Initial commit: ICE Watch Michigan community safety tool

- Node.js/Express backend with SQLite database
- Interactive map with real-time location tracking
- MapBox API integration for fast geocoding
- Admin panel for content moderation
- 24-hour auto-expiring reports
- Deployment scripts for Debian 12 ARM64
- Caddy reverse proxy with automatic HTTPS

scripts/Caddyfile

@@ -0,0 +1,38 @@
+# ICE Watch Caddy Configuration
+# Replace yourdomain.com with your actual domain
+
+yourdomain.com {
+    # Reverse proxy to Node.js app
+    reverse_proxy localhost:3000
+    
+    # Security headers
+    header {
+        # Enable HSTS
+        Strict-Transport-Security max-age=31536000;
+        # Prevent clickjacking
+        X-Frame-Options DENY
+        # Prevent content type sniffing
+        X-Content-Type-Options nosniff
+        # XSS protection
+        X-XSS-Protection "1; mode=block"
+        # Referrer policy
+        Referrer-Policy strict-origin-when-cross-origin
+    }
+    
+    # Gzip compression
+    encode gzip
+    
+    # Rate limiting (optional)
+    # rate_limit {
+    #     zone static_ip_10rs {
+    #         key {remote_host}
+    #         events 10
+    #         window 1s
+    #     }
+    # }
+}
+
+# Optional: Redirect www to non-www
+www.yourdomain.com {
+    redir https://yourdomain.com{uri} permanent
+}

scripts/deploy.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# ICE Watch Deployment Script for Debian 12 ARM64
+# Run this script on your server: drone@91.99.139.235
+
+set -e
+
+echo "🚀 Starting ICE Watch deployment..."
+
+# Update system
+echo "📦 Updating system packages..."
+sudo apt update && sudo apt upgrade -y
+
+# Install Node.js (ARM64 compatible)
+echo "📦 Installing Node.js..."
+curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
+sudo apt install -y nodejs build-essential
+
+# Install Caddy for reverse proxy
+echo "📦 Installing Caddy..."
+sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
+curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
+sudo apt update
+sudo apt install caddy
+
+# Create app directory
+echo "📁 Setting up app directory..."
+sudo mkdir -p /opt/icewatch
+sudo chown $USER:$USER /opt/icewatch
+
+# Navigate to app directory
+cd /opt/icewatch
+
+echo "✅ Server setup complete!"
+echo "Next steps:"
+echo "1. Upload your app files to /opt/icewatch"
+echo "2. Run: npm install"
+echo "3. Configure your .env file"
+echo "4. Set up systemd service"
+echo "5. Configure Caddy"

scripts/icewatch.service

@@ -0,0 +1,24 @@
+[Unit]
+Description=ICE Watch Michigan - Community Safety Tool
+After=network.target
+Wants=network.target
+
+[Service]
+Type=simple
+User=icewatch
+Group=icewatch
+WorkingDirectory=/opt/icewatch
+ExecStart=/usr/bin/node server.js
+Restart=always
+RestartSec=5
+Environment=NODE_ENV=production
+
+# Security settings
+NoNewPrivileges=true
+PrivateTmp=true
+ProtectSystem=strict
+ProtectHome=true
+ReadWritePaths=/opt/icewatch
+
+[Install]
+WantedBy=multi-user.target