chore: release v0.1.1.22

feat: differentiate weather fetch errors by cause
feat: resolve user profile photos in chronological event log
2026-06-05 19:58:21 +02:00 · 2026-06-05 19:52:33 +02:00 · 2026-06-05 19:46:18 +02:00 · 2026-06-05 19:13:20 +02:00 · 2026-06-05 19:13:03 +02:00 · 2026-06-05 19:07:30 +02:00
96 changed files with 5478 additions and 870 deletions
@@ -15,6 +15,11 @@ DeepLAPIKey=
 # Production (kapteins-daagbok.eu):
 #   RP_ID=kapteins-daagbok.eu
 #   ORIGIN=https://kapteins-daagbok.eu
+# Staging (staging.kapteins-daagbok.eu):
+#   RP_ID=staging.kapteins-daagbok.eu
+#   ORIGIN=https://staging.kapteins-daagbok.eu
+#   POSTGRES_DB=daagbox_staging
+#   NTFY_TOPIC=kapteins-daagbok-staging-feedback
 RP_ID=localhost
 # Must match the frontend URL exactly (Vite dev: http://localhost:5173; Docker: http://localhost)
 ORIGIN=http://localhost:5173
@@ -36,6 +41,10 @@ ORIGIN=http://localhost:5173
 # Generate: openssl rand -base64 48
 SESSION_SECRET=

+# Admin dashboard access — comma-separated list of User IDs (UUIDs)
+# Example: ADMIN_USER_IDS=11111111-2222-3333-4444-555555555555,22222222-3333-4444-5555-666666666666
+ADMIN_USER_IDS=
+
 # Web Push (VAPID) — generate with: npx web-push generate-vapid-keys
 # Public key may also be set on the client as VITE_VAPID_PUBLIC_KEY
 VAPID_PUBLIC_KEY=
@@ -47,3 +56,9 @@ VAPID_SUBJECT=mailto:support@kapteins-daagbok.eu
 NTFY_SERVER=https://ntfy.sh
 NTFY_TOPIC=kapteins-daagbok-feedback
 NTFY_TOKEN=tk_example_ntfy_access_token
+
+# Plausible Analytics (frontend container — see docs/plausible-events.md)
+# Production: PLAUSIBLE_ENABLED=true, data-domain = current hostname (kapteins-daagbok.eu)
+# Staging:    PLAUSIBLE_ENABLED=false (default in docker-compose.staging.yml)
+PLAUSIBLE_ENABLED=true
+PLAUSIBLE_HOST=https://plausible.elpatron.me
@@ -251,15 +251,27 @@ Produktions-Update auf den Server (konfigurierbar via Umgebungsvariablen). Führ


 ```bash
-./scripts/update-prod.sh
+./scripts/update-remotes.sh -dest prod
 ```

-Standard-Ziel: `root@10.0.0.25:/opt/kapteins-daagbok` — per `REMOTE_HOST`, `REMOTE_USER`, `REMOTE_DIR` überschreibbar.
+Standard-Ziel Prod: `root@10.0.0.25:/opt/kapteins-daagbok` — per `REMOTE_HOST`, `REMOTE_USER`, `REMOTE_DIR` überschreibbar.

 Auf dem Server müssen `.env` u. a. `POSTGRES_PASSWORD`, `RP_ID`, `ORIGIN` (`https://kapteins-daagbok.eu`), `SESSION_SECRET` (≥ 32 Zeichen), `TRUST_PROXY` (NPM, z. B. `172.16.10.10` oder `1`) und bei Push `VAPID_*` enthalten. Optional `NTFY_*` für Feedback. Nach Schema-Änderungen: `npx prisma db push` im Backend-Container.

+Prod-Deploy legt vor dem Update automatisch ein Server-Backup an (DB, `.env`, Compose, App-Code). Tägliches Cron-Backup und Restore: [docs/deployment/backup.md](docs/deployment/backup.md).
+
 Hinter **Nginx Proxy Manager**: [docs/deployment/npm-security.md](docs/deployment/npm-security.md).

+### Staging
+
+Testumgebung unter [staging.kapteins-daagbok.eu](https://staging.kapteins-daagbok.eu) — Deploy ohne Release-Tag:
+
+```bash
+./scripts/update-remotes.sh -dest stage
+```
+
+Standard-Ziel Staging: `root@10.0.0.27:/opt/kapteins-daagbok-staging` — per `REMOTE_HOST`, `REMOTE_DIR`, `DEPLOY_BRANCH` überschreibbar. Details: [docs/deployment/staging.md](docs/deployment/staging.md).
+
 ## Dokumentation

 | Dokument | Inhalt |
@@ -267,6 +279,8 @@ Hinter **Nginx Proxy Manager**: [docs/deployment/npm-security.md](docs/deploymen
 | [docs/deployment/npm-security.md](docs/deployment/npm-security.md) | NPM, TLS, `trust proxy`, Security-Header |
 | [docs/deployment/predeploy.md](docs/deployment/predeploy.md) | Pre-Deploy-Checks ohne CI |
 | [docs/deployment/postgres-password.md](docs/deployment/postgres-password.md) | PostgreSQL-Passwort rotieren / App-Rolle |
+| [docs/deployment/backup.md](docs/deployment/backup.md) | Server-Backup, Crontab, Restore (Prod) |
+| [docs/deployment/staging.md](docs/deployment/staging.md) | Staging-VM, Deploy, `.env` |
 | [docs/plausible-events.md](docs/plausible-events.md) | Custom Events für Plausible Analytics |
 | [docs/push-notifications-plan.md](docs/push-notifications-plan.md) | Web Push: Architektur, API, Testplan |
 | [docs/plan-compass-course-dial.md](docs/plan-compass-course-dial.md) | Kompass-Dial: UX- und Implementierungsplan |
@@ -1 +1 @@
-0.1.0.112
+0.1.1.23
@@ -18,15 +18,18 @@ RUN npm run build
 FROM nginx:1.25-alpine
 WORKDIR /usr/share/nginx/html

-# Copy custom Nginx configuration
-COPY client/nginx.conf /etc/nginx/conf.d/default.conf
+RUN apk add --no-cache gettext
+
+COPY client/nginx.conf.template /etc/nginx/templates/default.conf.template
+COPY client/docker-entrypoint.sh /docker-entrypoint.sh
+RUN chmod +x /docker-entrypoint.sh

 # Copy built assets from builder
 COPY --from=builder /app/dist .

-# Expose HTTP port
 EXPOSE 80

-# Health check to verify Nginx is actively running
 HEALTHCHECK --interval=30s --timeout=5s --start-period=3s --retries=3 \
-  CMD wget --no-verbose --tries=1 --spider http://localhost:80/ || exit 1
+  CMD wget --no-verbose --tries=1 --spider http://127.0.0.1:80/ || exit 1
+
+ENTRYPOINT ["/docker-entrypoint.sh"]
@@ -0,0 +1,26 @@
+#!/bin/sh
+set -eu
+
+PLAUSIBLE_ENABLED="${PLAUSIBLE_ENABLED:-true}"
+PLAUSIBLE_HOST="${PLAUSIBLE_HOST:-https://plausible.elpatron.me}"
+PLAUSIBLE_HOST="${PLAUSIBLE_HOST%/}"
+
+case "$(printf '%s' "$PLAUSIBLE_ENABLED" | tr '[:upper:]' '[:lower:]')" in
+  true|1|yes)
+    PLAUSIBLE_ENABLED_JSON=true
+    PLAUSIBLE_CSP=" ${PLAUSIBLE_HOST}"
+    ;;
+  *)
+    PLAUSIBLE_ENABLED_JSON=false
+    PLAUSIBLE_CSP=""
+    ;;
+esac
+
+export PLAUSIBLE_CSP
+envsubst '${PLAUSIBLE_CSP}' < /etc/nginx/templates/default.conf.template > /etc/nginx/conf.d/default.conf
+
+cat > /usr/share/nginx/html/runtime-config.json <<EOF
+{"plausibleEnabled":${PLAUSIBLE_ENABLED_JSON},"plausibleHost":"${PLAUSIBLE_HOST}"}
+EOF
+
+exec nginx -g 'daemon off;'
@@ -22,6 +22,7 @@
    <meta name="apple-mobile-web-app-title" content="Daagbok" />
    <meta name="theme-color" content="#0b0c10" />
    <script src="/appearance-bootstrap.js"></script>
+    <script src="/plausible-bootstrap.js"></script>
    <script src="/bootstrap-watchdog.js"></script>
    <link rel="apple-touch-icon" href="/logo.png" />
    <meta property="og:type" content="website" />
@@ -38,7 +39,6 @@
    <meta name="twitter:description" content="Kostenlos und werbefrei: sicheres, E2E-verschlüsseltes Logbuch für Skipper. Reisetage, GPS-Tracks, Crew- und Schiffsdaten – Passkey-Anmeldung und Offline-PWA." />
    <meta name="twitter:image" content="https://kapteins-daagbok.eu/logo.png" />
    <meta name="twitter:image:alt" content="Kapteins Daagbok Logo" />
-    <script defer data-domain="kapteins-daagbok.eu" src="https://plausible.elpatron.me/js/script.tagged-events.js"></script>
    <title>Kapteins Daagbok – Kostenloses digitales Yacht-Logbuch (werbefrei)</title>
  </head>
  <body>
@@ -1,51 +1,2 @@
-server {
-    listen 80;
-    server_name localhost;
-    client_max_body_size 50M;
-
-    # Security headers (TLS/HSTS at NPM — see docs/deployment/npm-security.md)
-    add_header X-Content-Type-Options "nosniff" always;
-    add_header X-Frame-Options "SAMEORIGIN" always;
-    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
-    add_header Permissions-Policy "camera=(self), geolocation=(self), microphone=()" always;
-    add_header Content-Security-Policy "default-src 'self'; script-src 'self' https://plausible.elpatron.me; connect-src 'self' https://plausible.elpatron.me; img-src 'self' data: blob: https://*.tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'self';" always;
-
-    # Service worker and app shell must revalidate so PWA updates are detected
-    location ~* ^/(sw\.js|workbox-.*\.js|manifest\.webmanifest|version\.json)$ {
-        root /usr/share/nginx/html;
-        add_header Cache-Control "no-cache, no-store, must-revalidate" always;
-        add_header X-Content-Type-Options "nosniff" always;
-        add_header X-Frame-Options "SAMEORIGIN" always;
-        add_header Referrer-Policy "strict-origin-when-cross-origin" always;
-        add_header Permissions-Policy "camera=(self), geolocation=(self), microphone=()" always;
-        add_header Content-Security-Policy "default-src 'self'; script-src 'self' https://plausible.elpatron.me; connect-src 'self' https://plausible.elpatron.me; img-src 'self' data: blob: https://*.tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'self';" always;
-    }
-
-    location = /index.html {
-        root /usr/share/nginx/html;
-        add_header Cache-Control "no-cache, must-revalidate" always;
-        add_header X-Content-Type-Options "nosniff" always;
-        add_header X-Frame-Options "SAMEORIGIN" always;
-        add_header Referrer-Policy "strict-origin-when-cross-origin" always;
-        add_header Permissions-Policy "camera=(self), geolocation=(self), microphone=()" always;
-        add_header Content-Security-Policy "default-src 'self'; script-src 'self' https://plausible.elpatron.me; connect-src 'self' https://plausible.elpatron.me; img-src 'self' data: blob: https://*.tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'self';" always;
-    }
-
-    location / {
-        root /usr/share/nginx/html;
-        index index.html index.htm;
-        try_files $uri $uri/ /index.html;
-    }
-
-    location /api/ {
-        proxy_pass http://backend:5000/api/;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection 'upgrade';
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_cache_bypass $http_upgrade;
-    }
-}
+# Generated at container start from PLAUSIBLE_* — see client/nginx.conf.template and docker-entrypoint.sh
+# Local Docker Compose uses the template via client/Dockerfile entrypoint.
@@ -0,0 +1,51 @@
+server {
+    listen 80;
+    server_name localhost;
+    client_max_body_size 50M;
+
+    # Security headers (TLS/HSTS at NPM — see docs/deployment/npm-security.md)
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+    add_header Permissions-Policy "camera=(self), geolocation=(self), microphone=(self)" always;
+    add_header Content-Security-Policy "default-src 'self'; script-src 'self'${PLAUSIBLE_CSP}; connect-src 'self'${PLAUSIBLE_CSP}; img-src 'self' data: blob: https://*.tile.openstreetmap.org; media-src 'self' blob: data:; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'self';" always;
+
+    # Service worker and app shell must revalidate so PWA updates are detected
+    location ~* ^/(sw\.js|workbox-.*\.js|manifest\.webmanifest|version\.json)$ {
+        root /usr/share/nginx/html;
+        add_header Cache-Control "no-cache, no-store, must-revalidate" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+        add_header Permissions-Policy "camera=(self), geolocation=(self), microphone=(self)" always;
+        add_header Content-Security-Policy "default-src 'self'; script-src 'self'${PLAUSIBLE_CSP}; connect-src 'self'${PLAUSIBLE_CSP}; img-src 'self' data: blob: https://*.tile.openstreetmap.org; media-src 'self' blob: data:; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'self';" always;
+    }
+
+    location = /index.html {
+        root /usr/share/nginx/html;
+        add_header Cache-Control "no-cache, must-revalidate" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+        add_header Permissions-Policy "camera=(self), geolocation=(self), microphone=(self)" always;
+        add_header Content-Security-Policy "default-src 'self'; script-src 'self'${PLAUSIBLE_CSP}; connect-src 'self'${PLAUSIBLE_CSP}; img-src 'self' data: blob: https://*.tile.openstreetmap.org; media-src 'self' blob: data:; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; frame-ancestors 'self';" always;
+    }
+
+    location / {
+        root /usr/share/nginx/html;
+        index index.html index.htm;
+        try_files $uri $uri/ /index.html;
+    }
+
+    location /api/ {
+        proxy_pass http://backend:5000/api/;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_cache_bypass $http_upgrade;
+    }
+}
@@ -13,6 +13,7 @@
    "generate:flyer:png": "node ../scripts/generate-beta-flyer.mjs --png",
    "generate:flyer:all": "node ../scripts/generate-beta-flyer.mjs --all",
    "generate:flyer:setup": "playwright install chromium",
+    "generate:sharepic": "node ../scripts/generate-sharepic.mjs",
    "translate:locales": "node ../scripts/translate-locales.mjs",
    "translate:flyer": "node ../scripts/translate-flyer.mjs",
    "validate:i18n": "node ../scripts/validate-i18n-keys.mjs"
@@ -0,0 +1,25 @@
+/**
+ * Loads Plausible when enabled via /runtime-config.json (from .env in Docker / Vite dev).
+ * data-domain is always the current hostname (prod vs staging).
+ */
+(function () {
+  function load(cfg) {
+    if (!cfg || !cfg.plausibleEnabled || !cfg.plausibleHost) return
+    var host = String(cfg.plausibleHost).replace(/\/$/, '')
+    if (!host) return
+    var s = document.createElement('script')
+    s.defer = true
+    s.dataset.domain = window.location.hostname
+    s.src = host + '/js/script.tagged-events.js'
+    document.head.appendChild(s)
+  }
+
+  fetch('/runtime-config.json', { cache: 'no-store' })
+    .then(function (r) {
+      return r.ok ? r.json() : null
+    })
+    .then(load)
+    .catch(function () {
+      /* analytics optional */
+    })
+})()
@@ -36,6 +36,10 @@ code {
  min-height: 100svh;
  padding: 24px 16px calc(48px + env(safe-area-inset-bottom, 0px));
  box-sizing: border-box;
+  background-image: linear-gradient(rgba(15, 23, 42, 0.3), rgba(15, 23, 42, 0.5)), url('/login-bg.jpg');
+  background-size: cover;
+  background-position: center;
+  background-repeat: no-repeat;
 }

 /* Glassmorphism Auth Card */
@@ -1180,12 +1184,29 @@ html.scheme-dark .themed-select-option.is-selected {
  color: var(--app-accent-light);
 }

-.btn-icon.logout:hover {
-  background: rgba(239, 68, 68, 0.1);
-  border-color: #ef4444;
+.btn-icon.danger {
+  background: rgba(239, 68, 68, 0.18);
+  border-color: rgba(239, 68, 68, 0.35);
  color: #f87171;
 }

+.btn-icon.danger:hover {
+  background: rgba(239, 68, 68, 0.3);
+  border-color: #ef4444;
+  color: #fca5a5;
+}
+
+.btn-icon.danger:disabled {
+  opacity: 0.45;
+  cursor: not-allowed;
+}
+
+.btn-icon.logout:hover {
+  background: var(--app-accent-bg);
+  border-color: var(--app-accent);
+  color: var(--app-accent-light);
+}
+
 .dashboard-main {
  display: grid;
  grid-template-columns: 350px 1fr;
@@ -2181,12 +2202,12 @@ html.scheme-dark .themed-select-option.is-selected {
 }

 .btn-delete {
-  background: none;
-  border: none;
-  color: #475569;
+  background: rgba(239, 68, 68, 0.18);
+  border: 1px solid rgba(239, 68, 68, 0.35);
+  color: #f87171;
  cursor: pointer;
  padding: 6px;
-  border-radius: 6px;
+  border-radius: 8px;
  display: flex;
  align-items: center;
  justify-content: center;
@@ -2202,8 +2223,9 @@ html.scheme-dark .themed-select-option.is-selected {
 }

 .btn-delete:hover {
-  color: #f43f5e;
-  background: rgba(244, 63, 94, 0.1);
+  color: #fca5a5;
+  background: rgba(239, 68, 68, 0.3);
+  border-color: #ef4444;
 }

 .btn-pdf {
@@ -2684,15 +2706,18 @@ html.scheme-dark .themed-select-option.is-selected {
 }

 .events-actions-td {
+  width: 1%;
+  min-width: 88px;
  white-space: nowrap;
+  vertical-align: middle;
 }

-.events-actions-td .btn-icon {
-  margin-left: 4px;
-}
-
-.events-actions-td .btn-icon:first-child {
-  margin-left: 0;
+.events-actions-cell {
+  display: inline-flex;
+  align-items: center;
+  justify-content: flex-end;
+  gap: 8px;
+  flex-wrap: nowrap;
 }

 .events-table tbody tr:hover {
@@ -3172,9 +3197,9 @@ html.theme-cupertino .events-scroll-container {
  position: absolute;
  top: 8px;
  right: 8px;
-  background: rgba(15, 23, 42, 0.7);
-  border: 1px solid rgba(255, 255, 255, 0.1);
-  color: #f43f5e;
+  background: rgba(239, 68, 68, 0.22);
+  border: 1px solid rgba(239, 68, 68, 0.4);
+  color: #fca5a5;
  border-radius: 50%;
  width: 32px;
  height: 32px;
@@ -3186,9 +3211,10 @@ html.theme-cupertino .events-scroll-container {
 }

 .photo-btn-delete:hover {
-  background: #f43f5e;
+  background: rgba(239, 68, 68, 0.45);
+  border-color: #ef4444;
  color: #ffffff;
-  transform: scale(1.1);
+  transform: scale(1.08);
 }

 .photo-caption-bar {
@@ -3470,6 +3496,84 @@ html.theme-cupertino .events-scroll-container {
  color: var(--app-text, inherit);
 }

+.live-log-gps-error-modal {
+  color: var(--app-warning-text, #b45309);
+  background: rgba(245, 158, 11, 0.12);
+  border: 1px solid rgba(245, 158, 11, 0.35);
+  border-radius: 8px;
+  padding: 8px 10px;
+}
+
+.gps-signal-hint {
+  margin: 8px 0 0;
+  font-size: 13px;
+  line-height: 1.45;
+}
+
+.gps-signal-hint-label {
+  display: inline-flex;
+  align-items: flex-start;
+  gap: 8px;
+}
+
+.gps-signal-icon {
+  flex-shrink: 0;
+  margin-top: 2px;
+}
+
+.gps-signal-bars {
+  display: inline-flex;
+  align-items: flex-end;
+  gap: 2px;
+  height: 14px;
+  flex-shrink: 0;
+}
+
+.gps-signal-bar {
+  width: 4px;
+  border-radius: 1px;
+  background: var(--app-border, rgba(148, 163, 184, 0.45));
+}
+
+.gps-signal-bar:nth-child(1) { height: 4px; }
+.gps-signal-bar:nth-child(2) { height: 7px; }
+.gps-signal-bar:nth-child(3) { height: 10px; }
+.gps-signal-bar:nth-child(4) { height: 14px; }
+
+.gps-signal-bar.is-active {
+  background: var(--app-accent-light, #22c55e);
+}
+
+.gps-signal-excellent .gps-signal-bar.is-active {
+  background: #22c55e;
+}
+
+.gps-signal-good .gps-signal-bar.is-active {
+  background: #84cc16;
+}
+
+.gps-signal-fair .gps-signal-bar.is-active,
+.gps-signal-unknown .gps-signal-bar.is-active {
+  background: #eab308;
+}
+
+.gps-signal-poor .gps-signal-bar.is-active {
+  background: #f97316;
+}
+
+.gps-signal-poor,
+.gps-signal-fair {
+  color: var(--app-warning-text, #b45309);
+}
+
+.gps-signal-hint-editor {
+  margin-top: 6px;
+}
+
+.gps-signal-hint-modal {
+  margin: 0 0 10px;
+}
+
 .live-log-layout {
  display: grid;
  grid-template-columns: minmax(148px, 200px) 1fr;
@@ -3645,10 +3749,14 @@ html.theme-cupertino .events-scroll-container {
 .live-log-summary-block {
  display: flex;
  flex-direction: column;
-  gap: 6px;
+  gap: 8px;
  min-width: 0;
 }

+.live-log-summary-block .voice-memo-player-shell {
+  margin-top: 2px;
+}
+
 .live-voice-modal .live-voice-modal-header {
  display: flex;
  align-items: center;
@@ -3697,14 +3805,27 @@ html.theme-cupertino .events-scroll-container {
  font-size: 13px;
 }

+.voice-memo-player-shell {
+  display: block;
+  max-width: 100%;
+  padding: 2px 4px 2px 0;
+  box-sizing: border-box;
+}
+
 .voice-memo-player {
+  display: block;
  width: 100%;
-  max-width: 280px;
-  height: 32px;
+  max-width: 300px;
+  min-width: 260px;
+  height: 36px;
+  box-sizing: border-box;
+  padding-inline: 2px 12px;
 }

 .voice-memo-player--compact {
-  max-width: 220px;
+  max-width: 280px;
+  min-width: 240px;
+  padding-inline-end: 14px;
 }

 .voice-memo-player-unavailable {
@@ -3720,6 +3841,18 @@ html.theme-cupertino .events-scroll-container {
  align-items: flex-start;
 }

+.event-remarks-cell--voice {
+  gap: 8px;
+}
+
+.events-table .remarks-td {
+  padding-right: 20px;
+}
+
+.events-table .remarks-td + .events-actions-td {
+  padding-left: 12px;
+}
+
@media (max-width: 720px) {
  .live-log-layout {
    grid-template-columns: 1fr;
@@ -3814,14 +3947,14 @@ html.theme-cupertino .events-scroll-container {
  max-width: min(100%, 420px);
 }

-.live-log-fix-coords {
+.live-log-position-coords {
  margin: 0;
  padding: 0;
  border: none;
  min-width: 0;
 }

-.live-log-fix-label {
+.live-log-position-label {
  display: block;
  margin: 0 0 10px;
  padding: 0;
@@ -3830,35 +3963,35 @@ html.theme-cupertino .events-scroll-container {
  color: var(--app-text-muted);
 }

-.live-log-fix-coords-row {
+.live-log-position-coords-row {
  display: grid;
  grid-template-columns: 1fr 1fr;
  gap: 10px;
  min-width: 0;
 }

-.live-log-fix-field {
+.live-log-position-field {
  display: flex;
  flex-direction: column;
  gap: 6px;
  min-width: 0;
 }

-.live-log-fix-field-label {
+.live-log-position-field-label {
  font-size: 12px;
  color: var(--app-text-muted);
 }

-.live-log-fix-field .input-text {
+.live-log-position-field .input-text {
  width: 100%;
  box-sizing: border-box;
 }

-.live-log-fix-gps-row {
+.live-log-position-gps-row {
  margin-top: 10px;
 }

-.live-log-fix-gps-btn {
+.live-log-position-gps-btn {
  width: 100%;
  box-sizing: border-box;
  display: flex;
@@ -4083,15 +4216,23 @@ html.theme-cupertino .events-scroll-container {
  min-height: auto !important;
 }

+.btn-inline-icon {
+  width: auto !important;
+  display: inline-flex !important;
+  align-items: center;
+  gap: 6px;
+}
+
 .btn.danger {
-  background: rgba(239, 68, 68, 0.15) !important;
+  background: rgba(239, 68, 68, 0.2) !important;
  color: #fca5a5 !important;
-  border: 1px solid rgba(239, 68, 68, 0.3) !important;
+  border: 1px solid rgba(239, 68, 68, 0.38) !important;
 }

 .btn.danger:hover {
-  background: rgba(239, 68, 68, 0.25) !important;
+  background: rgba(239, 68, 68, 0.32) !important;
  border-color: #ef4444 !important;
+  color: #fecaca !important;
 }

 /* Crew Avatar Card Styling */
@@ -4778,6 +4919,177 @@ html.theme-cupertino .events-scroll-container {
  padding-bottom: 8px;
 }

+.admin-page {
+  width: 100%;
+  max-width: 1200px;
+  min-height: 100vh;
+  margin: 0 auto;
+  padding: 24px;
+  box-sizing: border-box;
+  color: var(--app-text);
+  display: flex;
+  flex-direction: column;
+  gap: 24px;
+}
+
+.admin-header {
+  display: flex;
+  align-items: flex-start;
+  justify-content: space-between;
+  gap: 16px;
+  padding-bottom: 16px;
+  border-bottom: 1px solid var(--app-header-border);
+}
+
+.admin-header-left {
+  display: flex;
+  align-items: flex-start;
+  gap: 20px;
+  min-width: 0;
+}
+
+.admin-title {
+  margin: 0;
+  font-size: 24px;
+  font-weight: 700;
+  background: var(--app-accent-gradient);
+  -webkit-background-clip: text;
+  background-clip: text;
+  -webkit-text-fill-color: transparent;
+}
+
+.admin-subtitle {
+  margin: 6px 0 0;
+  font-size: 14px;
+  color: var(--app-text-muted);
+}
+
+.admin-main {
+  display: flex;
+  flex-direction: column;
+  gap: 24px;
+  width: 100%;
+}
+
+.admin-kpi-grid {
+  margin-top: 0;
+  grid-template-columns: repeat(3, minmax(0, 1fr));
+}
+
+.admin-controls {
+  display: flex;
+  flex-wrap: wrap;
+  gap: 24px;
+  padding: 16px 20px;
+  border-radius: var(--app-radius-card);
+  border: 1px solid var(--app-border-subtle);
+  background: var(--app-surface);
+}
+
+.admin-control-group {
+  display: flex;
+  flex-direction: column;
+  gap: 10px;
+  min-width: 0;
+}
+
+.admin-control-label {
+  font-size: 13px;
+  font-weight: 600;
+  color: var(--app-text-muted);
+}
+
+.admin-control-buttons {
+  display: flex;
+  flex-wrap: wrap;
+  gap: 8px;
+}
+
+.admin-control-buttons .btn {
+  width: auto;
+  padding: 8px 16px;
+  font-size: 14px;
+}
+
+.admin-charts-grid {
+  display: grid;
+  grid-template-columns: repeat(auto-fit, minmax(min(100%, 320px), 1fr));
+  gap: 20px;
+}
+
+.dashboard-subtitle {
+  margin-top: 4px;
+  font-size: 14px;
+  color: var(--app-text-muted);
+}
+
+@media (max-width: 640px) {
+  .admin-page {
+    padding: 12px 12px 20px;
+    gap: 16px;
+    min-height: auto;
+  }
+
+  .admin-header {
+    padding-bottom: 12px;
+  }
+
+  .admin-header-left {
+    display: grid;
+    grid-template-columns: auto 1fr;
+    grid-template-rows: auto auto;
+    align-items: center;
+    column-gap: 10px;
+    row-gap: 2px;
+  }
+
+  .admin-header-left .btn-back {
+    grid-row: 1 / -1;
+    align-self: center;
+    padding: 6px 10px;
+    font-size: 13px;
+  }
+
+  .admin-title {
+    font-size: 18px;
+    line-height: 1.2;
+  }
+
+  .admin-subtitle {
+    font-size: 11px;
+    margin: 0;
+    line-height: 1.35;
+  }
+
+  .admin-main {
+    gap: 16px;
+  }
+
+  .admin-controls {
+    display: grid;
+    grid-template-columns: 1fr 1fr;
+    gap: 12px;
+    padding: 12px;
+  }
+
+  .admin-control-buttons {
+    gap: 6px;
+  }
+
+  .admin-control-label {
+    font-size: 11px;
+  }
+
+  .admin-control-buttons .btn {
+    padding: 6px 8px;
+    font-size: 12px;
+  }
+
+  .admin-charts-grid {
+    gap: 14px;
+  }
+}
+
 .stats-consumption-chart .stats-bar-column--grouped {
  display: inline-flex;
  white-space: normal;
@@ -4877,6 +5189,36 @@ html.theme-cupertino .events-scroll-container {
    grid-template-columns: 1fr;
  }

+  /* Admin dashboard: keep 2-column KPI grid on mobile (overrides rule above) */
+  .stats-kpi-grid.admin-kpi-grid {
+    grid-template-columns: repeat(2, minmax(0, 1fr));
+    gap: 10px;
+  }
+
+  .admin-kpi-grid .stats-kpi-card {
+    padding: 10px 12px;
+    gap: 8px;
+  }
+
+  .admin-kpi-grid .stats-kpi-icon {
+    margin-top: 0;
+  }
+
+  .admin-kpi-grid .stats-kpi-icon svg {
+    width: 18px;
+    height: 18px;
+  }
+
+  .admin-kpi-grid .stats-kpi-label {
+    font-size: 11px;
+    line-height: 1.25;
+    margin-bottom: 2px;
+  }
+
+  .admin-kpi-grid .stats-kpi-value {
+    font-size: 18px;
+  }
+
  .stats-kpi-value {
    font-size: 20px;
  }
@@ -5156,8 +5498,9 @@ html.theme-cupertino .events-scroll-container {
 /* PWA install prompt */
 .pwa-install-banner {
  position: fixed;
-  left: 16px;
-  right: 16px;
+  left: 0;
+  right: 0;
+  width: calc(100% - 32px);
  bottom: calc(36px + env(safe-area-inset-bottom, 0px));
  z-index: 1200;
  display: grid;
@@ -5320,8 +5663,9 @@ html.theme-cupertino .events-scroll-container {
 .pwa-update-banner {
  position: fixed;
  top: calc(12px + env(safe-area-inset-top, 0px));
-  left: 16px;
-  right: 16px;
+  left: 0;
+  right: 0;
+  width: calc(100% - 32px);
  z-index: 1300;
  display: grid;
  grid-template-columns: auto 1fr auto;
@@ -5436,7 +5780,7 @@ html.theme-cupertino .events-scroll-container {
  flex-wrap: wrap;
  gap: 6px;
  padding: 6px 12px calc(6px + env(safe-area-inset-bottom, 0px));
-  font-size: 11px;
+  font-size: 13px;
  line-height: 1.4;
  color: #64748b;
  background: rgba(11, 12, 16, 0.72);
@@ -5444,6 +5788,12 @@ html.theme-cupertino .events-scroll-container {
  pointer-events: none;
 }

+@media (max-width: 768px) {
+  body:has(.app-bottom-nav) .app-version-footer {
+    display: none;
+  }
+}
+
 .app-version-footer a,
 .app-version-footer button {
  pointer-events: auto;
@@ -5478,7 +5828,7 @@ html.theme-cupertino .events-scroll-container {
  gap: 4px;
  padding: 2px 8px;
  border-radius: 999px;
-  font-size: 11px;
+  font-size: 13px;
  font-weight: 500;
  color: #94a3b8;
  text-decoration: none;
@@ -5493,6 +5843,48 @@ html.theme-cupertino .events-scroll-container {
  border-color: rgba(255, 94, 91, 0.32);
 }

+.mail-footer-badge {
+  display: inline-flex;
+  align-items: center;
+  gap: 4px;
+  padding: 2px 8px;
+  border-radius: 999px;
+  font-size: 13px;
+  font-weight: 500;
+  color: #94a3b8;
+  text-decoration: none;
+  background: rgba(56, 189, 248, 0.08);
+  border: 1px solid rgba(56, 189, 248, 0.18);
+  transition: color 0.15s ease, background 0.15s ease, border-color 0.15s ease;
+}
+
+.mail-footer-badge:hover {
+  color: #bae6fd;
+  background: rgba(56, 189, 248, 0.14);
+  border-color: rgba(56, 189, 248, 0.32);
+}
+
+.knorrlabs-footer-badge {
+  display: inline-flex;
+  align-items: center;
+  gap: 4px;
+  padding: 2px 8px;
+  border-radius: 999px;
+  font-size: 13px;
+  font-weight: 500;
+  color: #94a3b8;
+  text-decoration: none;
+  background: rgba(139, 92, 246, 0.08);
+  border: 1px solid rgba(139, 92, 246, 0.18);
+  transition: color 0.15s ease, background 0.15s ease, border-color 0.15s ease;
+}
+
+.knorrlabs-footer-badge:hover {
+  color: #ddd6fe;
+  background: rgba(139, 92, 246, 0.14);
+  border-color: rgba(139, 92, 246, 0.32);
+}
+
 .demo-badge {
  display: inline-flex;
  align-items: center;
@@ -5642,13 +6034,15 @@ html.theme-cupertino .events-scroll-container {
 .app-tour-root {
  position: fixed;
  inset: 0;
-  z-index: 10000;
+  /* Above .app-tour-target-active (10001) so tooltip/backdrop stay topmost */
+  z-index: 10010;
  pointer-events: none;
 }

 .app-tour-backdrop {
  position: absolute;
  inset: 0;
+  z-index: 1;
  background: rgba(2, 6, 23, 0.62);
  pointer-events: auto;
 }
@@ -5666,7 +6060,7 @@ html.theme-cupertino .events-scroll-container {
    0 0 32px rgba(56, 189, 248, 0.5),
    0 12px 40px rgba(0, 0, 0, 0.35);
  pointer-events: none;
-  z-index: 10001;
+  z-index: 2;
 }

 body.app-tour-active .app-tour-target-active {
@@ -5677,7 +6071,8 @@ body.app-tour-active .app-tour-target-active {

 .app-tour-tooltip {
  position: fixed;
-  z-index: 10002;
+  /* Layer above backdrop/spotlight inside .app-tour-root (not vs. root's 10010) */
+  z-index: 3;
  box-sizing: border-box;
  width: min(420px, calc(100vw - 32px));
  max-width: calc(100vw - 32px);
@@ -36,6 +36,7 @@ import { syncAppearancePrefs } from './services/appearancePrefs.js'
 import { startBackgroundSync, stopBackgroundSync, syncAllLogbooks, subscribeToSyncState } from './services/sync.js'
 import ReadOnlyViewer from './components/ReadOnlyViewer.tsx'
 import DemoViewer from './components/DemoViewer.tsx'
+import AdminDashboard from './admin/AdminDashboard.tsx'
 import PwaInstallPrompt from './components/PwaInstallPrompt.tsx'
 import PwaUpdatePrompt from './components/PwaUpdatePrompt.tsx'
 import AppFooter from './components/AppFooter.tsx'
@@ -49,6 +50,8 @@ import { Ship, LogOut, ChevronLeft, Users, FileText, Settings, Wifi, WifiOff, La
 import DisclaimerHeaderButton from './components/DisclaimerHeaderButton.tsx'
 import FeedbackHeaderButton from './components/FeedbackHeaderButton.tsx'
 import ProfileHeaderButton from './components/ProfileHeaderButton.tsx'
+import AdminHeaderButton from './components/AdminHeaderButton.tsx'
+import { checkAdminAccess } from './services/adminApi.js'
 import { useTranslation } from 'react-i18next'
 import { cycleAppLanguage } from './utils/i18nLanguages.js'
 import {
@@ -92,6 +95,10 @@ function App() {

  // Public demo mode (no account required)
  const [isDemoMode, setIsDemoMode] = useState(() => window.location.pathname === '/demo')
+  const [isAdminRoute, setIsAdminRoute] = useState(() => window.location.pathname.startsWith('/admin'))
+  const [isAdminUser, setIsAdminUser] = useState(false)
+  const [sessionChecked, setSessionChecked] = useState(false)
+  const [serverSessionActive, setServerSessionActive] = useState(false)

  const syncQueueCount = useLiveQuery(
    () => activeLogbookId ? db.syncQueue.where({ logbookId: activeLogbookId }).count() : db.syncQueue.count(),
@@ -160,14 +167,23 @@ function App() {
    })
  }, [])

+  const refreshAdminAccess = useCallback(async () => {
+    const isAdmin = await checkAdminAccess()
+    setIsAdminUser(isAdmin)
+  }, [])
+
  useEffect(() => {
-    if (!isAuthenticated) return
+    if (!isAuthenticated) {
+      setIsAdminUser(false)
+      return
+    }
    const userId = localStorage.getItem('active_userid')
    if (!userId) return
    void syncAppearancePrefs(userId)
    void migrateLegacyCrewToPoolIfNeeded().then(() => syncPersonPool())
    void migrateLegacyYachtsToPoolIfNeeded().then(() => syncVesselPool())
-  }, [isAuthenticated])
+    void refreshAdminAccess()
+  }, [isAuthenticated, refreshAdminAccess])

  useEffect(() => {
    const handleOnline = () => {
@@ -199,6 +215,13 @@ function App() {
    const hashParams = new URLSearchParams(window.location.hash.substring(1))
    const path = window.location.pathname

