- Add Nginx Proxy Manager guidance for X-Forwarded-Proto when secure session cookies are enabled
- Document login Cookie troubleshooting for public HTTPS reverse proxy deployments
- Clarify nginx.conf forwarded-proto behavior for generic and appliance packages
- Rework docker-compose-Nas.yaml as a QNAP/NAS-friendly generic template with placeholders for NAS IP, public domain, proxy, and secrets.
- Preserve QNAP-specific fixes including relative build context, api network alias, NAS persistent paths, and 127.0.0.1 health checks.
- Keep optional frpc profile while avoiding real server addresses or tokens in the reusable template.
- Replace residual deployment examples with generic your-domain.example, NAS_IP, PROXY_IP, and LAN_CIDR placeholders in README and Docker docs.
- Add frpc/frpc.toml template for mapping the local Docker web entry on port 4002 to the public frps server.
- Add an optional Docker Compose frpc service behind the frpc profile, mounting the reusable frpc.toml configuration.
- Document how to enable the frpc profile, inspect frpc logs, and keep normal local startup unchanged.
- Clarify that public deployments should map only port 4002 and let Nginx Proxy Manager provide HTTPS for sstwbg.example.com instead of exposing 4443.
- Update Docker and deployment docs to match the reusable frpc workflow.
- Add README instructions for deploying the full report system through local Docker port 4002, frpc, Nginx Proxy Manager, and sstwbg.example.com.
- Document required HTTPS, WebSocket, request-size, timeout, health-check, login, AI, video-frame, and speech verification steps.
- Add TRUST_PROXY support so secure session cookies work behind public HTTPS reverse proxies.
- Preserve upstream X-Forwarded-Proto through the container Nginx API proxy.
- Allow Docker Compose session and trust-proxy variables to be overridden for public deployments.
- Update deployment and Docker docs with the same public reverse-proxy guidance.
- Add an API container entrypoint that waits for PostgreSQL, runs Prisma migrations, seeds demo data, and then starts NestJS.
- Keep Prisma CLI and seed dependencies available in the API runtime image and copy seed source dependencies into the container.
- Add Docker Compose healthchecks and health-based startup ordering for PostgreSQL, API, and Nginx web services.
- Add Docker initialization environment switches for migrations, seed, and startup retries.
- Add a dedicated Docker deployment guide covering services, ports, initialization, HTTPS, production variables, backup, restore, and troubleshooting.
- Update README, AGENTS, installation, deployment, progress, and environment example docs for the Dockerized workflow.
- Add a self-signed HTTPS Nginx entrypoint on Docker port 4443 so browser microphone APIs can run in demo mode.
- Keep the existing HTTP port 4002 unchanged while exposing container port 443 and generating the demo certificate during image build.
- Update CORS defaults and Compose environment for the HTTPS frontend origin.
- Clarify the report editor microphone message with localhost, HTTPS, and browser trusted-origin demo options.
- Document the browser HTTP microphone limitation, HTTPS demo URL, and Chrome/Edge insecure-origin workaround in README and docs.
- Configure NestJS with an explicit JSON and urlencoded body parser limit controlled by API_BODY_LIMIT.
- Set the default API body limit to 100mb for report HTML, key frames, template images, and Data URL file uploads.
- Add a matching Nginx client_max_body_size 100m limit so Docker web proxy no longer rejects large report saves first.
- Document the new request body limit in README, deployment docs, progress notes, environment example, and AGENTS context.
- Rebuild and verify Docker web/api with a large report save through the Nginx /api proxy.
- Add docs/installation.md covering prerequisites, port usage, Docker startup, local development setup, default accounts, first-run validation, and common setup issues.
- Link the installation guide from the project README and docs index.
- Point deployment documentation to the installation guide for first-time setup.
- Update AGENTS.md and progress documentation to include the new installation guide.
- Change the API default listen port from 3000 to 3100 and include the Docker frontend origin in default CORS.
- Point Vite's default API proxy, Docker API container port, and Nginx upstream to 3100.
- Keep Docker host ports on 4002 for web, 3002 for API, and 5433 for PostgreSQL.
- Update environment examples and documentation to remove stale localhost:3000 guidance.
- Add Auth Context route role guards so doctors cannot directly enter template management, user management, or audit logs.
- Add Audit Logs page, sidebar entry, frontend audit API client, and API client test.
- Add backend audit log query endpoint with super/admin visibility rules and query filtering.
- Extend PostgreSQL integration tests to cover audit log query permissions.
- Move Playwright E2E away from localStorage seed data to real backend API login and seed helpers.
- Add E2E coverage for route guards and audit log visibility.
- Run Playwright backend on port 3100 and proxy Vite API requests there to avoid local port conflicts.
- Make server:dev use the compiled NestJS server path, avoiding tsx parameter-property injection issues.
- Update README, AGENTS, feature, testing, security, deployment, progress, API, backendization, and auth/user module docs.
