bc9e2d3782
All checks were successful
Build and Push Docker Images / docker (push) Successful in 1m22s
CRITICAL SECURITY FIXES: - Add webhook secret validation to prevent signature bypass - Implement idempotency protection across all webhook handlers - Add atomic database updates to prevent race conditions - Improve CORS security with origin validation and logging - Remove .env from git tracking to protect secrets STRIPE INTEGRATION: - Add support for checkout.session.expired webhook event - Add Stripe publishable key to environment configuration - Fix webhook handlers with proper idempotency checks - Update Order model with atomic updatePaymentAndStatus method - Add comprehensive logging for webhook processing DEPLOYMENT ARCHITECTURE: - Split into two Docker images (frontend-latest, backend-latest) - Update CI/CD to build separate frontend and backend images - Configure backend on port 3801 (internal 3001) - Add production-ready docker-compose.yml - Remove redundant docker-compose.portainer.yml - Update nginx configuration for both frontend and backend DOCUMENTATION: - Add PRODUCTION-SETUP.md with complete deployment guide - Add docs/stripe-security-fixes.md with security audit details - Add docs/stripe-checkout-sessions.md with integration docs - Add docs/stripe-webhooks.md with webhook configuration - Update .env.example with all required variables including Stripe publishable key CONFIGURATION: - Consolidate to single .env.example template - Update .gitignore to protect all .env variants - Add server/Dockerfile for backend container - Update DEPLOYMENT.md with new architecture 🔒 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Puffin Offset - Carbon Offsetting for Yachts
This application helps users calculate and offset the carbon footprint of yachts through verified carbon offset projects.
Features
- Carbon footprint calculation for yacht trips
- Integration with Wren carbon offset projects
- Responsive UI for mobile and desktop
- Contact forms powered by Formspree
Setup
Local Development
- Install dependencies:
npm install
- Create a
.envfile with your API tokens:
VITE_WREN_API_TOKEN=your-token-here
VITE_FORMSPREE_CONTACT_ID=your-formspree-contact-form-id
VITE_FORMSPREE_OFFSET_ID=your-formspree-offset-form-id
- Run the development server:
npm run dev
Docker Setup
This project can be run in Docker containers using Docker Compose, and is configured to work with an Nginx reverse proxy on the host.
Prerequisites
- Docker
- Docker Compose
- Nginx (on the host system for SSL termination and reverse proxying)
Running with Docker Compose
- Build and start the containers:
docker compose up -d
-
The Docker container will listen on port 3800, which should be reverse-proxied by your host Nginx.
-
Stop the containers:
docker compose down
Nginx Configuration
The project includes two Nginx configuration files:
nginx.conf: Used INSIDE the Docker container to serve the static files on port 3800nginx-host.conf: A reference config for setting up your Nginx on the HOST to reverse proxy to the Docker container
To set up the host Nginx:
- Copy the nginx-host.conf to your Nginx sites directory:
sudo cp nginx-host.conf /etc/nginx/sites-available/puffinoffset.com
sudo ln -s /etc/nginx/sites-available/puffinoffset.com /etc/nginx/sites-enabled/
- Uncomment the SSL certificate lines after you've obtained certificates using Certbot or another SSL provider
- Test and reload Nginx:
sudo nginx -t
sudo systemctl reload nginx
Environment Variables
When using Docker, the environment variables are mounted as a volume from your local .env file. Make sure it contains:
VITE_WREN_API_TOKEN=your-token-here
VITE_FORMSPREE_CONTACT_ID=your-formspree-contact-form-id
VITE_FORMSPREE_OFFSET_ID=your-formspree-offset-form-id
Backend Service (Optional)
The docker-compose file includes a commented section for running the backend script (app.js) in a separate container. To enable it:
- Uncomment the
backendservice indocker-compose.yml - Ensure your
.envfile contains the needed variables - Run
docker compose up -dto start both services
API Documentation
For Wren API documentation, visit: https://wren.co/api
Building for Production
# Without Docker
npm run build
# With Docker
docker compose build
The production build will be available in the dist directory, or served by Nginx in the Docker container.