+    if (path.startsWith('/admin')) {
+      setIsAdminRoute(true)
+      return
+    }
+
+    setIsAdminRoute(false)
+
    if (path === '/demo') {
      setIsDemoMode(true)
      setIsViewerMode(false)
@@ -240,6 +263,7 @@ function App() {

  const clearAuthenticatedAppState = useCallback(() => {
    setIsAuthenticated(false)
+    setIsAdminUser(false)
    setActiveLogbookId(null)
    setActiveLogbookTitle(null)
    setShowUserProfile(false)
@@ -249,7 +273,7 @@ function App() {

  /** After PWA/bfcache resume, React state may still say "logged in" while the master key is gone. */
  const enforceUnlockedSession = useCallback(() => {
-    if (isViewerMode || isDemoMode || isAcceptingInvite) return
+    if (isViewerMode || isDemoMode || isAcceptingInvite || isAdminRoute) return
    // Require full local session (incl. userId) so API calls are not left headless.
    if (isAuthenticated && !hasUnlockedLocalSession()) {
      clearAuthenticatedAppState()
@@ -259,6 +283,7 @@ function App() {
    isViewerMode,
    isDemoMode,
    isAcceptingInvite,
+    isAdminRoute,
    clearAuthenticatedAppState
  ])

@@ -293,6 +318,8 @@ function App() {
        const session = await checkServerSession()
        if (cancelled) return

+        setServerSessionActive(session.authenticated)
+
        if (session.authenticated) {
          persistSessionUserId(session.userId)
        }
@@ -312,6 +339,10 @@ function App() {
        if (!cancelled) {
          console.warn('Session restore failed:', err)
        }
+      } finally {
+        if (!cancelled) {
+          setSessionChecked(true)
+        }
      }
    })()

@@ -333,6 +364,14 @@ function App() {
    setIsAcceptingInvite(false)
  }, [])

+  const openAdmin = useCallback(() => {
+    window.history.pushState({}, document.title, '/admin')
+    setIsAdminRoute(true)
+    setIsDemoMode(false)
+    setIsViewerMode(false)
+    setIsAcceptingInvite(false)
+  }, [])
+
  const selectLogbook = useCallback((id: string, title: string) => {
    setActiveLogbookId(id)
    setActiveLogbookTitle(title)
@@ -497,6 +536,7 @@ function App() {
    if (!(await confirmLeave())) return
    void logoutUser()
    setIsAuthenticated(false)
+    setIsAdminUser(false)
    setActiveLogbookId(null)
    setActiveLogbookTitle(null)
    setShowUserProfile(false)
@@ -524,6 +564,28 @@ function App() {
    syncRouteFromLocation()
  }

+  const handleBackFromAdmin = () => {
+    window.history.replaceState({}, document.title, '/')
+    setIsAdminRoute(false)
+    syncRouteFromLocation()
+  }
+
+  if (isAdminRoute) {
+    if (!isAuthenticated) {
+      return (
+        <div className="auth-screen">
+          <AuthOnboarding onAuthenticated={handleAuthenticated} onOpenDemo={openDemo} />
+        </div>
+      )
+    }
+
+    return (
+      <div style={{ display: 'contents' }}>
+        <AdminDashboard onBack={handleBackFromAdmin} />
+      </div>
+    )
+  }
+
  if (isDemoMode) {
    return (
      <div style={{ display: 'contents' }}>
@@ -564,7 +626,17 @@ function App() {
  if (!isAuthenticated) {
    return (
      <div className="auth-screen">
-        <AuthOnboarding onAuthenticated={handleAuthenticated} onOpenDemo={openDemo} />
+        {!sessionChecked ? (
+          <div className="auth-card glass">
+            <p className="dashboard-status-msg">{t('auth.restore_checking')}</p>
+          </div>
+        ) : (
+          <AuthOnboarding
+            restoreSession={serverSessionActive}
+            onAuthenticated={handleAuthenticated}
+            onOpenDemo={openDemo}
+          />
+        )}
      </div>
    )
  }
@@ -597,6 +669,7 @@ function App() {
          onSelectLogbook={selectLogbook}
          onLogout={handleLogout}
          onOpenProfile={() => setShowUserProfile(true)}
+          onOpenAdmin={isAdminUser ? openAdmin : undefined}
        />
      </div>
    )
@@ -647,6 +720,8 @@ function App() {
              <Languages size={18} />
            </button>

+            {isAdminUser && <AdminHeaderButton onClick={openAdmin} />}
+
            <ProfileHeaderButton onClick={() => setShowUserProfile(true)} />

            <DisclaimerHeaderButton />
@@ -0,0 +1,240 @@
+import { useEffect, useState, type ReactNode } from 'react'
+import {
+  fetchAdminMe,
+  fetchAdminSummary,
+  fetchAdminTimeSeries,
+  type AdminSummary,
+  type AdminTimeSeriesResponse,
+  type AdminTimeBucket
+} from '../services/adminApi.js'
+import { BarChart2, Bookmark, ChevronLeft, Image, MapPin, Mic, Users } from 'lucide-react'
+
+function formatNumber(value: number): string {
+  return value.toLocaleString()
+}
+
+function KpiCard({
+  icon,
+  label,
+  value
+}: {
+  icon: ReactNode
+  label: string
+  value: number
+}) {
+  return (
+    <div className="stats-kpi-card glass">
+      <div className="stats-kpi-icon">{icon}</div>
+      <div className="stats-kpi-body">
+        <span className="stats-kpi-label">{label}</span>
+        <span className="stats-kpi-value">{formatNumber(value)}</span>
+      </div>
+    </div>
+  )
+}
+
+function TimeSeriesChart({
+  title,
+  seriesKey,
+  data
+}: {
+  title: string
+  seriesKey: string
+  data: AdminTimeSeriesResponse | null
+}) {
+  if (!data) {
+    return null
+  }
+
+  const metric = data.series.find((s) => s.metric === seriesKey)
+  if (!metric || metric.points.length === 0) {
+    return (
+      <div className="form-card glass">
+        <div className="form-header">
+          <BarChart2 className="form-icon" />
+          <h2>{title}</h2>
+        </div>
+        <p className="dashboard-status-msg">Keine Daten im gewählten Zeitraum.</p>
+      </div>
+    )
+  }
+
+  const max = metric.points.reduce((acc, p) => (p.count > acc ? p.count : acc), 0) || 1
+
+  return (
+    <div className="form-card glass">
+      <div className="form-header">
+        <BarChart2 className="form-icon" />
+        <h2>{title}</h2>
+      </div>
+      <div className="stats-bar-chart" role="img" aria-label={title}>
+        {metric.points.map((point) => {
+          const heightPct = Math.max(2, (point.count / max) * 100)
+          return (
+            <div key={point.date} className="stats-bar-column" title={`${point.date}: ${point.count}`}>
+              <span className="stats-bar-value">{point.count > 0 ? String(point.count) : ''}</span>
+              <div className="stats-bar-track">
+                <div className="stats-bar stats-bar--distance" style={{ height: `${heightPct}%` }} />
+              </div>
+              <span className="stats-bar-label">{point.date.slice(5)}</span>
+            </div>
+          )
+        })}
+      </div>
+    </div>
+  )
+}
+
+interface AdminDashboardProps {
+  onBack: () => void
+}
+
+export default function AdminDashboard({ onBack }: AdminDashboardProps) {
+  const [loading, setLoading] = useState(true)
+  const [error, setError] = useState<string | null>(null)
+  const [summary, setSummary] = useState<AdminSummary | null>(null)
+  const [timeSeries, setTimeSeries] = useState<AdminTimeSeriesResponse | null>(null)
+  const [bucket, setBucket] = useState<AdminTimeBucket>('day')
+  const [windowDays, setWindowDays] = useState(90)
+
+  useEffect(() => {
+    let cancelled = false
+
+    async function load() {
+      try {
+        setLoading(true)
+        setError(null)
+
+        await fetchAdminMe()
+        const [summaryRes, tsRes] = await Promise.all([
+          fetchAdminSummary(),
+          fetchAdminTimeSeries({ bucket, windowDays })
+        ])
+
+        if (!cancelled) {
+          setSummary(summaryRes)
+          setTimeSeries(tsRes)
+        }
+      } catch (err: unknown) {
+        if (!cancelled) {
+          const message =
+            err instanceof Error && err.message ? err.message : 'Fehler beim Laden des Admin-Dashboards'
+          setError(message)
+        }
+      } finally {
+        if (!cancelled) {
+          setLoading(false)
+        }
+      }
+    }
+
+    void load()
+
+    return () => {
+      cancelled = true
+    }
+  }, [bucket, windowDays])
+
+  if (loading && !summary) {
+    return (
+      <div className="admin-page">
+        <p className="dashboard-status-msg">Admin-Dashboard wird geladen…</p>
+      </div>
+    )
+  }
+
+  if (error) {
+    return (
+      <div className="admin-page">
+        <header className="admin-header">
+          <button type="button" className="btn-back" onClick={onBack}>
+            <ChevronLeft size={16} />
+            Zur App
+          </button>
+        </header>
+        <p className="dashboard-status-msg">{error}</p>
+      </div>
+    )
+  }
+
+  if (!summary) {
+    return (
+      <div className="admin-page">
+        <p className="dashboard-status-msg">Keine Admin-Daten verfügbar.</p>
+      </div>
+    )
+  }
+
+  return (
+    <div className="admin-page">
+      <header className="admin-header">
+        <div className="admin-header-left">
+          <button type="button" className="btn-back" onClick={onBack}>
+            <ChevronLeft size={16} />
+            Zur App
+          </button>
+          <div>
+            <h1 className="admin-title">Admin-Dashboard</h1>
+            <p className="admin-subtitle">
+              Übersicht über Nutzung und Wachstum von Kapteins Daagbok.
+            </p>
+          </div>
+        </div>
+      </header>
+
+      <main className="admin-main">
+        <section className="stats-kpi-grid admin-kpi-grid">
+          <KpiCard icon={<Users size={20} />} label="Registrierte Benutzer" value={summary.totalUsers} />
+          <KpiCard icon={<Bookmark size={20} />} label="Logbücher" value={summary.totalLogbooks} />
+          <KpiCard icon={<Image size={20} />} label="Fotos" value={summary.totalPhotos} />
+          <KpiCard icon={<Mic size={20} />} label="Sprachmemos" value={summary.totalVoiceMemos} />
+          <KpiCard icon={<MapPin size={20} />} label="GPS-Tracks" value={summary.totalGpsTracks} />
+          <KpiCard
+            icon={<BarChart2 size={20} />}
+            label="Einträge mit AI-Zusammenfassung"
+            value={summary.aiSummaryEntries}
+          />
+        </section>
+
+        <section className="admin-controls">
+          <div className="admin-control-group">
+            <span className="admin-control-label">Zeitraum</span>
+            <div className="admin-control-buttons">
+              {[30, 90, 365].map((days) => (
+                <button
+                  key={days}
+                  type="button"
+                  className={days === windowDays ? 'btn primary' : 'btn secondary'}
+                  onClick={() => setWindowDays(days)}
+                >
+                  {days} Tage
+                </button>
+              ))}
+            </div>
+          </div>
+          <div className="admin-control-group">
+            <span className="admin-control-label">Aggregation</span>
+            <div className="admin-control-buttons">
+              {(['day', 'week', 'month'] as AdminTimeBucket[]).map((b) => (
+                <button
+                  key={b}
+                  type="button"
+                  className={b === bucket ? 'btn primary' : 'btn secondary'}
+                  onClick={() => setBucket(b)}
+                >
+                  {b === 'day' ? 'Tag' : b === 'week' ? 'Woche' : 'Monat'}
+                </button>
+              ))}
+            </div>
+          </div>
+        </section>
+
+        <section className="admin-charts-grid">
+          <TimeSeriesChart title="Neue Benutzer" seriesKey="users_created" data={timeSeries} />
+          <TimeSeriesChart title="Neue Logbücher" seriesKey="logbooks_created" data={timeSeries} />
+          <TimeSeriesChart title="Foto-Aktivität" seriesKey="photos_updated" data={timeSeries} />
+        </section>
+      </main>
+    </div>
+  )
+}
@@ -0,0 +1,23 @@
+import { useTranslation } from 'react-i18next'
+import { LayoutDashboard } from 'lucide-react'
+
+interface AdminHeaderButtonProps {
+  onClick: () => void
+}
+
+export default function AdminHeaderButton({ onClick }: AdminHeaderButtonProps) {
+  const { t } = useTranslation()
+
+  return (
+    <button
+      type="button"
+      className="btn-icon skipper-badge"
+      onClick={onClick}
+      title={t('nav.admin')}
+      aria-label={t('nav.admin')}
+    >
+      <LayoutDashboard size={18} aria-hidden="true" />
+      <span className="skipper-badge__name">{t('nav.admin')}</span>
+    </button>
+  )
+}
@@ -1,4 +1,4 @@
-import { Coffee } from 'lucide-react'
+import { Coffee, Mail, Compass } from 'lucide-react'
 import { useTranslation } from 'react-i18next'
 import { PlausibleEvents, trackPlausibleEvent } from '../services/analytics.js'

@@ -15,17 +15,35 @@ export default function AppFooter() {
        ·
      </span>
      <span className="app-version-footer__copyright">
-        © 2026 KnorrLabs/
-        <a
-          href="mailto:elpatron+kd@mailbox.org"
-          onClick={() => trackPlausibleEvent(PlausibleEvents.FOOTER_LINK_CLICKED)}
-        >
-          Markus F.J. Busche
-        </a>
+        © 2026
      </span>
      <span className="app-version-footer__sep" aria-hidden="true">
        ·
      </span>
+      <a
+        className="knorrlabs-footer-badge"
+        href="https://dashy.elpatron.me/"
+        target="_blank"
+        rel="noopener noreferrer"
+        onClick={() => trackPlausibleEvent(PlausibleEvents.FOOTER_LINK_CLICKED)}
+      >
+        <Compass size={14} aria-hidden="true" />
+        <span>KnorrLabs</span>
+      </a>
+      <span className="app-version-footer__sep" aria-hidden="true">
+        ·
+      </span>
+      <a
+        className="mail-footer-badge"
+        href="mailto:moin@kapteins-daagbok.eu"
+        onClick={() => trackPlausibleEvent(PlausibleEvents.FOOTER_LINK_CLICKED)}
+      >
+        <Mail size={14} aria-hidden="true" />
+        <span>moin@kapteins-daagbok.eu</span>
+      </a>
+      <span className="app-version-footer__sep" aria-hidden="true">
+        ·
+      </span>
      <a
        className="kofi-footer-badge"
        href={KOFI_URL}
@@ -35,7 +53,7 @@ export default function AppFooter() {
        aria-label={t('footer.kofi_title')}
        onClick={() => trackPlausibleEvent(PlausibleEvents.KOFI_LINK_CLICKED)}
      >
-        <Coffee size={12} aria-hidden="true" />
+        <Coffee size={14} aria-hidden="true" />
        <span>{t('footer.kofi_label')}</span>
      </a>
    </footer>
@@ -1,4 +1,4 @@
-import React, { useState } from 'react'
+import React, { useEffect, useRef, useState } from 'react'
 import { useTranslation } from 'react-i18next'
 import { cycleAppLanguage, getNextLanguage } from '../utils/i18nLanguages.js'
 import {
@@ -12,7 +12,8 @@ import {
  getKnownUsernames,
  forgetUsername,
  hasUnlockedLocalSession,
-  logoutUser
+  logoutUser,
+  resolveRestoreUsername
 } from '../services/auth.js'
 import { KeyRound, ShieldAlert, Languages, HelpCircle, UserRound, X } from 'lucide-react'
 import RegistrationDisclaimer from './RegistrationDisclaimer.tsx'
@@ -27,9 +28,15 @@ import {
 interface AuthOnboardingProps {
  onAuthenticated: () => void
  onOpenDemo?: () => void
+  /** Server session cookie is valid but the in-memory master key was lost (e.g. after reload). */
+  restoreSession?: boolean
 }

-export default function AuthOnboarding({ onAuthenticated, onOpenDemo }: AuthOnboardingProps) {
+export default function AuthOnboarding({
+  onAuthenticated,
+  onOpenDemo,
+  restoreSession = false
+}: AuthOnboardingProps) {
  const { t, i18n } = useTranslation()
  const [username, setUsername] = useState('')
  const [loading, setLoading] = useState(false)
@@ -60,7 +67,10 @@ export default function AuthOnboarding({ onAuthenticated, onOpenDemo }: AuthOnbo
  const [isNewRegistration, setIsNewRegistration] = useState(false)
  const [showDisclaimer, setShowDisclaimer] = useState(false)
  const [showHelp, setShowHelp] = useState(false)
+  const [showStandardLogin, setShowStandardLogin] = useState(false)
+  const autoUnlockAttempted = useRef(false)

+  const isRestoreFlow = restoreSession && !showStandardLogin
  const passkeyHostOk = isPasskeyCompatibleLocation()
  const passkeyCompatibleUrl = passkeyHostOk ? null : toPasskeyCompatibleUrl(window.location.href)

@@ -144,6 +154,23 @@ export default function AuthOnboarding({ onAuthenticated, onOpenDemo }: AuthOnbo
    }
  }

+  useEffect(() => {
+    if (!isRestoreFlow || autoUnlockAttempted.current) return
+
+    const user = resolveRestoreUsername()
+    if (user && hasLocalPin(user)) {
+      autoUnlockAttempted.current = true
+      setUsername(user)
+      setShowPinLogin(true)
+      return
+    }
+
+    if (user && passkeyHostOk) {
+      autoUnlockAttempted.current = true
+      void handleLogin(user)
+    }
+  }, [isRestoreFlow, passkeyHostOk])
+
  const handleRecoverySubmit = async (e: React.FormEvent) => {
    e.preventDefault()
    if (!recoveryInput.trim() || !encryptedPayloads) return
@@ -347,10 +374,10 @@ export default function AuthOnboarding({ onAuthenticated, onOpenDemo }: AuthOnbo
      <div className="auth-card glass">
        <div className="auth-header">
          <KeyRound className="auth-icon accent" size={48} />
-          <h2>{t('auth.enter_pin_title')}</h2>
+          <h2>{isRestoreFlow ? t('auth.restore_title') : t('auth.enter_pin_title')}</h2>
        </div>
        <p className="recovery-warning">
-          {t('auth.enter_pin_warning')}
+          {isRestoreFlow ? t('auth.restore_pin_warning') : t('auth.enter_pin_warning')}
        </p>

        <form onSubmit={handlePinLoginSubmit} className="auth-form">
@@ -397,6 +424,12 @@ export default function AuthOnboarding({ onAuthenticated, onOpenDemo }: AuthOnbo
              type="button"
              className="btn secondary"
              onClick={() => {
+                if (isRestoreFlow) {
+                  setShowPinLogin(false)
+                  setPinLoginInput('')
+                  setError(null)
+                  return
+                }
                void (async () => {
                  setShowPinLogin(false)
                  setPinLoginInput('')
@@ -480,6 +513,101 @@ export default function AuthOnboarding({ onAuthenticated, onOpenDemo }: AuthOnbo
    )
  }

+  // Render: Session restore (active server cookie, master key lost after reload)
+  if (isRestoreFlow) {
+    const restoreUser = resolveRestoreUsername()
+    const restoreKnownUsers = getKnownUsernames()
+
+    return (
+      <div className="auth-card glass">
+        <div className="auth-header">
+          <KeyRound className="auth-icon accent" size={48} />
+          <h2>{t('auth.restore_title')}</h2>
+        </div>
+        <p className="recovery-warning">{t('auth.restore_subtitle')}</p>
+
+        {loading && (
+          <p className="dashboard-status-msg" style={{ marginTop: '12px' }}>
+            {t('auth.restore_unlocking')}
+          </p>
+        )}
+
+        {error && <div className="auth-error">{error}</div>}
+
+        {!loading && (
+          <div className="auth-actions" style={{ flexDirection: 'column', gap: '10px', marginTop: '16px' }}>
+            {restoreUser && passkeyHostOk && (
+              <button
+                type="button"
+                className="btn primary"
+                onClick={() => handleLogin(restoreUser)}
+                style={{ width: '100%' }}
+              >
+                {t('auth.restore_with_passkey', { name: restoreUser })}
+              </button>
+            )}
+
+            {restoreUser && hasLocalPin(restoreUser) && (
+              <button
+                type="button"
+                className="btn secondary"
+                onClick={() => {
+                  setUsername(restoreUser)
+                  setShowPinLogin(true)
+                }}
+                style={{ width: '100%' }}
+              >
+                {t('auth.restore_with_pin')}
+              </button>
+            )}
+
+            {restoreKnownUsers.length > 1 && (
+              <div style={{ display: 'flex', flexDirection: 'column', gap: '8px', width: '100%' }}>
+                <span style={{ fontSize: '12px', color: '#64748b', textTransform: 'uppercase' }}>
+                  {t('auth.quick_login')}
+                </span>
+                <div style={{ display: 'flex', flexWrap: 'wrap', gap: '8px', width: '100%' }}>
+                  {restoreKnownUsers.map((name) => (
+                    <button
+                      key={name}
+                      type="button"
+                      onClick={() => {
+                        if (hasLocalPin(name)) {
+                          setUsername(name)
+                          setShowPinLogin(true)
+                        } else {
+                          void handleLogin(name)
+                        }
+                      }}
+                      disabled={loading}
+                      className="btn secondary"
+                      style={{ display: 'flex', alignItems: 'center', gap: '6px' }}
+                    >
+                      <UserRound size={16} />
+                      {name}
+                    </button>
+                  ))}
+                </div>
+              </div>
+            )}
+
+            <button
+              type="button"
+              className="btn secondary"
+              onClick={() => {
+                setShowStandardLogin(true)
+                setError(null)
+              }}
+              style={{ width: '100%' }}
+            >
+              {t('auth.restore_other_account')}
+            </button>
+          </div>
+        )}
+      </div>
+    )
+  }
+
  // Render 3: Standard Login / Registration options form
  return (
    <>
@@ -0,0 +1,141 @@
+import React from 'react'
+
+interface PersonSnapshot {
+  name: string
+  photo?: string | null
+  role?: string
+}
+
+interface CreatorAvatarProps {
+  creatorId?: string
+  crewSnapshotsById?: Record<string, PersonSnapshot>
+  fallbackName?: string
+  size?: number
+}
+
+const colors = [
+  '#2563eb', // blue
+  '#059669', // emerald
+  '#d97706', // amber
+  '#dc2626', // red
+  '#7c3aed', // violet
+  '#db2777', // pink
+  '#0891b2', // cyan
+  '#4f46e5', // indigo
+  '#0f766e', // teal
+  '#9333ea', // purple
+]
+
+function getAvatarColor(name: string): string {
+  let hash = 0
+  for (let i = 0; i < name.length; i++) {
+    hash = name.charCodeAt(i) + ((hash << 5) - hash)
+  }
+  const index = Math.abs(hash) % colors.length
+  return colors[index]
+}
+
+export default function CreatorAvatar({
+  creatorId,
+  crewSnapshotsById,
+  fallbackName,
+  size = 28
+}: CreatorAvatarProps) {
+  let name = ''
+  let photo: string | null = null
+  let role = ''
+
+  if (creatorId && crewSnapshotsById) {
+    let snap: PersonSnapshot | undefined = crewSnapshotsById[creatorId]
+
+    // Fallback: If not found directly by key, search by role or name or active user
+    if (!snap) {
+      if (creatorId === 'skipper') {
+        snap = Object.values(crewSnapshotsById).find((s) => s.role === 'skipper')
+      } else {
+        // Try to match name case-insensitively
+        snap = Object.values(crewSnapshotsById).find(
+          (s) => (s.name || '').trim().toLowerCase() === creatorId.trim().toLowerCase()
+        )
+
+        // Try to match active username/userid to the skipper snapshot
+        if (!snap) {
+          const activeUsername = localStorage.getItem('active_username')
+          const activeUserId = localStorage.getItem('active_userid')
+          if (
+            (activeUsername && creatorId.toLowerCase() === activeUsername.toLowerCase()) ||
+            (activeUserId && creatorId === activeUserId)
+          ) {
+            snap = Object.values(crewSnapshotsById).find((s) => s.role === 'skipper')
+          }
+        }
+      }
+    }
+
+    if (snap) {
+      name = snap.name || ''
+      photo = snap.photo || null
+      role = snap.role || ''
+    }
+  }
+
+  // Fallback to active username if owner or no crew pool matches
+  if (!name) {
+    if (creatorId === 'skipper') {
+      name = fallbackName || localStorage.getItem('active_username') || 'Skipper'
+      role = 'skipper'
+    } else if (fallbackName) {
+      name = fallbackName
+    } else if (creatorId) {
+      // If creatorId is a username itself (fallback from LiveLogView)
+      name = creatorId
+    } else {
+      name = '?'
+    }
+  }
+
+  const initial = name ? name.trim().split(/\s+/)[0]?.charAt(0).toUpperCase() || '?' : '?'
+  const bgColor = name === '?' ? '#64748b' : getAvatarColor(name)
+
+  const style: React.CSSProperties = {
+    width: `${size}px`,
+    height: `${size}px`,
+    borderRadius: '50%',
+    display: 'inline-flex',
+    alignItems: 'center',
+    justifyContent: 'center',
+    fontSize: `${Math.round(size * 0.45)}px`,
+    fontWeight: 'bold',
+    color: '#ffffff',
+    backgroundColor: bgColor,
+    flexShrink: 0,
+    verticalAlign: 'middle',
+    overflow: 'hidden',
+    border: '1px solid rgba(255, 255, 255, 0.15)',
+    boxSizing: 'border-box'
+  }
+
+  const roleText = role ? (role === 'skipper' ? 'Skipper' : 'Crew') : ''
+  const tooltip = name + (roleText ? ` (${roleText})` : '')
+
+  if (photo) {
+    return (
+      <img
+        src={photo}
+        alt={name}
+        title={tooltip}
+        style={{
+          ...style,
+          objectFit: 'cover',
+          backgroundColor: 'transparent'
+        }}
+      />
+    )
+  }
+
+  return (
+    <div style={style} title={tooltip} className="creator-avatar-fallback">
+      {initial}
+    </div>
+  )
+}
@@ -818,7 +818,7 @@ export default function CrewForm({
                      <button className="btn-icon" onClick={() => openEditMember(m)} title="Edit">
                        <Edit2 size={14} />
                      </button>
-                      <button className="btn-icon logout" onClick={() => handleDeleteMember(m.payloadId)} title="Delete">
+                      <button className="btn-icon danger" onClick={() => handleDeleteMember(m.payloadId)} title="Delete">
                        <Trash2 size={14} />
                      </button>
                    </div>
@@ -6,6 +6,7 @@ import { getLogbookKey } from '../services/logbookKeys.js'
 import { encryptJson, decryptJson } from '../services/crypto.js'
 import { syncLogbook } from '../services/sync.js'
 import { Compass, Save, Check } from 'lucide-react'
+import { parseAppDecimalOrZero } from '../utils/numberFormat.js'

 interface DeviationFormProps {
  logbookId: string
@@ -97,8 +98,8 @@ export default function DeviationForm({ logbookId, readOnly = false, preloadedDa
      const sanitizedDeviations: Record<number, number> = {}
      headings.forEach((h) => {
        const val = deviations[h] || ''
-        const parsed = parseFloat(val.replace('+', '').trim())
-        sanitizedDeviations[h] = isNaN(parsed) ? 0 : parsed
+        const parsed = parseAppDecimalOrZero(val.replace('+', '').trim())
+        sanitizedDeviations[h] = parsed
      })

      const dataToSave = {
@@ -25,7 +25,7 @@ export default function EventRemarksCell({
  }

  return (
-    <div className="event-remarks-cell">
+    <div className={`event-remarks-cell${voiceId ? ' event-remarks-cell--voice' : ''}`}>
      <span>{summary}</span>
      {voiceId && (
        <VoiceMemoPlayer
@@ -0,0 +1,47 @@
+import { useTranslation } from 'react-i18next'
+import { Signal } from 'lucide-react'
+import {
+  formatGpsAccuracyMeters,
+  gpsQualityI18nKey,
+  type GpsSignalQuality
+} from '../utils/geolocation.js'
+
+const SIGNAL_BARS: Record<GpsSignalQuality, number> = {
+  excellent: 4,
+  good: 3,
+  fair: 2,
+  poor: 1,
+  unknown: 0
+}
+
+interface GpsSignalHintProps {
+  quality: GpsSignalQuality
+  accuracyM: number | null
+  className?: string
+}
+
+export default function GpsSignalHint({ quality, accuracyM, className = '' }: GpsSignalHintProps) {
+  const { t } = useTranslation()
+  const bars = SIGNAL_BARS[quality]
+  const i18nParams = accuracyM != null ? { accuracy: formatGpsAccuracyMeters(accuracyM) } : undefined
+
+  return (
+    <p
+      className={`gps-signal-hint gps-signal-${quality} ${className}`.trim()}
+      role="status"
+    >
+      <span className="gps-signal-hint-label">
+        <Signal size={14} aria-hidden className="gps-signal-icon" />
+        <span className="gps-signal-bars" aria-hidden>
+          {[1, 2, 3, 4].map((level) => (
+            <span
+              key={level}
+              className={`gps-signal-bar ${level <= bars ? 'is-active' : ''}`}
+            />
+          ))}
+        </span>
+        <span>{t(gpsQualityI18nKey(quality), i18nParams)}</span>
+      </span>
+    </p>
+  )
+}
@@ -1,6 +1,10 @@
 import { useCallback, useEffect, useRef, useState } from 'react'
 import { useTranslation } from 'react-i18next'
 import { Camera, X } from 'lucide-react'
+import {
+  cameraErrorKeyFromDomException,
+  probeCameraAvailability
+} from '../utils/cameraAvailability.js'
 import {
  captureVideoFrame,
  preferNativeCameraPicker
@@ -15,7 +19,7 @@ interface LiveCameraCaptureProps {
  onCapture: (blob: Blob) => void
 }

-type Phase = 'live' | 'preview' | 'native'
+type Phase = 'checking' | 'live' | 'preview' | 'native'

 export default function LiveCameraCapture({
  open,
@@ -34,7 +38,7 @@ export default function LiveCameraCapture({
  const [cameraError, setCameraError] = useState<string | null>(null)
  const [ready, setReady] = useState(false)
  const [capturing, setCapturing] = useState(false)
-  const [phase, setPhase] = useState<Phase>(() => (preferNativeCameraPicker() ? 'native' : 'live'))
+  const [phase, setPhase] = useState<Phase>('checking')
  const [previewUrl, setPreviewUrl] = useState<string | null>(null)
  const [previewBlob, setPreviewBlob] = useState<Blob | null>(null)
  const [streamGeneration, setStreamGeneration] = useState(0)
@@ -87,12 +91,37 @@ export default function LiveCameraCapture({
      clearPreview()
      setCameraError(null)
      setCapturing(false)
-      setPhase(preferNativeCameraPicker() ? 'native' : 'live')
+      setPhase('checking')
      return
    }
-    setPhase(preferNativeCameraPicker() ? 'native' : 'live')
+
+    let cancelled = false
    clearPreview()
-  }, [open, stopStream, clearPreview])
+    setCameraError(null)
+    setCapturing(false)
+    setPhase('checking')
+
+    const probe = async () => {
+      const availability = await probeCameraAvailability()
+      if (cancelled) return
+
+      if (availability === 'unsupported') {
+        setCameraError(t('logs.live_photo_camera_unavailable'))
+        return
+      }
+      if (availability === 'none') {
+        setCameraError(t('logs.live_photo_no_camera'))
+        return
+      }
+
+      setPhase(preferNativeCameraPicker() ? 'native' : 'live')
+    }
+
+    void probe()
+    return () => {
+      cancelled = true
+    }
+  }, [open, clearPreview, stopStream, t])

  useEffect(() => {
    if (!open || phase !== 'live') {
@@ -105,11 +134,6 @@ export default function LiveCameraCapture({
    const start = async () => {
      setCameraError(null)
      setReady(false)
-      if (!navigator.mediaDevices?.getUserMedia) {
-        setCameraError(t('logs.live_photo_camera_unavailable'))
-        return
-      }
-
      try {
        const stream = await navigator.mediaDevices.getUserMedia({
          video: {
@@ -141,7 +165,7 @@ export default function LiveCameraCapture({
      } catch (err) {
        console.error('Camera access failed:', err)
        if (!cancelled) {
-          setCameraError(t('logs.live_photo_camera_denied'))
+          setCameraError(t(cameraErrorKeyFromDomException(err)))
        }
      }
    }
@@ -216,7 +240,7 @@ export default function LiveCameraCapture({
            className="btn secondary live-camera-close"
            onClick={onClose}
            disabled={busy}
-            aria-label={t('logs.confirm_no')}
+            aria-label={t('logs.live_cancel')}
          >
            <X size={18} />
          </button>
@@ -243,6 +267,12 @@ export default function LiveCameraCapture({
              className="live-camera-preview live-camera-preview-still"
            />
          </div>
+        ) : cameraError ? (
+          <div className="live-camera-preview-wrap">
+            <p className="live-camera-loading">{cameraError}</p>
+          </div>
+        ) : phase === 'checking' ? (
+          <p className="live-camera-loading">{t('logs.live_photo_camera_starting')}</p>
        ) : phase === 'native' ? (
          <div className="live-camera-native-prompt">
            <p className="live-log-modal-hint">{t('logs.live_photo_native_hint')}</p>
@@ -256,7 +286,7 @@ export default function LiveCameraCapture({
              {t('logs.live_photo_open_camera_btn')}
            </button>
          </div>
-        ) : cameraError && !ready ? null : (
+        ) : phase === 'live' ? (
          <div className="live-camera-preview-wrap">
            <video
              ref={videoRef}
@@ -269,7 +299,7 @@ export default function LiveCameraCapture({
              <p className="live-camera-loading">{t('logs.live_photo_camera_starting')}</p>
            )}
          </div>
-        )}
+        ) : null}

        {onCaptionChange && (
          <div className="input-group live-camera-caption">
@@ -287,7 +317,7 @@ export default function LiveCameraCapture({

        <div className="live-log-modal-actions live-camera-actions">
          <button type="button" className="btn secondary" onClick={onClose} disabled={busy}>
-            {t('logs.confirm_no')}
+            {t('logs.live_cancel')}
          </button>

          {showPreview ? (
@@ -23,18 +23,19 @@ import {
 } from 'lucide-react'
 import { PlausibleEvents, trackPlausibleEvent } from '../services/analytics.js'
 import {
-  appendQuickEvent,
-  appendQuickEvents,
-  appendTankRefill,
+  appendQuickEvent as apiAppendQuickEvent,
+  appendQuickEvents as apiAppendQuickEvents,
+  appendTankRefill as apiAppendTankRefill,
  findOrCreateTodayEntry,
  loadEntry,
  removeLastEvent
 } from '../services/quickEventLog.js'
+import CreatorAvatar from './CreatorAvatar.tsx'
 import { formatEventSummary } from '../utils/formatEventSummary.js'
 import {
  getLastAutoPositionMs,
-  getLastPositionFixWithin,
-  getLatestPositionFix,
+  getLastLoggedPositionWithin,
+  getLatestLoggedPosition,
  isMotorRunningFromEvents,
  LIVE_EVENT_CODES,
  LIVE_LOG_WEATHER_POSITION_MAX_AGE_MS,
@@ -50,12 +51,22 @@ import {
  liveTempRemark,
  liveWaterRemark
 } from '../utils/liveEventCodes.js'
+import { formatAppDecimal, formatTankLiters, parseAppDecimal } from '../utils/numberFormat.js'
+
+const formatSpeedKn = (speedKn: number) =>
+  formatAppDecimal(speedKn, { minimumFractionDigits: 1, maximumFractionDigits: 1 })
 import { parseOwmCurrentWeather } from '../utils/openWeatherMap.js'
 import { fetchOpenWeatherCurrent, WeatherApiError } from '../services/weather.js'
 import {
+  geolocationErrorI18nKey,
  getCurrentPosition,
+  getGeolocationErrorReason,
+  hasSeenGeolocationLiveIntro,
+  markGeolocationLiveIntroSeen,
  normalizeGpsCoordinates,
-  queryGeolocationPermission
+  queryGeolocationPermission,
+  type GeolocationErrorReason,
+  type GpsSignalQuality
 } from '../utils/geolocation.js'
 import { sortLogEventsByTime, type LogEventPayload } from '../utils/logEntryPayload.js'
 import {
@@ -66,6 +77,7 @@ import {
 } from '../utils/sailSelection.js'
 import { useDialog } from './ModalDialog.tsx'
 import CourseDialInput from './CourseDialInput.tsx'
+import GpsSignalHint from './GpsSignalHint.tsx'
 import LiveCameraCapture from './LiveCameraCapture.tsx'
 import LiveVoiceCapture from './LiveVoiceCapture.tsx'
 import VoiceMemoPlayer from './VoiceMemoPlayer.tsx'
@@ -96,7 +108,7 @@ type LiveModal =
  | 'water'
  | 'sog'
  | 'stw'
-  | 'fix'
+  | 'position'
  | 'photo'
  | 'voice'

@@ -142,18 +154,46 @@ function lastWindDirectionFromEvents(events: LogEventPayload[]): string {
  return ''
 }

