caseware/README.md

# Caseware — Ilia Dobkin portfolio site

Static one-page site for CaseWare / CaseView consulting work. No build step — plain HTML and CSS.

| File        | Purpose                          |
|-------------|----------------------------------|
| `index.html`| Page content and structure       |
| `styles.css`| Layout, typography, theme        |

**Live site:** https://caseware.levkin.ca  
**Booking:** https://cal.levkin.ca/ilia/consult

---

## Local development

```bash
cd caseware
python3 -m http.server 8765
# Open http://localhost:8765
```

Or open `index.html` directly in a browser (some features work best over HTTP).

---

## Git repository

| Item    | Value |
|---------|--------|
| Remote  | `gitea@10.0.30.169:ilia/caseware.git` |
| Branch  | `main` |

### Push changes (from your Mac)

```bash
cd /path/to/caseware
git add -A
git commit -m "Describe your change"
git push
```

---

## Production deployment

Traffic flow:

```
Internet → Caddy (caseware.levkin.ca) → LXC 215 (nginx :80) → /var/www/caseware
```

| Component | Details |
|-----------|---------|
| Proxmox host | `PVENAS` |
| Container ID | `215` |
| Hostname | `caseware` |
| IP | `10.0.10.105` (DHCP on `vmbr0`) |
| Gateway | `10.0.10.1` |
| Web root | `/var/www/caseware` |
| Web server | nginx |

### Caddy (on separate server)

```caddy
caseware.levkin.ca {
    reverse_proxy 10.0.10.105:80
}
```

Reload after edits: `systemctl reload caddy`

### Create LXC 215 (reference — already done)

```bash
pct create 215 local:vztmpl/debian-12-standard_12.12-1_amd64.tar.zst \
  --hostname caseware \
  --memory 512 \
  --swap 256 \
  --cores 1 \
  --rootfs local-lvm:4 \
  --net0 name=eth0,bridge=vmbr0,ip=dhcp \
  --unprivileged 1 \
  --onboot 1 \
  --start 1

pct exec 215 -- hostname -I   # note the IP (10.0.10.105)
```

### Shell access to the container

No default root password. From Proxmox:

```bash
pct enter 215
```

---

## First-time setup inside CT 215

```bash
apt update && apt install -y git nginx openssh-client

# SSH key for Gitea (add public key in Gitea → Settings → SSH Keys)
ssh-keygen -t ed25519 -N "" -f /root/.ssh/id_ed25519
cat /root/.ssh/id_ed25519.pub
ssh -o StrictHostKeyChecking=accept-new -T gitea@10.0.30.169

mkdir -p /var/www/caseware
git clone gitea@10.0.30.169:ilia/caseware.git /var/www/caseware
chown -R root:root /var/www/caseware
chmod 755 /var/www/caseware
chmod 644 /var/www/caseware/index.html /var/www/caseware/styles.css
```

### nginx site config

```bash
cat > /etc/nginx/sites-available/caseware <<'EOF'
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name _;
    root /var/www/caseware;
    index index.html;

    location / {
        try_files $uri $uri/ =404;
    }
}
EOF

ln -sf /etc/nginx/sites-available/caseware /etc/nginx/sites-enabled/caseware
rm -f /etc/nginx/sites-enabled/default
nginx -t && systemctl enable --now nginx
```

---

## Deploy updates (pull on server)

From Proxmox:

```bash
pct exec 215 -- bash -c 'cd /var/www/caseware && git pull'
```

Or inside the container:

```bash
pct enter 215
cd /var/www/caseware && git pull
exit
```

Hard-refresh the browser (Cmd+Shift+R) after deploy.

---

## Troubleshooting (issues we hit)

### 1. `git clone` asks for password / “not a git repository”

**Cause:** Container had no SSH key registered in Gitea.

**Fix:**

1. Generate key inside 215: `ssh-keygen -t ed25519 -N "" -f /root/.ssh/id_ed25519`
2. Add `cat /root/.ssh/id_ed25519.pub` to Gitea (user `ilia`) → SSH Keys
3. Test: `ssh -T gitea@10.0.30.169` — should say “Hi there, ilia!” with no password
4. Clone: `git clone gitea@10.0.30.169:ilia/caseware.git /var/www/caseware`

Do **not** rely on cloning on the Proxmox host unless you prefer that workflow — clone inside 215 with its own key (named e.g. `caseware` in Gitea).

---

### 2. `fatal: detected dubious ownership in repository`

**Cause:** `chown -R www-data:www-data /var/www/caseware` made the repo owned by `www-data` while `git pull` runs as `root`.

**Fix (recommended):** Repo owned by root; nginx only needs read access:

```bash
chown -R root:root /var/www/caseware
chmod 755 /var/www/caseware
chmod 644 /var/www/caseware/index.html /var/www/caseware/styles.css
```

**Alternative:** `git config --global --add safe.directory /var/www/caseware`

---

### 3. “Welcome to nginx!” instead of the site

**Cause:** Default site still enabled; root pointed at `/var/www/html`.

**Fix:** Enable `caseware` site config (see above), remove `sites-enabled/default`, `nginx -t && systemctl reload nginx`.

Verify: `curl -s http://127.0.0.1/ | head -5` should show `<!doctype html>` and “Ilia Dobkin”.

---

### 4. Wrong network assumptions

Lab LAN uses **`10.0.10.0/24`** (gateway `10.0.10.1` on `vmbr0`), not `10.0.30.x`.  
Gitea lives at **`10.0.30.169`** — different subnet; routing must allow 215 → Gitea.

Container IP from DHCP: `pct exec 215 -- hostname -I` → currently **10.0.10.105**.

---

### 5. LinkedIn link 404

These URLs do **not** work:

- `https://www.linkedin.com/in/idobkin/`
- `https://www.linkedin.com/in/iliadobkin/`

Working profile in site:

- `https://www.linkedin.com/in/ilia-dobkin-8263343/`

---

### 6. No root password on LXC

Expected. Use `pct enter 215` from Proxmox. Set `passwd root` only if you need SSH from other machines.

---

### 7. `curl` not found inside container

Install optionally: `apt install -y curl`  
Or test from Proxmox host: `curl -I http://10.0.10.105/`

---

## Quick reference

| Task | Command |
|------|---------|
| Enter container | `pct enter 215` |
| Container IP | `pct exec 215 -- hostname -I` |
| Pull latest | `pct exec 215 -- bash -c 'cd /var/www/caseware && git pull'` |
| Test site | `curl -I http://10.0.10.105/` |
| nginx reload | `pct exec 215 -- systemctl reload nginx` |

---

## Optional improvements (not done yet)

- `og:image` for LinkedIn/Slack link previews
- Mobile nav for small screens
- DHCP reservation for 215 so `10.0.10.105` stays stable (or set static IP in Proxmox)