EIDC Website

Entrepreneurship, Incubators, and Technical Development Center - Misurata
Affiliated with Misurata College of Industrial Technology

Production-Ready | Bilingual (AR/EN) | Cost-Optimized | Secure

---

🎯 Highlights

✨ Production Ready (v2.1)

• 100% deployment-ready for Linux VPS with Docker, Nginx, and Let's Encrypt SSL.
• Comprehensive deployment documentation & system specifications.
• Production secrets generated and secured.
• 40% infrastructure cost reduction achieved through optimized stack.

🚀 Key Achievements

• 97% storage cost savings - S3 migration complete (AWS/Cloudflare R2/MinIO).
• High Performance - Redis caching + BullMQ queues for async jobs.
• Enterprise-grade security - NextAuth + robust RBAC with automated integrity verification.
• Professional UX - Multi-page forms with validation, persistence, and RTL/LTR layout.
• Bilingual platform - Full Arabic (RTL) / English (LTR) support via next-intl.

---

📋 Table of Contents

1. System Architecture
2. Features
3. Tech Stack
4. Getting Started (Docker + Manual)
5. Environment Variables
6. Database Seeding
7. Production Deployment
8. License

---

🏛️ System Architecture

Internet (HTTPS :443)
  │
  ▼
┌─────────────────────────────────────────────┐
│  Nginx Reverse Proxy (SSL Termination)      │
└──────────────────┬──────────────────────────┘
                   │
┌──────────────────▼──────────────────────────┐
│  Docker Compose (app-network)               │
│                                             │
│  ┌───────────┐   ┌────────────────┐         │
│  │ ebic-app  │   │ ebic-worker    │         │
│  │ Next.js   │   │ BullMQ Jobs    │         │
│  │ :3000     │   │                │         │
│  └─────┬─────┘   └───────┬────────┘         │
│        │                 │                  │
│  ┌─────▼─────┐   ┌───────▼────────┐         │
│  │ MySQL 8   │   │ Redis 7        │         │
│  │ :3306     │   │ :6379          │         │
│  └───────────┘   └────────────────┘         │
│        ┌───────────────┐                    │
│        │ MinIO (S3)    │                    │
│        │ :9000/:9001   │                    │
│        └───────────────┘                    │
└─────────────────────────────────────────────┘

---

🌟 Features

User-Facing Features

• Multi-Page Registration Forms: Innovators and Collaborators can submit multi-step applications with robust validation (Zod) and persistence (Zustand).
• Content Management: CMS-driven News, Strategic Plans, FAQs, and Academic Experts.
• Internationalization (i18n): Bilingual Arabic/English support with auto locale detection and custom Next.js routing.

Admin Features

• RBAC Dashboard: Centralized NextAuth-secured dashboard. Roles include super_admin, admin, news_editor, request_reviewer, and viewer.
• Submission Review: Approve/Reject Innovator & Collaborator registrations with integrated email queues.
• System Settings: Notification preferences, legal content management, and metric reporting.

---

🛠️ Tech Stack

• Frontend: Next.js 16.1.1 (App Router), React 19, Tailwind CSS, shadcn/ui.
• Backend: Hono.js API, Prisma 7 ORM, MySQL 8.0.
• Auth & Security: NextAuth.js v5, CSRF protection, Content Security Policies, sanitize-html.
• Infrastructure: Docker, Redis, BullMQ, AWS S3 / MinIO, Nodemailer.

---

🚀 Getting Started

Prerequisites

• Node.js v18+ (v20 recommended)
• Package Manager: bun (recommended) or npm
• Docker & Docker Compose (for automated dependencies)

Setup Instructions

1. Clone Repository

git clone https://github.com/mohammed3200/website.git
cd website

2. Install Dependencies

bun install

3. Start Infrastructure via Docker

We recommend using Docker to run the database, redis, and MinIO locally.

docker-compose up -d db redis minio

4. Configure Environment

Copy the example file and update .env (refer to the Environment Variables section).

cp .env.example .env

5. Database Setup & Seeding

See Database Seeding for the correct execution order.

bunx prisma migrate deploy

6. Run Development Server

bun run dev
# Visit http://localhost:3000

---

🔐 Environment Variables

Key variables to configure in your .env:

# Database
DATABASE_URL="mysql://root:password@localhost:3306/citcoder_eitdc"

# Authentication
NEXTAUTH_SECRET="your-secret-here"
NEXTAUTH_URL="http://localhost:3000"
AUTH_TRUST_HOST="true"

# Initial Admin Credentials (CRITICAL: Change in production!)
INIT_ADMIN_EMAIL="ebic@cit.edu.ly"
INIT_ADMIN_PASSWORD="SecurePassword123!"

# Storage (MinIO Example)
AWS_REGION="us-east-1"
AWS_ACCESS_KEY_ID="minioadmin"
AWS_SECRET_ACCESS_KEY="minioadmin"
S3_ENDPOINT="http://localhost:9000"
S3_BUCKET_NAME="ebic-media"
S3_PUBLIC_ACCESS="true"

# Redis & Queue
REDIS_URL="redis://localhost:6379"

# Email Configuration
SMTP_HOST="smtp.gmail.com"
SMTP_PORT=587
SMTP_USER="your-email@gmail.com"
SMTP_PASS="app-specific-password"
EMAIL_FROM="your-email@gmail.com"

---

🌱 Database Seeding

Order of execution is critical. Running the seeds incorrectly will fail to establish required roles.

1. RBAC Initialization (Required First):

   bun run seed:rbac

2. Main Seed (Creates Super Admin & Base Content):

   bun run seed

3. Specific Content Seeds (Optional/Idempotent):

   bunx tsx prisma/seed-faqs.ts
   bunx tsx prisma/seed-ebic-page-content.ts
   bunx tsx prisma/seed-academic-experts.ts

---

🌐 Production Deployment

Refer to DEPLOYMENT.md for full VPS server hardening, Docker configurations, and Nginx SSL proxying steps.

Quick Overview:

1. Harden Server & Install Docker.
2. Setup Nginx & Certbot SSL.
3. Clone repo, configure .env.production.
4. Run docker-compose build && docker-compose up -d.
5. Run migrations and seeds inside the container.

---

📄 License

Distributed under the MIT License. See LICENSE for details.