+function gpsFailureAlertBody(
+  t: (key: string) => string,
+  reason: GeolocationErrorReason
+): string {
+  return `${t(geolocationErrorI18nKey(reason))}\n\n${t('logs.live_position_manual_hint')}`
+}
+
+function findActiveCreatorId(
+  activeUsername: string | null,
+  crewSnapshotsById: Record<string, any>,
+  selectedSkipperId: string | null
+): string {
+  const username = (activeUsername || '').trim()
+  if (username) {
+    const matchEntry = Object.entries(crewSnapshotsById).find(
+      ([_, snap]) => (snap?.name || '').trim().toLowerCase() === username.toLowerCase()
+    )
+    if (matchEntry) {
+      return matchEntry[0]
+    }
+    return username
+  }
+  return selectedSkipperId || 'skipper'
+}
+
 export default function LiveLogView({
  logbookId,
  onOpenEditor,
  onSwitchToList
 }: LiveLogViewProps) {
  const { t, i18n } = useTranslation()
-  const { showAlert } = useDialog()
+  const { showAlert, showConfirm } = useDialog()
+  const [geolocationAccessEpoch, setGeolocationAccessEpoch] = useState(0)

  const [entryId, setEntryId] = useState<string | null>(null)
  const [dayOfTravel, setDayOfTravel] = useState('')
  const [date, setDate] = useState('')
  const [events, setEvents] = useState<LogEventPayload[]>([])
+  const [crewSnapshotsById, setCrewSnapshotsById] = useState<Record<string, any>>({})
+  const [selectedSkipperId, setSelectedSkipperId] = useState<string | null>(null)
  const [yachtSails, setYachtSails] = useState<string[]>([])
  const [loading, setLoading] = useState(true)
  const [busy, setBusy] = useState(false)
@@ -167,10 +207,15 @@ export default function LiveLogView({
  const [valueInputSecondary, setValueInputSecondary] = useState('')
  const [selectedSails, setSelectedSails] = useState<string[]>([])
  const [undoVisible, setUndoVisible] = useState(false)
-  const [fixLat, setFixLat] = useState('')
-  const [fixLng, setFixLng] = useState('')
-  const [fixGpsLoading, setFixGpsLoading] = useState(false)
-  const [fixGpsUnavailable, setFixGpsUnavailable] = useState(false)
+  const [positionLat, setPositionLat] = useState('')
+  const [positionLng, setPositionLng] = useState('')
+  const [positionGpsLoading, setPositionGpsLoading] = useState(false)
+  const [positionGpsUnavailable, setPositionGpsUnavailable] = useState(false)
+  const [positionGpsErrorReason, setPositionGpsErrorReason] = useState<GeolocationErrorReason | null>(null)
+  const [positionGpsSignal, setPositionGpsSignal] = useState<{
+    quality: GpsSignalQuality
+    accuracyM: number | null
+  } | null>(null)
  const [photoCaption, setPhotoCaption] = useState('')
  const [photoSaving, setPhotoSaving] = useState(false)
  const [voiceCaption, setVoiceCaption] = useState('')
@@ -190,6 +235,51 @@ export default function LiveLogView({
  dateRef.current = date
  busyRef.current = busy

+  const getActiveCreatorId = useCallback(() => {
+    const activeUsername = localStorage.getItem('active_username')
+    return findActiveCreatorId(activeUsername, crewSnapshotsById, selectedSkipperId)
+  }, [crewSnapshotsById, selectedSkipperId])
+
+  const appendQuickEvent = useCallback((
+    logbookId: string,
+    entryId: string,
+    partialEvent: Partial<LogEventPayload>,
+    headerPatch?: { departure?: string; destination?: string }
+  ) => {
+    return apiAppendQuickEvent(
+      logbookId,
+      entryId,
+      { creatorId: getActiveCreatorId(), ...partialEvent },
+      headerPatch
+    )
+  }, [getActiveCreatorId])
+
+  const appendQuickEvents = useCallback((
+    logbookId: string,
+    entryId: string,
+    partialEvents: Partial<LogEventPayload>[]
+  ) => {
+    const creatorId = getActiveCreatorId()
+    const mapped = partialEvents.map((p) => ({ creatorId, ...p }))
+    return apiAppendQuickEvents(logbookId, entryId, mapped)
+  }, [getActiveCreatorId])
+
+  const appendTankRefill = useCallback((
+    logbookId: string,
+    entryId: string,
+    tank: 'fuel' | 'freshwater',
+    addLiters: number,
+    event: Partial<LogEventPayload>
+  ) => {
+    return apiAppendTankRefill(
+      logbookId,
+      entryId,
+      tank,
+      addLiters,
+      { creatorId: getActiveCreatorId(), ...event }
+    )
+  }, [getActiveCreatorId])
+
  const defaultSails = useMemo(
    () => (i18n.language === 'de'
      ? ['Großsegel', 'Genua', 'Fock', 'Spinnaker', 'Gennaker']
@@ -202,8 +292,8 @@ export default function LiveLogView({
  )
  const motorRunning = isMotorRunningFromEvents(events)
  const motorLabel = t('logs.motor_propulsion')
-  const hasPositionFix = useMemo(
-    () => (date ? getLatestPositionFix(events, date) != null : false),
+  const hasLoggedPosition = useMemo(
+    () => (date ? getLatestLoggedPosition(events, date) != null : false),
    [events, date]
  )
  const voiceMemoLookup = useEntryVoiceMemos(logbookId, entryId)
@@ -213,6 +303,8 @@ export default function LiveLogView({
    setDayOfTravel(String(loaded.data.dayOfTravel || ''))
    setDate(String(loaded.data.date || ''))
    setEvents(sortLogEventsByTime(entryEvents.map((e) => ({ ...e }))))
+    setCrewSnapshotsById((loaded.data.crewSnapshotsById as Record<string, any>) || {})
+    setSelectedSkipperId(typeof loaded.data.selectedSkipperId === 'string' ? loaded.data.selectedSkipperId : null)
  }, [])

  const refreshEntry = useCallback(async (id: string) => {
@@ -310,6 +402,56 @@ export default function LiveLogView({
    }
  }, [loading, entryId])

+  useEffect(() => {
+    if (loading || !entryId || !navigator.geolocation) return
+
+    let cancelled = false
+
+    void (async () => {
+      const permission = await queryGeolocationPermission()
+      if (cancelled) return
+
+      if (permission === 'granted') {
+        markGeolocationLiveIntroSeen()
+        setGeolocationAccessEpoch((n) => n + 1)
+        return
+      }
+
+      // Only ask when the browser has not granted location yet (state "prompt").
+      if (permission !== 'prompt' || hasSeenGeolocationLiveIntro()) return
+
+      const allow = await showConfirm(
+        t('logs.gps_live_intro_body'),
+        t('logs.gps_live_intro_title'),
+        t('logs.gps_live_intro_allow'),
+        t('logs.gps_live_intro_later')
+      )
+      markGeolocationLiveIntroSeen()
+      if (cancelled || !allow) return
+
+      try {
+        await getCurrentPosition({
+          timeoutMs: 15_000,
+          enableHighAccuracy: false,
+          maximumAge: 0
+        })
+        if (!cancelled) setGeolocationAccessEpoch((n) => n + 1)
+      } catch (err) {
+        const reason = getGeolocationErrorReason(err)
+        if (reason === 'permission_denied') {
+          await showAlert(
+            `${t('logs.gps_permission_denied')}\n\n${t('logs.gps_enable_in_settings_hint')}`,
+            t('logs.live_title')
+          )
+        }
+      }
+    })()
+
+    return () => {
+      cancelled = true
+    }
+  }, [loading, entryId, showAlert, showConfirm, t])
+
  useEffect(() => {
    streamEndRef.current?.scrollIntoView({ behavior: 'smooth' })
  }, [events.length])
@@ -358,7 +500,7 @@ export default function LiveLogView({
        })
        await refreshEntry(entryId)
      } catch {
-        // Best-effort; hint banner shows when no position fix exists yet.
+        // Best-effort; hint banner shows when no position has been logged yet.
      } finally {
        autoPositionBusyRef.current = false
      }
@@ -377,7 +519,7 @@ export default function LiveLogView({
      if (startTimer !== undefined) window.clearTimeout(startTimer)
      if (intervalRef !== undefined) window.clearInterval(intervalRef)
    }
-  }, [entryId, loading, logbookId, refreshEntry])
+  }, [entryId, loading, logbookId, refreshEntry, geolocationAccessEpoch])

  const runQuickAction = async (
    action: () => Promise<boolean | void>,
@@ -453,16 +595,26 @@ export default function LiveLogView({
    }, 'moor')
  }

-  const openFixModal = async () => {
-    setFixLat('')
-    setFixLng('')
-    setFixGpsUnavailable(false)
-    setFixGpsLoading(true)
-    setModal('fix')
+  const reportPositionGpsFailure = async (reason: GeolocationErrorReason) => {
+    setPositionGpsUnavailable(true)
+    setPositionGpsErrorReason(reason)
+    setPositionGpsSignal(null)
+    await showAlert(gpsFailureAlertBody(t, reason), t('logs.live_position'))
+  }
+
+  const openPositionModal = async () => {
+    setPositionLat('')
+    setPositionLng('')
+    setPositionGpsUnavailable(false)
+    setPositionGpsErrorReason(null)
+    setPositionGpsSignal(null)
+    setPositionGpsLoading(true)
+    setModal('position')
    try {
      const permission = await queryGeolocationPermission()
      if (permission !== 'granted') {
-        setFixGpsUnavailable(true)
+        const reason = permission === 'denied' ? 'permission_denied' : 'unavailable'
+        await reportPositionGpsFailure(reason)
        return
      }
      const coords = await getCurrentPosition({
@@ -470,26 +622,26 @@ export default function LiveLogView({
        enableHighAccuracy: false,
        maximumAge: 60_000
      })
-      setFixLat(coords.lat)
-      setFixLng(coords.lng)
-    } catch {
-      setFixGpsUnavailable(true)
+      setPositionLat(coords.lat)
+      setPositionLng(coords.lng)
+      setPositionGpsSignal({ quality: coords.signalQuality, accuracyM: coords.accuracyM })
+    } catch (err) {
+      await reportPositionGpsFailure(getGeolocationErrorReason(err))
    } finally {
-      setFixGpsLoading(false)
+      setPositionGpsLoading(false)
    }
  }

-  const retryFixGps = async () => {
-    setFixGpsLoading(true)
-    setFixGpsUnavailable(false)
+  const retryPositionGps = async () => {
+    setPositionGpsLoading(true)
+    setPositionGpsUnavailable(false)
+    setPositionGpsErrorReason(null)
+    setPositionGpsSignal(null)
    try {
      const permission = await queryGeolocationPermission()
      if (permission !== 'granted') {
-        setFixGpsUnavailable(true)
-        await showAlert(
-          `${t('logs.live_gps_error')}\n\n${t('logs.live_gps_start_hint')}`,
-          t('logs.live_fix')
-        )
+        const reason = permission === 'denied' ? 'permission_denied' : 'unavailable'
+        await reportPositionGpsFailure(reason)
        return
      }
      const coords = await getCurrentPosition({
@@ -497,23 +649,21 @@ export default function LiveLogView({
        enableHighAccuracy: false,
        maximumAge: 60_000
      })
-      setFixLat(coords.lat)
-      setFixLng(coords.lng)
-    } catch {
-      setFixGpsUnavailable(true)
-      await showAlert(
-        `${t('logs.live_gps_error')}\n\n${t('logs.live_gps_start_hint')}`,
-        t('logs.live_fix')
-      )
+      setPositionLat(coords.lat)
+      setPositionLng(coords.lng)
+      setPositionGpsUnavailable(false)
+      setPositionGpsSignal({ quality: coords.signalQuality, accuracyM: coords.accuracyM })
+    } catch (err) {
+      await reportPositionGpsFailure(getGeolocationErrorReason(err))
    } finally {
-      setFixGpsLoading(false)
+      setPositionGpsLoading(false)
    }
  }

-  const confirmFix = () => {
-    const coords = normalizeGpsCoordinates(fixLat, fixLng)
+  const confirmPosition = () => {
+    const coords = normalizeGpsCoordinates(positionLat, positionLng)
    if (!coords) {
-      void showAlert(t('logs.live_fix_invalid'), t('logs.live_fix'))
+      void showAlert(t('logs.live_position_invalid'), t('logs.live_position'))
      return
    }
    setModal('none')
@@ -522,9 +672,9 @@ export default function LiveLogView({
      await appendQuickEvent(logbookId, entryId, {
        gpsLat: coords.lat,
        gpsLng: coords.lng,
-        remarks: LIVE_EVENT_CODES.FIX
+        remarks: LIVE_EVENT_CODES.POSITION
      })
-    }, 'fix')
+    }, 'position')
  }

  const handleFetchOwmWeather = () => {
@@ -534,17 +684,17 @@ export default function LiveLogView({
      return
    }

-    const position = getLastPositionFixWithin(
+    const position = getLastLoggedPositionWithin(
      events,
      date,
      LIVE_LOG_WEATHER_POSITION_MAX_AGE_MS
    )
    if (!position) {
-      const latest = getLatestPositionFix(events, date)
+      const latest = getLatestLoggedPosition(events, date)
      void showAlert(
        latest
-          ? t('logs.live_weather_fix_stale')
-          : t('logs.live_weather_fix_required'),
+          ? t('logs.live_weather_position_stale')
+          : t('logs.live_weather_position_required'),
        t('logs.live_weather_owm_btn')
      )
      return
@@ -563,13 +713,27 @@ export default function LiveLogView({
            { analyticsSource: 'live_log' }
          )
        } catch (err) {
-          if (err instanceof WeatherApiError && err.code === 'OFFLINE') {
-            void showAlert(t('logs.weather_offline'), t('logs.live_weather_owm_btn'))
-            return
-          }
-          if (err instanceof WeatherApiError && err.code === 'NO_KEY') {
-            void showAlert(t('settings.no_key'), t('logs.live_weather_owm_btn'))
-            return
+          if (err instanceof WeatherApiError) {
+            if (err.code === 'OFFLINE') {
+              void showAlert(t('logs.weather_offline'), t('logs.live_weather_owm_btn'))
+              return
+            }
+            if (err.code === 'NO_KEY') {
+              void showAlert(t('settings.no_key'), t('logs.live_weather_owm_btn'))
+              return
+            }
+            if (err.code === 'UNAUTHORIZED') {
+              void showAlert(t('settings.weather_unauthorized'), t('logs.live_weather_owm_btn'))
+              return
+            }
+            if (err.code === 'NOT_FOUND') {
+              void showAlert(t('settings.weather_not_found'), t('logs.live_weather_owm_btn'))
+              return
+            }
+            if (err.code === 'BAD_REQUEST') {
+              void showAlert(t('settings.weather_bad_request'), t('logs.live_weather_owm_btn'))
+              return
+            }
          }
          console.error('Live log OWM weather failed:', err)
          void showAlert(t('settings.weather_error'), t('logs.live_weather_owm_btn'))
@@ -843,45 +1007,45 @@ export default function LiveLogView({
        break
      }
      case 'fuel': {
-        const liters = parseFloat(primary)
-        if (!Number.isFinite(liters) || liters <= 0) return
+        const liters = parseAppDecimal(primary)
+        if (liters == null || liters <= 0) return
        setModal('none')
        void runQuickAction(async () => {
          await appendTankRefill(logbookId, entryId, 'fuel', liters, {
-            remarks: liveFuelRemark(String(liters))
+            remarks: liveFuelRemark(formatTankLiters(liters))
          })
        }, 'fuel')
        break
      }
      case 'water': {
-        const liters = parseFloat(primary)
-        if (!Number.isFinite(liters) || liters <= 0) return
+        const liters = parseAppDecimal(primary)
+        if (liters == null || liters <= 0) return
        setModal('none')
        void runQuickAction(async () => {
          await appendTankRefill(logbookId, entryId, 'freshwater', liters, {
-            remarks: liveWaterRemark(String(liters))
+            remarks: liveWaterRemark(formatTankLiters(liters))
          })
        }, 'water')
        break
      }
      case 'sog': {
-        const speedKn = parseFloat(primary.replace(',', '.'))
-        if (!Number.isFinite(speedKn) || speedKn < 0) return
+        const speedKn = parseAppDecimal(primary)
+        if (speedKn == null || speedKn < 0) return
        setModal('none')
        void runQuickAction(async () => {
          await appendQuickEvent(logbookId, entryId, {
-            remarks: liveSogRemark(String(speedKn))
+            remarks: liveSogRemark(formatSpeedKn(speedKn))
          })
        }, 'sog')
        break
      }
      case 'stw': {
-        const speedKn = parseFloat(primary.replace(',', '.'))
-        if (!Number.isFinite(speedKn) || speedKn < 0) return
+        const speedKn = parseAppDecimal(primary)
+        if (speedKn == null || speedKn < 0) return
        setModal('none')
        void runQuickAction(async () => {
          await appendQuickEvent(logbookId, entryId, {
-            remarks: liveStwRemark(String(speedKn))
+            remarks: liveStwRemark(formatSpeedKn(speedKn))
          })
        }, 'stw')
        break
@@ -945,7 +1109,7 @@ export default function LiveLogView({

      {error && <div className="auth-error mb-4">{error}</div>}

-      {!hasPositionFix && (
+      {!hasLoggedPosition && (
        <p className="live-log-gps-hint" role="status">
          <MapPin size={16} aria-hidden />
          {t('logs.live_gps_start_hint')}
@@ -1036,9 +1200,9 @@ export default function LiveLogView({
            )}
          </div>

-          <button type="button" className="live-log-action-btn" onClick={() => void openFixModal()} disabled={busy}>
+          <button type="button" className="live-log-action-btn" onClick={() => void openPositionModal()} disabled={busy}>
            <MapPin size={18} />
-            {t('logs.live_fix')}
+            {t('logs.live_position')}
          </button>
          <button type="button" className="live-log-action-btn" onClick={() => { setCommentText(''); setModal('comment') }} disabled={busy}>
            <MessageSquare size={18} />
@@ -1070,6 +1234,11 @@ export default function LiveLogView({
                return (
                  <li key={`${event.time}-${index}`} className="live-log-entry">
                    <time className="live-log-time">{event.time}</time>
+                    <CreatorAvatar
+                      creatorId={event.creatorId}
+                      crewSnapshotsById={crewSnapshotsById}
+                      size={24}
+                    />
                    <div className="live-log-summary-block">
                      <span className="live-log-summary">{summary}</span>
                      {voiceId && (
@@ -1145,7 +1314,7 @@ export default function LiveLogView({
              </p>
            )}
            <div className="live-log-modal-actions">
-              <button type="button" className="btn secondary" onClick={closeModal}>{t('logs.confirm_no')}</button>
+              <button type="button" className="btn secondary" onClick={closeModal}>{t('logs.live_cancel')}</button>
              <button
                type="button"
                className="btn primary"
@@ -1161,68 +1330,79 @@ export default function LiveLogView({
        </div>
      )}

-      {modal === 'fix' && (
+      {modal === 'position' && (
        <div
          className="live-log-modal-backdrop"
          onClick={(e) => { if (e.target === e.currentTarget) closeModal() }}
        >
          <div className="live-log-modal" onClick={(e) => e.stopPropagation()}>
-            <h3>{t('logs.live_fix')}</h3>
-            {fixGpsUnavailable && (
+            <h3>{t('logs.live_position')}</h3>
+            {positionGpsUnavailable && (
              <>
-                <p className="live-log-modal-hint live-log-gps-hint-modal">{t('logs.live_gps_start_hint')}</p>
-                <p className="live-log-modal-hint">{t('logs.live_fix_manual_hint')}</p>
+                {positionGpsErrorReason && (
+                  <p className="live-log-modal-hint live-log-gps-error-modal" role="alert">
+                    {t(geolocationErrorI18nKey(positionGpsErrorReason))}
+                  </p>
+                )}
+                <p className="live-log-modal-hint">{t('logs.live_position_manual_hint')}</p>
              </>
            )}
-            <fieldset className="live-log-fix-coords" disabled={busy}>
-              <legend className="live-log-fix-label">{t('logs.event_gps')}</legend>
-              <div className="live-log-fix-coords-row">
-                <label className="live-log-fix-field">
-                  <span className="live-log-fix-field-label">{t('logs.live_fix_lat_placeholder')}</span>
+            <fieldset className="live-log-position-coords" disabled={busy}>
+              <legend className="live-log-position-label">{t('logs.event_gps')}</legend>
+              <div className="live-log-position-coords-row">
+                <label className="live-log-position-field">
+                  <span className="live-log-position-field-label">{t('logs.live_position_lat_placeholder')}</span>
                  <input
                    type="text"
                    inputMode="decimal"
                    className="input-text"
                    placeholder="54.123456"
-                    value={fixLat}
-                    onChange={(e) => setFixLat(e.target.value)}
+                    value={positionLat}
+                    onChange={(e) => { setPositionGpsSignal(null); setPositionLat(e.target.value) }}
                    autoFocus
                  />
                </label>
-                <label className="live-log-fix-field">
-                  <span className="live-log-fix-field-label">{t('logs.live_fix_lng_placeholder')}</span>
+                <label className="live-log-position-field">
+                  <span className="live-log-position-field-label">{t('logs.live_position_lng_placeholder')}</span>
                  <input
                    type="text"
                    inputMode="decimal"
                    className="input-text"
                    placeholder="10.654321"
-                    value={fixLng}
-                    onChange={(e) => setFixLng(e.target.value)}
-                    onKeyDown={(e) => { if (e.key === 'Enter') confirmFix() }}
+                    value={positionLng}
+                    onChange={(e) => { setPositionGpsSignal(null); setPositionLng(e.target.value) }}
+                    onKeyDown={(e) => { if (e.key === 'Enter') confirmPosition() }}
                  />
                </label>
              </div>
-              <div className="live-log-fix-gps-row">
+              {positionGpsSignal && (
+                <GpsSignalHint
+                  quality={positionGpsSignal.quality}
+                  accuracyM={positionGpsSignal.accuracyM}
+                  className="gps-signal-hint-modal"
+                />
+              )}
+              <div className="live-log-position-gps-row">
                <button
                  type="button"
-                  className="btn secondary live-log-fix-gps-btn"
-                  onClick={() => void retryFixGps()}
+                  className="btn secondary live-log-position-gps-btn"
+                  onClick={() => void retryPositionGps()}
                  title={t('logs.gps_btn')}
-                  disabled={fixGpsLoading}
+                  disabled={positionGpsLoading}
                  aria-label={t('logs.gps_btn')}
                >
                  <MapPin size={16} />
-                  <span>{fixGpsLoading ? t('logs.live_fix_gps_loading') : t('logs.gps_btn')}</span>
+                  <span>{positionGpsLoading ? t('logs.live_position_gps_loading') : t('logs.gps_btn')}</span>
                </button>
              </div>
            </fieldset>
            <div className="live-log-modal-actions">
-              <button type="button" className="btn secondary" onClick={closeModal}>{t('logs.confirm_no')}</button>
+              <button type="button" className="btn secondary" onClick={closeModal}>{t('logs.live_cancel')}</button>
              <button
                type="button"
                className="btn primary"
-                onClick={confirmFix}
-                disabled={busy || !normalizeGpsCoordinates(fixLat, fixLng)}
+                onClick={confirmPosition}
+                disabled={busy || !normalizeGpsCoordinates(positionLat, positionLng)}
              >
                {t('logs.live_sails_confirm')}
              </button>
@@ -1237,7 +1417,7 @@ export default function LiveLogView({
            <h3>{t('logs.live_comment_btn')}</h3>
            <input type="text" className="input-text" value={commentText} onChange={(e) => setCommentText(e.target.value)} placeholder={t('logs.live_comment_placeholder')} autoFocus onKeyDown={(e) => { if (e.key === 'Enter') confirmComment() }} />
            <div className="live-log-modal-actions">
-              <button type="button" className="btn secondary" onClick={() => setModal('none')}>{t('logs.confirm_no')}</button>
+              <button type="button" className="btn secondary" onClick={() => setModal('none')}>{t('logs.live_cancel')}</button>
              <button type="button" className="btn primary" onClick={confirmComment} disabled={!commentText.trim()}>{t('logs.live_comment_confirm')}</button>
            </div>
          </div>
@@ -1271,7 +1451,7 @@ export default function LiveLogView({
              />
            </div>
            <div className="live-log-modal-actions">
-              <button type="button" className="btn secondary" onClick={() => setModal('none')}>{t('logs.confirm_no')}</button>
+              <button type="button" className="btn secondary" onClick={() => setModal('none')}>{t('logs.live_cancel')}</button>
              <button type="button" className="btn primary" onClick={confirmValueModal}>{t('logs.live_sails_confirm')}</button>
            </div>
          </div>
@@ -1293,7 +1473,7 @@ export default function LiveLogView({
              />
            </div>
            <div className="live-log-modal-actions">
-              <button type="button" className="btn secondary" onClick={() => setModal('none')}>{t('logs.confirm_no')}</button>
+              <button type="button" className="btn secondary" onClick={() => setModal('none')}>{t('logs.live_cancel')}</button>
              <button type="button" className="btn primary" onClick={confirmValueModal}>{t('logs.live_sails_confirm')}</button>
            </div>
          </div>
@@ -1338,7 +1518,7 @@ export default function LiveLogView({
              onKeyDown={(e) => { if (e.key === 'Enter') confirmValueModal() }}
            />
            <div className="live-log-modal-actions">
-              <button type="button" className="btn secondary" onClick={() => setModal('none')}>{t('logs.confirm_no')}</button>
+              <button type="button" className="btn secondary" onClick={() => setModal('none')}>{t('logs.live_cancel')}</button>
              <button type="button" className="btn primary" onClick={confirmValueModal}>{t('logs.live_sails_confirm')}</button>
            </div>
          </div>
@@ -43,6 +43,53 @@ export default function LiveVoiceCapture({
  const [previewMime, setPreviewMime] = useState('audio/webm')
  const [previewDurationSec, setPreviewDurationSec] = useState(0)
  const [saving, setSaving] = useState(false)
+  const log = useCallback((msg: string) => {
+    console.log(`[VoiceDebug] ${msg}`)
+  }, [])
+
+  const previewAudioRef = useRef<HTMLAudioElement | null>(null)
+
+  useEffect(() => {
+    const el = previewAudioRef.current
+    if (!el) {
+      log('previewAudioRef is null')
+      return
+    }
+
+    log('Preview audio player loaded. readyState=' + el.readyState + ', duration=' + el.duration + ', src=' + el.src)
+
+    const handleLoadedMetadata = () => {
+      log('loadedmetadata event fired. readyState=' + el.readyState + ', duration=' + el.duration)
+      if (el.duration === Infinity || isNaN(el.duration) || el.duration === 0) {
+        log('Duration correction hack triggered (duration=' + el.duration + '). Seeking to 1e10...')
+        el.currentTime = 1e10
+        const onTimeUpdate = () => {
+          log('timeupdate event. currentTime=' + el.currentTime + ', duration=' + el.duration)
+          el.currentTime = 0
+          el.removeEventListener('timeupdate', onTimeUpdate)
+          log('currentTime reset to 0. Final duration=' + el.duration)
+        }
+        el.addEventListener('timeupdate', onTimeUpdate)
+      } else {
+        log('Duration correction skipped (duration is valid)')
+      }
+    }
+
+    if (el.readyState >= 1) {
+      log('readyState >= 1. Executing hack immediately...')
+      handleLoadedMetadata()
+    } else {
+      log('readyState = 0. Adding loadedmetadata event listener...')
+      el.addEventListener('loadedmetadata', handleLoadedMetadata)
+    }
+
+    log('Calling el.load() to force loading of the media resource...')
+    el.load()
+
+    return () => {
+      el.removeEventListener('loadedmetadata', handleLoadedMetadata)
+    }
+  }, [previewUrl, log])

  const stopStream = useCallback(() => {
    for (const track of streamRef.current?.getTracks() ?? []) {
@@ -110,24 +157,51 @@ export default function LiveVoiceCapture({
    if (!recorder || recorder.state !== 'recording') return
    recorder.stop()
    clearTimer()
-    stopStream()
-  }, [clearTimer, stopStream])
+  }, [clearTimer])

  const startRecording = async () => {
    setMicError(null)
    chunksRef.current = []
+    log('startRecording flow triggered')
+    if (!navigator.mediaDevices?.getUserMedia) {
+      log('navigator.mediaDevices.getUserMedia is unavailable')
+      setMicError(t('logs.live_voice_mic_denied'))
+      return
+    }
    try {
+      log('Requesting getUserMedia audio stream...')
      const stream = await navigator.mediaDevices.getUserMedia({ audio: true })
      streamRef.current = stream
+      log('Stream obtained successfully. active=' + stream.active)
+      stream.getTracks().forEach((track, i) => {
+        log(`Track ${i}: label="${track.label}" enabled=${track.enabled} readyState=${track.readyState} muted=${track.muted}`)
+      })
+
      const mimeType = pickMediaRecorderMimeType()
+      log('MIME type candidates support check:')
+      const MIME_CANDIDATES = [
+        'audio/webm;codecs=opus',
+        'audio/webm',
+        'audio/mp4',
+        'audio/ogg;codecs=opus'
+      ]
+      MIME_CANDIDATES.forEach(mime => {
+        log(` - ${mime}: ${MediaRecorder.isTypeSupported(mime) ? 'SUPPORTED' : 'UNSUPPORTED'}`)
+      })
+      log('Selected MIME from picker: ' + mimeType)
+
      const recorder = mimeType
        ? new MediaRecorder(stream, { mimeType })
        : new MediaRecorder(stream)
      mediaRecorderRef.current = recorder
      const resolvedMime = recorder.mimeType || mimeType || 'audio/webm'
+      log('MediaRecorder created. Resolved mime=' + resolvedMime)

      recorder.ondataavailable = (ev) => {
-        if (ev.data.size > 0) chunksRef.current.push(ev.data)
+        log(`ondataavailable event: data size=${ev.data?.size} bytes`)
+        if (ev.data && ev.data.size > 0) {
+          chunksRef.current.push(ev.data)
+        }
      }

      recorder.onstop = () => {
@@ -135,44 +209,67 @@ export default function LiveVoiceCapture({
          VOICE_MEMO_MAX_DURATION_SEC,
          Math.max(1, Math.round((Date.now() - startedAtRef.current) / 1000))
        )
-        const blob = new Blob(chunksRef.current, { type: resolvedMime })
-        chunksRef.current = []
-        try {
-          assertVoiceMemoBlobSize(blob)
-          finishRecording(blob, resolvedMime, durationSec)
-        } catch {
-          setMicError(t('logs.live_voice_too_large'))
-          setPhase('idle')
-        }
+        log(`onstop triggered. durationSec=${durationSec}. Wrapping in 50ms timeout...`)
+        setTimeout(() => {
+          log(`Creating Blob from ${chunksRef.current.length} chunks. Resolved mime=${resolvedMime}`)
+          const totalChunksSize = chunksRef.current.reduce((acc, chunk) => acc + chunk.size, 0)
+          log(`Total raw chunks size: ${totalChunksSize} bytes`)
+          const blob = new Blob(chunksRef.current, { type: resolvedMime })
+          chunksRef.current = []
+          stopStream()
+          log(`Blob finalized: size=${blob.size} bytes, type=${blob.type}`)
+          try {
+            assertVoiceMemoBlobSize(blob)
+            log('Blob size assertion passed. Calling finishRecording...')
+            finishRecording(blob, resolvedMime, durationSec)
+          } catch (err) {
+            log('Blob size assertion failed (too large)')
+            setMicError(t('logs.live_voice_too_large'))
+            setPhase('idle')
+          }
+        }, 50)
      }

-      recorder.onerror = () => {
+      recorder.onerror = (ev) => {
+        log('MediaRecorder onerror triggered: ' + JSON.stringify(ev))
        setMicError(t('logs.live_voice_record_failed'))
        resetAll()
      }

      startedAtRef.current = Date.now()
-      recorder.start(200)
+      log('Calling recorder.start()...')
+      recorder.start()
+      log('recorder.start() called. State=' + recorder.state)
      setPhase('recording')
      setElapsedSec(0)
      timerRef.current = window.setInterval(() => {
        const sec = Math.floor((Date.now() - startedAtRef.current) / 1000)
        setElapsedSec(sec)
        if (sec >= VOICE_MEMO_MAX_DURATION_SEC) {
+          log('Max duration reached. Stopping recording...')
          stopRecording()
        }
      }, 250)
-    } catch {
+    } catch (err: any) {
+      log('Error in startRecording try-catch block: ' + (err instanceof Error ? err.stack || err.message : String(err)))
      setMicError(t('logs.live_voice_mic_denied'))
      stopStream()
    }
  }

  const handleSave = async () => {
-    if (!previewBlob || saving || busy) return
+    if (!previewBlob || saving || busy) {
+      log('handleSave ignored. previewBlob=' + (previewBlob ? 'PRESENT' : 'NULL') + ' saving=' + saving + ' busy=' + busy)
+      return
+    }
+    log('handleSave triggered. Saving blob size=' + previewBlob.size + ' mime=' + previewMime + ' duration=' + previewDurationSec)
    setSaving(true)
    try {
-      onSave(previewBlob, previewMime, previewDurationSec)
+      log('Invoking onSave callback...')
+      await onSave(previewBlob, previewMime, previewDurationSec)
+      log('onSave callback successfully finished!')
+    } catch (err: any) {
+      log('Error during onSave execution: ' + (err instanceof Error ? err.stack || err.message : String(err)))
    } finally {
      setSaving(false)
    }
@@ -195,7 +292,7 @@ export default function LiveVoiceCapture({
            className="btn-icon"
            onClick={onClose}
            disabled={busy || saving || phase === 'recording'}
-            aria-label={t('logs.confirm_no')}
+            aria-label={t('logs.live_cancel')}
          >
            <X size={18} />
          </button>
@@ -237,7 +334,7 @@ export default function LiveVoiceCapture({

        {phase === 'preview' && previewUrl && (
          <>
-            <audio className="voice-memo-player" controls src={previewUrl} preload="auto" />
+            <audio ref={previewAudioRef} className="voice-memo-player" controls src={previewUrl} preload="auto" />
            {onCaptionChange && (
              <label className="live-voice-caption-field">
                <span>{t('logs.live_voice_caption_label')}</span>
@@ -274,6 +371,8 @@ export default function LiveVoiceCapture({
            </div>
          </>
        )}
+
+
      </div>
    </div>
  )
@@ -9,7 +9,8 @@ import { downloadCsv, shareCsv } from '../services/csvExport.js'
 import { downloadLogbookPagePdf } from '../services/pdfExport.js'
 import { PlausibleEvents, trackPlausibleEvent } from '../services/analytics.js'
 import { getErrorMessage } from '../utils/errors.js'
-import { findTodayEntryId, tryDecryptEntryPayload } from '../services/quickEventLog.js'
+import { findTodayEntryId, pruneEmptyTodayDuplicates, tryDecryptEntryPayload } from '../services/quickEventLog.js'
+import { localDateString } from '../utils/logEntryPayload.js'
 import LogEntryEditor from './LogEntryEditor.tsx'
 import LiveLogView from './LiveLogView.tsx'
 import EntrySkipperSignBadge from './EntrySkipperSignBadge.tsx'
@@ -123,6 +124,11 @@ export default function LogEntriesList({
      const masterKey = await getLogbookKey(logbookId) || getActiveMasterKey()
      if (!masterKey) throw new Error('Encryption key not found. Please log in.')

