Add automatic SSL certificate generation

.forgejo/workflows/deploy.yml

@@ -52,6 +52,7 @@ jobs:
             [ -d /opt/realms/Server.xml ] && rm -rf /opt/realms/Server.xml
             [ -d /opt/realms/init.sql ] && rm -rf /opt/realms/init.sql
             [ -d /opt/realms/config.json ] && rm -rf /opt/realms/config.json
+            [ -d /opt/realms/config.json.template ] && rm -rf /opt/realms/config.json.template
             [ -d /opt/realms/docker-compose.yml ] && rm -rf /opt/realms/docker-compose.yml
             true
           '
@@ -76,11 +77,34 @@ jobs:
             database/init.sql \
             root@${{ secrets.DEPLOY_HOST }}:/opt/realms/init.sql
 
-          # Copy backend config
+          # Copy backend config template
           scp -i ~/.ssh/deploy_key -P ${{ secrets.DEPLOY_PORT }} \
             -o StrictHostKeyChecking=no \
             backend/config.json.example \
-            root@${{ secrets.DEPLOY_HOST }}:/opt/realms/config.json
+            root@${{ secrets.DEPLOY_HOST }}:/opt/realms/config.json.template
+
+      - name: Generate config.json from .env
+        run: |
+          ssh -i ~/.ssh/deploy_key -p ${{ secrets.DEPLOY_PORT }} \
+            -o StrictHostKeyChecking=no \
+            root@${{ secrets.DEPLOY_HOST }} '
+            cd /opt/realms
+            if [ -f .env ]; then
+              # Load environment variables
+              export $(grep -v "^#" .env | xargs)
+
+              # Generate config.json from template with actual values
+              sed -e "s/CHANGE_ME_database_password/${DB_PASSWORD}/g" \
+                  -e "s/CHANGE_ME_ome_api_token/${OME_API_TOKEN}/g" \
+                  config.json.template > config.json
+
+              rm -f config.json.template
+              echo "Generated config.json with actual credentials"
+            else
+              echo "WARNING: No .env file found! Using template as-is (will fail to connect)"
+              mv config.json.template config.json
+            fi
+          '
 
       - name: Deploy to Production
         run: |