Fix nginx deduplication: remove nginx/scripts/ entirely, fix README typos and dead references

README.md

@@ -35,7 +35,6 @@ posterg/
 │   └── manage-admin-users.sh # Run on server with sudo to manage htpasswd
 └── nginx/           # nginx config and reference files
     ├── posterg.conf
-    ├── scripts/      # Server setup scripts (password, PHP SQLite)
     └── docs/         # Documentation
 ```
 
@@ -95,4 +94,4 @@ ssh posterg "sudo bash /tmp/manage-admin-users.sh"
 - Admin panel protected by nginx `auth_basic` + PHP session (`AdminAuth`)
 - Uploads stored outside webroot, served via controlled `media.php`
 - Rate limiting on public search (`src/RateLimit.php`)
-- See `docs/TODO.SECURITY.md` for outstanding items
+- See `nginx/docs/SECURITY_HEADERS.md` for security headers reference

TODO.md

@@ -7,3 +7,8 @@
 - [x] Create nginx/SETUP.md
 - [x] Create top-level SETUP.md
 - [x] Update documentation paths (/var/www/html/ → /var/www/posterg/, /formulaire/ → /admin/)
+- [x] Remove nginx/scripts/ entirely (install-php-sqlite.sh was duplicate, fix-paths.sh was stale, setup-password.sh superseded by manage-admin-users.sh)
+- [x] Fix typo HTACCESS_TO_ NGINX.md → HTACCESS_TO_NGINX.md in nginx/README.md
+- [x] Fix nginx/SETUP.md manual step to use just manage-admin-users instead of raw htpasswd
+- [x] Fix root README.md dead reference to docs/TODO.SECURITY.md
+- [x] Update root README.md project structure (remove nginx/scripts/ entry)

nginx/README.md

@@ -5,17 +5,13 @@ This directory contains nginx configuration and documentation for the Post-ERG t
 ## 📁 Files
 
 - **`posterg.conf`** - Complete nginx configuration file
-- **`scripts/`** - Server setup scripts
-  - `setup-password.sh` - Create admin passwords
-  - `install-php-sqlite.sh` - Install PHP SQLite extension
-  - `fix-paths.sh` - Fix PHP include paths
 - **`docs/`** - Documentation
   - `PRODUCTION_DEPLOYMENT.md` - Deployment guide
   - `QUICK_REFERENCE.md` - Command reference
   - `ADMIN_USERS.md` - User management
   - `SECURITY_HEADERS.md` - Security headers reference
   - `PHP_AUTH_LAYER.md` - Authentication layer documentation
-  - `HTACCESS_TO_ NGINX.md` - Apache to nginx migration notes
+  - `HTACCESS_TO_NGINX.md` - Apache to nginx migration notes
   - `TEST_DATABASE_SETUP.md` - Test database deployment
 
 ## 🚀 Quick Start

nginx/SETUP.md

@@ -44,7 +44,9 @@ sudo apt install nginx apache2-utils php8.4-fpm
 ### 2. Create Admin Password
 