+      const todayEntryId = await findTodayEntryId(logbookId)
+      if (todayEntryId) {
+        await pruneEmptyTodayDuplicates(logbookId, todayEntryId)
+      }
+
      const local = await db.entries.where({ logbookId }).toArray()

      const list: DecryptedEntryItem[] = []
@@ -300,7 +306,7 @@ export default function LogEntriesList({

      const localId = window.crypto.randomUUID()
      const nowStr = new Date().toISOString()
-      const todayStr = nowStr.substring(0, 10)
+      const todayStr = localDateString()

      const { loadDefaultEntryCrewForNewDay } = await import('./EntryCrewSection.js')
      const entryCrew = await loadDefaultEntryCrewForNewDay(
@@ -11,6 +11,7 @@ import { downloadLogbookPagePdf } from '../services/pdfExport.js'
 import { FileText, Save, ChevronLeft, Check, Compass, Plus, Trash2, MapPin, CloudSun, Clock, Download, Upload, Pencil, X, ChevronDown, ChevronUp, Sparkles } from 'lucide-react'
 import PhotoCapture from './PhotoCapture.tsx'
 import EventRemarksCell from './EventRemarksCell.tsx'
+import CreatorAvatar from './CreatorAvatar.tsx'
 import { useEntryVoiceMemos } from '../hooks/useEntryVoiceMemos.js'
 import { parseLiveVoiceRemark } from '../utils/liveEventCodes.js'
 import { deleteEntryVoiceMemo } from '../services/voiceAttachments.js'
@@ -67,6 +68,14 @@ import {
 } from '../services/nmeaArchive.js'
 import { computeTrackStats, formatTrackStats } from '../utils/trackStats.js'
 import { computeFuelPerMotorHour, formatFuelPerMotorHour } from '../utils/fuelStats.js'
+import GpsSignalHint from './GpsSignalHint.tsx'
+import {
+  geolocationErrorI18nKey,
+  getCurrentPosition,
+  getGeolocationErrorReason,
+  queryGeolocationPermission,
+  type GpsSignalQuality
+} from '../utils/geolocation.js'
 import { useRegisterUnsavedChanges } from '../context/UnsavedChangesContext.tsx'
 import TankLiterInput from './TankLiterInput.tsx'
 import MetricRangeInput from './MetricRangeInput.tsx'
@@ -95,6 +104,17 @@ import {
  formatTankLitersForInput,
  type VesselTankCapacities
 } from '../utils/tankCapacity.js'
+import {
+  formatAppCoordinate,
+  parseAppDecimal,
+  parseAppDecimalOrZero
+} from '../utils/numberFormat.js'
+
+function parseOptionalFormDecimal(input: string): number | undefined {
+  const trimmed = input.trim()
+  if (!trimmed) return undefined
+  return parseAppDecimal(trimmed) ?? undefined
+}

 function emptyTankLevels() {
  return { morning: 0, refilled: 0, evening: 0, consumption: 0 }
@@ -129,19 +149,19 @@ function fingerprintFromStoredEntry(decrypted: Record<string, unknown>): string
    greywater: gw ? { level: gw.level || 0 } : undefined,
    trackDistanceNm:
      trackDistance != null && trackDistance !== ''
-        ? parseFloat(String(trackDistance))
+        ? (parseAppDecimal(String(trackDistance)) ?? undefined)
        : undefined,
    trackSpeedMaxKn:
      trackSpeedMax != null && trackSpeedMax !== ''
-        ? parseFloat(String(trackSpeedMax))
+        ? (parseAppDecimal(String(trackSpeedMax)) ?? undefined)
        : undefined,
    trackSpeedAvgKn:
      trackSpeedAvg != null && trackSpeedAvg !== ''
-        ? parseFloat(String(trackSpeedAvg))
+        ? (parseAppDecimal(String(trackSpeedAvg)) ?? undefined)
        : undefined,
    motorHours:
      motorHoursRaw != null && motorHoursRaw !== ''
-        ? parseFloat(String(motorHoursRaw))
+        ? (parseAppDecimal(String(motorHoursRaw)) ?? undefined)
        : undefined,
    events: (decrypted.events as LogEventPayload[]) || [],
    entryCrew: entryCrewFromPreviousEntry(decrypted as Record<string, unknown>)
@@ -154,6 +174,24 @@ function fingerprintFromStoredEntry(decrypted: Record<string, unknown>): string
  })
 }

+function findActiveCreatorId(
+  activeUsername: string | null,
+  crewSnapshotsById: Record<string, any>,
+  selectedSkipperId: string | null
+): string {
+  const username = (activeUsername || '').trim()
+  if (username) {
+    const matchEntry = Object.entries(crewSnapshotsById).find(
+      ([_, snap]) => (snap?.name || '').trim().toLowerCase() === username.toLowerCase()
+    )
+    if (matchEntry) {
+      return matchEntry[0]
+    }
+    return username
+  }
+  return selectedSkipperId || 'skipper'
+}
+
 interface LogEntryEditorProps {
  entryId: string
  logbookId: string
@@ -263,6 +301,10 @@ export default function LogEntryEditor({
  const [success, setSuccess] = useState(false)
  const [error, setError] = useState<string | null>(null)
  const [weatherLoading, setWeatherLoading] = useState(false)
+  const [gpsSignal, setGpsSignal] = useState<{
+    quality: GpsSignalQuality
+    accuracyM: number | null
+  } | null>(null)
  const [savedFingerprint, setSavedFingerprint] = useState<string | null>(null)

  // Track file upload
@@ -312,22 +354,22 @@ export default function LogEntryEditor({
      departure,
      destination,
      freshwater: {
-        morning: parseFloat(fwMorning) || 0,
-        refilled: parseFloat(fwRefilled) || 0,
-        evening: parseFloat(fwEvening) || 0,
-        consumption: parseFloat(fwConsumption) || 0
+        morning: parseAppDecimalOrZero(fwMorning),
+        refilled: parseAppDecimalOrZero(fwRefilled),
+        evening: parseAppDecimalOrZero(fwEvening),
+        consumption: parseAppDecimalOrZero(fwConsumption)
      },
      fuel: {
-        morning: parseFloat(fuelMorning) || 0,
-        refilled: parseFloat(fuelRefilled) || 0,
-        evening: parseFloat(fuelEvening) || 0,
-        consumption: parseFloat(fuelConsumption) || 0
+        morning: parseAppDecimalOrZero(fuelMorning),
+        refilled: parseAppDecimalOrZero(fuelRefilled),
+        evening: parseAppDecimalOrZero(fuelEvening),
+        consumption: parseAppDecimalOrZero(fuelConsumption)
      },
-      greywater: { level: parseFloat(greywaterLevel) || 0 },
-      trackDistanceNm: trackDistanceNm.trim() ? parseFloat(trackDistanceNm) : undefined,
-      trackSpeedMaxKn: trackSpeedMaxKn.trim() ? parseFloat(trackSpeedMaxKn) : undefined,
-      trackSpeedAvgKn: trackSpeedAvgKn.trim() ? parseFloat(trackSpeedAvgKn) : undefined,
-      motorHours: motorHours.trim() ? parseFloat(motorHours) : undefined,
+      greywater: { level: parseAppDecimalOrZero(greywaterLevel) },
+      trackDistanceNm: parseOptionalFormDecimal(trackDistanceNm),
+      trackSpeedMaxKn: parseOptionalFormDecimal(trackSpeedMaxKn),
+      trackSpeedAvgKn: parseOptionalFormDecimal(trackSpeedAvgKn),
+      motorHours: parseOptionalFormDecimal(motorHours),
      events: eventsOverride ?? events,
      entryCrew
    })
@@ -350,7 +392,7 @@ export default function LogEntryEditor({
  }, [readOnly, loading, logbookId, entryId, buildPayloadForSigning, date])

  const fuelPerMotorHour = useMemo(
-    () => computeFuelPerMotorHour(parseFloat(fuelConsumption) || 0, parseFloat(motorHours) || 0),
+    () => computeFuelPerMotorHour(parseAppDecimalOrZero(fuelConsumption), parseAppDecimalOrZero(motorHours)),
    [fuelConsumption, motorHours]
  )

@@ -395,8 +437,17 @@ export default function LogEntryEditor({
    })
  }, [buildPayloadForSigning, signSkipper, signCrew])

-  const buildEventFromForm = (): LogEvent =>
-    normalizeLogEvent({
+  const buildEventFromForm = (): LogEvent => {
+    let creatorId: string | undefined = undefined
+    if (editingEventIndex !== null && events[editingEventIndex]) {
+      creatorId = events[editingEventIndex].creatorId
+    }
+    if (!creatorId) {
+      const activeUsername = localStorage.getItem('active_username')
+      creatorId = findActiveCreatorId(activeUsername, entryCrew.crewSnapshotsById, entryCrew.selectedSkipperId)
+    }
+
+    return normalizeLogEvent({
      time: evTime,
      mgk: evMgk,
      rwk: evRwk,
@@ -413,8 +464,10 @@ export default function LogEntryEditor({
      distance: evDistance,
      gpsLat: evGpsLat,
      gpsLng: evGpsLng,
-      remarks: evRemarks
+      remarks: evRemarks,
+      creatorId
    })
+  }

  const applyEventFormToEvents = (eventData: LogEvent): LogEvent[] => {
    if (editingEventIndex !== null) {
@@ -686,18 +739,18 @@ export default function LogEntryEditor({

  // Auto-calculate Freshwater Consumption
  useEffect(() => {
-    const morning = parseFloat(fwMorning) || 0
-    const refilled = parseFloat(fwRefilled) || 0
-    const evening = parseFloat(fwEvening) || 0
+    const morning = parseAppDecimalOrZero(fwMorning)
+    const refilled = parseAppDecimalOrZero(fwRefilled)
+    const evening = parseAppDecimalOrZero(fwEvening)
    const cons = morning + refilled - evening
    setFwConsumption(cons >= 0 ? String(cons) : '0')
  }, [fwMorning, fwRefilled, fwEvening])

  // Auto-calculate Fuel Consumption
  useEffect(() => {
-    const morning = parseFloat(fuelMorning) || 0
-    const refilled = parseFloat(fuelRefilled) || 0
-    const evening = parseFloat(fuelEvening) || 0
+    const morning = parseAppDecimalOrZero(fuelMorning)
+    const refilled = parseAppDecimalOrZero(fuelRefilled)
+    const evening = parseAppDecimalOrZero(fuelEvening)
    const cons = morning + refilled - evening
    setFuelConsumption(cons >= 0 ? String(cons) : '0')
  }, [fuelMorning, fuelRefilled, fuelEvening])
@@ -708,7 +761,7 @@ export default function LogEntryEditor({
    (tankCapacities.fuelCapacityL ?? 0) > 0 && fuelRefilledMax == null

  useEffect(() => {
-    const refilled = parseFloat(fwRefilled) || 0
+    const refilled = parseAppDecimalOrZero(fwRefilled)
    if (fwRefilledMax == null) {
      if (fwRefilledNoCapacity && refilled > 0) {
        setFwRefilled(formatTankLitersForInput(0))
@@ -722,14 +775,14 @@ export default function LogEntryEditor({

  useEffect(() => {
    if (fwEveningMax == null) return
-    const evening = parseFloat(fwEvening) || 0
+    const evening = parseAppDecimalOrZero(fwEvening)
    if (evening > fwEveningMax) {
      setFwEvening(formatTankLitersForInput(fwEveningMax))
    }
  }, [fwEveningMax, fwEvening])

  useEffect(() => {
-    const refilled = parseFloat(fuelRefilled) || 0
+    const refilled = parseAppDecimalOrZero(fuelRefilled)
    if (fuelRefilledMax == null) {
      if (fuelRefilledNoCapacity && refilled > 0) {
        setFuelRefilled(formatTankLitersForInput(0))
@@ -743,7 +796,7 @@ export default function LogEntryEditor({

  useEffect(() => {
    if (fuelEveningMax == null) return
-    const evening = parseFloat(fuelEvening) || 0
+    const evening = parseAppDecimalOrZero(fuelEvening)
    if (evening > fuelEveningMax) {
      setFuelEvening(formatTankLitersForInput(fuelEveningMax))
    }
@@ -1006,12 +1059,16 @@ export default function LogEntryEditor({
    }
  }

-  const handleGetGps = () => {
+  const clearGpsSignal = () => setGpsSignal(null)
+
+  const handleGetGps = async () => {
    if (readOnly) return
+
    const lookupFallback = async () => {
+      clearGpsSignal()
      const locationQuery = evLocationName.trim() || departure.trim() || destination.trim()
      if (!locationQuery) {
-        showAlert('GPS capturing failed, and no location name is entered in "Ort / Hafen" or "Start-Hafen" to look up coordinates.')
+        showAlert(t('logs.gps_fallback_no_location'))
        return
      }
      if (!isOnline) {
@@ -1026,9 +1083,11 @@ export default function LogEntryEditor({
        )
        const coord = data.coord as { lat?: number; lon?: number } | undefined
        if (coord?.lat !== undefined && coord?.lon !== undefined) {
-          setEvGpsLat(Number(coord.lat).toFixed(6))
-          setEvGpsLng(Number(coord.lon).toFixed(6))
-          showAlert(`Coordinates loaded for "${locationQuery}" via OpenWeatherMap.`)
+          setEvGpsLat(formatAppCoordinate(Number(coord.lat)))
+          setEvGpsLng(formatAppCoordinate(Number(coord.lon)))
+          showAlert(t('logs.gps_fallback_success', { location: locationQuery }))
+        } else {
+          showAlert(t('logs.gps_fallback_failed'))
        }
      } catch (e) {
        if (e instanceof WeatherApiError && e.code === 'OFFLINE') {
@@ -1039,25 +1098,37 @@ export default function LogEntryEditor({
          showAlert(t('settings.no_key'))
          return
        }
-        showAlert('Failed to retrieve GPS location or look up coordinates by location name.')
+        showAlert(t('logs.gps_fallback_failed'))
      }
    }

-    if (!navigator.geolocation) {
-      lookupFallback()
-      return
-    }
-
-    navigator.geolocation.getCurrentPosition(
-      (pos) => {
-        setEvGpsLat(pos.coords.latitude.toFixed(6))
-        setEvGpsLng(pos.coords.longitude.toFixed(6))
-      },
-      (err) => {
-        console.warn('GPS capturing failed, trying fallback:', err)
-        lookupFallback()
+    try {
+      const permission = await queryGeolocationPermission()
+      if (permission === 'denied' || permission === 'unsupported') {
+        const reason = permission === 'denied' ? 'permission_denied' : 'unavailable'
+        showAlert(
+          `${t(geolocationErrorI18nKey(reason))}\n\n${t('logs.live_position_manual_hint')}`
+        )
+        await lookupFallback()
+        return
      }
-    )
+
+      const coords = await getCurrentPosition({
+        timeoutMs: 15_000,
+        enableHighAccuracy: false,
+        maximumAge: 60_000
+      })
+      setEvGpsLat(coords.lat)
+      setEvGpsLng(coords.lng)
+      setGpsSignal({ quality: coords.signalQuality, accuracyM: coords.accuracyM })
+    } catch (err) {
+      console.warn('GPS capture failed:', err)
+      const reason = getGeolocationErrorReason(err)
+      showAlert(
+        `${t(geolocationErrorI18nKey(reason))}\n\n${t('logs.live_position_manual_hint')}`
+      )
+      await lookupFallback()
+    }
  }

  const handleFetchWeather = async () => {
@@ -1094,8 +1165,8 @@ export default function LogEntryEditor({
      const coord = data.coord as { lat?: number; lon?: number } | undefined
      // If fetched by location, automatically pre-fill GPS coordinates
      if (!hasGps && coord?.lat !== undefined && coord?.lon !== undefined) {
-        setEvGpsLat(Number(coord.lat).toFixed(6))
-        setEvGpsLng(Number(coord.lon).toFixed(6))
+        setEvGpsLat(formatAppCoordinate(Number(coord.lat)))
+        setEvGpsLng(formatAppCoordinate(Number(coord.lon)))
      }

      const parsed = parseOwmCurrentWeather(data)
@@ -1107,13 +1178,27 @@ export default function LogEntryEditor({

      showAlert(t('settings.weather_success'))
    } catch (err) {
-      if (err instanceof WeatherApiError && err.code === 'OFFLINE') {
-        showAlert(t('logs.weather_offline'))
-        return
-      }
-      if (err instanceof WeatherApiError && err.code === 'NO_KEY') {
-        showAlert(t('settings.no_key'))
-        return
+      if (err instanceof WeatherApiError) {
+        if (err.code === 'OFFLINE') {
+          showAlert(t('logs.weather_offline'))
+          return
+        }
+        if (err.code === 'NO_KEY') {
+          showAlert(t('settings.no_key'))
+          return
+        }
+        if (err.code === 'UNAUTHORIZED') {
+          showAlert(t('settings.weather_unauthorized'))
+          return
+        }
+        if (err.code === 'NOT_FOUND') {
+          showAlert(t('settings.weather_not_found'))
+          return
+        }
+        if (err.code === 'BAD_REQUEST') {
+          showAlert(t('settings.weather_bad_request'))
+          return
+        }
      }
      console.error('Weather prefilling failed:', err)
      showAlert(t('settings.weather_error'))
@@ -1142,23 +1227,23 @@ export default function LogEntryEditor({
          dayOfTravel,
          departure,
          destination,
-          trackDistanceNm: trackDistanceNm.trim() ? parseFloat(trackDistanceNm) : undefined,
-          trackSpeedMaxKn: trackSpeedMaxKn.trim() ? parseFloat(trackSpeedMaxKn) : undefined,
-          trackSpeedAvgKn: trackSpeedAvgKn.trim() ? parseFloat(trackSpeedAvgKn) : undefined,
-          motorHours: motorHours.trim() ? parseFloat(motorHours) : undefined,
+          trackDistanceNm: parseOptionalFormDecimal(trackDistanceNm),
+          trackSpeedMaxKn: parseOptionalFormDecimal(trackSpeedMaxKn),
+          trackSpeedAvgKn: parseOptionalFormDecimal(trackSpeedAvgKn),
+          motorHours: parseOptionalFormDecimal(motorHours),
          freshwater: {
-            morning: parseFloat(fwMorning) || 0,
-            refilled: parseFloat(fwRefilled) || 0,
-            evening: parseFloat(fwEvening) || 0,
-            consumption: parseFloat(fwConsumption) || 0
+            morning: parseAppDecimalOrZero(fwMorning),
+            refilled: parseAppDecimalOrZero(fwRefilled),
+            evening: parseAppDecimalOrZero(fwEvening),
+            consumption: parseAppDecimalOrZero(fwConsumption)
          },
          fuel: {
-            morning: parseFloat(fuelMorning) || 0,
-            refilled: parseFloat(fuelRefilled) || 0,
-            evening: parseFloat(fuelEvening) || 0,
-            consumption: parseFloat(fuelConsumption) || 0
+            morning: parseAppDecimalOrZero(fuelMorning),
+            refilled: parseAppDecimalOrZero(fuelRefilled),
+            evening: parseAppDecimalOrZero(fuelEvening),
+            consumption: parseAppDecimalOrZero(fuelConsumption)
          },
-          greywaterLevel: parseFloat(greywaterLevel) || 0,
+          greywaterLevel: parseAppDecimalOrZero(greywaterLevel),
          events
        },
        t
@@ -1774,6 +1859,7 @@ export default function LogEntryEditor({
                <thead>
                  <tr>
                    <th>{t('logs.event_time')}</th>
+                    <th>{t('logs.event_creator')}</th>
                    <th>{t('logs.event_mgk')}</th>
                    <th>{t('logs.event_rwk')}</th>
                    <th>{t('logs.event_wind_direction')}</th>
@@ -1790,6 +1876,13 @@ export default function LogEntryEditor({
                  {events.map((ev, idx) => (
                    <tr key={idx}>
                      <td className="font-mono">{ev.time}</td>
+                      <td style={{ textAlign: 'center', width: '40px', verticalAlign: 'middle' }}>
+                        <CreatorAvatar
+                          creatorId={ev.creatorId}
+                          crewSnapshotsById={entryCrew.crewSnapshotsById}
+                          size={24}
+                        />
+                      </td>
                      <td>{ev.mgk ? `${ev.mgk}°` : '—'}</td>
                      <td>{ev.rwk ? `${ev.rwk}°` : '—'}</td>
                      <td>{ev.windDirection || '—'}</td>
@@ -1820,23 +1913,25 @@ export default function LogEntryEditor({
                      </td>
                      {!readOnly && (
                        <td className="events-actions-td">
-                          <button
-                            type="button"
-                            className="btn-icon"
-                            onClick={() => handleEditEvent(idx)}
-                            title={t('logs.edit_event')}
-                            disabled={editingEventIndex !== null && editingEventIndex !== idx}
-                          >
-                            <Pencil size={14} />
-                          </button>
-                          <button
-                            type="button"
-                            className="btn-icon logout"
-                            onClick={() => handleDeleteEvent(idx)}
-                            title={t('logs.delete_event')}
-                          >
-                            <Trash2 size={14} />
-                          </button>
+                          <div className="events-actions-cell">
+                            <button
+                              type="button"
+                              className="btn-icon"
+                              onClick={() => handleEditEvent(idx)}
+                              title={t('logs.edit_event')}
+                              disabled={editingEventIndex !== null && editingEventIndex !== idx}
+                            >
+                              <Pencil size={14} />
+                            </button>
+                            <button
+                              type="button"
+                              className="btn-icon danger"
+                              onClick={() => handleDeleteEvent(idx)}
+                              title={t('logs.delete_event')}
+                            >
+                              <Trash2 size={14} />
+                            </button>
+                          </div>
                        </td>
                      )}
                    </tr>
@@ -1936,7 +2031,7 @@ export default function LogEntryEditor({
                    placeholder="Lat"
                    className="input-text"
                    value={evGpsLat}
-                    onChange={(e) => setEvGpsLat(e.target.value)}
+                    onChange={(e) => { clearGpsSignal(); setEvGpsLat(e.target.value) }}
                    disabled={saving}
                  />
                  <input
@@ -1944,13 +2039,13 @@ export default function LogEntryEditor({
                    placeholder="Lng"
                    className="input-text"
                    value={evGpsLng}
-                    onChange={(e) => setEvGpsLng(e.target.value)}
+                    onChange={(e) => { clearGpsSignal(); setEvGpsLng(e.target.value) }}
                    disabled={saving}
                  />
                  <button
                    type="button"
                    className="btn secondary"
-                    onClick={handleGetGps}
+                    onClick={() => void handleGetGps()}
                    title={t('logs.gps_btn')}
                    style={{ width: 'auto', padding: '12px' }}
                    disabled={saving}
@@ -1973,6 +2068,13 @@ export default function LogEntryEditor({
                    <CloudSun size={16} />
                  </button>
                </div>
+                {gpsSignal && (
+                  <GpsSignalHint
+                    quality={gpsSignal.quality}
+                    accuracyM={gpsSignal.accuracyM}
+                    className="gps-signal-hint-editor"
+                  />
+                )}
              </div>
            </div>

@@ -2260,9 +2362,8 @@ export default function LogEntryEditor({
                  {!readOnly && (
                    <button
                      type="button"
-                      className="btn secondary"
+                      className="btn danger btn-sm btn-inline-icon"
                      onClick={handleDeleteTrack}
-                      style={{ width: 'auto', padding: '6px 12px', fontSize: '13px', display: 'flex', alignItems: 'center', gap: '4px', background: 'rgba(239, 68, 68, 0.1)', color: '#ef4444', borderColor: 'rgba(239, 68, 68, 0.2)' }}
                      title={t('logs.gps_track_delete')}
                    >
                      <Trash2 size={14} />
@@ -2295,7 +2396,11 @@ export default function LogEntryEditor({
                  <button type="button" className="btn secondary" style={{ width: 'auto', padding: '4px 10px', fontSize: '13px' }} onClick={() => downloadNmeaArchive(nmeaArchive)}>
                    <Download size={14} />
                  </button>
-                  <button type="button" className="btn secondary" style={{ width: 'auto', padding: '4px 10px', fontSize: '13px' }} onClick={handleDeleteNmeaArchive}>
+                  <button
+                    type="button"
+                    className="btn danger btn-sm btn-inline-icon"
+                    onClick={handleDeleteNmeaArchive}
+                  >
                    <Trash2 size={14} />
                  </button>
                </div>
@@ -15,11 +15,13 @@ import { BookOpen, Plus, Trash2, LogOut, Languages, RefreshCw, Ship, Wifi, WifiO
 import DisclaimerHeaderButton from './DisclaimerHeaderButton.tsx'
 import FeedbackHeaderButton from './FeedbackHeaderButton.tsx'
 import ProfileHeaderButton from './ProfileHeaderButton.tsx'
+import AdminHeaderButton from './AdminHeaderButton.tsx'

 interface LogbookDashboardProps {
  onSelectLogbook: (id: string, title: string) => void
  onLogout: () => void
  onOpenProfile: () => void
+  onOpenAdmin?: () => void
 }

 type LogbookSortKey = 'name' | 'date'
@@ -42,7 +44,7 @@ function sortLogbooks(
  return sorted
 }

-export default function LogbookDashboard({ onSelectLogbook, onLogout, onOpenProfile }: LogbookDashboardProps) {
+export default function LogbookDashboard({ onSelectLogbook, onLogout, onOpenProfile, onOpenAdmin }: LogbookDashboardProps) {
  const { t, i18n } = useTranslation()
  const { showConfirm } = useDialog()
  const [logbooks, setLogbooks] = useState<DecryptedLogbook[]>([])
@@ -388,6 +390,8 @@ export default function LogbookDashboard({ onSelectLogbook, onLogout, onOpenProf

          <ProfileHeaderButton onClick={onOpenProfile} />

+          {onOpenAdmin && <AdminHeaderButton onClick={onOpenAdmin} />}
+
          {/* Lang toggle */}
          <button className="btn-icon" onClick={toggleLanguage} title="Switch Language">
            <Languages size={18} />
@@ -147,7 +147,7 @@ export default function PersonPoolForm() {
          </button>
          <button
            type="button"
-            className="btn-icon logout"
+            className="btn-icon danger"
            onClick={() => void handleDelete(person.payloadId)}
            title="Delete"
          >
@@ -429,7 +429,7 @@ export default function SettingsForm({ logbookId, onLogbookRestored }: SettingsF
                      <td>
                        <button
                          type="button"
-                          className="btn-icon logout"
+                          className="btn-icon danger"
                          onClick={() => handleRevoke(c.id, c.username)}
                          title="Revoke access"
                        >
@@ -14,6 +14,7 @@ import {
 } from '../services/statsAggregation.js'
 import { compareTravelDaysChronological } from '../utils/logEntryTankLevels.js'
 import { formatFuelPerMotorHour } from '../utils/fuelStats.js'
+import { formatAppDecimal } from '../utils/numberFormat.js'
 import {
  loadLogbookEventSeries,
  type EventSeriesPoint,
@@ -211,8 +212,8 @@ function PropulsionBreakdown({ totals }: { totals: StatsTotals }) {
        )}
      </div>
      <div className="stats-propulsion-labels">
-        <span>{t('stats.sail_distance')}: {formatNm(totals.sailDistanceNm)} {t('stats.unit_nm')} ({sailPct.toFixed(0)}%)</span>
-        <span>{t('stats.motor_distance')}: {formatNm(totals.motorDistanceNm)} {t('stats.unit_nm')} ({motorPct.toFixed(0)}%)</span>
+        <span>{t('stats.sail_distance')}: {formatNm(totals.sailDistanceNm)} {t('stats.unit_nm')} ({formatAppDecimal(sailPct, { maximumFractionDigits: 0 })}%)</span>
+        <span>{t('stats.motor_distance')}: {formatNm(totals.motorDistanceNm)} {t('stats.unit_nm')} ({formatAppDecimal(motorPct, { maximumFractionDigits: 0 })}%)</span>
        {totals.unknownPropulsionNm > 0 && (
          <span>{t('stats.unknown_propulsion')}: {formatNm(totals.unknownPropulsionNm)} {t('stats.unit_nm')}</span>
        )}
@@ -1,6 +1,7 @@
 import React, { useCallback } from 'react'
 import { useTranslation } from 'react-i18next'
 import { clampTankLiters } from '../utils/tankCapacity.js'
+import { formatTankLiters, parseAppDecimalOrZero } from '../utils/numberFormat.js'

 interface TankLiterInputProps {
  id?: string
@@ -13,10 +14,8 @@ interface TankLiterInputProps {
 }

 function parseInputLiters(value: string): number {
-  const trimmed = value.trim().replace(',', '.')
-  if (!trimmed) return 0
-  const parsed = Number(trimmed)
-  return Number.isFinite(parsed) ? parsed : 0
+  if (!value.trim()) return 0
+  return parseAppDecimalOrZero(value)
 }

 export default function TankLiterInput({
@@ -34,8 +33,7 @@ export default function TankLiterInput({
  const emitValue = useCallback(
    (liters: number) => {
      const clamped = clampTankLiters(liters, useSlider ? maxLiters : undefined)
-      const str =
-        Number.isInteger(clamped) ? String(clamped) : String(Number(clamped.toFixed(1)))
+      const str = formatTankLiters(clamped)
      onChange(str)
    },
    [onChange, maxLiters, useSlider]
@@ -193,7 +193,7 @@ export default function VesselPoolForm() {
                  </button>
                  <button
                    type="button"
-                    className="btn-icon logout"
+                    className="btn-icon danger"
                    onClick={() => void handleDelete(v.payloadId)}
                  >
                    <Trash2 size={14} />
@@ -1,4 +1,4 @@
-import { useEffect, useState } from 'react'
+import { useEffect, useState, useRef } from 'react'
 import { useTranslation } from 'react-i18next'
 import { db } from '../services/db.js'
 import { getActiveMasterKey } from '../services/auth.js'
@@ -30,6 +30,38 @@ export default function VoiceMemoPlayer({
  const [src, setSrc] = useState<string | null>(preloaded?.audio ?? null)
  const [error, setError] = useState(false)

+  const audioRef = useRef<HTMLAudioElement | null>(null)
+
+  useEffect(() => {
+    const el = audioRef.current
+    if (!el) return
+
+    const handleLoadedMetadata = () => {
+      if (el.duration === Infinity || isNaN(el.duration) || el.duration === 0) {
+        el.currentTime = 1e10
+        const onTimeUpdate = () => {
+          el.currentTime = 0
+          el.removeEventListener('timeupdate', onTimeUpdate)
+        }
+        el.addEventListener('timeupdate', onTimeUpdate)
+      }
+    }
+
+    if (el.readyState >= 1) {
+      handleLoadedMetadata()
+    } else {
+      el.addEventListener('loadedmetadata', handleLoadedMetadata)
+    }
+
+    if (src) {
+      el.load()
+    }
+
+    return () => {
+      el.removeEventListener('loadedmetadata', handleLoadedMetadata)
+    }
+  }, [src])
+
  useEffect(() => {
    if (preloaded?.audio) {
      setSrc(preloaded.audio)
@@ -69,12 +101,13 @@ export default function VoiceMemoPlayer({
    )
  }

