/bin/bash
+#
+# 🚀 ROA2WEB Production Setup Script
+# Automatic setup for production environment with security best practices
+#
+
+set -e
+
+# Colors
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+echo -e "${GREEN}"
+echo "=============================================="
+echo "🚀 ROA2WEB PRODUCTION SETUP"
+echo "=============================================="
+echo -e "${NC}"
+
+# Function to print step headers
+print_step() {
+    echo -e "${BLUE}📋 Step $1: $2${NC}"
+    echo "----------------------------------------"
+}
+
+# Function to generate strong passwords
+generate_password() {
+    local length=${1:-32}
+    openssl rand -base64 $length | tr -d "=+/" | cut -c1-$length
+}
+
+# Function to generate JWT secret
+generate_jwt_secret() {
+    openssl rand -hex 32
+}
+
+# Check prerequisites
+print_step "1" "Checking Prerequisites"
+
+if ! command -v openssl &> /dev/null; then
+    echo -e "${RED}❌ OpenSSL is required but not installed${NC}"
+    exit 1
+fi
+
+if ! command -v docker &> /dev/null; then
+    echo -e "${YELLOW}⚠️  Docker not found - you'll need to set up environment variables manually${NC}"
+fi
+
+echo -e "${GREEN}✅ Prerequisites check passed${NC}"
+echo
+
+# Generate production credentials
+print_step "2" "Generating Production Credentials"
+
+ORACLE_PASSWORD=$(generate_password 16)
+JWT_SECRET=$(generate_jwt_secret)
+REDIS_PASSWORD=$(generate_password 16)
+MARIUS_PASSWORD=$(generate_password 12)
+ELI_PASSWORD=$(generate_password 12)
+
+echo -e "${GREEN}✅ Secure credentials generated${NC}"
+echo
+
+# Create production environment file
+print_step "3" "Creating Production Environment File"
+
+cat > .env.production << EOF
+# 🔒 ROA2WEB Production Environment
+# Generated: $(date)
+# 
+# ⚠️  SECURITY WARNING: 
+# - Keep this file secure and never commit to git
+# - Use environment-specific secret management in production
+# - Rotate these credentials regularly
+
+# Application Environment
+ENVIRONMENT=production
+DEBUG=false
+NODE_ENV=production
+
+# Oracle Database Configuration
+# 🔐 IMPORTANT: These are the actual production credentials
+ORACLE_USER=CONTAFIN_ORACLE
+ORACLE_PASSWORD=${ORACLE_PASSWORD}
+ORACLE_HOST=localhost  # Through SSH tunnel
+ORACLE_PORT=1526
+ORACLE_SID=ROA
+
+# User Authentication Credentials
+# 🔐 Update in your authentication system
+MARIUS_PASSWORD=${MARIUS_PASSWORD}
+ELI_PASSWORD=${ELI_PASSWORD}
+
+# JWT Authentication
+JWT_SECRET_KEY=${JWT_SECRET}
+JWT_ALGORITHM=HS256
+JWT_EXPIRE_MINUTES=30
+
+# Redis Configuration
+REDIS_PASSWORD=${REDIS_PASSWORD}
+
+# API Configuration
+API_V1_STR=/api/v1
+VITE_API_BASE_URL=https://your-domain.com/api
+
+# SSL Configuration
+DOMAIN=your-domain.com
+SSL_EMAIL=admin@your-domain.com
+
+# Frontend Configuration
+VITE_APP_NAME=ROA2WEB Reports
+VITE_APP_VERSION=1.0.0
+
+# Production Performance Settings
+WORKERS=4
+MAX_CONNECTIONS=1000
+DB_MIN_CONNECTIONS=5
+DB_MAX_CONNECTIONS=20
+DB_CONNECTION_INCREMENT=2
+
+# Docker Configuration
+COMPOSE_PROJECT_NAME=roa2web
+
+# SSH Tunnel Configuration (for Oracle access)
+SSH_SERVER=83.103.197.79
+SSH_PORT=22122
+SSH_USER=roa2web
+REMOTE_HOST=10.0.20.36
+REMOTE_PORT=1521
+EOF
+
+echo -e "${GREEN}✅ Production environment file created: .env.production${NC}"
+echo
+
+# Create credentials summary
+print_step "4" "Creating Credentials Summary"
+
+cat > PRODUCTION_CREDENTIALS.md << EOF
+# 🔐 ROA2WEB Production Credentials
+
+**Generated**: $(date)
+**⚠️  SECURITY**: Store these credentials securely and delete this file after setup!