 ```bash
-sudo htpasswd -c /etc/nginx/.htpasswd-posterg admin
+just manage-admin-users
+# Then on the server:
+ssh posterg "sudo bash /tmp/manage-admin-users.sh"
 ```
 
 ### 3. Copy Nginx Configuration

nginx/scripts/fix-paths.sh

@@ -1,24 +0,0 @@
-#!/bin/bash
-# Fix shared library paths for production deployment
-
-echo "🔧 Fixing shared library paths for production..."
-
-cd /var/www/html
-
-# Fix paths in PHP files
-find . -maxdepth 1 -name "*.php" -type f -exec sed -i "s|__DIR__ \. '/\.\./\.\./shared/|__DIR__ . '/shared/|g" {} \;
-
-echo "✓ Updated paths in:"
-echo "  - index.php"
-echo "  - memoire.php"
-echo "  - search.php"
-echo "  - test_db.php"
-
-# Test if it works
-echo ""
-echo "🧪 Testing..."
-php -r "require_once '/var/www/html/shared/Database.php'; echo 'Database.php loads successfully\n';"
-
-echo ""
-echo "✅ Path fix complete!"
-echo "Try: curl http://localhost/"

nginx/scripts/install-php-sqlite.sh

@@ -1,34 +0,0 @@
-#!/bin/bash
-# Install PHP SQLite extension
-
-echo "🔧 Installing PHP SQLite extension..."
-
-# Check if running as root
-if [ "$EUID" -ne 0 ]; then 
-    echo "Error: This script must be run as root (use sudo)"
-    exit 1
-fi
-
-# Detect PHP version
-PHP_VERSION=$(php -r "echo PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;")
-echo "Detected PHP version: $PHP_VERSION"
-
-# Install SQLite extension
-echo "Installing php${PHP_VERSION}-sqlite3..."
-apt-get update -qq
-apt-get install -y php${PHP_VERSION}-sqlite3
-
-# Restart PHP-FPM
-echo "Restarting PHP-FPM..."
-systemctl restart php${PHP_VERSION}-fpm
-
-# Verify installation
-if php -m | grep -q sqlite3; then
-    echo "✅ SQLite extension installed successfully"
-    echo ""
-    echo "Installed extensions:"
-    php -m | grep -i sqlite
-else
-    echo "❌ Failed to install SQLite extension"
-    exit 1
-fi

nginx/scripts/setup-password.sh

@@ -1,111 +0,0 @@
-#!/bin/bash
-#
-# Setup script for Post-ERG admin password
-# Creates htpasswd file for nginx basic authentication
-#
-
-set -e
-
-echo "================================================="
-echo "Post-ERG Admin Password Setup"
-echo "================================================="
-echo ""
-
-# Check if running as root
-if [ "$EUID" -ne 0 ]; then
-    echo "⚠️  This script must be run as root (use sudo)"
-    exit 1
-fi
-
-# Check if apache2-utils is installed
-if ! command -v htpasswd &> /dev/null; then
-    echo "📦 Installing apache2-utils..."
-    apt-get update
-    apt-get install -y apache2-utils
-fi
-
-# Configuration
-HTPASSWD_FILE="/etc/nginx/.htpasswd-posterg"
-BACKUP_FILE="/etc/nginx/.htpasswd-posterg.backup"
-
-# Backup existing file if it exists
-if [ -f "$HTPASSWD_FILE" ]; then
-    echo "📋 Backing up existing password file..."
-    cp "$HTPASSWD_FILE" "$BACKUP_FILE"
-    echo "   Backup saved to: $BACKUP_FILE"
-    echo ""
-fi
-
-# Prompt for username
-echo "Enter admin username (default: admin):"
-read -r USERNAME
-USERNAME=${USERNAME:-admin}
-
-# Create or update password file
-if [ -f "$HTPASSWD_FILE" ]; then
-    # File exists, update/add user
-    echo ""
-    echo "Creating/updating user: $USERNAME"
-    htpasswd "$HTPASSWD_FILE" "$USERNAME"
-else
-    # Create new file
-    echo ""
-    echo "Creating new password file for user: $USERNAME"
-    htpasswd -c "$HTPASSWD_FILE" "$USERNAME"
-fi
-
-# Set correct permissions
-chmod 644 "$HTPASSWD_FILE"
-chown root:root "$HTPASSWD_FILE"
-
-echo ""
-echo "✅ Password file created/updated successfully!"
-echo ""
-echo "Details:"
-echo "  File: $HTPASSWD_FILE"
-echo "  User: $USERNAME"
-echo "  Permissions: 644 (readable by nginx)"
-echo ""
-
-# Ask if user wants to add more users
-echo "Do you want to add another user? (y/n)"
-read -r ADD_MORE
-
-while [ "$ADD_MORE" = "y" ] || [ "$ADD_MORE" = "Y" ]; do
-    echo ""
-    echo "Enter username for additional user:"
-    read -r USERNAME
-
-    if [ -z "$USERNAME" ]; then
-        echo "❌ Username cannot be empty"
-        continue
-    fi
-
-    echo "Adding user: $USERNAME"
-    htpasswd "$HTPASSWD_FILE" "$USERNAME"
-
-    echo ""
-    echo "Add another user? (y/n)"
-    read -r ADD_MORE
-done
-
-echo ""
-echo "================================================="
-echo "Setup Complete!"
-echo "================================================="
-echo ""
-echo "Current users in $HTPASSWD_FILE:"
-cut -d: -f1 "$HTPASSWD_FILE" | while read -r user; do
-    echo "  - $user"
-done
-echo ""
-echo "Next steps:"
-echo "  1. Copy nginx config: cp nginx/posterg.conf /etc/nginx/sites-available/posterg"
-echo "  2. Enable site: ln -s /etc/nginx/sites-available/posterg /etc/nginx/sites-enabled/"
-echo "  3. Test config: nginx -t"
-echo "  4. Reload nginx: systemctl reload nginx"
-echo ""
-echo "The admin panel at /formulaire/ will now require authentication."
-echo ""
-echo "⚠️  IMPORTANT: Save these credentials securely!"
-echo ""