+  const playerClass = compact
+    ? 'voice-memo-player voice-memo-player--compact'
+    : 'voice-memo-player'
+
  return (
-    <audio
-      className={compact ? 'voice-memo-player voice-memo-player--compact' : 'voice-memo-player'}
-      controls
-      preload="none"
-      src={src}
-    />
+    <div className="voice-memo-player-shell">
+      <audio ref={audioRef} className={playerClass} controls preload="metadata" src={src} />
+    </div>
  )
 }
@@ -43,7 +43,8 @@
      "deviation": "Tabel over distraktioner",
      "logs": "Indlæg i logbogen",
      "stats": "Statistik",
-      "settings": "Indstillinger"
+      "settings": "Indstillinger",
+      "admin": "Admin"
    },
    "auth": {
      "welcome": "Velkommen til Kapteins Daagbok.",
@@ -90,7 +91,15 @@
      "use_localhost_link": "Skift til localhost",
      "error_passkey_cancelled": "Passkey-login blev annulleret eller udløb. Prøv igen.",
      "error_invalid_rp_id": "Passkey-domæne matcher ikke (RP ID). Brug http://localhost:5173 med RP_ID=localhost i .env til lokal udvikling.",
-      "error_session_incomplete": "Login ufuldstændig. Log ind med passkey igen."
+      "error_session_incomplete": "Login ufuldstændig. Log ind med passkey igen.",
+      "restore_checking": "Tjekker session…",
+      "restore_title": "Gendan session",
+      "restore_subtitle": "Du er stadig logget ind. Lås din logbog op med passkey eller PIN.",
+      "restore_unlocking": "Låser op…",
+      "restore_with_passkey": "Lås op med passkey ({{name}})",
+      "restore_with_pin": "Lås op med PIN",
+      "restore_pin_warning": "Indtast din lokale PIN for at låse logbogen op efter genindlæsning.",
+      "restore_other_account": "Log ind med en anden konto"
    },
    "pwa": {
      "title": "Installer app",
@@ -249,13 +258,13 @@
      "live_sails_confirm": "Indtast",
      "live_sails_confirm_count": "Indtast ({{count}})",
      "live_sails": "Sejl: {{sails}}",
-      "live_fix": "Fix",
-      "live_fix_coords": "Fix {{lat}}, {{lng}}",
-      "live_fix_manual_hint": "GPS ikke tilgængelig. Indtast bredde- og længdegrad manuelt, eller prøv igen med GPS-knappen.",
-      "live_fix_gps_loading": "Henter GPS-position…",
-      "live_fix_invalid": "Indtast gyldige koordinater (bredde −90…90, længde −180…180).",
-      "live_fix_lat_placeholder": "Bredde (Lat)",
-      "live_fix_lng_placeholder": "Længde (Lng)",
+      "live_position": "Position",
+      "live_position_coords": "Position {{lat}}, {{lng}}",
+      "live_position_manual_hint": "GPS ikke tilgængelig. Indtast bredde- og længdegrad manuelt, eller prøv igen med GPS-knappen.",
+      "live_position_gps_loading": "Henter GPS-position…",
+      "live_position_invalid": "Indtast gyldige koordinater (bredde −90…90, længde −180…180).",
+      "live_position_lat_placeholder": "Bredde (Lat)",
+      "live_position_lng_placeholder": "Længde (Lng)",
      "live_photo_btn": "Foto (kamera)",
      "live_photo_capture_btn": "Tag billede",
      "live_photo_save_btn": "Gem",
@@ -266,6 +275,7 @@
      "live_photo_camera_starting": "Starter kamera…",
      "live_photo_camera_denied": "Kameraadgang nægtet eller utilgængelig.",
      "live_photo_camera_unavailable": "Kamera understøttes ikke i denne browser.",
+      "live_photo_no_camera": "Der er intet kamera tilgængeligt på denne enhed.",
      "live_photo_error": "Foto kunne ikke gemmes.",
      "live_photo_entry": "Foto: {{caption}}",
      "live_photo_entry_plain": "Foto taget",
@@ -297,8 +307,8 @@
      "live_weather_btn": "Vejr",
      "live_weather_owm_btn": "Hent OpenWeatherMap-vejr",
      "live_weather_owm_loading": "Henter vejr…",
-      "live_weather_fix_required": "Log først en GPS-fix (Fix-knap) for at hente OpenWeatherMap-vejr. Positionen må højst være 6 timer gammel.",
-      "live_weather_fix_stale": "Den seneste GPS-fix er ældre end 6 timer. Log en ny fix, før du henter vejr.",
+      "live_weather_position_required": "Log først en position (Position-knap) for at hente OpenWeatherMap-vejr. Positionen må højst være 6 timer gammel.",
+      "live_weather_position_stale": "Den seneste position er ældre end 6 timer. Log en ny position, før du henter vejr.",
      "live_wind_btn": "Vind",
      "live_temp_btn": "T °C",
      "live_pressure_btn": "Lufttryk",
@@ -306,8 +316,8 @@
      "live_sea_state_btn": "Søgang",
      "live_visibility_btn": "Sigtbarhed",
      "live_course_btn": "Kurs",
-      "live_fuel_btn": "Diesel",
-      "live_water_btn": "Vand",
+      "live_fuel_btn": "+ Diesel",
+      "live_water_btn": "+ Vand",
      "live_wind_entry": "Vind {{value}}",
      "live_temp_entry": "Temperatur {{temp}} °C",
      "live_pressure_entry": "Lufttryk {{value}} hPa",
@@ -320,6 +330,7 @@
      "live_auto_position": "Auto-position",
      "live_undo_hint": "Indtastning gemt",
      "live_undo_btn": "Fortryd",
+      "live_cancel": "Annuller",
      "live_pressure_placeholder": "f.eks. 1013",
      "live_temp_placeholder": "f.eks. 18",
      "live_precip_placeholder": "f.eks. let regn",
@@ -342,6 +353,7 @@
      "carry_over_tanks_yes": "Tag over",
      "carry_over_tanks_no": "Start med 0",
      "event_title": "Kronologisk hændelseslog",
+      "event_creator": "Indtastet af",
      "no_events": "Der er endnu ikke indtastet nogen begivenheder for denne rejsedag.",
      "event_time": "Tidspunkt på dagen",
      "event_mgk": "MgK-kursus",
@@ -379,6 +391,24 @@
      "event_location_placeholder": "z. f.eks. Kiel",
      "event_remarks": "Bemærkninger / hændelser",
      "gps_btn": "Hent GPS-koordinater",
+      "gps_permission_denied": "Adgang til placering blev nægtet. Tillad det i browser- eller enhedsindstillinger og prøv igen.",
+      "gps_timeout": "GPS fik timeout. Prøv igen udendørs med frit udsyn til himlen.",
+      "gps_position_unavailable": "Intet GPS-signal tilgængeligt. Vent og prøv igen, eller indtast koordinater manuelt.",
+      "gps_unavailable": "GPS understøttes ikke af denne browser eller enhed.",
+      "gps_failed": "GPS-position kunne ikke bestemmes.",
+      "gps_fallback_no_location": "GPS mislykkedes. Angiv et sted under placering/havn, afgang eller destination, eller indtast koordinater manuelt.",
+      "gps_fallback_success": "Koordinater for \"{{location}}\" fundet via stedsnavn (ikke GPS).",
+      "gps_fallback_failed": "GPS og stedsnavnssøgning mislykkedes. Indtast koordinater manuelt.",
+      "gps_quality_excellent": "Stærk GPS-modtagelse (±{{accuracy}} m)",
+      "gps_quality_good": "God GPS-modtagelse (±{{accuracy}} m)",
+      "gps_quality_fair": "Middel GPS-modtagelse (±{{accuracy}} m) – gå udendørs for bedre signal.",
+      "gps_quality_poor": "Svag GPS-modtagelse (±{{accuracy}} m) – sandsynligvis få satellitter. Prøv udendørs igen eller kontroller positionen.",
+      "gps_quality_unknown": "GPS-position overtaget (nøjagtighed ikke rapporteret af enheden).",
+      "gps_live_intro_title": "Placering til live-log",
+      "gps_live_intro_body": "Appen har brug for din placering til automatiske positionsindlæg og GPS-knappen.\n\nTryk på „Tillad placering“ og bekræft i den næste dialog. Du kan altid indtaste position manuelt via „Position“.",
+      "gps_live_intro_allow": "Tillad placering",
+      "gps_live_intro_later": "Senere",
+      "gps_enable_in_settings_hint": "Adgang til placering er blokeret. Du kan tillade det senere i browser- eller enhedsindstillinger (websted / app → Placering).",
      "weather_btn": "OpenWeatherMap Kald vejret op",
      "weather_offline": "OpenWeatherMap kræver internetforbindelse. Du er offline lige nu.",
      "event_wind_pressure": "Lufttryk (hPa)",
@@ -484,8 +514,8 @@
      "nmea_change_engine_stop": "Engine off",
      "nmea_change_autopilot_on": "Autopilot on",
      "nmea_change_autopilot_off": "Autopilot off",
-      "nmea_change_gps_lost": "GPS fix lost",
-      "nmea_change_gps_regained": "GPS fix restored",
+      "nmea_change_gps_lost": "GPS-position mistet",
+      "nmea_change_gps_regained": "GPS-position gendannet",
      "nmea_change_water_temp": "Water temp. {{from}} → {{to}} °C",
      "nmea_change_departure": "Departure / underway",
      "nmea_change_anchor": "Anchored / stop",
@@ -760,6 +790,9 @@
      "no_key": "Ingen OpenWeatherMap API-nøgle tilgængelig. Gem din egen nøgle i brugerprofilen, eller kontakt operatøren.",
      "weather_success": "Vejrdata hentet med succes!",
      "weather_error": "Hentning af vejrdata mislykkedes. Tjek API-nøglen og forbindelsen.",
+      "weather_unauthorized": "Hentning af vejrdata mislykkedes. API-nøglen er ugyldig eller ikke autoriseret.",
+      "weather_not_found": "Hentning af vejrdata mislykkedes. Den angivne placering eller koordinater blev ikke fundet.",
+      "weather_bad_request": "Hentning af vejrdata mislykkedes. Ingen placering eller GPS-position blev angivet.",
      "weather_date_mismatch": "Vejrdata kan kun hentes for i dag ({{today}}). Dette logbogsindlæg er dateret {{date}}.",
      "gps_error": "Indtast en placering, eller find GPS-koordinaterne.",
      "share_title": "Del logbog (skrivebeskyttet)",
@@ -43,7 +43,8 @@
      "deviation": "Ablenkungstabelle",
      "logs": "Logbucheinträge",
      "stats": "Statistik",
-      "settings": "Einstellungen"
+      "settings": "Einstellungen",
+      "admin": "Admin"
    },
    "auth": {
      "welcome": "Willkommen bei Kapteins Daagbok",
@@ -90,7 +91,15 @@
      "use_localhost_link": "Zu localhost wechseln",
      "error_passkey_cancelled": "Passkey-Anmeldung abgebrochen oder abgelaufen. Bitte erneut versuchen.",
      "error_invalid_rp_id": "Passkey-Domain passt nicht (RP ID). Lokal nur http://localhost:5173 mit RP_ID=localhost in .env verwenden.",
-      "error_session_incomplete": "Anmeldung unvollständig. Bitte erneut mit Passkey anmelden."
+      "error_session_incomplete": "Anmeldung unvollständig. Bitte erneut mit Passkey anmelden.",
+      "restore_checking": "Session wird geprüft…",
+      "restore_title": "Session wiederherstellen",
+      "restore_subtitle": "Deine Anmeldung ist noch aktiv. Entsperre dein Logbuch mit Passkey oder PIN.",
+      "restore_unlocking": "Wird entsperrt…",
+      "restore_with_passkey": "Mit Passkey entsperren ({{name}})",
+      "restore_with_pin": "Mit PIN entsperren",
+      "restore_pin_warning": "Gib deine lokale PIN ein, um dein Logbuch nach dem Neuladen zu entsperren.",
+      "restore_other_account": "Anderer Account anmelden"
    },
    "pwa": {
      "title": "App installieren",
@@ -249,13 +258,13 @@
      "live_sails_confirm": "Eintragen",
      "live_sails_confirm_count": "Eintragen ({{count}})",
      "live_sails": "Segel: {{sails}}",
-      "live_fix": "Fix",
-      "live_fix_coords": "Fix {{lat}}, {{lng}}",
-      "live_fix_manual_hint": "GPS nicht verfügbar. Breiten- und Längengrad manuell eingeben oder erneut per GPS-Knopf versuchen.",
-      "live_fix_gps_loading": "GPS-Position wird ermittelt…",
-      "live_fix_invalid": "Bitte gültige Koordinaten eingeben (Breite −90…90, Länge −180…180).",
-      "live_fix_lat_placeholder": "Breite (Lat)",
-      "live_fix_lng_placeholder": "Länge (Lng)",
+      "live_position": "Position",
+      "live_position_coords": "Position {{lat}}, {{lng}}",
+      "live_position_manual_hint": "GPS nicht verfügbar. Breiten- und Längengrad manuell eingeben oder erneut per GPS-Knopf versuchen.",
+      "live_position_gps_loading": "GPS-Position wird ermittelt…",
+      "live_position_invalid": "Bitte gültige Koordinaten eingeben (Breite −90…90, Länge −180…180).",
+      "live_position_lat_placeholder": "Breite (Lat)",
+      "live_position_lng_placeholder": "Länge (Lng)",
      "live_photo_btn": "Foto (Kamera)",
      "live_photo_capture_btn": "Aufnehmen",
      "live_photo_save_btn": "Speichern",
@@ -266,6 +275,7 @@
      "live_photo_camera_starting": "Kamera wird gestartet…",
      "live_photo_camera_denied": "Kamerazugriff verweigert oder nicht verfügbar.",
      "live_photo_camera_unavailable": "Kamera wird von diesem Browser nicht unterstützt.",
+      "live_photo_no_camera": "Auf diesem Gerät ist keine Kamera verfügbar.",
      "live_photo_error": "Foto konnte nicht gespeichert werden.",
      "live_photo_entry": "Foto: {{caption}}",
      "live_photo_entry_plain": "Foto aufgenommen",
@@ -292,13 +302,13 @@
      "live_comment_placeholder": "Freitext eingeben…",
      "live_comment_confirm": "Eintragen",
      "live_gps_error": "GPS-Position konnte nicht ermittelt werden.",
-      "live_gps_start_hint": "Beginne deine Tagesreise immer mit einem Standort.",
+      "live_gps_start_hint": "Beginne deine Tagesreise immer mit einer Position.",
      "live_event_generic": "Ereignis",
      "live_weather_btn": "Wetter",
      "live_weather_owm_btn": "OpenWeatherMap Wetter abrufen",
      "live_weather_owm_loading": "Wetter wird geladen…",
-      "live_weather_fix_required": "Für Wetter von OpenWeatherMap zuerst einen GPS-Fix eintragen (Schaltfläche „Fix“). Die Position darf höchstens 6 Stunden alt sein.",
-      "live_weather_fix_stale": "Der letzte GPS-Fix ist älter als 6 Stunden. Bitte erneut einen Fix loggen, bevor du Wetter abrufst.",
+      "live_weather_position_required": "Für Wetter von OpenWeatherMap zuerst eine Position eintragen (Schaltfläche „Position“). Die Position darf höchstens 6 Stunden alt sein.",
+      "live_weather_position_stale": "Die letzte Position ist älter als 6 Stunden. Bitte erneut eine Position loggen, bevor du Wetter abrufst.",
      "live_wind_btn": "Wind",
      "live_temp_btn": "T °C",
      "live_pressure_btn": "Luftdruck",
@@ -306,8 +316,8 @@
      "live_sea_state_btn": "Seegang",
      "live_visibility_btn": "Sichtweite",
      "live_course_btn": "Kurs",
-      "live_fuel_btn": "Diesel",
-      "live_water_btn": "Wasser",
+      "live_fuel_btn": "+ Diesel",
+      "live_water_btn": "+ Wasser",
      "live_wind_entry": "Wind {{value}}",
      "live_temp_entry": "Temperatur {{temp}} °C",
      "live_pressure_entry": "Luftdruck {{value}} hPa",
@@ -320,6 +330,7 @@
      "live_auto_position": "Auto-Position",
      "live_undo_hint": "Eintrag gespeichert",
      "live_undo_btn": "Rückgängig",
+      "live_cancel": "Abbruch",
      "live_pressure_placeholder": "z. B. 1013",
      "live_temp_placeholder": "z. B. 18",
      "live_precip_placeholder": "z. B. leichter Regen",
@@ -342,6 +353,7 @@
      "carry_over_tanks_yes": "Übernehmen",
      "carry_over_tanks_no": "Mit 0 starten",
      "event_title": "Chronologisches Ereignisprotokoll",
+      "event_creator": "Eingetragen von",
      "no_events": "Noch keine Ereignisse für diesen Reisetag eingetragen.",
      "event_time": "Uhrzeit",
      "event_mgk": "MgK Kurs",
@@ -379,6 +391,24 @@
      "event_location_placeholder": "z. B. Kiel",
      "event_remarks": "Bemerkungen / Vorkommnisse",
      "gps_btn": "GPS-Koordinaten abrufen",
+      "gps_permission_denied": "Standortzugriff wurde verweigert. Bitte in den Browser- oder Geräteeinstellungen erlauben und erneut versuchen.",
+      "gps_timeout": "GPS-Zeitüberschreitung. Bitte erneut versuchen – am besten im Freien mit gutem Empfang.",
+      "gps_position_unavailable": "Kein GPS-Signal verfügbar. Bitte warten oder Koordinaten manuell eingeben.",
+      "gps_unavailable": "GPS wird von diesem Browser oder Gerät nicht unterstützt.",
+      "gps_failed": "GPS-Position konnte nicht ermittelt werden.",
+      "gps_fallback_no_location": "GPS fehlgeschlagen. Bitte einen Ort unter „Ort / Hafen“, Start- oder Zielhafen eintragen, oder Koordinaten manuell eingeben.",
+      "gps_fallback_success": "Koordinaten für „{{location}}“ über den Ortsnamen ermittelt (nicht per GPS).",
+      "gps_fallback_failed": "GPS und Ortsnamen-Suche sind fehlgeschlagen. Bitte Koordinaten manuell eingeben.",
+      "gps_quality_excellent": "Starker GPS-Empfang (±{{accuracy}} m)",
+      "gps_quality_good": "Guter GPS-Empfang (±{{accuracy}} m)",
+      "gps_quality_fair": "Mäßiger GPS-Empfang (±{{accuracy}} m) – für besseren Empfang ins Freie gehen.",
+      "gps_quality_poor": "Schwacher GPS-Empfang (±{{accuracy}} m) – vermutlich wenig Satelliten. Im Freien erneut versuchen oder Position prüfen.",
+      "gps_quality_unknown": "GPS-Position übernommen (Genauigkeit vom Gerät nicht gemeldet).",
+      "gps_live_intro_title": "Standort für Live-Log",
+      "gps_live_intro_body": "Für automatische Positions-Einträge und den GPS-Knopf braucht die App Zugriff auf deinen Standort.\n\nTippe auf „Standort erlauben“ – im nächsten Dialog die Freigabe bestätigen. Du kannst jederzeit manuell unter „Position“ eintragen.",
+      "gps_live_intro_allow": "Standort erlauben",
+      "gps_live_intro_later": "Später",
+      "gps_enable_in_settings_hint": "Standortzugriff ist blockiert. In den Browser- oder Geräteeinstellungen (Website / App → Standort) kannst du die Freigabe nachträglich erlauben.",
      "weather_btn": "OpenWeatherMap Wetter abrufen",
      "weather_offline": "OpenWeatherMap erfordert eine Internetverbindung. Du bist derzeit offline.",
      "event_wind_pressure": "Luftdruck (hPa)",
@@ -474,8 +504,8 @@
      "nmea_change_engine_stop": "Motor aus",
      "nmea_change_autopilot_on": "Autopilot ein",
      "nmea_change_autopilot_off": "Autopilot aus",
-      "nmea_change_gps_lost": "GPS-Fix verloren",
-      "nmea_change_gps_regained": "GPS-Fix wiederhergestellt",
+      "nmea_change_gps_lost": "GPS-Position verloren",
+      "nmea_change_gps_regained": "GPS-Position wiederhergestellt",
      "nmea_change_water_temp": "Wassertemp. {{from}} → {{to}} °C",
      "nmea_change_departure": "Abfahrt / Fahrtbeginn",
      "nmea_change_anchor": "Ankern / Stop",
@@ -760,6 +790,9 @@
      "no_key": "Kein OpenWeatherMap-API-Schlüssel verfügbar. Hinterlege einen eigenen Schlüssel im Benutzerprofil oder kontaktiere den Betreiber.",
      "weather_success": "Wetterdaten erfolgreich abgerufen!",
      "weather_error": "Wetterdatenabruf fehlgeschlagen. Überprüfe den API-Schlüssel und die Verbindung.",
+      "weather_unauthorized": "Wetterdatenabruf fehlgeschlagen. Der API-Schlüssel ist ungültig oder nicht autorisiert.",
+      "weather_not_found": "Wetterdatenabruf fehlgeschlagen. Der angegebene Ort oder die Koordinaten wurden nicht gefunden.",
+      "weather_bad_request": "Wetterdatenabruf fehlgeschlagen. Es wurde kein Ort und keine GPS-Position angegeben.",
      "weather_date_mismatch": "Wetterdaten können nur für den heutigen Tag ({{today}}) abgerufen werden. Dieser Logbucheintrag ist auf den {{date}} datiert.",
      "gps_error": "Bitte gib einen Ort an oder ermittle die GPS-Koordinaten.",
      "share_title": "Logbuch teilen (Schreibgeschützt)",
@@ -43,7 +43,8 @@
      "deviation": "Deviation Table",
      "logs": "Logbook Entries",
      "stats": "Statistics",
-      "settings": "Settings"
+      "settings": "Settings",
+      "admin": "Admin"
    },
    "auth": {
      "welcome": "Welcome to Kapteins Daagbok",
@@ -90,7 +91,15 @@
      "use_localhost_link": "Switch to localhost",
      "error_passkey_cancelled": "Passkey sign-in was cancelled or timed out. Please try again.",
      "error_invalid_rp_id": "Passkey domain mismatch (RP ID). For local dev use http://localhost:5173 with RP_ID=localhost in .env.",
-      "error_session_incomplete": "Sign-in incomplete. Please sign in with your passkey again."
+      "error_session_incomplete": "Sign-in incomplete. Please sign in with your passkey again.",
+      "restore_checking": "Checking session…",
+      "restore_title": "Restore session",
+      "restore_subtitle": "You are still signed in. Unlock your logbook with passkey or PIN.",
+      "restore_unlocking": "Unlocking…",
+      "restore_with_passkey": "Unlock with passkey ({{name}})",
+      "restore_with_pin": "Unlock with PIN",
+      "restore_pin_warning": "Enter your local PIN to unlock your logbook after reload.",
+      "restore_other_account": "Sign in with another account"
    },
    "pwa": {
      "title": "Install app",
@@ -249,13 +258,13 @@
      "live_sails_confirm": "Log entry",
      "live_sails_confirm_count": "Log entry ({{count}})",
      "live_sails": "Sails: {{sails}}",
-      "live_fix": "Fix",
-      "live_fix_coords": "Fix {{lat}}, {{lng}}",
-      "live_fix_manual_hint": "GPS unavailable. Enter latitude and longitude manually, or try again with the GPS button.",
-      "live_fix_gps_loading": "Getting GPS position…",
-      "live_fix_invalid": "Please enter valid coordinates (latitude −90…90, longitude −180…180).",
-      "live_fix_lat_placeholder": "Latitude (Lat)",
-      "live_fix_lng_placeholder": "Longitude (Lng)",
+      "live_position": "Position",
+      "live_position_coords": "Position {{lat}}, {{lng}}",
+      "live_position_manual_hint": "GPS unavailable. Enter latitude and longitude manually, or try again with the GPS button.",
+      "live_position_gps_loading": "Getting GPS position…",
+      "live_position_invalid": "Please enter valid coordinates (latitude −90…90, longitude −180…180).",
+      "live_position_lat_placeholder": "Latitude (Lat)",
+      "live_position_lng_placeholder": "Longitude (Lng)",
      "live_photo_btn": "Photo (camera)",
      "live_photo_capture_btn": "Capture",
      "live_photo_save_btn": "Save",
@@ -266,6 +275,7 @@
      "live_photo_camera_starting": "Starting camera…",
      "live_photo_camera_denied": "Camera access denied or unavailable.",
      "live_photo_camera_unavailable": "Camera is not supported in this browser.",
+      "live_photo_no_camera": "No camera is available on this device.",
      "live_photo_error": "Could not save photo.",
      "live_photo_entry": "Photo: {{caption}}",
      "live_photo_entry_plain": "Photo captured",
@@ -292,13 +302,13 @@
      "live_comment_placeholder": "Enter text…",
      "live_comment_confirm": "Log entry",
      "live_gps_error": "Could not determine GPS position.",
-      "live_gps_start_hint": "Always start your day's voyage with a position fix.",
+      "live_gps_start_hint": "Always start your day's voyage with a position.",
      "live_event_generic": "Event",
      "live_weather_btn": "Weather",
      "live_weather_owm_btn": "Fetch OpenWeatherMap weather",
      "live_weather_owm_loading": "Loading weather…",
-      "live_weather_fix_required": "Log a GPS fix first (Fix button) to fetch OpenWeatherMap weather. The position must be at most 6 hours old.",
-      "live_weather_fix_stale": "The last GPS fix is older than 6 hours. Log a new fix before fetching weather.",
+      "live_weather_position_required": "Log a position first (Position button) to fetch OpenWeatherMap weather. The position must be at most 6 hours old.",
+      "live_weather_position_stale": "The last position is older than 6 hours. Log a new position before fetching weather.",
      "live_wind_btn": "Wind",
      "live_temp_btn": "Temp °C",
      "live_pressure_btn": "Pressure",
@@ -306,8 +316,8 @@
      "live_sea_state_btn": "Sea state",
      "live_visibility_btn": "Visibility",
      "live_course_btn": "Course",
-      "live_fuel_btn": "Fuel",
-      "live_water_btn": "Water",
+      "live_fuel_btn": "+ Fuel",
+      "live_water_btn": "+ Water",
      "live_wind_entry": "Wind {{value}}",
      "live_temp_entry": "Temperature {{temp}} °C",
      "live_pressure_entry": "Pressure {{value}} hPa",
@@ -320,6 +330,7 @@
      "live_auto_position": "Auto position",
      "live_undo_hint": "Entry saved",
      "live_undo_btn": "Undo",
+      "live_cancel": "Cancel",
      "live_pressure_placeholder": "e.g. 1013",
      "live_temp_placeholder": "e.g. 18",
      "live_precip_placeholder": "e.g. light rain",
@@ -342,6 +353,7 @@
      "carry_over_tanks_yes": "Carry over",
      "carry_over_tanks_no": "Start at 0",
      "event_title": "Chronological Event Logbook",
+      "event_creator": "Entered by",
      "no_events": "No events logged for this travel day yet.",
      "event_time": "Time",
      "event_mgk": "MgK Course",
@@ -379,6 +391,24 @@
      "event_location_placeholder": "e.g. Kiel",
      "event_remarks": "Remarks / Events",
      "gps_btn": "Get GPS Location",
+      "gps_permission_denied": "Location access was denied. Allow it in your browser or device settings and try again.",
+      "gps_timeout": "GPS timed out. Try again outdoors with a clear view of the sky.",
+      "gps_position_unavailable": "No GPS signal available. Wait and retry, or enter coordinates manually.",
+      "gps_unavailable": "GPS is not supported by this browser or device.",
+      "gps_failed": "Could not determine GPS position.",
+      "gps_fallback_no_location": "GPS failed. Enter a place under Location / harbour, departure, or destination, or type coordinates manually.",
+      "gps_fallback_success": "Coordinates for \"{{location}}\" resolved from place name (not GPS).",
+      "gps_fallback_failed": "GPS and place-name lookup both failed. Please enter coordinates manually.",
+      "gps_quality_excellent": "Strong GPS reception (±{{accuracy}} m)",
+      "gps_quality_good": "Good GPS reception (±{{accuracy}} m)",
+      "gps_quality_fair": "Fair GPS reception (±{{accuracy}} m) — move outdoors for a better fix.",
+      "gps_quality_poor": "Weak GPS reception (±{{accuracy}} m) — likely few satellites. Retry outdoors or verify the position.",
+      "gps_quality_unknown": "GPS position applied (accuracy not reported by device).",
+      "gps_live_intro_title": "Location for Live Log",
+      "gps_live_intro_body": "The app needs your location for automatic position entries and the GPS button.\n\nTap “Allow location” and confirm in the next dialog. You can always enter a position manually via “Position”.",
+      "gps_live_intro_allow": "Allow location",
+      "gps_live_intro_later": "Later",
+      "gps_enable_in_settings_hint": "Location access is blocked. You can allow it later in your browser or device settings (site / app → Location).",
      "weather_btn": "Fetch OpenWeatherMap Weather",
      "weather_offline": "OpenWeatherMap requires an internet connection. You are currently offline.",
      "event_wind_pressure": "Barometer (hPa)",
@@ -474,8 +504,8 @@
      "nmea_change_engine_stop": "Engine off",
      "nmea_change_autopilot_on": "Autopilot on",
      "nmea_change_autopilot_off": "Autopilot off",
-      "nmea_change_gps_lost": "GPS fix lost",
-      "nmea_change_gps_regained": "GPS fix restored",
+      "nmea_change_gps_lost": "GPS position lost",
+      "nmea_change_gps_regained": "GPS position restored",
      "nmea_change_water_temp": "Water temp. {{from}} → {{to}} °C",
      "nmea_change_departure": "Departure / underway",
      "nmea_change_anchor": "Anchored / stop",
@@ -760,6 +790,9 @@
      "no_key": "No OpenWeatherMap API key available. Add your own key in your user profile or contact the operator.",
      "weather_success": "Weather details fetched successfully!",
      "weather_error": "Failed to fetch weather. Check your API key and connection.",
+      "weather_unauthorized": "Failed to fetch weather. The API key is invalid or unauthorized.",
+      "weather_not_found": "Failed to fetch weather. The specified location or coordinates were not found.",
+      "weather_bad_request": "Failed to fetch weather. No location or GPS position was specified.",
      "weather_date_mismatch": "Weather data can only be fetched for today ({{today}}). This logbook entry is dated {{date}}.",
      "gps_error": "Please enter a location or fetch GPS coordinates first.",
      "share_title": "Share Logbook (Read-Only)",
@@ -43,7 +43,8 @@
      "deviation": "Tabell over distraksjoner",
      "logs": "Loggbokoppføringer",
      "stats": "Statistikk",
-      "settings": "Innstillinger"
+      "settings": "Innstillinger",
+      "admin": "Admin"
    },
    "auth": {
      "welcome": "Velkommen til Kapteins Daagbok",
@@ -90,7 +91,15 @@
      "use_localhost_link": "Bytt til localhost",
      "error_passkey_cancelled": "Passkey-innlogging ble avbrutt eller utløp. Prøv igjen.",
      "error_invalid_rp_id": "Passkey-domene stemmer ikke (RP ID). Bruk http://localhost:5173 med RP_ID=localhost i .env for lokal utvikling.",
-      "error_session_incomplete": "Innlogging ufullstendig. Logg inn med passkey igjen."
+      "error_session_incomplete": "Innlogging ufullstendig. Logg inn med passkey igjen.",
+      "restore_checking": "Sjekker økt…",
+      "restore_title": "Gjenopprett økt",
+      "restore_subtitle": "Du er fortsatt innlogget. Lås opp loggboken med passkey eller PIN.",
+      "restore_unlocking": "Låser opp…",
+      "restore_with_passkey": "Lås opp med passkey ({{name}})",
+      "restore_with_pin": "Lås opp med PIN",
+      "restore_pin_warning": "Skriv inn din lokale PIN for å låse opp loggboken etter omlasting.",
+      "restore_other_account": "Logg inn med en annen konto"
    },
    "pwa": {
      "title": "Installer app",
@@ -249,13 +258,13 @@
      "live_sails_confirm": "Loggfør",
      "live_sails_confirm_count": "Loggfør ({{count}})",
      "live_sails": "Seil: {{sails}}",
-      "live_fix": "Fix",
-      "live_fix_coords": "Fix {{lat}}, {{lng}}",
-      "live_fix_manual_hint": "GPS ikke tilgjengelig. Skriv inn bredde- og lengdegrad manuelt, eller prøv igjen med GPS-knappen.",
-      "live_fix_gps_loading": "Henter GPS-posisjon…",
-      "live_fix_invalid": "Skriv inn gyldige koordinater (bredde −90…90, lengde −180…180).",
-      "live_fix_lat_placeholder": "Bredde (Lat)",
-      "live_fix_lng_placeholder": "Lengde (Lng)",
+      "live_position": "Posisjon",
+      "live_position_coords": "Posisjon {{lat}}, {{lng}}",
+      "live_position_manual_hint": "GPS ikke tilgjengelig. Skriv inn bredde- og lengdegrad manuelt, eller prøv igjen med GPS-knappen.",
+      "live_position_gps_loading": "Henter GPS-posisjon…",
+      "live_position_invalid": "Skriv inn gyldige koordinater (bredde −90…90, lengde −180…180).",
+      "live_position_lat_placeholder": "Bredde (Lat)",
+      "live_position_lng_placeholder": "Lengde (Lng)",
      "live_photo_btn": "Foto (kamera)",
      "live_photo_capture_btn": "Ta bilde",
      "live_photo_save_btn": "Lagre",
@@ -266,6 +275,7 @@
      "live_photo_camera_starting": "Starter kamera…",
      "live_photo_camera_denied": "Kameratilgang nektet eller utilgjengelig.",
      "live_photo_camera_unavailable": "Kamera støttes ikke i denne nettleseren.",
+      "live_photo_no_camera": "Ingen kamera er tilgjengelig på denne enheten.",
      "live_photo_error": "Kunne ikke lagre foto.",
      "live_photo_entry": "Foto: {{caption}}",
      "live_photo_entry_plain": "Foto tatt",
@@ -297,8 +307,8 @@
      "live_weather_btn": "Vær",
      "live_weather_owm_btn": "Hent OpenWeatherMap-vær",
      "live_weather_owm_loading": "Henter vær…",
-      "live_weather_fix_required": "Logg først en GPS-fix (Fix-knapp) for å hente OpenWeatherMap-vær. Posisjonen må være maks 6 timer gammel.",
-      "live_weather_fix_stale": "Siste GPS-fix er eldre enn 6 timer. Logg en ny fix før du henter vær.",
+      "live_weather_position_required": "Logg først en posisjon (Posisjon-knapp) for å hente OpenWeatherMap-vær. Posisjonen må være maks 6 timer gammel.",
+      "live_weather_position_stale": "Siste posisjon er eldre enn 6 timer. Logg en ny posisjon før du henter vær.",
      "live_wind_btn": "Vind",
      "live_temp_btn": "T °C",
      "live_pressure_btn": "Lufttrykk",
@@ -306,8 +316,8 @@
      "live_sea_state_btn": "Sjøgang",
      "live_visibility_btn": "Sikt",
      "live_course_btn": "Kurs",
-      "live_fuel_btn": "Diesel",
-      "live_water_btn": "Vann",
+      "live_fuel_btn": "+ Diesel",
+      "live_water_btn": "+ Vann",
      "live_wind_entry": "Vind {{value}}",
      "live_temp_entry": "Temperatur {{temp}} °C",
      "live_pressure_entry": "Lufttrykk {{value}} hPa",
@@ -320,6 +330,7 @@
      "live_auto_position": "Auto-posisjon",
      "live_undo_hint": "Oppføring lagret",
      "live_undo_btn": "Angre",
+      "live_cancel": "Avbryt",
      "live_pressure_placeholder": "f.eks. 1013",
      "live_temp_placeholder": "f.eks. 18",
      "live_precip_placeholder": "f.eks. lett regn",
@@ -342,6 +353,7 @@
      "carry_over_tanks_yes": "Ta over",
      "carry_over_tanks_no": "Begynn med 0",
      "event_title": "Kronologisk hendelseslogg",
+      "event_creator": "Registrert av",
      "no_events": "Ingen arrangementer lagt inn for denne reisedagen ennå.",
      "event_time": "Tid på døgnet",
      "event_mgk": "MgK-kurs",
@@ -379,6 +391,24 @@
      "event_location_placeholder": "z. f.eks. Kiel",
      "event_remarks": "Merknader / hendelser",
      "gps_btn": "Hent GPS-koordinater",
+      "gps_permission_denied": "Tilgang til posisjon ble nektet. Tillat det i nettleser- eller enhetsinnstillinger og prøv igjen.",
+      "gps_timeout": "GPS fikk tidsavbrudd. Prøv igjen utendørs med fri sikt mot himmelen.",
+      "gps_position_unavailable": "Ingen GPS-signal tilgjengelig. Vent og prøv igjen, eller skriv inn koordinater manuelt.",
+      "gps_unavailable": "GPS støttes ikke av denne nettleseren eller enheten.",
+      "gps_failed": "GPS-posisjon kunne ikke bestemmes.",
+      "gps_fallback_no_location": "GPS mislyktes. Skriv inn et sted under sted/havn, avreise eller destinasjon, eller koordinater manuelt.",
+      "gps_fallback_success": "Koordinater for «{{location}}» funnet via stedsnavn (ikke GPS).",
+      "gps_fallback_failed": "GPS og stedsnavnssøk mislyktes. Skriv inn koordinater manuelt.",
+      "gps_quality_excellent": "Sterk GPS-mottak (±{{accuracy}} m)",
+      "gps_quality_good": "God GPS-mottak (±{{accuracy}} m)",
+      "gps_quality_fair": "Middels GPS-mottak (±{{accuracy}} m) – gå utendørs for bedre signal.",
+      "gps_quality_poor": "Svakt GPS-mottak (±{{accuracy}} m) – sannsynligvis få satellitter. Prøv utendørs igjen eller kontroller posisjonen.",
+      "gps_quality_unknown": "GPS-posisjon tatt i bruk (nøyaktighet ikke rapportert av enheten).",
+      "gps_live_intro_title": "Posisjon for live-logg",
+      "gps_live_intro_body": "Appen trenger posisjonen din for automatiske posisjonsregistreringer og GPS-knappen.\n\nTrykk «Tillat posisjon» og bekreft i neste dialog. Du kan alltid legge inn posisjon manuelt via «Posisjon».",
+      "gps_live_intro_allow": "Tillat posisjon",
+      "gps_live_intro_later": "Senere",
+      "gps_enable_in_settings_hint": "Posisjonstilgang er blokkert. Du kan tillate det senere i nettleser- eller enhetsinnstillinger (nettsted / app → Posisjon).",
      "weather_btn": "OpenWeatherMap Ring opp været",
      "weather_offline": "OpenWeatherMap krever internettforbindelse. Du er frakoblet.",
      "event_wind_pressure": "Lufttrykk (hPa)",
@@ -484,8 +514,8 @@
      "nmea_change_engine_stop": "Engine off",
      "nmea_change_autopilot_on": "Autopilot on",
      "nmea_change_autopilot_off": "Autopilot off",
-      "nmea_change_gps_lost": "GPS fix lost",
-      "nmea_change_gps_regained": "GPS fix restored",
+      "nmea_change_gps_lost": "GPS-posisjon tapt",
+      "nmea_change_gps_regained": "GPS-posisjon gjenopprettet",
      "nmea_change_water_temp": "Water temp. {{from}} → {{to}} °C",
      "nmea_change_departure": "Departure / underway",
      "nmea_change_anchor": "Anchored / stop",
@@ -760,6 +790,9 @@
      "no_key": "Ingen OpenWeatherMap API-nøkkel tilgjengelig. Lagre din egen nøkkel i brukerprofilen, eller kontakt operatøren.",
      "weather_success": "Værdata vellykket hentet!",
      "weather_error": "Henting av værdata mislyktes. Kontroller API-nøkkelen og tilkoblingen.",
+      "weather_unauthorized": "Henting av værdata mislyktes. API-nøkkelen er ugyldig eller ikke autorisert.",
+      "weather_not_found": "Henting av værdata mislyktes. Den angitte posisjonen eller koordinatene ble ikke funnet.",
+      "weather_bad_request": "Henting av værdata mislyktes. Ingen posisjon eller GPS-koordinater ble angitt.",
      "weather_date_mismatch": "Værdata kan bare hentes ut for i dag ({{today}}). Denne loggbokoppføringen er datert {{date}}.",
      "gps_error": "Vennligst skriv inn en posisjon eller finn GPS-koordinatene.",
      "share_title": "Del loggbok (skrivebeskyttet)",
@@ -43,7 +43,8 @@
      "deviation": "Distraktionsbord",
      "logs": "Loggboksanteckningar",
      "stats": "Statistik",
-      "settings": "Inställningar"
+      "settings": "Inställningar",
+      "admin": "Admin"
    },
    "auth": {
      "welcome": "Välkommen till Kapteins Daagbok",
@@ -90,7 +91,15 @@
      "use_localhost_link": "Byt till localhost",
      "error_passkey_cancelled": "Passkey-inloggning avbröts eller gick ut. Försök igen.",
      "error_invalid_rp_id": "Passkey-domänen matchar inte (RP ID). Använd http://localhost:5173 med RP_ID=localhost i .env för lokal utveckling.",
-      "error_session_incomplete": "Inloggning ofullständig. Logga in med passkey igen."
+      "error_session_incomplete": "Inloggning ofullständig. Logga in med passkey igen.",
+      "restore_checking": "Kontrollerar session…",
+      "restore_title": "Återställ session",
+      "restore_subtitle": "Du är fortfarande inloggad. Lås upp din loggbok med passkey eller PIN.",
+      "restore_unlocking": "Låser upp…",
+      "restore_with_passkey": "Lås upp med passkey ({{name}})",
+      "restore_with_pin": "Lås upp med PIN",
+      "restore_pin_warning": "Ange din lokala PIN för att låsa upp loggboken efter omladdning.",
+      "restore_other_account": "Logga in med ett annat konto"
    },
    "pwa": {
      "title": "Installera app",
@@ -249,13 +258,13 @@
      "live_sails_confirm": "Logga",
      "live_sails_confirm_count": "Logga ({{count}})",
      "live_sails": "Segel: {{sails}}",
-      "live_fix": "Fix",
-      "live_fix_coords": "Fix {{lat}}, {{lng}}",
-      "live_fix_manual_hint": "GPS ej tillgänglig. Ange latitud och longitud manuellt, eller försök igen med GPS-knappen.",
-      "live_fix_gps_loading": "Hämtar GPS-position…",
-      "live_fix_invalid": "Ange giltiga koordinater (latitud −90…90, longitud −180…180).",
-      "live_fix_lat_placeholder": "Latitud (Lat)",
-      "live_fix_lng_placeholder": "Longitud (Lng)",
+      "live_position": "Position",
+      "live_position_coords": "Position {{lat}}, {{lng}}",
+      "live_position_manual_hint": "GPS ej tillgänglig. Ange latitud och longitud manuellt, eller försök igen med GPS-knappen.",
+      "live_position_gps_loading": "Hämtar GPS-position…",
+      "live_position_invalid": "Ange giltiga koordinater (latitud −90…90, longitud −180…180).",
+      "live_position_lat_placeholder": "Latitud (Lat)",
+      "live_position_lng_placeholder": "Longitud (Lng)",
      "live_photo_btn": "Foto (kamera)",
      "live_photo_capture_btn": "Ta foto",
      "live_photo_save_btn": "Spara",
@@ -266,6 +275,7 @@
      "live_photo_camera_starting": "Startar kamera…",
      "live_photo_camera_denied": "Kameraåtkomst nekad eller ej tillgänglig.",
      "live_photo_camera_unavailable": "Kameran stöds inte i den här webbläsaren.",
+      "live_photo_no_camera": "Ingen kamera finns på den här enheten.",
      "live_photo_error": "Foto kunde inte sparas.",
      "live_photo_entry": "Foto: {{caption}}",
      "live_photo_entry_plain": "Foto taget",
@@ -297,8 +307,8 @@
      "live_weather_btn": "Väder",
      "live_weather_owm_btn": "Hämta OpenWeatherMap-väder",
      "live_weather_owm_loading": "Hämtar väder…",
-      "live_weather_fix_required": "Logga först en GPS-fix (Fix-knappen) för att hämta OpenWeatherMap-väder. Positionen får högst vara 6 timmar gammal.",
-      "live_weather_fix_stale": "Senaste GPS-fixen är äldre än 6 timmar. Logga en ny fix innan du hämtar väder.",
+      "live_weather_position_required": "Logga först en position (Position-knappen) för att hämta OpenWeatherMap-väder. Positionen får högst vara 6 timmar gammal.",
+      "live_weather_position_stale": "Senaste positionen är äldre än 6 timmar. Logga en ny position innan du hämtar väder.",
      "live_wind_btn": "Vind",
      "live_temp_btn": "T °C",
      "live_pressure_btn": "Lufttryck",
@@ -306,8 +316,8 @@
      "live_sea_state_btn": "Sjögang",
      "live_visibility_btn": "Sikt",
      "live_course_btn": "Kurs",
-      "live_fuel_btn": "Diesel",
-      "live_water_btn": "Vatten",
+      "live_fuel_btn": "+ Diesel",
+      "live_water_btn": "+ Vatten",
      "live_wind_entry": "Vind {{value}}",
      "live_temp_entry": "Temperatur {{temp}} °C",
      "live_pressure_entry": "Lufttryck {{value}} hPa",
@@ -320,6 +330,7 @@
      "live_auto_position": "Auto-position",
      "live_undo_hint": "Post sparad",
      "live_undo_btn": "Ångra",
+      "live_cancel": "Avbryt",
      "live_pressure_placeholder": "t.ex. 1013",
      "live_temp_placeholder": "t.ex. 18",
      "live_precip_placeholder": "t.ex. lätt regn",
@@ -342,6 +353,7 @@
      "carry_over_tanks_yes": "Ta över",
      "carry_over_tanks_no": "Börja med 0",
      "event_title": "Kronologisk händelselogg",
+      "event_creator": "Registrerad av",
      "no_events": "Inga händelser inlagda för denna resdag ännu.",
      "event_time": "Tid på dygnet",
      "event_mgk": "MgK-kurs",
@@ -379,6 +391,24 @@
      "event_location_placeholder": "z. t.ex. Kiel",
      "event_remarks": "Anmärkningar / incidenter",
      "gps_btn": "Hämta GPS-koordinater",
+      "gps_permission_denied": "Platstillgång nekades. Tillåt det i webbläsar- eller enhetsinställningar och försök igen.",
+      "gps_timeout": "GPS fick tidsgräns. Försök igen utomhus med fri sikt mot himlen.",
+      "gps_position_unavailable": "Ingen GPS-signal tillgänglig. Vänta och försök igen, eller ange koordinater manuellt.",
+      "gps_unavailable": "GPS stöds inte av denna webbläsare eller enhet.",
+      "gps_failed": "GPS-position kunde inte bestämmas.",
+      "gps_fallback_no_location": "GPS misslyckades. Ange en plats under ort/hamn, avresa eller destination, eller skriv koordinater manuellt.",
+      "gps_fallback_success": "Koordinater för \"{{location}}\" hittades via ortsnamn (inte GPS).",
+      "gps_fallback_failed": "GPS och ortnamnssökning misslyckades. Ange koordinater manuellt.",
+      "gps_quality_excellent": "Stark GPS-mottagning (±{{accuracy}} m)",
+      "gps_quality_good": "Bra GPS-mottagning (±{{accuracy}} m)",
+      "gps_quality_fair": "Måttlig GPS-mottagning (±{{accuracy}} m) – gå utomhus för bättre signal.",
+      "gps_quality_poor": "Svag GPS-mottagning (±{{accuracy}} m) – troligen få satelliter. Försök utomhus igen eller kontrollera positionen.",
+      "gps_quality_unknown": "GPS-position övertagen (noggrannhet ej rapporterad av enheten).",
+      "gps_live_intro_title": "Plats för live-logg",
+      "gps_live_intro_body": "Appen behöver din plats för automatiska positionsregistreringar och GPS-knappen.\n\nTryck på „Tillåt plats“ och bekräfta i nästa dialog. Du kan alltid ange position manuellt via „Position“.",
+      "gps_live_intro_allow": "Tillåt plats",
+      "gps_live_intro_later": "Senare",
+      "gps_enable_in_settings_hint": "Platstillgång är blockerad. Du kan tillåta det senare i webbläsar- eller enhetsinställningar (webbplats / app → Plats).",
      "weather_btn": "OpenWeatherMap Ring upp väder",
      "weather_offline": "OpenWeatherMap kräver internetanslutning. Du är offline.",
      "event_wind_pressure": "Lufttryck (hPa)",
@@ -484,8 +514,8 @@
      "nmea_change_engine_stop": "Engine off",
      "nmea_change_autopilot_on": "Autopilot on",
      "nmea_change_autopilot_off": "Autopilot off",
-      "nmea_change_gps_lost": "GPS fix lost",
-      "nmea_change_gps_regained": "GPS fix restored",
+      "nmea_change_gps_lost": "GPS-position förlorad",
+      "nmea_change_gps_regained": "GPS-position återställd",
      "nmea_change_water_temp": "Water temp. {{from}} → {{to}} °C",
      "nmea_change_departure": "Departure / underway",
      "nmea_change_anchor": "Anchored / stop",
@@ -760,6 +790,9 @@
      "no_key": "Ingen OpenWeatherMap API-nyckel tillgänglig. Spara din egen nyckel i användarprofilen eller kontakta operatören.",
      "weather_success": "Väderdata har hämtats framgångsrikt!",
      "weather_error": "Hämtning av väderdata misslyckades. Kontrollera API-nyckeln och anslutningen.",
+      "weather_unauthorized": "Hämtning av väderdata misslyckades. API-nyckeln är ogiltig eller inte auktoriserad.",
+      "weather_not_found": "Hämtning av väderdata misslyckades. Den angivna platsen eller koordinaterna hittades inte.",
+      "weather_bad_request": "Hämtning av väderdata misslyckades. Ingen plats eller GPS-position angavs.",
      "weather_date_mismatch": "Väderdata kan endast hämtas för idag ({{today}}). Denna loggbokspost är daterad {{date}}.",
      "gps_error": "Ange en plats eller bestäm GPS-koordinaterna.",
      "share_title": "Aktieloggbok (skrivskyddad)",
@@ -0,0 +1,74 @@
+import { ApiError, apiJson } from './api.js'
+
+const ADMIN_BASE = '/api/admin'
+
+export interface AdminMe {
+  isAdmin: boolean
+  userId: string
+}
+
+export interface AdminSummary {
+  totalUsers: number
+  totalLogbooks: number
+  totalPhotos: number
+  totalVoiceMemos: number
+  totalGpsTracks: number
+  totalCollaborations: number
+  totalInvitations: number
+  aiSummaryEntries: number
+}
+
+export type AdminTimeBucket = 'day' | 'week' | 'month'
+
+export interface AdminTimeSeriesPoint {
+  date: string
+  count: number
+}
+
+export interface AdminTimeSeriesMetric {
+  metric: string
+  points: AdminTimeSeriesPoint[]
+}
+
+export interface AdminTimeSeriesResponse {
+  bucket: AdminTimeBucket
+  windowDays: number
+  series: AdminTimeSeriesMetric[]
+}
+
+export async function fetchAdminMe(): Promise<AdminMe> {
+  return await apiJson<AdminMe>(`${ADMIN_BASE}/me`)
+}
+
+/** Returns true only for users listed in server ADMIN_USER_IDS. */
+export async function checkAdminAccess(): Promise<boolean> {
+  try {
+    await fetchAdminMe()
+    return true
+  } catch (err) {
+    if (err instanceof ApiError && (err.status === 401 || err.status === 403)) {
+      return false
+    }
+    return false
+  }
+}
+
+export async function fetchAdminSummary(): Promise<AdminSummary> {
+  return await apiJson<AdminSummary>(`${ADMIN_BASE}/summary`)
+}
+
+export async function fetchAdminTimeSeries(
+  params: { bucket?: AdminTimeBucket; windowDays?: number } = {}
+): Promise<AdminTimeSeriesResponse> {
+  const search = new URLSearchParams()
+  if (params.bucket) {
+    search.set('bucket', params.bucket)
+  }
+  if (params.windowDays && Number.isFinite(params.windowDays)) {
+    search.set('window', String(params.windowDays))
+  }
+  const query = search.toString()
+  const url = query ? `${ADMIN_BASE}/timeseries?${query}` : `${ADMIN_BASE}/timeseries`
+  return await apiJson<AdminTimeSeriesResponse>(url)
+}
+
@@ -64,6 +64,15 @@ export function persistSessionUserId(userId: string | undefined): void {
  }
 }

