Deploy LittleShop to Hostinger with Docker and BunkerWeb

- Updated Docker configuration for production deployment
- Added SilverPay integration settings
- Configured for admin.thebankofdebbie.giize.com deployment
- Includes all recent security fixes and improvements

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

LittleShop/publish/README-DEPLOYMENT.md

@@ -0,0 +1,210 @@
+# LittleShop Standalone Deployment Guide
+
+## Overview
+This package contains everything needed to deploy LittleShop as a standalone service on the Hostinger VPS with localhost-only binding for security.
+
+## Architecture
+- **Binding**: localhost only (127.0.0.1:5000)
+- **Service**: systemd managed service
+- **User**: www-data (non-root)
+- **Database**: SQLite (local file)
+- **Logs**: /opt/littleshop/logs/
+
+## Quick Deployment
+
+1. **Transfer files to server**:
+```bash
+# From your local machine
+tar -czf littleshop-deploy.tar.gz -C /mnt/c/Production/Source/LittleShop/LittleShop/publish .
+scp -P 2255 littleshop-deploy.tar.gz root@srv1002428.hstgr.cloud:/tmp/
+```
+
+2. **On the server**:
+```bash
+cd /tmp
+tar -xzf littleshop-deploy.tar.gz
+chmod +x deploy.sh
+sudo ./deploy.sh
+```
+
+## Configuration
+
+### Essential Settings
+Edit `/opt/littleshop/appsettings.Localhost.json`:
+
+1. **JWT Secret** (REQUIRED):
+   - Generate a secure key (minimum 32 characters)
+   - Example: `openssl rand -base64 32`
+
+2. **SilverPay Integration**:
+   - Set your API key and webhook secret
+   - Ensure SilverPay can reach your webhook endpoint
+
+3. **Database**:
+   - SQLite database auto-created on first run
+   - Location: `/opt/littleshop/littleshop-production.db`
+
+## Service Management
+
+### Check Status
+```bash
+systemctl status littleshop
+```
+
+### View Logs
+```bash
+# System logs
+journalctl -u littleshop -f
+
+# Application logs
+tail -f /opt/littleshop/logs/littleshop-*.log
+```
+
+### Restart Service
+```bash
+systemctl restart littleshop
+```
+
+### Stop/Start Service
+```bash
+systemctl stop littleshop
+systemctl start littleshop
+```
+
+## Nginx Reverse Proxy (Optional)
+
+To expose the service externally through nginx:
+
+1. Copy nginx config:
+```bash
+cp nginx-littleshop.conf /etc/nginx/sites-available/littleshop
+ln -s /etc/nginx/sites-available/littleshop /etc/nginx/sites-enabled/
+```
+
+2. Test and reload nginx:
+```bash
+nginx -t
+systemctl reload nginx
+```
+
+3. Set up SSL (recommended):
+```bash
+certbot --nginx -d srv1002428.hstgr.cloud
+```
+
+## Security Notes
+
+1. **Localhost Binding**: Service only listens on 127.0.0.1:5000
+2. **Non-root User**: Runs as www-data user
+3. **Systemd Hardening**:
+   - PrivateTmp=true
+   - NoNewPrivileges=true
+   - ProtectSystem=strict
+   - ProtectHome=true
+4. **File Permissions**: Restrictive permissions on all files
+
+## Testing
+
+### Local Health Check
+```bash
+curl http://127.0.0.1:5000/api/health
+```
+
+### API Documentation
+Access Swagger UI locally:
+```bash
+ssh -L 5000:127.0.0.1:5000 -p 2255 root@srv1002428.hstgr.cloud
+# Then open browser to: http://localhost:5000/swagger
+```
+
+## Troubleshooting
+
+### Service Won't Start
+```bash
+# Check logs
+journalctl -u littleshop -n 100
+
+# Check .NET runtime
+dotnet --info
+
+# Check permissions
+ls -la /opt/littleshop/
+```
+
+### Database Issues
+```bash
+# Check database file
+ls -la /opt/littleshop/*.db
+
+# Reset database (WARNING: deletes all data)
+systemctl stop littleshop
+rm /opt/littleshop/littleshop-production.db*
+systemctl start littleshop
+```
+
+### Port Already in Use
+```bash
+# Check what's using port 5000
+ss -tulpn | grep :5000
+
+# Change port in appsettings.Localhost.json if needed
+```
+
+## Updates
+
+To update the application:
+
+1. Build new version locally
+2. Transfer to server
+3. Stop service: `systemctl stop littleshop`
+4. Backup database: `cp /opt/littleshop/*.db /backup/`
+5. Copy new files to `/opt/littleshop/`
+6. Start service: `systemctl start littleshop`
+
+## Integration Points
+
+### SilverPay Webhook
+- Endpoint: `http://127.0.0.1:5000/api/orders/payments/webhook`
+- Configure in SilverPay to point to your public URL
+
+### TeleBot Integration
+- Configure TeleBot API URL and key in appsettings
+- Ensure TeleBot can reach the API endpoints
+
+## Monitoring
+
+### Health Check
+```bash
+# Add to crontab for monitoring
+*/5 * * * * curl -f http://127.0.0.1:5000/api/health || systemctl restart littleshop
+```
+
+### Disk Usage
+```bash
+# Check database size
+du -h /opt/littleshop/*.db
+
+# Check log size
+du -sh /opt/littleshop/logs/
+```
+
+## Backup
+
+### Database Backup
+```bash
+# Create backup
+sqlite3 /opt/littleshop/littleshop-production.db ".backup /backup/littleshop-$(date +%Y%m%d).db"
+
+# Restore backup
+systemctl stop littleshop
+cp /backup/littleshop-20250123.db /opt/littleshop/littleshop-production.db
+chown www-data:www-data /opt/littleshop/littleshop-production.db
+systemctl start littleshop
+```
+
+## Support
+
+For issues or questions:
+- Check application logs first
+- Review this documentation
+- Check service status and system logs