+
+## Database Credentials
+- **Oracle Password**: \`${ORACLE_PASSWORD}\`
+- **Redis Password**: \`${REDIS_PASSWORD}\`
+
+## Application Secrets
+- **JWT Secret**: \`${JWT_SECRET}\`
+
+## User Passwords (Update in Oracle database)
+- **Marius**: \`${MARIUS_PASSWORD}\`
+- **Eli**: \`${ELI_PASSWORD}\`
+
+## Setup Instructions
+
+### 1. Oracle Database
+Update the Oracle password for CONTAFIN_ORACLE user:
+\`\`\`sql
+ALTER USER CONTAFIN_ORACLE IDENTIFIED BY "${ORACLE_PASSWORD}";
+\`\`\`
+
+### 2. User Authentication
+Update user passwords in your authentication system:
+- marius: ${MARIUS_PASSWORD}
+- eli: ${ELI_PASSWORD}
+
+### 3. Environment Variables
+Set in your production environment:
+\`\`\`bash
+export ORACLE_PASSWORD="${ORACLE_PASSWORD}"
+export JWT_SECRET_KEY="${JWT_SECRET}"
+export REDIS_PASSWORD="${REDIS_PASSWORD}"
+\`\`\`
+
+### 4. SSH Key Setup
+Make sure SSH key is in the correct location:
+\`\`\`bash
+# SSH key should be at:
+roa2web/secrets/roa_oracle_server
+
+# With correct permissions:
+chmod 600 roa2web/secrets/roa_oracle_server
+\`\`\`
+
+### 5. Docker Deployment
+\`\`\`bash
+# Copy production environment
+cp .env.production .env
+
+# Start production stack
+docker-compose -f docker-compose.yml -f docker-compose.production.yml up -d
+
+# Check services
+docker-compose ps
+\`\`\`
+
+## ⚠️  Security Checklist
+- [ ] Oracle password updated in database
+- [ ] User passwords updated in authentication system
+- [ ] Environment variables set in production
+- [ ] SSH key permissions verified (600)
+- [ ] .env.production file secured (not in git)
+- [ ] This credentials file deleted after setup
+- [ ] Firewall rules configured
+- [ ] SSL certificates installed
+- [ ] Monitoring and logging configured
+
+## 🔄 Regular Maintenance
+- Rotate credentials every 90 days
+- Monitor access logs
+- Keep SSH keys up to date
+- Regular security scans
+
+---
+*Generated by ROA2WEB Production Setup Script*
+EOF
+
+echo -e "${GREEN}✅ Credentials summary created: PRODUCTION_CREDENTIALS.md${NC}"
+echo
+
+# Create deployment script
+print_step "5" "Creating Deployment Script"
+
+cat > deploy_production.sh << 'EOF'
+#!/bin/bash
+#
+# 🚀 ROA2WEB Production Deployment Script
+#
+
+set -e
+
+# Colors
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+echo -e "${GREEN}🚀 Starting ROA2WEB Production Deployment${NC}"
+
+# Check if production environment exists
+if [ ! -f ".env.production" ]; then
+    echo -e "${RED}❌ .env.production not found. Run setup_production.sh first!${NC}"
+    exit 1
+fi
+
+# Copy production environment
+echo -e "${BLUE}📋 Setting up production environment...${NC}"
+cp .env.production .env
+
+# Check SSH key
+if [ ! -f "secrets/roa_oracle_server" ]; then
+    echo -e "${RED}❌ SSH key not found at secrets/roa_oracle_server${NC}"