+/** Username to use when re-unlocking after reload (active account or sole remembered user). */
+export function resolveRestoreUsername(): string | null {
+  const stored = localStorage.getItem('active_username')
+  if (stored) return stored
+  const known = getKnownUsernames()
+  if (known.length === 1) return known[0]
+  return null
+}
+
 export async function reauthWithPasskey(): Promise<boolean> {
  const options = await apiJson<any>(`${API_BASE}/reauth-options`, {
    method: 'POST'
@@ -2,6 +2,7 @@ import { beforeEach, describe, expect, it } from 'vitest'
 import {
  hasUnlockedLocalCrypto,
  hasUnlockedLocalSession,
+  resolveRestoreUsername,
  setActiveMasterKey
 } from './auth.js'

@@ -33,6 +34,28 @@ describe('local session unlock checks', () => {
  })
 })

+describe('resolveRestoreUsername', () => {
+  beforeEach(() => {
+    localStorage.clear()
+  })
+
+  it('prefers active_username from storage', () => {
+    localStorage.setItem('active_username', 'captain')
+    localStorage.setItem('daagbox_known_users', JSON.stringify(['other']))
+    expect(resolveRestoreUsername()).toBe('captain')
+  })
+
+  it('falls back to a single remembered user', () => {
+    localStorage.setItem('daagbox_known_users', JSON.stringify(['solo']))
+    expect(resolveRestoreUsername()).toBe('solo')
+  })
+
+  it('returns null when multiple users and no active username', () => {
+    localStorage.setItem('daagbox_known_users', JSON.stringify(['alpha', 'beta']))
+    expect(resolveRestoreUsername()).toBeNull()
+  })
+})
+
 describe('persistSessionUserId', () => {
  beforeEach(() => {
    localStorage.clear()
@@ -77,7 +77,7 @@ export async function exportLogbookToCsv(logbookId: string, preloadedData?: { ya
    'Date', 'Day of Travel', 'Departure Port', 'Destination Port', 'AI Summary',
    'Skipper Signature', 'Crew Signature',
    'Track Distance (nm)', 'Track Max Speed (kn)', 'Track Avg Speed (kn)', 'Motor Hours (h)',
-    'Event Time', 'MgK Course', 'RwK Course',
+    'Event Time', 'Event Creator', 'MgK Course', 'RwK Course',
    'Wind Dir', 'Wind Str', 'Barometer (hPa)', 'Sea State', 'Visibility',
    'Current', 'Heel Angle', 'Sails/Motor', 'Log (nm)', 'Distance (nm)',
    'Latitude', 'Longitude', 'Remarks',
@@ -122,6 +122,7 @@ export async function exportLogbookToCsv(logbookId: string, preloadedData?: { ya
    const greywaterLevel = entry.greywater?.level ?? '';
    const aiSummary = entry.aiSummary ?? '';

+    const crewSnapshots = (entry.crewSnapshotsById as Record<string, any>) || {};
    const eventsList = entry.events || [];
    if (eventsList.length === 0) {
      // Create one row even if there are no events for the day
@@ -129,7 +130,7 @@ export async function exportLogbookToCsv(logbookId: string, preloadedData?: { ya
        dateVal, travelDay, dep, dest, aiSummary,
        signS, signC,
        trackDist, trackMax, trackAvg, motorH,
-        '', '', '',
+        '', '', '', '',
        '', '', '', '', '',
        '', '', '', '', '',
        '', '', '',
@@ -142,11 +143,21 @@ export async function exportLogbookToCsv(logbookId: string, preloadedData?: { ya
      // Sort events chronologically by time
      const sortedEvents = sortLogEventsByTime(eventsList);
      for (const ev of sortedEvents) {
+        const creatorSnap = ev.creatorId ? crewSnapshots[ev.creatorId] : null;
+        let creatorName = '';
+        if (creatorSnap) {
+          creatorName = creatorSnap.name || '';
+        } else if (ev.creatorId === 'skipper') {
+          creatorName = 'Skipper';
+        } else if (ev.creatorId) {
+          creatorName = ev.creatorId;
+        }
+
        rows.push([
          dateVal, travelDay, dep, dest, aiSummary,
          signS, signC,
          trackDist, trackMax, trackAvg, motorH,
-          ev.time || '', ev.mgk || '', ev.rwk || '',
+          ev.time || '', creatorName, ev.mgk || '', ev.rwk || '',
          ev.windDirection || '', ev.windStrength || '', ev.windPressure || '', ev.seaState || '',
          ev.visibility || '',
          ev.current || '', ev.heel || '', ev.sailsOrMotor || '', ev.logReading || '', ev.distance || '',
@@ -1,3 +1,4 @@
+import { formatAppDecimal } from '../utils/numberFormat.js'
 import { db } from './db.js'
 import { getActiveMasterKey } from './auth.js'
 import {
@@ -639,9 +640,10 @@ export function downloadBackupBlob(blob: Blob, filename: string): void {

 /** Human-readable size for UI warnings. */
 export function formatBackupBytes(bytes: number): string {
+  const fmt = (n: number) => formatAppDecimal(n, { minimumFractionDigits: 1, maximumFractionDigits: 1 })
  if (bytes < 1024) return `${bytes} B`
-  if (bytes < 1024 * 1024) return `${(bytes / 1024).toFixed(1)} KB`
-  return `${(bytes / (1024 * 1024)).toFixed(1)} MB`
+  if (bytes < 1024 * 1024) return `${fmt(bytes / 1024)} KB`
+  return `${fmt(bytes / (1024 * 1024))} MB`
 }

 export const BACKUP_SIZE_WARN_BYTES = 50_000_000
@@ -1,7 +1,12 @@
+import { formatAppDecimal } from '../../utils/numberFormat.js'
 import type { NmeaChangeEvent, NmeaDetectionConfig, NmeaTimePoint } from './nmeaTypes.js'
 import { DEFAULT_NMEA_DETECTION_CONFIG } from './nmeaTypes.js'
 import { angularDelta } from './nmeaTimeSeries.js'

+function formatNmeaDecimal(value: number): string {
+  return formatAppDecimal(value, { minimumFractionDigits: 1, maximumFractionDigits: 1 })
+}
+
 function pushUnique(events: NmeaChangeEvent[], event: NmeaChangeEvent, minGapMs: number) {
  const last = events[events.length - 1]
  if (last && last.type === event.type && event.timestamp - last.timestamp < minGapMs) return
@@ -64,7 +69,7 @@ export function detectNmeaChanges(
          timestamp: p.timestamp,
          confidence: 'medium',
          summaryKey: 'logs.nmea_change_wind_speed',
-          summaryParams: { from: lastWindSpeed.toFixed(1), to: p.windSpeedKnots.toFixed(1) },
+          summaryParams: { from: formatNmeaDecimal(lastWindSpeed), to: formatNmeaDecimal(p.windSpeedKnots) },
          data: p
        }, config.dedupeWindowMs)
      }
@@ -79,7 +84,7 @@ export function detectNmeaChanges(
          timestamp: p.timestamp,
          confidence: 'medium',
          summaryKey: 'logs.nmea_change_pressure',
-          summaryParams: { from: lastPressure.toFixed(1), to: p.pressureHpa.toFixed(1) },
+          summaryParams: { from: formatNmeaDecimal(lastPressure), to: formatNmeaDecimal(p.pressureHpa) },
          data: p
        }, config.dedupeWindowMs)
      }
@@ -95,7 +100,7 @@ export function detectNmeaChanges(
          timestamp: p.timestamp,
          confidence: 'high',
          summaryKey: 'logs.nmea_change_depth',
-          summaryParams: { from: lastDepth.toFixed(1), to: p.depthM.toFixed(1) },
+          summaryParams: { from: formatNmeaDecimal(lastDepth), to: formatNmeaDecimal(p.depthM) },
          data: p
        }, config.dedupeWindowMs)
      }
@@ -156,7 +161,7 @@ export function detectNmeaChanges(
          timestamp: p.timestamp,
          confidence: 'medium',
          summaryKey: 'logs.nmea_change_water_temp',
-          summaryParams: { from: lastWaterTemp.toFixed(1), to: p.waterTempC.toFixed(1) },
+          summaryParams: { from: formatNmeaDecimal(lastWaterTemp), to: formatNmeaDecimal(p.waterTempC) },
          data: p
        }, config.dedupeWindowMs)
      }
@@ -200,7 +205,7 @@ export function detectNmeaChanges(
        timestamp: p.timestamp,
        confidence: 'low',
        summaryKey: 'logs.nmea_change_speed',
-        summaryParams: { from: lastSog.toFixed(1), to: sog.toFixed(1) },
+        summaryParams: { from: formatNmeaDecimal(lastSog), to: formatNmeaDecimal(sog) },
        data: p
      }, config.dedupeWindowMs)
    }
@@ -2,6 +2,7 @@ import type { TFunction } from 'i18next'
 import type { LogEventPayload } from '../../utils/logEntryPayload.js'
 import { normalizeLogEvent } from '../../utils/logEntryPayload.js'
 import { formatCourseAngle } from '../../utils/courseAngle.js'
+import { formatAppDecimal, formatCanonicalCoordinate } from '../../utils/numberFormat.js'
 import { degreesToCardinal } from '../../utils/courseAngle.js'
 import type {
  NmeaChangeEvent,
@@ -33,9 +34,12 @@ function pointToLogEvent(
    windDirection: windDir,
    windStrength: point.windSpeedKnots != null ? String(point.windSpeedKnots) : '',
    windPressure: point.pressureHpa != null ? String(Math.round(point.pressureHpa)) : '',
-    gpsLat: point.lat != null ? point.lat.toFixed(6) : '',
-    gpsLng: point.lng != null ? point.lng.toFixed(6) : '',
-    logReading: point.logDistanceNm != null ? point.logDistanceNm.toFixed(2) : '',
+    gpsLat: point.lat != null ? formatCanonicalCoordinate(point.lat) : '',
+    gpsLng: point.lng != null ? formatCanonicalCoordinate(point.lng) : '',
+    logReading:
+      point.logDistanceNm != null
+        ? formatAppDecimal(point.logDistanceNm, { minimumFractionDigits: 2, maximumFractionDigits: 2 })
+        : '',
    sailsOrMotor,
    remarks
  })
@@ -51,7 +55,11 @@ function buildRemarks(change: NmeaChangeEvent, t: TFunction): string {
  const parts: string[] = []
  parts.push(t(change.summaryKey, change.summaryParams ?? {}))
  if (change.data?.depthM != null) {
-    parts.push(t('logs.nmea_remark_depth', { depth: change.data.depthM.toFixed(1) }))
+    parts.push(
+      t('logs.nmea_remark_depth', {
+        depth: formatAppDecimal(change.data.depthM, { minimumFractionDigits: 1, maximumFractionDigits: 1 })
+      })
+    )
  }
  if (change.confidence === 'low') {
    parts.push(t('logs.nmea_remark_uncertain'))
@@ -13,12 +13,13 @@ function formatPasskeySignDate(signedAt: string): string {
 }

 export async function generateLogbookPagePdf(logbookId: string, entryId: string, preloadedData?: { yacht: any; entry: any }): Promise<jsPDF> {
-  let yachtName = '', homePort = '', registration = '', callsign = '', atis = '', mmsi = '';
+  let yachtName = '', owner = '', homePort = '', registration = '', callsign = '', atis = '', mmsi = '';
  let entry: any = null;

  if (preloadedData) {
    const yacht = preloadedData.yacht || {};
    yachtName = yacht.name || '';
+    owner = yacht.owner || '';
    homePort = yacht.port || '';
    registration = yacht.registrationNumber || yacht.registration || '';
    callsign = yacht.callSign || '';
@@ -35,6 +36,7 @@ export async function generateLogbookPagePdf(logbookId: string, entryId: string,
    const yacht = await resolveVesselForLogbook(logbookId)
    if (yacht) {
      yachtName = yacht.name || ''
+      owner = yacht.owner || ''
      homePort = yacht.homePort || ''
      registration = yacht.registrationNumber || ''
      callsign = yacht.callSign || ''
@@ -74,24 +76,56 @@ export async function generateLogbookPagePdf(logbookId: string, entryId: string,
  doc.setFontSize(8.5);
  doc.setFont('Helvetica', 'normal');
  doc.text(`Yachtname: ${yachtName || '—'}`, 10, 21);
-  doc.text(`Heimathafen: ${homePort || '—'}`, 60, 21);
-  doc.text(`Kennzeichen: ${registration || '—'}`, 110, 21);
-  doc.text(`Rufzeichen: ${callsign || '—'}`, 160, 21);
-  doc.text(`ATIS: ${atis || '—'}`, 210, 21);
-  doc.text(`MMSI: ${mmsi || '—'}`, 250, 21);
+  doc.text(`Eigner: ${owner || '—'}`, 55, 21);
+  doc.text(`Heimathafen: ${homePort || '—'}`, 100, 21);
+  doc.text(`Kennzeichen: ${registration || '—'}`, 145, 21);
+  doc.text(`Rufzeichen: ${callsign || '—'}`, 190, 21);
+  doc.text(`ATIS: ${atis || '—'}`, 230, 21);
+  doc.text(`MMSI: ${mmsi || '—'}`, 260, 21);

-  doc.text(`Datum: ${entry.date || '—'}`, 10, 23);
-  doc.text(`Reisetag: ${entry.dayOfTravel || '—'}`, 60, 23);
-  doc.text(`Reise von (Departure): ${entry.departure || '—'}`, 110, 23);
-  doc.text(`nach (Destination): ${entry.destination || '—'}`, 200, 23);
+  doc.text(`Datum: ${entry.date || '—'}`, 10, 24);
+  doc.text(`Reisetag: ${entry.dayOfTravel || '—'}`, 60, 24);
+  doc.text(`Reise von (Departure): ${entry.departure || '—'}`, 110, 24);
+  doc.text(`nach (Destination): ${entry.destination || '—'}`, 200, 24);

+  // Format Crew names with initials
+  const crewSnapshots = (entry.crewSnapshotsById as Record<string, any>) || {}
+  const crewList: string[] = []
+  
+  if (entry.selectedSkipperId && crewSnapshots[entry.selectedSkipperId]) {
+    const name = crewSnapshots[entry.selectedSkipperId].name || 'Skipper'
+    const initial = name.trim().split(/\s+/)[0]?.charAt(0).toUpperCase() || 'S'
+    crewList.push(`${name} [${initial}] (Skipper)`)
+  } else if (crewSnapshots['skipper']) {
+    const name = crewSnapshots['skipper'].name || 'Skipper'
+    crewList.push(`${name} [S] (Skipper)`)
+  }
+  
+  if (Array.isArray(entry.selectedCrewIds)) {
+    for (const crewId of entry.selectedCrewIds) {
+      const snap = crewSnapshots[crewId]
+      if (snap) {
+        const name = snap.name || ''
+        const initial = name.trim().split(/\s+/)[0]?.charAt(0).toUpperCase() || '?'
+        crewList.push(`${name} [${initial}]`)
+      }
+    }
+  }
+
+  const crewText = crewList.length > 0 ? `Besatzung (Crew): ${crewList.join(', ')}` : ''
+
+  doc.setFont('Helvetica', 'normal');
  if (entry.trackDistanceNm) {
-    doc.setFont('Helvetica', 'normal');
    doc.text(
      `GPS-Track: ${entry.trackDistanceNm} sm · max. ${entry.trackSpeedMaxKn ?? '—'} kn · Ø ${entry.trackSpeedAvgKn ?? '—'} kn`,
      10,
      27
    );
+    if (crewText) {
+      doc.text(crewText, 140, 27);
+    }
+  } else if (crewText) {
+    doc.text(crewText, 10, 27);
  }

  // Divider line
@@ -175,8 +209,28 @@ export async function generateLogbookPagePdf(logbookId: string, entryId: string,
      doc.text(gps, writeX + 1, y + 4.2);
      writeX += colWidths[11];

+      const crewSnapshots = (entry.crewSnapshotsById as Record<string, any>) || {};
+      let initial = '';
+      if (ev.creatorId) {
+        const snap = crewSnapshots[ev.creatorId];
+        let name = '';
+        if (snap) {
+          name = snap.name || '';
+        } else if (ev.creatorId === 'skipper') {
+          name = 'Skipper';
+        } else {
+          name = ev.creatorId;
+        }
+        if (name) {
+          initial = name.trim().split(/\s+/)[0]?.charAt(0).toUpperCase() || '';
+        }
+      }
+
      // Clip remarks to fit within the 94mm bounds
-      const remarks = ev.remarks || '';
+      let remarks = ev.remarks || '';
+      if (initial) {
+        remarks = `[${initial}] ${remarks}`;
+      }
      const maxChars = 65;
      const clippedRemarks = remarks.length > maxChars ? remarks.substring(0, maxChars) + '...' : remarks;
      doc.text(clippedRemarks, writeX + 1, y + 4.2);
@@ -9,6 +9,7 @@ import {
  normalizeLogEvent,
  sortLogEventsByTime,
  currentLocalTimeHHMM,
+  localDateString,
  type LogEventPayload
 } from '../utils/logEntryPayload.js'
 import {
@@ -96,6 +97,14 @@ function buildEncryptedPayload(
    consumption: fuel.consumption ?? 0
  }

+  const entryCrew = data.selectedSkipperId
+    ? {
+        selectedSkipperId: String(data.selectedSkipperId),
+        selectedCrewIds: Array.isArray(data.selectedCrewIds) ? data.selectedCrewIds.map(String) : [],
+        crewSnapshotsById: (data.crewSnapshotsById as Record<string, any>) || {}
+      }
+    : undefined
+
  const payload = buildLogEntryPayload({
    date: String(data.date || ''),
    dayOfTravel: String(data.dayOfTravel || ''),
@@ -120,7 +129,8 @@ function buildEncryptedPayload(
      motorHoursRaw != null && motorHoursRaw !== ''
        ? parseFloat(String(motorHoursRaw))
        : undefined,
-    events: options.events
+    events: options.events,
+    entryCrew
  })

  const clear = options.clearSignatures
@@ -151,18 +161,86 @@ export async function loadEntry(logbookId: string, entryId: string): Promise<Loa
  return { payloadId: record.payloadId, updatedAt: record.updatedAt, data }
 }

+function scoreTodayEntry(data: Record<string, unknown>): number {
+  const events = (data.events as unknown[] | undefined)?.length ?? 0
+  const signed = (data.signSkipper || data.signCrew) ? 1 : 0
+  const destination = String(data.destination || '').trim() ? 1 : 0
+  return events * 10 + signed + destination
+}
+
 export async function findTodayEntryId(logbookId: string): Promise<string | null> {
-  const todayStr = new Date().toISOString().substring(0, 10)
+  const todayStr = localDateString()
  const masterKey = await getMasterKey(logbookId)
  const local = sortEntriesNewestFirst(await db.entries.where({ logbookId }).toArray())

+  let bestId: string | null = null
+  let bestScore = -1
+  let bestUpdatedAt = ''
+
  for (const entry of local) {
    const decrypted = await tryDecryptEntryPayload(entry, masterKey)
-    if (decrypted && String(decrypted.date) === todayStr) {
-      return entry.payloadId
+    if (!decrypted || String(decrypted.date) !== todayStr) continue
+
+    const score = scoreTodayEntry(decrypted)
+    if (
+      score > bestScore
+      || (score === bestScore && entry.updatedAt > bestUpdatedAt)
+    ) {
+      bestId = entry.payloadId
+      bestScore = score
+      bestUpdatedAt = entry.updatedAt
    }
  }
-  return null
+
+  return bestId
+}
+
+async function entryHasAttachments(logbookId: string, entryId: string): Promise<boolean> {
+  const [photos, voices, track] = await Promise.all([
+    db.photos.where({ logbookId, entryId }).count(),
+    db.voiceMemos.where({ logbookId, entryId }).count(),
+    db.gpsTracks.get(entryId)
+  ])
+  return photos > 0 || voices > 0 || track != null
+}
+
+async function isEmptyTodayEntry(
+  logbookId: string,
+  entryId: string,
+  data: Record<string, unknown>
+): Promise<boolean> {
+  if (((data.events as unknown[] | undefined)?.length ?? 0) > 0) return false
+  if (data.signSkipper || data.signCrew) return false
+  if (String(data.destination || '').trim()) return false
+  return !(await entryHasAttachments(logbookId, entryId))
+}
+
+/** Remove duplicate empty travel days for today (e.g. after parallel Live-log init). */
+export async function pruneEmptyTodayDuplicates(
+  logbookId: string,
+  keepEntryId: string
+): Promise<void> {
+  const todayStr = localDateString()
+  const masterKey = await getMasterKey(logbookId)
+  const local = await db.entries.where({ logbookId }).toArray()
+  const now = new Date().toISOString()
+
+  for (const entry of local) {
+    if (entry.payloadId === keepEntryId) continue
+    const decrypted = await tryDecryptEntryPayload(entry, masterKey)
+    if (!decrypted || String(decrypted.date) !== todayStr) continue
+    if (!(await isEmptyTodayEntry(logbookId, entry.payloadId, decrypted))) continue
+
+    await db.entries.delete(entry.payloadId)
+    await db.syncQueue.put({
+      action: 'delete',
+      type: 'entry',
+      payloadId: entry.payloadId,
+      logbookId,
+      data: '',
+      updatedAt: now
+    })
+  }
 }

 export async function createTodayEntry(logbookId: string): Promise<string> {
@@ -185,7 +263,7 @@ export async function createTodayEntry(logbookId: string): Promise<string> {

  const localId = window.crypto.randomUUID()
  const nowStr = new Date().toISOString()
-  const todayStr = nowStr.substring(0, 10)
+  const todayStr = localDateString()

  const initialPayload = {
    date: todayStr,
@@ -227,20 +305,36 @@ export async function createTodayEntry(logbookId: string): Promise<string> {
  return localId
 }

+const findOrCreateTodayEntryInflight = new Map<string, Promise<string>>()
+
+async function findOrCreateTodayEntryOnce(logbookId: string): Promise<string> {
+  await ensureLogbookKey(logbookId)
+
+  let entryId = await findTodayEntryId(logbookId)
+  if (!entryId) {
+    entryId = await createTodayEntry(logbookId)
+  }
+
+  await pruneEmptyTodayDuplicates(logbookId, entryId)
+  return entryId
+}
+
+/** One travel day per local calendar date; concurrent callers share one in-flight create. */
 export async function findOrCreateTodayEntry(logbookId: string): Promise<string> {
  const id = logbookId.trim()
  if (!id) throw new Error('Logbook id required')

-  await ensureLogbookKey(id)
-
-  const entryCount = await db.entries.where({ logbookId: id }).count()
-  if (entryCount === 0) {
-    return createTodayEntry(id)
+  let inflight = findOrCreateTodayEntryInflight.get(id)
+  if (!inflight) {
+    inflight = findOrCreateTodayEntryOnce(id)
+    findOrCreateTodayEntryInflight.set(id, inflight)
+    void inflight.finally(() => {
+      if (findOrCreateTodayEntryInflight.get(id) === inflight) {
+        findOrCreateTodayEntryInflight.delete(id)
+      }
+    })
  }
-
-  const existing = await findTodayEntryId(id)
-  if (existing) return existing
-  return createTodayEntry(id)
+  return inflight
 }

 export interface AppendQuickEventResult {
@@ -258,14 +258,4 @@ export function getTrackColor(index: number): string {
  return TRACK_COLORS[index % TRACK_COLORS.length]
 }

-export function formatNm(value: number): string {
-  return value.toFixed(2)
-}
-
-export function formatLiters(value: number): string {
-  return Number.isInteger(value) ? String(value) : value.toFixed(1)
-}
-
-export function formatHours(value: number): string {
-  return Number.isInteger(value) ? String(value) : value.toFixed(1)
-}
+export { formatHours, formatLiters, formatNm } from '../utils/numberFormat.js'
@@ -69,4 +69,51 @@ describe('fetchOpenWeatherCurrent', () => {

    expect(trackPlausibleEvent).not.toHaveBeenCalled()
  })
+
+  it('throws UNAUTHORIZED when status is 401', async () => {
+    apiFetch.mockResolvedValue({
+      ok: false,
+      status: 401,
+      json: async () => ({ error: 'Unauthorized' })
+    })
+
+    const { fetchOpenWeatherCurrent, WeatherApiError } = await import('./weather.js')
+    const err = await fetchOpenWeatherCurrent({ lat: '54', lon: '10' }).catch((e) => e)
+    expect(err).toBeInstanceOf(WeatherApiError)
+    expect((err as any).code).toBe('UNAUTHORIZED')
+  })
+
+  it('throws NOT_FOUND when status is 404', async () => {
+    apiFetch.mockResolvedValue({
+      ok: false,
+      status: 404,
+      json: async () => ({ error: 'Not Found' })
+    })
+
+    const { fetchOpenWeatherCurrent, WeatherApiError } = await import('./weather.js')
+    const err = await fetchOpenWeatherCurrent({ lat: '54', lon: '10' }).catch((e) => e)
+    expect(err).toBeInstanceOf(WeatherApiError)
+    expect((err as any).code).toBe('NOT_FOUND')
+  })
+
+  it('throws BAD_REQUEST when status is 400', async () => {
+    apiFetch.mockResolvedValue({
+      ok: false,
+      status: 400,
+      json: async () => ({ error: 'Bad Request' })
+    })
+
+    const { fetchOpenWeatherCurrent, WeatherApiError } = await import('./weather.js')
+    const err = await fetchOpenWeatherCurrent({ lat: '54', lon: '10' }).catch((e) => e)
+    expect(err).toBeInstanceOf(WeatherApiError)
+    expect((err as any).code).toBe('BAD_REQUEST')
+  })
+
+  it('throws BAD_REQUEST when coordinates or query are missing', async () => {
+    const { fetchOpenWeatherCurrent, WeatherApiError } = await import('./weather.js')
+    const err = await fetchOpenWeatherCurrent({}).catch((e) => e)
+    expect(err).toBeInstanceOf(WeatherApiError)
+    expect((err as any).code).toBe('BAD_REQUEST')
+    expect(apiFetch).not.toHaveBeenCalled()
+  })
 })
@@ -7,9 +7,12 @@ import {
 } from './analytics.js'

 export class WeatherApiError extends Error {
-  code: 'NO_KEY' | 'OFFLINE' | 'REQUEST_FAILED'
+  code: 'NO_KEY' | 'OFFLINE' | 'REQUEST_FAILED' | 'UNAUTHORIZED' | 'NOT_FOUND' | 'BAD_REQUEST'

-  constructor(message: string, code: 'NO_KEY' | 'OFFLINE' | 'REQUEST_FAILED' = 'REQUEST_FAILED') {
+  constructor(
+    message: string,
+    code: 'NO_KEY' | 'OFFLINE' | 'REQUEST_FAILED' | 'UNAUTHORIZED' | 'NOT_FOUND' | 'BAD_REQUEST' = 'REQUEST_FAILED'
+  ) {
    super(message)
    this.name = 'WeatherApiError'
    this.code = code
@@ -38,7 +41,7 @@ export async function fetchOpenWeatherCurrent(
  } else if (params.q?.trim()) {
    searchParams.set('q', params.q.trim())
  } else {
-    throw new WeatherApiError('lat/lon or location query required')
+    throw new WeatherApiError('lat/lon or location query required', 'BAD_REQUEST')
  }

  const userKey = getOwmApiKeyForActiveUser().trim()
@@ -65,6 +68,15 @@ export async function fetchOpenWeatherCurrent(
  if (res.status === 503) {
    throw new WeatherApiError('No OpenWeatherMap API key configured', 'NO_KEY')
  }
+  if (res.status === 401) {
+    throw new WeatherApiError('Invalid OpenWeatherMap API key', 'UNAUTHORIZED')
+  }
+  if (res.status === 404) {
+    throw new WeatherApiError('Location or coordinates not found', 'NOT_FOUND')
+  }
+  if (res.status === 400) {
+    throw new WeatherApiError('Invalid or missing location parameters', 'BAD_REQUEST')
+  }

  const data = await res.json()
  if (!res.ok) {
@@ -0,0 +1,47 @@
+import { describe, expect, it, vi } from 'vitest'
+import {
+  cameraErrorKeyFromDomException,
+  isCameraApiSupported,
+  probeCameraAvailability
+} from './cameraAvailability.js'
+
+describe('cameraAvailability', () => {
+  it('detects missing camera API', () => {
+    const nav = { mediaDevices: undefined }
+    vi.stubGlobal('navigator', nav)
+    expect(isCameraApiSupported()).toBe(false)
+    vi.unstubAllGlobals()
+  })
+
+  it('returns none when no videoinput devices', async () => {
+    vi.stubGlobal('navigator', {
+      mediaDevices: {
+        getUserMedia: vi.fn(),
+        enumerateDevices: vi.fn().mockResolvedValue([
+          { kind: 'audioinput', deviceId: 'a1', label: '', groupId: '' }
+        ])
+      }
+    })
+    await expect(probeCameraAvailability()).resolves.toBe('none')
+    vi.unstubAllGlobals()
+  })
+
+  it('returns available when a videoinput exists', async () => {
+    vi.stubGlobal('navigator', {
+      mediaDevices: {
+        getUserMedia: vi.fn(),
+        enumerateDevices: vi.fn().mockResolvedValue([
+          { kind: 'videoinput', deviceId: 'v1', label: '', groupId: '' }
+        ])
+      }
+    })
+    await expect(probeCameraAvailability()).resolves.toBe('available')
+    vi.unstubAllGlobals()
+  })
+
+  it('maps NotFoundError to no-camera i18n key', () => {
+    expect(cameraErrorKeyFromDomException(new DOMException('', 'NotFoundError'))).toBe(
+      'logs.live_photo_no_camera'
+    )
+  })
+})
@@ -0,0 +1,33 @@
+export type CameraAvailability = 'available' | 'none' | 'unsupported'
+
+/** Whether the browser exposes camera APIs at all. */
+export function isCameraApiSupported(): boolean {
+  return typeof navigator !== 'undefined' && !!navigator.mediaDevices?.getUserMedia
+}
+
+/** Best-effort probe for at least one video input device (no permission prompt). */
+export async function probeCameraAvailability(): Promise<CameraAvailability> {
+  if (!isCameraApiSupported()) return 'unsupported'
+  if (!navigator.mediaDevices?.enumerateDevices) {
+    // Cannot list devices; defer to getUserMedia attempt in the capture UI.
+    return 'available'
+  }
+  try {
+    const devices = await navigator.mediaDevices.enumerateDevices()
+    if (devices.some((d) => d.kind === 'videoinput')) return 'available'
+    return 'none'
+  } catch {
+    return 'none'
+  }
+}
+
+export function cameraErrorKeyFromDomException(err: unknown): string {
+  const name = err instanceof DOMException ? err.name : ''
+  if (name === 'NotFoundError' || name === 'OverconstrainedError') {
+    return 'logs.live_photo_no_camera'
+  }
+  if (name === 'NotAllowedError' || name === 'NotReadableError' || name === 'SecurityError') {
+    return 'logs.live_photo_camera_denied'
+  }
+  return 'logs.live_photo_camera_unavailable'
+}
@@ -21,8 +21,8 @@ const t = (key: string, opts?: Record<string, unknown>) => {
    'logs.live_cast_off': 'Cast off',
    'logs.live_moor': 'Moor',
    'logs.live_sails': `Sails: ${opts?.sails ?? ''}`,
-    'logs.live_fix': 'Fix',
-    'logs.live_fix_coords': `Fix ${opts?.lat}, ${opts?.lng}`,
+    'logs.live_position': 'Position',
+    'logs.live_position_coords': `Position ${opts?.lat}, ${opts?.lng}`,
    'logs.live_event_generic': 'Event',
    'logs.live_temp_entry': `Temperature ${opts?.temp} °C`,
    'logs.live_pressure_entry': `Pressure ${opts?.value} hPa`,
@@ -85,14 +85,14 @@ describe('formatEventSummary', () => {
    expect(formatEventSummary(event, t)).toBe('Sails: Main + Genoa')
  })

-  it('formats fix with coordinates', () => {
+  it('formats position with coordinates', () => {
    const event = normalizeLogEvent({
      time: '09:00',
-      remarks: LIVE_EVENT_CODES.FIX,
+      remarks: LIVE_EVENT_CODES.POSITION,
      gpsLat: '54.323000',
      gpsLng: '10.145000'
    })
-    expect(formatEventSummary(event, t)).toBe('Fix 54.323000, 10.145000')
+    expect(formatEventSummary(event, t)).toBe('Position 54.323000, 10.145000')
  })

  it('formats pressure entry', () => {
@@ -1,6 +1,7 @@
 import type { TFunction } from 'i18next'
 import type { LogEventPayload } from './logEntryPayload.js'
 import {
+  isManualPositionEventCode,
  LIVE_EVENT_CODES,
  parseLiveCommentRemark,
  parseLiveFuelRemark,
@@ -58,16 +59,16 @@ export function formatEventSummary(event: LogEventPayload, t: TFunction): string
  const stw = parseLiveStwRemark(code)
  if (stw) return t('logs.live_stw_entry', { speed: stw })

