chore: migrate from nixpacks to coolify static site configuration with enhanced nginx setup

.coolify

@@ -0,0 +1,8 @@
+# Coolify configuration for Coffee Timer static site
+# This helps Coolify properly detect and serve the static site
+
+# Static site configuration
+static=true
+build_command=""
+start_command=""
+port=80

.gitignore

@@ -0,0 +1,86 @@
+# Coffee Timer - Git Ignore File
+# Excludes files and directories that shouldn't be tracked in version control
+
+# Operating System Files
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db
+desktop.ini
+
+# Editor and IDE Files
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+.sublime-project
+.sublime-workspace
+
+# Temporary Files
+*.tmp
+*.temp
+*.log
+*.cache
+*.bak
+*.backup
+*.old
+
+# Node.js (if you ever add build tools)
+node_modules/
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+package-lock.json
+yarn.lock
+
+# Build and Distribution Directories
+dist/
+build/
+out/
+.next/
+.nuxt/
+.output/
+
+# Environment Files
+.env
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+# Deployment Files (optional - you might want to keep these)
+# .coolify
+# coolify-*.conf
+# nginx.conf
+# .htaccess
+
+# Browser Testing
+.browserlistrc
+
+# Misc
+*.zip
+*.tar.gz
+*.rar
+*.7z
+
+# Local development server logs
+*.pid
+*.seed
+*.pid.lock
+
+# Coverage directory used by tools like istanbul
+coverage/
+*.lcov
+
+# Dependency directories
+jspm_packages/
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache

README.md

@@ -54,9 +54,10 @@ open http://localhost:8000
 
 #### 🌐 **Coolify (Recommended)**
 1. Set application as **static site** in Coolify
-2. Uses nginx automatically via Nixpacks
+2. Enable "Is it a static site?" option
-3. SSL/TLS certificates handled by Traefik
+3. Uses nginx automatically via Nixpacks
-4. Configuration files included: `nixpacks.toml`, `coolify-nginx.conf`
+4. SSL/TLS certificates handled by Traefik
+5. No additional configuration needed - auto-detected
 
 #### 🔧 **Apache**
 - Use `.htaccess` file for security headers

coolify-manual-nginx.conf

@@ -0,0 +1,98 @@
+# Coolify Manual Nginx Configuration for Coffee Timer Static Site
+# Copy and paste this into Coolify's "Manual Nginx Configuration" section
+# This replaces the entire server block content
+
+server {
+    # Security Headers
+    add_header X-Content-Type-Options nosniff always;
+    add_header X-Frame-Options DENY always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+    add_header Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.bunny.net; font-src 'self' https://fonts.bunny.net; connect-src 'self'; script-src 'self'; img-src 'self' data:; object-src 'none'; base-uri 'self'; form-action 'self';" always;
+    add_header X-Permitted-Cross-Domain-Policies none always;
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+    # Hide nginx version
+    server_tokens off;
+
+    # Main location for serving static files
+    location / {
+        root /usr/share/nginx/html;
+        index index.html index.htm;
+        try_files $uri $uri.html $uri/index.html $uri/index.htm $uri/ =404;
+        
+        # Security headers for all responses
+        add_header X-Content-Type-Options nosniff always;
+        add_header X-Frame-Options DENY always;
+    }
+
+    # Optimize static assets (CSS, JS, images, fonts)
+    location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
+        root /usr/share/nginx/html;
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+        add_header X-Content-Type-Options nosniff always;
+    }
+
+    # Cache control for HTML files
+    location ~* \.html$ {
+        root /usr/share/nginx/html;
+        expires 1h;
+        add_header Cache-Control "public, must-revalidate";
+    }
+
+    # Deny access to hidden files and directories
+    location ~ /\. {
+        deny all;
+        access_log off;
+        log_not_found off;
+    }
+
+    # Deny access to backup and temporary files
+    location ~* \.(bak|backup|old|tmp|swp|swo|log)$ {
+        deny all;
+        access_log off;
+        log_not_found off;
+    }
+
+    # Deny access to sensitive files
+    location ~* \.(htaccess|htpasswd|ini|conf|sql|sh)$ {
+        deny all;
+        access_log off;
+        log_not_found off;
+    }
+
+    # Handle 404 errors
+    error_page 404 /404.html;
+    location = /404.html {
+        root /usr/share/nginx/html;
+        internal;
+    }
+
+    # Handle server errors (50x)
+    error_page 500 502 503 504 /50x.html;
+    location = /50x.html {
+        root /usr/share/nginx/html;
+        internal;
+    }
+
+    # Gzip compression
+    gzip on;
+    gzip_vary on;
+    gzip_min_length 1024;
+    gzip_proxied any;
+    gzip_comp_level 6;
+    gzip_types
+        text/plain
+        text/css
+        text/xml
+        text/javascript
+        application/javascript
+        application/xml+rss
+        application/json;
+
+    # Enable efficient file serving
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+}

nixpacks.toml

@@ -1,11 +0,0 @@
-# Nixpacks configuration for Coolify static site deployment
-# Simple configuration for serving static files
-
-[variables]
-# Configure for static site
-NIXPACKS_BUILD_CMD = "echo 'Static site - no build needed'"
-NIXPACKS_START_CMD = "echo 'Static site ready'"
-
-[staticAssets]
-# Serve all files from root directory
-"/" = "."