+    echo -e "${YELLOW}Please ensure SSH key is in the correct location with proper permissions${NC}"
+    exit 1
+fi
+
+# Set SSH key permissions
+chmod 600 secrets/roa_oracle_server
+echo -e "${GREEN}✅ SSH key permissions set${NC}"
+
+# Pull latest images
+echo -e "${BLUE}📋 Pulling latest Docker images...${NC}"
+docker-compose pull
+
+# Build services
+echo -e "${BLUE}📋 Building services...${NC}"
+docker-compose build --no-cache
+
+# Start services
+echo -e "${BLUE}📋 Starting production services...${NC}"
+docker-compose -f docker-compose.yml -f docker-compose.production.yml up -d
+
+# Wait for services to start
+echo -e "${BLUE}📋 Waiting for services to start...${NC}"
+sleep 30
+
+# Health check
+echo -e "${BLUE}📋 Running health checks...${NC}"
+if curl -f http://localhost/health >/dev/null 2>&1; then
+    echo -e "${GREEN}✅ Application is healthy and running!${NC}"
+else
+    echo -e "${YELLOW}⚠️  Health check failed, checking service status...${NC}"
+    docker-compose ps
+fi
+
+# Show final status
+echo -e "${GREEN}"
+echo "=============================================="
+echo "🎉 ROA2WEB PRODUCTION DEPLOYMENT COMPLETE"
+echo "=============================================="
+echo -e "${NC}"
+echo -e "${BLUE}Services Status:${NC}"
+docker-compose ps
+
+echo
+echo -e "${BLUE}Access Points:${NC}"
+echo -e "  🌐 Web Application: http://localhost"
+echo -e "  📊 API Documentation: http://localhost/docs"
+echo -e "  🔧 Admin Interface: http://localhost:8080"
+
+echo
+echo -e "${YELLOW}Next Steps:${NC}"
+echo -e "  1. 🔐 Update Oracle database password"
+echo -e "  2. 🔑 Update user authentication passwords"
+echo -e "  3. 🌍 Configure domain and SSL certificates"
+echo -e "  4. 📊 Set up monitoring and logging"
+echo -e "  5. 🗑️  Delete PRODUCTION_CREDENTIALS.md after setup"
+EOF
+
+chmod +x deploy_production.sh
+echo -e "${GREEN}✅ Deployment script created: deploy_production.sh${NC}"
+echo
+
+# Final instructions
+print_step "6" "Setup Complete - Next Steps"
+
+echo -e "${GREEN}🎉 Production setup completed successfully!${NC}"
+echo
+echo -e "${BLUE}Files Created:${NC}"
+echo -e "  📄 .env.production - Production environment variables"
+echo -e "  📄 PRODUCTION_CREDENTIALS.md - Secure credentials summary"
+echo -e "  🚀 deploy_production.sh - Deployment script"
+echo
+echo -e "${YELLOW}⚠️  IMPORTANT SECURITY STEPS:${NC}"
+echo -e "  1. 🔐 Review PRODUCTION_CREDENTIALS.md and update systems"
+echo -e "  2. 🔑 Change Oracle password: ALTER USER CONTAFIN_ORACLE IDENTIFIED BY 'new_password'"
+echo -e "  3. 👥 Update user passwords in authentication system"
+echo -e "  4. 🔒 Secure .env.production file (proper permissions)"
+echo -e "  5. 🗑️  DELETE PRODUCTION_CREDENTIALS.md after setup"
+echo
+echo -e "${BLUE}To Deploy:${NC}"
+echo -e "  ./deploy_production.sh"
+echo
+echo -e "${GREEN}✅ ROA2WEB is ready for production deployment!${NC}"