-  if (code === LIVE_EVENT_CODES.FIX || code === LIVE_EVENT_CODES.AUTO_POSITION) {
+  if (isManualPositionEventCode(code) || code === LIVE_EVENT_CODES.AUTO_POSITION) {
    if (event.gpsLat && event.gpsLng) {
      const label = code === LIVE_EVENT_CODES.AUTO_POSITION
        ? t('logs.live_auto_position')
-        : t('logs.live_fix')
+        : t('logs.live_position')
      return `${label} ${event.gpsLat}, ${event.gpsLng}`
    }
    return code === LIVE_EVENT_CODES.AUTO_POSITION
      ? t('logs.live_auto_position')
-      : t('logs.live_fix')
+      : t('logs.live_position')
  }

  if (code === LIVE_EVENT_CODES.COURSE && event.mgk) {
@@ -7,7 +7,4 @@ export function computeFuelPerMotorHour(
  return Number((fuelConsumptionL / motorHours).toFixed(2))
 }

-export function formatFuelPerMotorHour(value: number | null | undefined): string {
-  if (value == null) return '—'
-  return Number.isInteger(value) ? String(value) : value.toFixed(2)
-}
+export { formatFuelPerMotorHour } from './numberFormat.js'
@@ -1,12 +1,29 @@
-import { afterEach, describe, expect, it, vi } from 'vitest'
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'
 import {
+  classifyGpsAccuracyMeters,
+  formatGpsAccuracyMeters,
+  geolocationErrorI18nKey,
+  GEOLOCATION_LIVE_INTRO_STORAGE_KEY,
  getCurrentPosition,
+  getGeolocationErrorReason,
+  hasSeenGeolocationLiveIntro,
+  markGeolocationLiveIntroSeen,
  normalizeGpsCoordinates,
  parseGpsCoordinate,
  queryGeolocationPermission
 } from './geolocation.js'

 describe('geolocation helpers', () => {
+  beforeEach(() => {
+    localStorage.removeItem(GEOLOCATION_LIVE_INTRO_STORAGE_KEY)
+  })
+
+  it('tracks Live-Log geolocation intro in localStorage', () => {
+    expect(hasSeenGeolocationLiveIntro()).toBe(false)
+    markGeolocationLiveIntroSeen()
+    expect(hasSeenGeolocationLiveIntro()).toBe(true)
+  })
+
  it('parses coordinates with comma decimals', () => {
    expect(parseGpsCoordinate('54,123')).toBeCloseTo(54.123)
  })
@@ -50,7 +67,7 @@ describe('geolocation helpers', () => {
      geolocation: {
        getCurrentPosition: (success: PositionCallback) => {
          success({
-            coords: { latitude: 59.91, longitude: 10.75, speed: 2.5 }
+            coords: { latitude: 59.91, longitude: 10.75, speed: 2.5, accuracy: 12 }
          } as GeolocationPosition)
        }
      }
@@ -59,10 +76,36 @@ describe('geolocation helpers', () => {
    await expect(getCurrentPosition({ timeoutMs: 1000, enableHighAccuracy: false })).resolves.toEqual({
      lat: '59.910000',
      lng: '10.750000',
-      speedKn: 4.9
+      speedKn: 4.9,
+      accuracyM: 12,
+      signalQuality: 'excellent'
    })
  })

+  it('formats GPS accuracy for display', () => {
+    expect(formatGpsAccuracyMeters(12.4)).toBe('12')
+    expect(formatGpsAccuracyMeters(87)).toBe('87')
+    expect(formatGpsAccuracyMeters(105)).toBe('110')
+    expect(formatGpsAccuracyMeters(247)).toBe('250')
+  })
+
+  it('classifies GPS accuracy into signal quality', () => {
+    expect(classifyGpsAccuracyMeters(8)).toBe('excellent')
+    expect(classifyGpsAccuracyMeters(30)).toBe('good')
+    expect(classifyGpsAccuracyMeters(80)).toBe('fair')
+    expect(classifyGpsAccuracyMeters(250)).toBe('poor')
+    expect(classifyGpsAccuracyMeters(null)).toBe('unknown')
+  })
+
+  it('maps GeolocationPositionError codes to reasons', () => {
+    expect(getGeolocationErrorReason({ code: 1 } as GeolocationPositionError)).toBe('permission_denied')
+    expect(getGeolocationErrorReason({ code: 2 } as GeolocationPositionError)).toBe('position_unavailable')
+    expect(getGeolocationErrorReason({ code: 3 } as GeolocationPositionError)).toBe('timeout')
+    expect(getGeolocationErrorReason(new Error('geolocation_timeout'))).toBe('timeout')
+    expect(getGeolocationErrorReason(new Error('geolocation_unavailable'))).toBe('unavailable')
+    expect(geolocationErrorI18nKey('permission_denied')).toBe('logs.gps_permission_denied')
+  })
+
  it('reads permission state when supported', async () => {
    vi.stubGlobal('navigator', {
      geolocation: {},
@@ -1,17 +1,80 @@
+import {
+  formatAppCoordinate,
+  formatCanonicalCoordinate,
+  formatGpsAccuracyMeters,
+  parseAppDecimal
+} from './numberFormat.js'
+
 const MPS_TO_KNOTS = 1.9438444924406

 /** Extra ms beyond the native timeout so hung browsers still reject. */
 const TIMEOUT_GRACE_MS = 750

+/** Estimated fix quality from browser accuracy (metres). Real satellite count is not exposed to web apps. */
+export type GpsSignalQuality = 'excellent' | 'good' | 'fair' | 'poor' | 'unknown'
+
 export interface GeoCoordinates {
  lat: string
  lng: string
  /** SOG from GPS when available (kn), otherwise null. */
  speedKn: number | null
+  /** Estimated horizontal accuracy in metres, when reported by the browser. */
+  accuracyM: number | null
+  /** Derived signal quality indicator for UI hints. */
+  signalQuality: GpsSignalQuality
+}
+
+/** Classifies GPS fix quality from reported accuracy (lower metres = better). */
+export function classifyGpsAccuracyMeters(accuracyM: number | null | undefined): GpsSignalQuality {
+  if (accuracyM == null || !Number.isFinite(accuracyM) || accuracyM < 0) return 'unknown'
+  if (accuracyM <= 15) return 'excellent'
+  if (accuracyM <= 40) return 'good'
+  if (accuracyM <= 100) return 'fair'
+  return 'poor'
+}
+
+export function gpsQualityI18nKey(quality: GpsSignalQuality): string {
+  return `logs.gps_quality_${quality}`
 }

 export type GeolocationPermissionState = PermissionState | 'unsupported'

+export type GeolocationErrorReason =
+  | 'unavailable'
+  | 'timeout'
+  | 'permission_denied'
+  | 'position_unavailable'
+  | 'unknown'
+
+/** Maps browser / wrapper errors to a stable reason for i18n. */
+export function getGeolocationErrorReason(error: unknown): GeolocationErrorReason {
+  if (error instanceof Error) {
+    if (error.message === 'geolocation_unavailable') return 'unavailable'
+    if (error.message === 'geolocation_timeout') return 'timeout'
+  }
+  const code = (error as GeolocationPositionError | undefined)?.code
+  if (code === 1) return 'permission_denied'
+  if (code === 2) return 'position_unavailable'
+  if (code === 3) return 'timeout'
+  return 'unknown'
+}
+
+/** i18n key (full path, e.g. logs.gps_timeout) for a geolocation failure reason. */
+export function geolocationErrorI18nKey(reason: GeolocationErrorReason): string {
+  switch (reason) {
+    case 'unavailable':
+      return 'logs.gps_unavailable'
+    case 'timeout':
+      return 'logs.gps_timeout'
+    case 'permission_denied':
+      return 'logs.gps_permission_denied'
+    case 'position_unavailable':
+      return 'logs.gps_position_unavailable'
+    default:
+      return 'logs.gps_failed'
+  }
+}
+
 export interface GetPositionOptions {
  timeoutMs?: number
  /** Manual fixes may use high accuracy; background auto-position should not. */
@@ -19,11 +82,10 @@ export interface GetPositionOptions {
  maximumAge?: number
 }

+export { formatGpsAccuracyMeters }
+
 export function parseGpsCoordinate(value: string): number | null {
-  const trimmed = value.trim()
-  if (!trimmed) return null
-  const n = parseFloat(trimmed.replace(',', '.'))
-  return Number.isFinite(n) ? n : null
+  return parseAppDecimal(value.trim())
 }

 /** Validates lat/lng and returns normalized strings for storage, or null. */
@@ -35,7 +97,26 @@ export function normalizeGpsCoordinates(
  const lngN = parseGpsCoordinate(lng)
  if (latN == null || lngN == null) return null
  if (latN < -90 || latN > 90 || lngN < -180 || lngN > 180) return null
-  return { lat: latN.toFixed(6), lng: lngN.toFixed(6) }
+  return { lat: formatCanonicalCoordinate(latN), lng: formatCanonicalCoordinate(lngN) }
+}
+
+/** localStorage: user has seen the Live-Log geolocation intro (allow or dismiss). */
+export const GEOLOCATION_LIVE_INTRO_STORAGE_KEY = 'kdb_geolocation_live_intro_seen'
+
+export function hasSeenGeolocationLiveIntro(): boolean {
+  try {
+    return localStorage.getItem(GEOLOCATION_LIVE_INTRO_STORAGE_KEY) === '1'
+  } catch {
+    return false
+  }
+}
+
+export function markGeolocationLiveIntroSeen(): void {
+  try {
+    localStorage.setItem(GEOLOCATION_LIVE_INTRO_STORAGE_KEY, '1')
+  } catch {
+    // Private mode / quota — non-fatal
+  }
 }

 export async function queryGeolocationPermission(): Promise<GeolocationPermissionState> {
@@ -65,10 +146,15 @@ function positionFromGeolocationPosition(pos: GeolocationPosition): GeoCoordinat
  const speedKn = pos.coords.speed != null && Number.isFinite(pos.coords.speed)
    ? Number((pos.coords.speed * MPS_TO_KNOTS).toFixed(1))
    : null
+  const accuracyM = pos.coords.accuracy != null && Number.isFinite(pos.coords.accuracy)
+    ? pos.coords.accuracy
+    : null
  return {
-    lat: pos.coords.latitude.toFixed(6),
-    lng: pos.coords.longitude.toFixed(6),
-    speedKn
+    lat: formatAppCoordinate(pos.coords.latitude),
+    lng: formatAppCoordinate(pos.coords.longitude),
+    speedKn,
+    accuracyM,
+    signalQuality: classifyGpsAccuracyMeters(accuracyM)
  }
 }

@@ -4,7 +4,7 @@ export const LIVE_EVENT_CODES = {
  MOTOR_STOP: '__live:motor_stop',
  CAST_OFF: '__live:cast_off',
  MOOR: '__live:moor',
-  FIX: '__live:fix',
+  POSITION: '__live:position',
  AUTO_POSITION: '__live:auto_position',
  COURSE: '__live:course',
  WIND: '__live:wind',
@@ -13,6 +13,9 @@ export const LIVE_EVENT_CODES = {
  VISIBILITY: '__live:visibility'
 } as const

+/** @deprecated Stored in older log entries; still recognized when reading events. */
+export const LEGACY_LIVE_POSITION_REMARK = '__live:fix'
+
 export type LiveEventCode = (typeof LIVE_EVENT_CODES)[keyof typeof LIVE_EVENT_CODES]

 export function liveSailsRemark(sails: string): string {
@@ -148,27 +151,31 @@ export function getLastAutoPositionMs(
  return null
 }

-/** Max age of a logged GPS fix for OpenWeatherMap lookups in live log. */
+/** Max age of a logged position for OpenWeatherMap lookups in live log. */
 export const LIVE_LOG_WEATHER_POSITION_MAX_AGE_MS = 6 * 60 * 60 * 1000

-export type LiveLogPositionSource = 'fix' | 'auto_position'
+export type LiveLogPositionSource = 'position' | 'auto_position'

-export interface LiveLogPositionFix {
+export interface LiveLogPosition {
  lat: string
  lng: string
  loggedAtMs: number
  source: LiveLogPositionSource
 }

-function isPositionEventCode(code: string): boolean {
-  return code === LIVE_EVENT_CODES.FIX || code === LIVE_EVENT_CODES.AUTO_POSITION
+export function isManualPositionEventCode(code: string): boolean {
+  return code === LIVE_EVENT_CODES.POSITION || code === LEGACY_LIVE_POSITION_REMARK
 }

-/** Latest FIX or auto-position event with GPS coordinates (any age). */
-export function getLatestPositionFix(
+function isPositionEventCode(code: string): boolean {
+  return isManualPositionEventCode(code) || code === LIVE_EVENT_CODES.AUTO_POSITION
+}
+
+/** Latest manual or auto-position event with GPS coordinates (any age). */
+export function getLatestLoggedPosition(
  events: Array<{ remarks: string; time: string; gpsLat?: string; gpsLng?: string }>,
  entryDate: string
-): LiveLogPositionFix | null {
+): LiveLogPosition | null {
  for (let i = events.length - 1; i >= 0; i--) {
    const event = events[i]
    const code = event.remarks.trim()
@@ -182,20 +189,20 @@ export function getLatestPositionFix(
      lat,
      lng,
      loggedAtMs,
-      source: code === LIVE_EVENT_CODES.FIX ? 'fix' : 'auto_position'
+      source: isManualPositionEventCode(code) ? 'position' : 'auto_position'
    }
  }
  return null
 }

-/** GPS fix for weather if logged within `maxAgeMs` (default 6 h). */
-export function getLastPositionFixWithin(
+/** Logged position for weather if recorded within `maxAgeMs` (default 6 h). */
+export function getLastLoggedPositionWithin(
  events: Array<{ remarks: string; time: string; gpsLat?: string; gpsLng?: string }>,
  entryDate: string,
  maxAgeMs: number = LIVE_LOG_WEATHER_POSITION_MAX_AGE_MS,
  nowMs: number = Date.now()
-): LiveLogPositionFix | null {
-  const latest = getLatestPositionFix(events, entryDate)
+): LiveLogPosition | null {
+  const latest = getLatestLoggedPosition(events, entryDate)
  if (!latest) return null
  if (nowMs - latest.loggedAtMs > maxAgeMs) return null
  return latest
@@ -1,54 +1,67 @@
 import { describe, expect, it } from 'vitest'
 import {
-  getLastPositionFixWithin,
-  getLatestPositionFix,
+  getLastLoggedPositionWithin,
+  getLatestLoggedPosition,
+  LEGACY_LIVE_POSITION_REMARK,
  LIVE_EVENT_CODES,
  LIVE_LOG_WEATHER_POSITION_MAX_AGE_MS
 } from './liveEventCodes.js'

-const entryDate = '2026-06-01'
-
-describe('live log position fix', () => {
-  it('returns latest fix with coordinates', () => {
+describe('live log position', () => {
+  it('returns latest position with coordinates', () => {
+    const entryDate = '2026-06-01'
    const events = [
-      { remarks: LIVE_EVENT_CODES.FIX, time: '08:00', gpsLat: '54.1', gpsLng: '10.2' },
-      { remarks: LIVE_EVENT_CODES.FIX, time: '12:30', gpsLat: '54.2', gpsLng: '10.3' }
+      { remarks: LIVE_EVENT_CODES.POSITION, time: '08:00', gpsLat: '54.1', gpsLng: '10.2' },
+      { remarks: LIVE_EVENT_CODES.POSITION, time: '12:30', gpsLat: '54.2', gpsLng: '10.3' }
    ]
-    const fix = getLatestPositionFix(events, entryDate)
-    expect(fix?.lat).toBe('54.2')
-    expect(fix?.source).toBe('fix')
+    const position = getLatestLoggedPosition(events, entryDate)
+    expect(position?.lat).toBe('54.2')
+    expect(position?.source).toBe('position')
  })

-  it('accepts auto-position with GPS', () => {
+  it('reads legacy __live:fix remarks', () => {
+    const entryDate = '2026-06-01'
+    const events = [
+      { remarks: LEGACY_LIVE_POSITION_REMARK, time: '09:00', gpsLat: '54.5', gpsLng: '10.5' }
+    ]
+    const position = getLatestLoggedPosition(events, entryDate)
+    expect(position?.lat).toBe('54.5')
+    expect(position?.source).toBe('position')
+  })
+
+  it('prefers auto-position source when applicable', () => {
+    const entryDate = '2026-06-01'
    const events = [
      {
        remarks: LIVE_EVENT_CODES.AUTO_POSITION,
        time: '14:00',
-        gpsLat: '55.0',
-        gpsLng: '11.0'
+        gpsLat: '54.3',
+        gpsLng: '10.4'
      }
    ]
-    expect(getLatestPositionFix(events, entryDate)?.source).toBe('auto_position')
+    expect(getLatestLoggedPosition(events, entryDate)?.source).toBe('auto_position')
  })

-  it('rejects fix older than max age for weather', () => {
-    const noon = new Date(`${entryDate}T12:00:00`).getTime()
+  it('rejects position older than max age for weather', () => {
+    const entryDate = '2026-06-01'
+    const noon = new Date('2026-06-01T12:00:00').getTime()
    const events = [
-      { remarks: LIVE_EVENT_CODES.FIX, time: '05:00', gpsLat: '54.0', gpsLng: '10.0' }
+      { remarks: LIVE_EVENT_CODES.POSITION, time: '05:00', gpsLat: '54.0', gpsLng: '10.0' }
    ]
    expect(
-      getLastPositionFixWithin(events, entryDate, LIVE_LOG_WEATHER_POSITION_MAX_AGE_MS, noon)
+      getLastLoggedPositionWithin(events, entryDate, LIVE_LOG_WEATHER_POSITION_MAX_AGE_MS, noon)
    ).toBeNull()
-    expect(getLatestPositionFix(events, entryDate)).not.toBeNull()
+    expect(getLatestLoggedPosition(events, entryDate)).not.toBeNull()
  })

-  it('accepts fix within six hours', () => {
-    const noon = new Date(`${entryDate}T12:00:00`).getTime()
+  it('accepts position within six hours', () => {
+    const entryDate = '2026-06-01'
+    const noon = new Date('2026-06-01T12:00:00').getTime()
    const events = [
-      { remarks: LIVE_EVENT_CODES.FIX, time: '07:00', gpsLat: '54.0', gpsLng: '10.0' }
+      { remarks: LIVE_EVENT_CODES.POSITION, time: '07:00', gpsLat: '54.0', gpsLng: '10.0' }
    ]
    expect(
-      getLastPositionFixWithin(events, entryDate, LIVE_LOG_WEATHER_POSITION_MAX_AGE_MS, noon)
+      getLastLoggedPositionWithin(events, entryDate, LIVE_LOG_WEATHER_POSITION_MAX_AGE_MS, noon)
    ).not.toBeNull()
  })
 })
@@ -3,6 +3,7 @@ import {
  buildLogEntryPayload,
  hasUnsavedEventDraft,
  isLogEventDraftEmpty,
+  localDateString,
  normalizeLogEvent,
  type LogEventPayload
 } from './logEntryPayload.js'
@@ -13,6 +14,14 @@ const emptyDraft = (): LogEventPayload =>
 const filledDraft = (): LogEventPayload =>
  normalizeLogEvent({ time: '12:34', remarks: 'Wind dreht' })

+describe('localDateString', () => {
+  it('uses local calendar date, not UTC', () => {
+    const date = new Date(2026, 5, 4, 1, 30, 0)
+    expect(localDateString(date)).toBe('2026-06-04')
+    expect(date.toISOString().substring(0, 10)).toBe('2026-06-03')
+  })
+})
+
 describe('logEntryPayload event drafts', () => {
  it('treats time-only draft as empty', () => {
    expect(isLogEventDraftEmpty(emptyDraft())).toBe(true)
@@ -22,6 +22,15 @@ export interface LogEventPayload {
  gpsLat: string
  gpsLng: string
  remarks: string
+  creatorId?: string
+}
+
+/** Calendar date YYYY-MM-DD in local timezone (matches logbook entry `date` field). */
+export function localDateString(date: Date = new Date()): string {
+  const y = date.getFullYear()
+  const m = String(date.getMonth() + 1).padStart(2, '0')
+  const d = String(date.getDate()).padStart(2, '0')
+  return `${y}-${m}-${d}`
 }

 /** Local time as HH:MM (24-hour). */
@@ -77,7 +86,7 @@ export function joinTimeHHMM(hours: string, minutes: string): string {
 const LOG_EVENT_FIELDS: (keyof LogEventPayload)[] = [
  'time', 'mgk', 'rwk', 'windPressure', 'windDirection', 'windStrength', 'seaState',
  'visibility', 'weatherIcon', 'current', 'heel', 'sailsOrMotor', 'logReading', 'distance',
-  'gpsLat', 'gpsLng', 'remarks'
+  'gpsLat', 'gpsLng', 'remarks', 'creatorId'
 ]

 /** Normalize partial/legacy events so all fields are strings (safe for form + save). */
@@ -101,10 +110,11 @@ export function normalizeLogEvent(event: Partial<LogEventPayload> | Record<strin
    distance: '',
    gpsLat: '',
    gpsLng: '',
-    remarks: ''
+    remarks: '',
+    creatorId: e.creatorId ? String(e.creatorId).trim() : undefined
  }
  for (const key of LOG_EVENT_FIELDS) {
-    if (key === 'time' || key === 'mgk' || key === 'rwk' || key === 'windDirection') continue
+    if (key === 'time' || key === 'mgk' || key === 'rwk' || key === 'windDirection' || key === 'creatorId') continue
    normalized[key] = String(e[key] ?? '').trim()
  }
  return normalized
@@ -114,7 +124,7 @@ export function logEventsEqual(a: LogEventPayload, b: LogEventPayload): boolean
  return LOG_EVENT_FIELDS.every((key) => a[key] === b[key])
 }

-const LOG_EVENT_CONTENT_FIELDS = LOG_EVENT_FIELDS.filter((key) => key !== 'time')
+const LOG_EVENT_CONTENT_FIELDS = LOG_EVENT_FIELDS.filter((key) => key !== 'time' && key !== 'creatorId')

 /** Draft with only a time (or empty fields) — not an unsaved log entry change. */
 export function isLogEventDraftEmpty(event: LogEventPayload): boolean {
@@ -56,10 +56,7 @@ export function emptyTankLevels(morning = 0): TankLevels {
  return { morning, refilled: 0, evening: 0, consumption: 0 }
 }

-export function formatTankLiters(liters: number): string {
-  if (!Number.isFinite(liters) || liters <= 0) return '0'
-  return Number.isInteger(liters) ? String(liters) : liters.toFixed(1)
-}
+export { formatTankLiters } from './numberFormat.js'

 export function getClosingGreywaterLevel(greywater?: { level?: number } | null): number {
  return Number(greywater?.level) || 0
@@ -0,0 +1,45 @@
+import { describe, expect, it } from 'vitest'
+import {
+  formatAppCoordinate,
+  formatAppDecimal,
+  formatGpsAccuracyMeters,
+  formatTankLiters,
+  getNumberFormatSymbols,
+  parseAppDecimal,
+  resolveDeviceLocale
+} from './numberFormat.js'
+
+describe('numberFormat (device locale)', () => {
+  it('resolveDeviceLocale returns a non-empty BCP 47 tag', () => {
+    expect(resolveDeviceLocale().length).toBeGreaterThan(0)
+  })
+
+  it('reads decimal separator from Intl for de-DE and en-US', () => {
+    expect(getNumberFormatSymbols('de-DE').decimal).toBe(',')
+    expect(getNumberFormatSymbols('en-US').decimal).toBe('.')
+  })
+
+  it('formats decimals per locale without grouping', () => {
+    expect(formatAppDecimal(12.5, { maximumFractionDigits: 1, locale: 'de-DE' })).toBe('12,5')
+    expect(formatAppDecimal(12.5, { maximumFractionDigits: 1, locale: 'en-US' })).toBe('12.5')
+    expect(formatAppDecimal(1234.5, { maximumFractionDigits: 1, locale: 'de-DE' })).toBe('1234,5')
+  })
+
+  it('parses device-locale decimals and tolerates the other separator', () => {
+    expect(parseAppDecimal('12,5', 'de-DE')).toBe(12.5)
+    expect(parseAppDecimal('12.5', 'en-US')).toBe(12.5)
+    expect(parseAppDecimal('12,5', 'en-US')).toBe(12.5)
+    expect(parseAppDecimal('1.234,5', 'de-DE')).toBe(1234.5)
+    expect(parseAppDecimal('', 'de-DE')).toBeNull()
+  })
+
+  it('formats coordinates for form display', () => {
+    expect(formatAppCoordinate(59.912345, 'de-DE')).toBe('59,912345')
+    expect(formatTankLiters(12.5)).toBe(formatAppDecimal(12.5, { minimumFractionDigits: 1, maximumFractionDigits: 1 }))
+  })
+
+  it('formats GPS accuracy with coarse step from 100 m', () => {
+    expect(formatGpsAccuracyMeters(12.4)).toBe(formatAppDecimal(12, { maximumFractionDigits: 0 }))
+    expect(formatGpsAccuracyMeters(105)).toBe(formatAppDecimal(110, { maximumFractionDigits: 0 }))
+  })
+})
@@ -0,0 +1,139 @@
+/**
+ * Number formatting and parsing follow the device (browser) locale from Intl,
+ * not the app UI language — e.g. de-DE phone with English UI still uses comma decimals.
+ */
+
+export function resolveDeviceLocale(): string {
+  try {
+    const locale = new Intl.NumberFormat().resolvedOptions().locale
+    if (locale) return locale
+  } catch {
+    // ignore
+  }
+  if (typeof navigator !== 'undefined' && navigator.language) {
+    return navigator.language
+  }
+  return 'en-GB'
+}
+
+interface NumberSymbols {
+  decimal: string
+  group: string
+}
+
+const symbolCache = new Map<string, NumberSymbols>()
+
+export function getNumberFormatSymbols(locale = resolveDeviceLocale()): NumberSymbols {
+  const cached = symbolCache.get(locale)
+  if (cached) return cached
+  const parts = new Intl.NumberFormat(locale).formatToParts(1234567.89)
+  const symbols: NumberSymbols = {
+    decimal: parts.find((p) => p.type === 'decimal')?.value ?? '.',
+    group: parts.find((p) => p.type === 'group')?.value ?? ''
+  }
+  symbolCache.set(locale, symbols)
+  return symbols
+}
+
+export interface FormatAppDecimalOptions {
+  minimumFractionDigits?: number
+  maximumFractionDigits?: number
+  locale?: string
+}
+
+/** User-visible decimal without thousands grouping. */
+export function formatAppDecimal(value: number, options: FormatAppDecimalOptions = {}): string {
+  if (!Number.isFinite(value)) return ''
+  const locale = options.locale ?? resolveDeviceLocale()
+  const min = options.minimumFractionDigits ?? 0
+  const max = options.maximumFractionDigits ?? min
+  return new Intl.NumberFormat(locale, {
+    minimumFractionDigits: min,
+    maximumFractionDigits: max,
+    useGrouping: false
+  }).format(value)
+}
+
+/**
+ * Parses a decimal typed by the user for the device locale.
+ * Also accepts the other common separator for simple values (e.g. 12,5 on en-US).
+ */
+export function parseAppDecimal(input: string, locale = resolveDeviceLocale()): number | null {
+  const trimmed = input.trim()
+  if (!trimmed) return null
+
+  const { decimal, group } = getNumberFormatSymbols(locale)
+  const simpleComma = /^-?\d+,\d+$/.test(trimmed)
+  const simpleDot = /^-?\d+\.\d+$/.test(trimmed)
+
+  // Values without grouping: accept locale decimal and the other common separator.
+  if (simpleComma && decimal === ',') {
+    return Number(trimmed.replace(',', '.'))
+  }
+  if (simpleDot && decimal === '.') {
+    return Number(trimmed)
+  }
+  if (simpleComma && decimal === '.') {
+    return Number(trimmed.replace(',', '.'))
+  }
+  if (simpleDot && decimal === ',') {
+    return Number(trimmed)
+  }
+
+  let normalized = trimmed
+  if (group) {
+    normalized = normalized.split(group).join('')
+  }
+  if (decimal !== '.') {
+    normalized = normalized.replace(decimal, '.')
+  }
+
+  const n = Number(normalized)
+  return Number.isFinite(n) ? n : null
+}
+
+export function parseAppDecimalOrZero(input: string, locale?: string): number {
+  return parseAppDecimal(input, locale) ?? 0
+}
+
+/** Canonical storage/API coordinate string (always dot, 6 decimals). */
+export function formatCanonicalCoordinate(value: number): string {
+  return value.toFixed(6)
+}
+
+/** Coordinate string for form fields (device decimal separator). */
+export function formatAppCoordinate(value: number, locale?: string): string {
+  return formatAppDecimal(value, { minimumFractionDigits: 6, maximumFractionDigits: 6, locale })
+}
+
+export function formatNm(value: number): string {
+  return formatAppDecimal(value, { minimumFractionDigits: 2, maximumFractionDigits: 2 })
+}
+
+export function formatLiters(value: number): string {
+  return Number.isInteger(value)
+    ? formatAppDecimal(value, { maximumFractionDigits: 0 })
+    : formatAppDecimal(value, { minimumFractionDigits: 1, maximumFractionDigits: 1 })
+}
+
+export function formatHours(value: number): string {
+  return formatLiters(value)
+}
+
+export function formatTankLiters(liters: number): string {
+  if (!Number.isFinite(liters) || liters <= 0) return formatAppDecimal(0, { maximumFractionDigits: 0 })
+  return formatLiters(liters)
+}
+
+export function formatFuelPerMotorHour(value: number | null | undefined): string {
+  if (value == null) return '—'
+  return Number.isInteger(value)
+    ? formatAppDecimal(value, { maximumFractionDigits: 0 })
+    : formatAppDecimal(value, { minimumFractionDigits: 2, maximumFractionDigits: 2 })
+}
+
+/** GPS accuracy for i18n (±{{accuracy}} m): 1 m below 100 m, 10 m from 100 m upward. */
+export function formatGpsAccuracyMeters(accuracyM: number): string {
+  const rounded = accuracyM < 100 ? Math.round(accuracyM) : Math.round(accuracyM / 10) * 10
+  return formatAppDecimal(rounded, { maximumFractionDigits: 0 })
+}
@@ -1,4 +1,5 @@
 import { degreesToCardinal } from './courseAngle.js'
+import { formatAppDecimal } from './numberFormat.js'
 import { formatVisibilityMeters } from './weatherMetrics.js'

 /** @deprecated Use formatVisibilityMeters */
@@ -33,7 +34,7 @@ export function mpsToBeaufort(mps: number): number {

 export function formatWindStrengthBeaufort(mps: number): string {
  const bft = mpsToBeaufort(mps)
-  return `${bft} Bft (${mps.toFixed(1)} m/s)`
+  return `${bft} Bft (${formatAppDecimal(mps, { minimumFractionDigits: 1, maximumFractionDigits: 1 })} m/s)`
 }

 export function parseOwmCurrentWeather(data: Record<string, unknown>): ParsedOwmCurrent {
@@ -49,7 +50,7 @@ export function parseOwmCurrentWeather(data: Record<string, unknown>): ParsedOwm

  let tempC: string | null = null
  if (main?.temp != null && Number.isFinite(main.temp)) {
-    tempC = Number(main.temp).toFixed(1)
+    tempC = formatAppDecimal(main.temp, { minimumFractionDigits: 1, maximumFractionDigits: 1 })
  }

  let precipText: string | null = null
@@ -1,4 +1,4 @@
-import { formatTankLiters } from './logEntryTankLevels.js'
+import { formatTankLiters, parseAppDecimal } from './numberFormat.js'

 export interface VesselTankCapacities {
  freshwaterCapacityL?: number
@@ -7,10 +7,10 @@ export interface VesselTankCapacities {
 }

 export function parseOptionalTankLiters(input: string): number | undefined {
-  const trimmed = input.trim().replace(',', '.')
+  const trimmed = input.trim()
  if (!trimmed) return undefined
-  const parsed = Number(trimmed)
-  if (!Number.isFinite(parsed) || parsed < 0) {
+  const parsed = parseAppDecimal(trimmed)
+  if (parsed == null || parsed < 0) {
    throw new Error('invalid_tank_liters')
  }
  return parsed
@@ -24,10 +24,10 @@ function capacityFromStored(value: unknown): number | undefined {
  if (value == null || value === '') return undefined
  if (typeof value === 'number' && Number.isFinite(value) && value >= 0) return value
  if (typeof value === 'string') {
-    const trimmed = value.trim().replace(',', '.')
+    const trimmed = value.trim()
    if (!trimmed) return undefined
-    const parsed = Number(trimmed)
-    if (Number.isFinite(parsed) && parsed >= 0) return parsed
+    const parsed = parseAppDecimal(trimmed)
+    if (parsed != null && parsed >= 0) return parsed
  }
  return undefined
 }
@@ -1,4 +1,5 @@
 import type { TrackWaypoint } from '../services/trackUpload.js'
+import { formatAppDecimal } from './numberFormat.js'

 const NM_IN_METERS = 1852
 const MAX_PLAUSIBLE_KNOTS = 50
@@ -100,8 +101,14 @@ export function formatTrackStats(stats: TrackStats): {
  speedAvgKn: string
 } {
  return {
-    distanceNm: stats.distanceNm.toFixed(2),
-    speedMaxKn: stats.speedMaxKn > 0 ? stats.speedMaxKn.toFixed(1) : '',
-    speedAvgKn: stats.speedAvgKn > 0 ? stats.speedAvgKn.toFixed(1) : ''
+    distanceNm: formatAppDecimal(stats.distanceNm, { minimumFractionDigits: 2, maximumFractionDigits: 2 }),
+    speedMaxKn:
+      stats.speedMaxKn > 0
+        ? formatAppDecimal(stats.speedMaxKn, { minimumFractionDigits: 1, maximumFractionDigits: 1 })
+        : '',
+    speedAvgKn:
+      stats.speedAvgKn > 0
+        ? formatAppDecimal(stats.speedAvgKn, { minimumFractionDigits: 1, maximumFractionDigits: 1 })
+        : ''
  }
 }
@@ -1,18 +1,21 @@
 import { parseOptionalTankLiters, tankCapacityInputFromStored } from './tankCapacity.js'
+import { formatAppDecimal, parseAppDecimal } from './numberFormat.js'
 import type { VesselData } from '../types/vessel.js'

 export function metricInputFromStored(value: unknown): string {
  if (value == null || value === '') return ''
-  if (typeof value === 'number' && Number.isFinite(value)) return String(value)
+  if (typeof value === 'number' && Number.isFinite(value)) {
+    return formatAppDecimal(value, { maximumFractionDigits: 6 })
+  }
  if (typeof value === 'string') return value.trim()
  return ''
 }

 export function parseOptionalMetricMeters(input: string): number | undefined {
-  const trimmed = input.trim().replace(',', '.')
+  const trimmed = input.trim()
  if (!trimmed) return undefined
-  const parsed = Number(trimmed)
-  if (!Number.isFinite(parsed) || parsed < 0) {
+  const parsed = parseAppDecimal(trimmed)
+  if (parsed == null || parsed < 0) {
    throw new Error('invalid_metric')
  }
  return parsed
@@ -1,3 +1,5 @@
+import { formatAppDecimal } from './numberFormat.js'
+
 /** Barometric pressure (hPa), typical marine range. */
 export const PRESSURE_MIN_HPA = 960
 export const PRESSURE_MAX_HPA = 1050
@@ -90,7 +92,9 @@ export function formatVisibilityMeters(meters: number): string {
  if (meters >= 1000) {
    const km = meters / 1000
    const rounded = Math.round(km * 10) / 10
-    return Number.isInteger(rounded) ? `${rounded} km` : `${rounded.toFixed(1)} km`
+    return Number.isInteger(rounded)
+      ? `${formatAppDecimal(rounded, { maximumFractionDigits: 0 })} km`
+      : `${formatAppDecimal(rounded, { minimumFractionDigits: 1, maximumFractionDigits: 1 })} km`
  }
  return `${Math.round(meters)} m`
 }
@@ -33,8 +33,36 @@ function versionJsonPlugin(version: string): Plugin {
  }
 }

