Add deployment configs for /redant/web/homelegance-chatbot

- deploy/homelegance-chat.conf: Apache vhost with SSL, proxy, SPA fallback
- deploy/erp-bridge.service: systemd unit for FastAPI ERP bridge
- deploy/env.production.example: environment variable template
- ecosystem.config.cjs: PM2 process config

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

deploy/env.production.example

@@ -0,0 +1,26 @@
+# Copy to /redant/web/homelegance-chatbot/.env.production
+# Fill in all values before starting the service
+
+NODE_ENV=production
+PORT=3000
+
+# PostgreSQL — chatbot's own database
+DATABASE_URL=postgresql://chatbot_user:CHANGE_ME@localhost:5432/homelegance_chat
+
+# JWT session signing key (generate: openssl rand -hex 32)
+JWT_SECRET=CHANGE_ME
+
+# Claude API
+ANTHROPIC_API_KEY=sk-ant-CHANGE_ME
+
+# ERP FastAPI bridge (internal, not exposed externally)
+ERP_API_URL=http://127.0.0.1:8080
+ERP_API_KEY=CHANGE_ME
+
+# SSO — shared secret with Dealer Portal for JWT verification
+DEALER_PORTAL_SSO_SECRET=CHANGE_ME
+
+# Optional: Manus OAuth (leave blank if not used)
+VITE_APP_ID=
+OAUTH_SERVER_URL=
+OWNER_OPEN_ID=

deploy/erp-bridge.service

@@ -0,0 +1,24 @@
+# Systemd service — ERP FastAPI Bridge
+# Place at: /etc/systemd/system/erp-bridge.service
+# Enable:   sudo systemctl daemon-reload && sudo systemctl enable --now erp-bridge
+
+[Unit]
+Description=Homelegance ERP FastAPI Bridge
+After=network.target
+
+[Service]
+Type=simple
+User=apache
+Group=apache
+WorkingDirectory=/redant/web/erp-bridge
+EnvironmentFile=/redant/web/erp-bridge/.env
+ExecStart=/usr/bin/python3.11 -m uvicorn main:app --host 127.0.0.1 --port 8080 --workers 2
+Restart=on-failure
+RestartSec=5
+
+StandardOutput=journal
+StandardError=journal
+SyslogIdentifier=erp-bridge
+
+[Install]
+WantedBy=multi-user.target

deploy/homelegance-chat.conf

@@ -0,0 +1,43 @@
+# Apache Virtual Host — Homelegance Chatbot
+# Place at: /etc/httpd/conf.d/homelegance-chat.conf
+# Reload: sudo systemctl reload httpd
+
+<VirtualHost *:80>
+    ServerName chat.homelegance.com
+    Redirect permanent / https://chat.homelegance.com/
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName chat.homelegance.com
+
+    SSLEngine on
+    SSLCertificateFile    /etc/ssl/certs/homelegance.crt
+    SSLCertificateKeyFile /etc/ssl/private/homelegance.key
+
+    Header always set X-Content-Type-Options nosniff
+    Header always set X-Frame-Options SAMEORIGIN
+    Header always set Referrer-Policy strict-origin-when-cross-origin
+
+    # Static files served directly by Apache
+    DocumentRoot /redant/web/homelegance-chatbot/dist/public
+    <Directory /redant/web/homelegance-chatbot/dist/public>
+        Options -Indexes
+        AllowOverride None
+        Require all granted
+    </Directory>
+
+    # API requests proxied to Node.js
+    ProxyPreserveHost On
+
+    ProxyPass /api http://127.0.0.1:3000/api
+    ProxyPassReverse /api http://127.0.0.1:3000/api
+
+    # SPA fallback — non-file requests return index.html
+    RewriteEngine On
+    RewriteCond %{REQUEST_URI} !^/api/
+    RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f
+    RewriteRule ^ /index.html [L]
+
+    ErrorLog  /var/log/httpd/homelegance-chat-error.log
+    CustomLog /var/log/httpd/homelegance-chat-access.log combined
+</VirtualHost>

ecosystem.config.cjs

@@ -0,0 +1,21 @@
+// PM2 process config
+// Start:   pm2 start ecosystem.config.cjs
+// Save:    pm2 save
+// Startup: pm2 startup systemd
+
+module.exports = {
+  apps: [
+    {
+      name: "homelegance-chat",
+      script: "./dist/index.js",
+      cwd: "/redant/web/homelegance-chatbot",
+      env_file: "/redant/web/homelegance-chatbot/.env.production",
+      instances: 1,
+      autorestart: true,
+      max_memory_restart: "512M",
+      error_file: "/var/log/pm2/homelegance-chat-error.log",
+      out_file: "/var/log/pm2/homelegance-chat-out.log",
+      log_date_format: "YYYY-MM-DD HH:mm:ss",
+    },
+  ],
+};