+function readPlausibleConfig(): { plausibleEnabled: boolean; plausibleHost: string } {
+  const host = (process.env.PLAUSIBLE_HOST || 'https://plausible.elpatron.me').replace(/\/$/, '')
+  const flag = (process.env.PLAUSIBLE_ENABLED ?? 'true').trim().toLowerCase()
+  const plausibleEnabled = !['false', '0', 'no'].includes(flag)
+  return { plausibleEnabled, plausibleHost: host }
+}
+
+function runtimeConfigPlugin(): Plugin {
+  return {
+    name: 'runtime-config',
+    configureServer(server) {
+      server.middlewares.use((req, res, next) => {
+        if (req.url !== '/runtime-config.json') return next()
+        res.setHeader('Content-Type', 'application/json')
+        res.end(`${JSON.stringify(readPlausibleConfig())}\n`)
+      })
+    },
+    writeBundle(options) {
+      const outDir = options.dir ?? resolve(__dirname, 'dist')
+      writeFileSync(
+        resolve(outDir, 'runtime-config.json'),
+        `${JSON.stringify(readPlausibleConfig(), null, 2)}\n`
+      )
+    }
+  }
+}
+
 // https://vite.dev/config/
 export default defineConfig({
+  envDir: resolve(__dirname, '..'),
  test: {
    environment: 'happy-dom',
    include: ['src/**/*.test.ts']
@@ -59,6 +87,7 @@ export default defineConfig({
  plugins: [
    react(),
    versionJsonPlugin(readAppVersion()),
+    runtimeConfigPlugin(),
    VitePWA({
      strategies: 'injectManifest',
      srcDir: 'src',
@@ -0,0 +1,71 @@
+services:
+  db:
+    image: postgres:16-alpine
+    container_name: daagbox-staging-db
+    restart: always
+    environment:
+      POSTGRES_USER: ${POSTGRES_USER:-postgres}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?Set POSTGRES_PASSWORD in .env}
+      POSTGRES_DB: ${POSTGRES_DB:-daagbox_staging}
+    volumes:
+      - pgdata:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U \"$$POSTGRES_USER\" -d \"$$POSTGRES_DB\""]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+
+  backend:
+    build:
+      context: ./server
+      dockerfile: Dockerfile
+    container_name: daagbox-staging-backend
+    restart: always
+    environment:
+      PORT: 5000
+      DATABASE_URL: "postgresql://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DB:-daagbox_staging}?schema=public"
+      RP_ID: ${RP_ID:-localhost}
+      ORIGIN: ${ORIGIN:-http://localhost}
+      TRUST_PROXY: ${TRUST_PROXY:-1}
+      VAPID_PUBLIC_KEY: ${VAPID_PUBLIC_KEY:-}
+      VAPID_PRIVATE_KEY: ${VAPID_PRIVATE_KEY:-}
+      VAPID_SUBJECT: ${VAPID_SUBJECT:-mailto:support@kapteins-daagbok.eu}
+      OpenWeatherMapAPIKey: ${OpenWeatherMapAPIKey:-}
+      OpenRouterAPIKey: ${OpenRouterAPIKey:-}
+      OpenRouterModel: ${OpenRouterModel:-anthropic/claude-3.5-haiku}
+      SESSION_SECRET: ${SESSION_SECRET:-}
+      ADMIN_USER_IDS: ${ADMIN_USER_IDS:-}
+      NTFY_SERVER: ${NTFY_SERVER:-https://ntfy.sh}
+      NTFY_TOPIC: ${NTFY_TOPIC:-}
+      NTFY_TOKEN: ${NTFY_TOKEN:-}
+    command: sh -c "npx prisma db push && node dist/index.js"
+    healthcheck:
+      test: ["CMD", "node", "-e", "const http = require('http'); http.get('http://localhost:5000/api/health', (res) => { process.exit(res.statusCode === 200 ? 0 : 1); }).on('error', () => process.exit(1));"]
+      interval: 15s
+      timeout: 5s
+      start_period: 60s
+      retries: 5
+    depends_on:
+      db:
+        condition: service_healthy
+
+  frontend:
+    build:
+      context: .
+      dockerfile: client/Dockerfile
+      args:
+        APP_VERSION: ${APP_VERSION:-0.1.0.0-dev}
+    container_name: daagbox-staging-frontend
+    restart: always
+    environment:
+      PLAUSIBLE_ENABLED: ${PLAUSIBLE_ENABLED:-false}
+      PLAUSIBLE_HOST: ${PLAUSIBLE_HOST:-https://plausible.elpatron.me}
+    ports:
+      - "80:80"
+    depends_on:
+      backend:
+        condition: service_healthy
+
+volumes:
+  pgdata:
+    name: daagbox-staging-pgdata
@@ -35,10 +35,17 @@ services:
      OpenRouterAPIKey: ${OpenRouterAPIKey:-}
      OpenRouterModel: ${OpenRouterModel:-anthropic/claude-3.5-haiku}
      SESSION_SECRET: ${SESSION_SECRET:-}
+      ADMIN_USER_IDS: ${ADMIN_USER_IDS:-}
      NTFY_SERVER: ${NTFY_SERVER:-https://ntfy.sh}
      NTFY_TOPIC: ${NTFY_TOPIC:-}
      NTFY_TOKEN: ${NTFY_TOKEN:-}
    command: sh -c "npx prisma db push && node dist/index.js"
+    healthcheck:
+      test: ["CMD", "node", "-e", "const http = require('http'); http.get('http://localhost:5000/api/health', (res) => { process.exit(res.statusCode === 200 ? 0 : 1); }).on('error', () => process.exit(1));"]
+      interval: 15s
+      timeout: 5s
+      start_period: 60s
+      retries: 5
    depends_on:
      db:
        condition: service_healthy
@@ -51,6 +58,9 @@ services:
        APP_VERSION: ${APP_VERSION:-0.1.0.0-dev}
    container_name: daagbox-prod-frontend
    restart: always
+    environment:
+      PLAUSIBLE_ENABLED: ${PLAUSIBLE_ENABLED:-true}
+      PLAUSIBLE_HOST: ${PLAUSIBLE_HOST:-https://plausible.elpatron.me}
    ports:
      - "80:80"
    depends_on:
@@ -0,0 +1,111 @@
+# Server-Backup (Produktion)
+
+Automatische und manuelle Sicherung von PostgreSQL, `.env`, `docker-compose.yml` und App-Code (Git-Archiv) auf der Prod-VM.
+
+**Staging:** Kein automatisches Backup — Daten sind bewusst wegwerfbar. Deploy via `update-remotes.sh -dest stage` legt kein Backup an. Zum manuellen Testen auf Staging: `-dest stage` (oder Auto-Fallback, wenn nur `daagbox-staging-db` läuft).
+
+## Was wird gesichert?
+
+| Inhalt | Beschreibung |
+|--------|--------------|
+| `database.sql.gz` | `pg_dump` aus dem laufenden DB-Container |
+| `.env` | Server-Secrets (Sessions, DB-Passwort, VAPID, …) |
+| `docker-compose.yml` | Aktive Compose-Datei |
+| `app.tar.gz` | `git archive HEAD` — Code-Snapshot |
+| `manifest.json` | Timestamp, Git-Tag, SHA, Grund (`cron` / `pre-deploy` / `manual`) |
+
+Backups liegen in `/var/backups/kapteins-daagbok/` (mode 700, root-only). Es werden **maximal 5** Archive aufbewahrt.
+
+## Einmalige Einrichtung (Prod-Server)
+
+```bash
+ssh root@10.0.0.25
+mkdir -p /var/backups/kapteins-daagbok
+chmod 700 /var/backups/kapteins-daagbok
+cd /opt/kapteins-daagbok
+git pull
+chmod +x scripts/backup.sh scripts/restore-backup.sh
+./scripts/backup.sh --reason manual
+```
+
+## Manuell sichern
+
+```bash
+cd /opt/kapteins-daagbok
+./scripts/backup.sh
+./scripts/backup.sh --reason manual --dry-run   # Vorschau ohne Schreiben
+```
+
+### Staging (manueller Test)
+
+```bash
+cd /opt/kapteins-daagbok-staging
+./scripts/backup.sh -dest stage --reason manual
+# oder: Auto-Fallback, wenn nur daagbox-staging-db läuft
+./scripts/backup.sh --reason manual
+```
+
+## Crontab (unbeaufsichtigt)
+
+Beispiel: [`scripts/crontab.prod.example`](../../scripts/crontab.prod.example)
+
+```bash
+crontab -e
+# Zeile einfügen:
+0 3 * * * cd /opt/kapteins-daagbok && ./scripts/backup.sh --reason cron >> /var/log/kapteins-backup.log 2>&1
+```
+
+## Pre-Deploy-Backup
+
+Bei `./scripts/update-remotes.sh -dest prod` wird **vor** dem Git-Sync auf dem Server automatisch ein Backup mit Tag `v{VERSION}-predeploy` erstellt. Schlägt das Backup fehl, wird das Deploy abgebrochen.
+
+Staging-Deploys (`-dest stage`) erstellen **kein** Backup.
+
+## Wiederherstellen
+
+Verfügbare Backups anzeigen:
+
+```bash
+./scripts/restore-backup.sh --list
+```
+
+Vollständige Wiederherstellung (DB + `.env`, optional Git-Tag checkout):
+
+```bash
+./scripts/restore-backup.sh --restore /var/backups/kapteins-daagbok/kapteins-daagbok_YYYYMMDD-HHMMSS_vX.Y.Z.tar.gz
+```
+
+Nur Datenbank:
+
+```bash
+./scripts/restore-backup.sh --restore PATH --db-only
+```
+
+Nur `.env`:
+
+```bash
+./scripts/restore-backup.sh --restore PATH --env-only
+```
+
+Ohne Rückfragen (Notfall):
+
+```bash
+./scripts/restore-backup.sh --restore PATH --full --yes
+```
+
+## Vor Passwort-Rotation
+
+Vor [`rotate-postgres-password.sh`](../../scripts/rotate-postgres-password.sh) ein Backup anlegen — siehe auch [postgres-password.md](postgres-password.md):
+
+```bash
+./scripts/backup.sh --reason manual
+```
+
+## Umgebungsvariablen
+
+| Variable | Prod (default) | Staging (`-dest stage`) |
+|----------|----------------|-------------------------|
+| `COMPOSE_FILE` | `docker-compose.yml` | `docker-compose.staging.yml` |
+| `DB_CONTAINER` | `daagbox-prod-db` | `daagbox-staging-db` |
+| `BACKUP_DIR` | `/var/backups/kapteins-daagbok` | gleich |
+| `RETENTION` | `5` | `5` |
@@ -1,14 +1,14 @@
 # Deployment: Nginx Proxy Manager & Security (Sprint 1)

-Kapteins Daagbok läuft öffentlich unter **https://kapteins-daagbok.eu/** hinter **Nginx Proxy Manager** (NPM, z. B. `172.16.10.10`) mit Upstream auf den App-Stack (`172.16.10.110`).
+Kapteins Daagbok läuft öffentlich unter **https://kapteins-daagbok.eu/** (Produktion) und **https://staging.kapteins-daagbok.eu/** (Staging) hinter **Nginx Proxy Manager** (NPM, z. B. `172.16.10.10`) mit Upstream auf die App-VMs (`10.0.0.25` Prod, `10.0.0.27` Staging).

 ## NPM Proxy Host

 | Einstellung | Wert |
 |-------------|------|
-| Domain | `kapteins-daagbok.eu` |
+| Domain | `kapteins-daagbok.eu` / `staging.kapteins-daagbok.eu` |
 | Scheme | `https` |
-| Forward Hostname / IP | `172.16.10.110` (oder Container-Port auf dem Host) |
+| Forward Hostname / IP | `10.0.0.25` (Prod) / `10.0.0.27` (Staging) |
 | Forward Port | `80` (Frontend-Nginx) |
 | Websockets | an, falls genutzt |
 | Block Common Exploits | an |
@@ -40,13 +40,20 @@ TRUST_PROXY=1
 ## Security-Header

 - **HSTS, CSP (optional restriktiver):** können in NPM unter „Custom Headers“ oder im Advanced-Block gesetzt werden.
- **Basis-Header** für statische Dateien setzt [`client/nginx.conf`](../../client/nginx.conf) (X-Content-Type-Options, X-Frame-Options, Referrer-Policy, CSP inkl. Plausible).
+- **Basis-Header** für statische Dateien setzt [`client/nginx.conf.template`](../../client/nginx.conf.template) via Container-Entrypoint (X-Content-Type-Options, X-Frame-Options, Referrer-Policy, CSP optional inkl. Plausible).

 ### Plausible Analytics

-Script-Host: `https://plausible.elpatron.me` — in CSP als `script-src` und `connect-src` erlaubt. Gemessene Site: `data-domain="kapteins-daagbok.eu"`.
+Konfiguration über `.env` (Frontend-Container):

-Optional später: `analytics.kapteins-daagbok.eu` als Alias auf dieselbe Plausible-Instanz.
+```env
+PLAUSIBLE_ENABLED=true
+PLAUSIBLE_HOST=https://plausible.elpatron.me
+```
+
+Staging-Default: `PLAUSIBLE_ENABLED=false` in [`docker-compose.staging.yml`](../../docker-compose.staging.yml).
+
+Script-Host wird in CSP (`script-src`, `connect-src`) nur bei `PLAUSIBLE_ENABLED=true` freigegeben. `data-domain` ist immer der aktuelle Hostname (Prod vs. Staging getrennt, wenn Staging aktiviert wird).

 ## Nach Deploy prüfen

@@ -8,7 +8,7 @@

 ## Empfohlene Schritte

-1. **Backup/Snapshot** (hast du laut Vorgabe).
+1. **Backup/Snapshot** — auf dem Server: `./scripts/backup.sh --reason manual` (Details: [backup.md](backup.md)).
 2. Auf dem Server im Repo:
   ```bash
   cd /opt/kapteins-daagbok
@@ -31,12 +31,12 @@ cd server && npm test

 ## Nach erfolgreichem Check

-[`scripts/update-prod.sh`](../../scripts/update-prod.sh) führt `predeploy-check.sh` **automatisch** aus (nach Release-Vorbereitung, vor dem SSH-Deploy).
+[`scripts/update-remotes.sh`](../../scripts/update-remotes.sh) führt `predeploy-check.sh` **automatisch** aus (nach Release-Vorbereitung bei Prod, vor dem SSH-Deploy).

 ```bash
-./scripts/update-prod.sh
+./scripts/update-remotes.sh -dest prod
 ```

-Notfall ohne Checks (nur wenn nötig): `SKIP_PREDEPLOY_CHECK=1 ./scripts/update-prod.sh`
+Notfall ohne Checks (nur wenn nötig): `SKIP_PREDEPLOY_CHECK=1 ./scripts/update-remotes.sh -dest prod`

 Manuell auf dem Server: `git pull`, `docker compose build`, `docker compose up -d` (siehe [npm-security.md](npm-security.md)).
@@ -0,0 +1,106 @@
+# Staging-Umgebung
+
+Staging läuft auf **VM3** (`10.0.0.27`) unter **https://staging.kapteins-daagbok.eu/** — hinter Nginx Proxy Manager wie Produktion.
+
+## Unterschiede zu Produktion
+
+| | Staging | Produktion |
+|---|---------|------------|
+| Host | `10.0.0.27` | `10.0.0.25` |
+| Verzeichnis | `/opt/kapteins-daagbok-staging` | `/opt/kapteins-daagbok` |
+| Compose | `docker-compose.staging.yml` | `docker-compose.yml` |
+| Deploy-Skript | `./scripts/update-remotes.sh -dest stage` | `./scripts/update-remotes.sh -dest prod` |
+| Release-Tag | nein | ja (`v*`) |
+| Datenbank-Volume | `daagbox-staging-pgdata` | `daagbox-prod-pgdata` |
+
+Staging ist **vollständig isoliert**: eigene DB, Session-Secrets, Passkeys (`RP_ID=staging.kapteins-daagbok.eu`) und optional eigene VAPID-/Ntfy-Konfiguration.
+
+## Erstinstallation (VM3)
+
+```bash
+ssh root@10.0.0.27
+
+git clone https://gitea.elpatron.me/elpatron/kapteins-daagbok.git /opt/kapteins-daagbok-staging
+cd /opt/kapteins-daagbok-staging
+git checkout master
+
+# .env anlegen — Secrets neu generieren, nicht von Prod kopieren
+openssl rand -hex 24      # POSTGRES_PASSWORD
+openssl rand -base64 48   # SESSION_SECRET
+
+nano .env
+docker compose -f docker-compose.staging.yml up -d --build
+```
+
+### `.env` (Staging)
+
+```env
+ORIGIN=https://staging.kapteins-daagbok.eu
+RP_ID=staging.kapteins-daagbok.eu
+TRUST_PROXY=1
+
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=<generiert>
+POSTGRES_DB=daagbox_staging
+
+SESSION_SECRET=<generiert>
+
+NTFY_SERVER=https://ntfy.sh
+NTFY_TOPIC=kapteins-daagbok-staging-feedback
+
+# Analytics aus (Staging soll Prod-Statistik nicht verfälschen)
+PLAUSIBLE_ENABLED=false
+PLAUSIBLE_HOST=https://plausible.elpatron.me
+```
+
+Optional: `VAPID_*`, `OpenWeatherMapAPIKey`, `OpenRouterAPIKey`, `ADMIN_USER_IDS`, `NTFY_TOKEN`.
+
+## Deploy vom Entwicklungsrechner
+
+Führt `npm run check` aus, dann SSH-Deploy ohne Release-Tag:
+
+```bash
+./scripts/update-remotes.sh -dest stage
+```
+
+Konfiguration via Umgebungsvariablen:
+
+```bash
+REMOTE_HOST=10.0.0.27 \
+REMOTE_DIR=/opt/kapteins-daagbok-staging \
+DEPLOY_BRANCH=master \
+./scripts/update-remotes.sh -dest stage
+```
+
+Notfall ohne Checks: `SKIP_PREDEPLOY_CHECK=1 ./scripts/update-remotes.sh -dest stage`
+
+## NPM (VM1)
+
+| Einstellung | Wert |
+|-------------|------|
+| Domain | `staging.kapteins-daagbok.eu` |
+| Forward Hostname / IP | `10.0.0.27` |
+| Forward Port | `80` |
+| SSL | Let's Encrypt |
+
+Empfohlen: Custom Header `X-Robots-Tag: noindex, nofollow` (Staging nicht indexieren).
+
+Details zu Proxy-Headern und Security: [npm-security.md](npm-security.md).
+
+## Nach Deploy prüfen
+
+1. https://staging.kapteins-daagbok.eu/api/health — `status: ok`
+2. Neuen Test-Account registrieren (Prod-Passkeys funktionieren nicht auf Staging)
+3. Passkey Login
+4. Cookie `daagbok_session`: `Secure`, `HttpOnly`, `SameSite=Lax`
+
+## Daten zurücksetzen
+
+Staging-Daten sind wegwerfbar:
+
+```bash
+cd /opt/kapteins-daagbok-staging
+docker compose -f docker-compose.staging.yml down
+docker volume rm daagbox-staging-pgdata
+docker compose -f docker-compose.staging.yml up -d
+```
@@ -0,0 +1,318 @@
+<!DOCTYPE html>
+<html lang="de">
+<head>
+  <meta charset="UTF-8" />
+  <title>Kapteins Daagbok — Sharepic (Portrait)</title>
+  <link rel="preconnect" href="https://fonts.googleapis.com">
+  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+  <link href="https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@400;500;600;700;800&display=swap" rel="stylesheet">
+  <style>
+    * {
+      box-sizing: border-box;
+      margin: 0;
+      padding: 0;
+    }
+
+    body {
+      width: 1080px;
+      height: 1920px;
+      font-family: 'Plus Jakarta Sans', sans-serif;
+      color: #e2e8f0;
+      background: #0f172a;
+      overflow: hidden;
+      display: flex;
+      flex-direction: column;
+      justify-content: space-between;
+      align-items: center;
+      padding: 100px 80px;
+      background:
+        radial-gradient(circle at 50% 10%, rgba(56, 189, 248, 0.18) 0%, transparent 45%),
+        radial-gradient(circle at 50% 90%, rgba(134, 59, 255, 0.22) 0%, transparent 45%),
+        linear-gradient(180deg, #090d16 0%, #111827 50%, #090d16 100%);
+      position: relative;
+    }
+
+    /* Subtle background grid pattern */
+    body::after {
+      content: "";
+      position: absolute;
+      inset: 0;
+      background-image: linear-gradient(rgba(148, 163, 184, 0.03) 1px, transparent 1px),
+                        linear-gradient(90deg, rgba(148, 163, 184, 0.03) 1px, transparent 1px);
+      background-size: 40px 40px;
+      pointer-events: none;
+      z-index: 0;
+    }
+
+    /* Outer border */
+    .outer-border {
+      position: absolute;
+      inset: 40px;
+      border: 1px solid rgba(148, 163, 184, 0.1);
+      border-radius: 30px;
+      pointer-events: none;
+      z-index: 1;
+    }
+
+    .brand {
+      display: flex;
+      flex-direction: column;
+      align-items: center;
+      gap: 30px;
+      z-index: 2;
+      text-align: center;
+      margin-top: 40px;
+    }
+
+    .logo {
+      width: 140px;
+      height: 140px;
+      object-fit: contain;
+      filter: drop-shadow(0 8px 24px rgba(56, 189, 248, 0.3));
+    }
+
+    .title-group h1 {
+      font-size: 64px;
+      font-weight: 800;
+      letter-spacing: -0.03em;
+      color: #ffffff;
+      line-height: 1.1;
+      background: linear-gradient(135deg, #ffffff 60%, #94a3b8 100%);
+      -webkit-background-clip: text;
+      background-clip: text;
+      -webkit-text-fill-color: transparent;
+    }
+
+    .title-group p {
+      font-size: 26px;
+      color: #38bdf8;
+      font-weight: 600;
+      margin-top: 8px;
+      letter-spacing: -0.01em;
+    }
+
+    .main-content {
+      width: 100%;
+      display: flex;
+      flex-direction: column;
+      gap: 50px;
+      z-index: 2;
+    }
+
+    .intro-text {
+      font-size: 26px;
+      line-height: 1.6;
+      color: #cbd5e1;
+      font-weight: 400;
+      text-align: center;
+      padding: 0 20px;
+    }
+
+    .intro-text strong {
+      color: #ffffff;
+      font-weight: 600;
+    }
+
+    .features-card {
+      background: rgba(30, 41, 59, 0.45);
+      backdrop-filter: blur(16px);
+      -webkit-backdrop-filter: blur(16px);
+      border: 1px solid rgba(255, 255, 255, 0.08);
+      border-radius: 24px;
+      padding: 50px 60px;
+      box-shadow: 0 30px 60px rgba(0, 0, 0, 0.4);
+      position: relative;
+    }
+
+    .features-card::before {
+      content: "";
+      position: absolute;
+      inset: 0;
+      border-radius: 24px;
+      padding: 1px;
+      background: linear-gradient(to bottom, rgba(255, 255, 255, 0.1), rgba(255, 255, 255, 0.02));
+      -webkit-mask: linear-gradient(#fff 0 0) content-box, linear-gradient(#fff 0 0);
+      mask: linear-gradient(#fff 0 0) content-box, linear-gradient(#fff 0 0);
+      -webkit-mask-composite: xor;
+      mask-composite: exclude;
+      pointer-events: none;
+    }
+
+    .card-title {
+      font-size: 20px;
+      font-weight: 700;
+      text-transform: uppercase;
+      letter-spacing: 0.08em;
+      color: #94a3b8;
+      margin-bottom: 35px;
+      display: flex;
+      align-items: center;
+      gap: 12px;
+    }
+
+    .card-title::after {
+      content: "";
+      flex: 1;
+      height: 1px;
+      background: rgba(148, 163, 184, 0.15);
+    }
+
+    .badge-premium {
+      background: linear-gradient(135deg, #fbbf24 0%, #f59e0b 100%);
+      color: #1e293b;
+      font-size: 16px;
+      font-weight: 800;
+      text-transform: uppercase;
+      letter-spacing: 0.1em;
+      padding: 6px 14px;
+      border-radius: 8px;
+    }
+
+    .features-list {
+      display: flex;
+      flex-direction: column;
+      gap: 30px;
+      list-style: none;
+    }
+
+    .feature-item {
+      display: flex;
+      align-items: flex-start;
+      gap: 20px;
+      font-size: 24px;
+      line-height: 1.4;
+      color: #cbd5e1;
+      font-weight: 500;
+    }
+
+    .feature-icon {
+      color: #38bdf8;
+      font-size: 26px;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      margin-top: 3px;
+      text-shadow: 0 0 10px rgba(56, 189, 248, 0.6);
+    }
+
+    .bottom-section {
+      width: 100%;
+      display: flex;
+      flex-direction: column;
+      align-items: center;
+      gap: 50px;
+      z-index: 2;
+      margin-bottom: 40px;
+    }
+
+    .cta-container {
+      display: flex;
+      flex-direction: column;
+      align-items: center;
+      gap: 30px;
+    }
+
+    .cta-badge {
+      background: linear-gradient(135deg, #38bdf8 0%, #0284c7 100%);
+      color: #0f172a;
+      font-size: 32px;
+      font-weight: 800;
+      padding: 20px 45px;
+      border-radius: 16px;
+      letter-spacing: -0.02em;
+      box-shadow: 0 10px 30px rgba(56, 189, 248, 0.25);
+    }
+
+    .qr-code {
+      width: 160px;
+      height: 160px;
+      background: #ffffff;
+      padding: 10px;
+      border-radius: 16px;
+      box-shadow: 0 10px 30px rgba(0, 0, 0, 0.3);
+      display: flex;
+      align-items: center;
+      justify-content: center;
+    }
+
+    .qr-code img {
+      width: 100%;
+      height: 100%;
+      object-fit: contain;
+    }
+
+    footer {
+      font-size: 18px;
+      color: #64748b;
+      text-align: center;
+    }
+
+    footer strong {
+      color: #94a3b8;
+      font-weight: 600;
+    }
+  </style>
+</head>
+<body>
+  <div class="outer-border"></div>
+  
+  <div class="brand">
+    <img class="logo" src="../../client/public/logo.png" alt="Kapteins Daagbok" />
+    <div class="title-group">
+      <h1>Kapteins Daagbok</h1>
+      <p>Digitales Yacht-Logbuch</p>
+    </div>
+  </div>
+
+  <div class="main-content">
+    <p class="intro-text">
+      Führe dein Bordlogbuch modern & digital: Reisetage, GPS-Tracks, Crew- und Schiffsdaten — 
+      <strong>Ende-zu-Ende-verschlüsselt</strong>, als App installierbar und <strong>auch offline</strong> auf See nutzbar.
+    </p>
+
+    <div class="features-card">
+      <div class="card-title">Top Features <span class="badge-premium">Kostenlos & Werbefrei</span></div>
+      <ul class="features-list">
+        <li class="feature-item">
+          <span class="feature-icon">✦</span>
+          <span>Nautisches Logbuch-Format & Streckenstatistik</span>
+        </li>
+        <li class="feature-item">
+          <span class="feature-icon">✦</span>
+          <span>Offline-first PWA — läuft auf allen Smartphones & Tablets</span>
+        </li>
+        <li class="feature-item">
+          <span class="feature-icon">✦</span>
+          <span>Ende-zu-Ende Verschlüsselung (Zero-Knowledge)</span>
+        </li>
+        <li class="feature-item">
+          <span class="feature-icon">✦</span>
+          <span>Einfache passwortlose Passkey-Anmeldung</span>
+        </li>
+        <li class="feature-item">
+          <span class="feature-icon">✦</span>
+          <span>GPS-Track-Upload & automatische NMEA-Erfassung</span>
+        </li>
+        <li class="feature-item">
+          <span class="feature-icon">✦</span>
+          <span>Crew-Einladung zur gemeinsamen Logbuch-Arbeit</span>
+        </li>
+      </ul>
+    </div>
+  </div>
+
+  <div class="bottom-section">
+    <div class="cta-container">
+      <div class="cta-badge">
+        kapteins-daagbok.eu
+      </div>
+      <div class="qr-code">
+        <img src="assets/qr-kapteins-daagbok.eu.png" alt="QR Code" />
+      </div>
+    </div>
+    <footer>
+      <strong>Kapteins Daagbok</strong> ist ein werbefreies, privates Hobbyprojekt.
+    </footer>
+  </div>
+</body>
+</html>
@@ -0,0 +1,320 @@
+<!DOCTYPE html>
+<html lang="de">
+<head>
+  <meta charset="UTF-8" />
+  <title>Kapteins Daagbok — Sharepic</title>
+  <link rel="preconnect" href="https://fonts.googleapis.com">
+  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+  <link href="https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@400;500;600;700;800&display=swap" rel="stylesheet">
+  <style>
+    * {
+      box-sizing: border-box;
+      margin: 0;
+      padding: 0;
+    }
+
+    body {
+      width: 1200px;
+      height: 630px;
+      font-family: 'Plus Jakarta Sans', sans-serif;
+      color: #e2e8f0;
+      background: #0f172a;
+      overflow: hidden;
+      display: flex;
+      flex-direction: column;
+      justify-content: space-between;
+      padding: 60px 80px;
+      background:
+        radial-gradient(circle at 90% 10%, rgba(56, 189, 248, 0.15) 0%, transparent 45%),
+        radial-gradient(circle at 10% 90%, rgba(134, 59, 255, 0.18) 0%, transparent 45%),
+        linear-gradient(165deg, #090d16 0%, #111827 50%, #090d16 100%);
+      position: relative;
+    }
+
+    /* Subtle background grid pattern */
+    body::after {
+      content: "";
+      position: absolute;
+      inset: 0;
+      background-image: linear-gradient(rgba(148, 163, 184, 0.03) 1px, transparent 1px),
+                        linear-gradient(90deg, rgba(148, 163, 184, 0.03) 1px, transparent 1px);
+      background-size: 40px 40px;
+      pointer-events: none;
+      z-index: 0;
+    }
+
+    /* Outer border */
+    .outer-border {
+      position: absolute;
+      inset: 30px;
+      border: 1px solid rgba(148, 163, 184, 0.1);
+      border-radius: 20px;
+      pointer-events: none;
+      z-index: 1;
+    }
+
+    .content-wrapper {
+      display: flex;
+      justify-content: space-between;
+      align-items: center;
+      height: 100%;
+      width: 100%;
+      z-index: 2;
+      position: relative;
+      gap: 50px;
+    }
+
+    .left-col {
+      flex: 1.1;
+      display: flex;
+      flex-direction: column;
+      justify-content: center;
+      gap: 30px;
+    }
+
+    .brand {
+      display: flex;
+      align-items: center;
+      gap: 20px;
+    }
+
+    .logo {
+      width: 80px;
+      height: 80px;
+      object-fit: contain;
+      filter: drop-shadow(0 4px 12px rgba(56, 189, 248, 0.3));
+    }
+
+    .title-group h1 {
+      font-size: 44px;
+      font-weight: 800;
+      letter-spacing: -0.03em;
+      color: #ffffff;
+      line-height: 1.1;
+      background: linear-gradient(135deg, #ffffff 60%, #94a3b8 100%);
+      -webkit-background-clip: text;
+      background-clip: text;
+      -webkit-text-fill-color: transparent;
+    }
+
+    .title-group p {
+      font-size: 18px;
+      color: #38bdf8;
+      font-weight: 600;
+      margin-top: 4px;
+      letter-spacing: -0.01em;
+    }
+
+    .intro-text {
+      font-size: 20px;
+      line-height: 1.6;
+      color: #cbd5e1;
+      font-weight: 400;
+    }
+
+    .intro-text strong {
+      color: #ffffff;
+      font-weight: 600;
+    }
+
+    .cta-container {
+      display: flex;
+      align-items: center;
+      gap: 20px;
+    }
+
+    .cta-badge {
+      background: linear-gradient(135deg, #38bdf8 0%, #0284c7 100%);
+      color: #0f172a;
+      font-size: 22px;
+      font-weight: 800;
+      padding: 14px 28px;
+      border-radius: 12px;
+      letter-spacing: -0.02em;
+      box-shadow: 0 4px 20px rgba(56, 189, 248, 0.25);
+    }
+
+    .qr-code {
+      width: 60px;
+      height: 60px;
+      background: #ffffff;
+      padding: 4px;
+      border-radius: 8px;
+      box-shadow: 0 4px 15px rgba(0, 0, 0, 0.2);
+      display: flex;
+      align-items: center;
+      justify-content: center;
+    }
+
+    .qr-code img {
+      width: 100%;
+      height: 100%;
+      object-fit: contain;
+    }
+
+    .right-col {
+      flex: 0.9;
+      display: flex;
+      flex-direction: column;
+      justify-content: center;
+    }
+
+    .features-card {
+      background: rgba(30, 41, 59, 0.45);
+      backdrop-filter: blur(16px);
+      -webkit-backdrop-filter: blur(16px);
+      border: 1px solid rgba(255, 255, 255, 0.08);
+      border-radius: 20px;
+      padding: 35px;
+      box-shadow: 0 20px 40px rgba(0, 0, 0, 0.3);
+      position: relative;
+    }
+
+    .features-card::before {
+      content: "";
+      position: absolute;
+      inset: 0;
+      border-radius: 20px;
+      padding: 1px;
+      background: linear-gradient(to bottom, rgba(255, 255, 255, 0.1), rgba(255, 255, 255, 0.02));
+      -webkit-mask: linear-gradient(#fff 0 0) content-box, linear-gradient(#fff 0 0);
+      mask: linear-gradient(#fff 0 0) content-box, linear-gradient(#fff 0 0);
+      -webkit-mask-composite: xor;
+      mask-composite: exclude;
+      pointer-events: none;
+    }
+
+    .features-list {
+      display: flex;
+      flex-direction: column;
+      gap: 18px;
+      list-style: none;
+    }
+
+    .feature-item {
+      display: flex;
+      align-items: flex-start;
+      gap: 14px;
+      font-size: 16px;
+      line-height: 1.4;
+      color: #cbd5e1;
+      font-weight: 500;
+    }
+
+    .feature-icon {
+      color: #38bdf8;
+      font-size: 18px;
+      display: flex;
+      align-items: center;
+      justify-content: center;
+      margin-top: 2px;
+      text-shadow: 0 0 8px rgba(56, 189, 248, 0.6);
+    }
+
+    .badge-premium {
+      background: linear-gradient(135deg, #fbbf24 0%, #f59e0b 100%);
+      color: #1e293b;
+      font-size: 12px;
+      font-weight: 800;
+      text-transform: uppercase;
+      letter-spacing: 0.1em;
+      padding: 4px 10px;
+      border-radius: 6px;
+      margin-left: auto;
+    }
+
+    .card-title {
+      font-size: 14px;
+      font-weight: 700;
+      text-transform: uppercase;
+      letter-spacing: 0.08em;
+      color: #94a3b8;
+      margin-bottom: 20px;
+      display: flex;
+      align-items: center;
+      gap: 8px;
+    }
+
+    .card-title::after {
+      content: "";
+      flex: 1;
+      height: 1px;
+      background: rgba(148, 163, 184, 0.15);
+    }
+
+    footer {
+      position: absolute;
+      bottom: 45px;
+      left: 80px;
+      font-size: 12px;
+      color: #64748b;
+      z-index: 2;
+    }
+
+    footer strong {
+      color: #94a3b8;
+      font-weight: 600;
+    }
+  </style>
+</head>
+<body>
+  <div class="outer-border"></div>
+  <div class="content-wrapper">
+    <div class="left-col">
+      <div class="brand">
+        <img class="logo" src="../../client/public/logo.png" alt="Kapteins Daagbok" />
+        <div class="title-group">
+          <h1>Kapteins Daagbok</h1>
+          <p>Digitales Yacht-Logbuch</p>
+        </div>
+      </div>
+      <p class="intro-text">
+        Führe dein Bordlogbuch modern & digital: Reisetage, GPS-Tracks, Crew- und Schiffsdaten — 
+        <strong>Ende-zu-Ende-verschlüsselt</strong>, als App installierbar und <strong>auch offline</strong> auf See nutzbar.
+      </p>
+      <div class="cta-container">
+        <div class="cta-badge">
+          kapteins-daagbok.eu
+        </div>
+        <div class="qr-code">
+          <img src="assets/qr-kapteins-daagbok.eu.png" alt="QR Code" />
+        </div>
+      </div>
+    </div>
+    <div class="right-col">
+      <div class="features-card">
+        <div class="card-title">Top Features <span class="badge-premium">Kostenlos & Werbefrei</span></div>
+        <ul class="features-list">
+          <li class="feature-item">
+            <span class="feature-icon">✦</span>
+            <span>Nautisches Logbuch-Format & Streckenstatistik</span>
+          </li>
+          <li class="feature-item">
+            <span class="feature-icon">✦</span>
+            <span>Offline-first PWA — läuft auf allen Smartphones & Tablets</span>
+          </li>
+          <li class="feature-item">
+            <span class="feature-icon">✦</span>
+            <span>Ende-zu-Ende Verschlüsselung (Zero-Knowledge)</span>
+          </li>
+          <li class="feature-item">
+            <span class="feature-icon">✦</span>
+            <span>Einfache passwortlose Passkey-Anmeldung</span>
+          </li>
+          <li class="feature-item">
+            <span class="feature-icon">✦</span>
+            <span>GPS-Track-Upload & automatische NMEA-Erfassung</span>
+          </li>
+          <li class="feature-item">
+            <span class="feature-icon">✦</span>
+            <span>Crew-Einladung zur gemeinsamen Logbuch-Arbeit</span>
+          </li>
+        </ul>
+      </div>
+    </div>
+  </div>
+  <footer>
+    <strong>Kapteins Daagbok</strong> ist ein werbefreies, privates Hobbyprojekt.
+  </footer>
+</body>
+</html>
@@ -1,12 +1,21 @@
 # Plausible Custom Events

-Kapteins Daagbok nutzt [Plausible Analytics](https://plausible.io/) mit dem Script `script.tagged-events.js` auf der Domain `kapteins-daagbok.eu`. Custom Events werden über `window.plausible()` ausgelöst (siehe `client/src/services/analytics.ts`).
+Kapteins Daagbok nutzt [Plausible Analytics](https://plausible.io/) mit dem Script `script.tagged-events.js`. Custom Events werden über `window.plausible()` ausgelöst (siehe `client/src/services/analytics.ts`).
+
+**Konfiguration** (`.env`, Frontend-Container / Vite-Dev):
+
+```env
+PLAUSIBLE_ENABLED=true   # Staging: false
+PLAUSIBLE_HOST=https://plausible.elpatron.me
+```
+
+Das Script wird über `plausible-bootstrap.js` geladen; `data-domain` ist der aktuelle Hostname. CSP in Nginx enthält `PLAUSIBLE_HOST` nur wenn aktiviert.

 **Datenschutz:** Es werden keine personenbezogenen Daten in Event-Properties übermittelt (keine Nutzernamen, Hafennamen, Koordinaten o.ä.).

 ## Setup

-1. Script in `client/index.html` (bereits eingebunden)
+1. `PLAUSIBLE_*` in `.env` setzen (Prod: enabled, Staging: disabled empfohlen)
 2. Nach Deploy: Goals im Plausible-Dashboard anlegen — **Namen müssen exakt mit der Event-Spalte „Event name“ übereinstimmen** (Title Case, Leerzeichen)

 ## Event-Übersicht
@@ -84,7 +93,7 @@ Property `action` bei **Live Log Event Logged** — stabile englische Schlüssel
 | `temp` | Temperatur |
 | `precip` | Niederschlag |
 | `sea_state` | Seegang |
-| `fix` | GPS-Fix (manuell) |
+| `position` | GPS-Position (manuell) |
 | `comment` | Kommentar |
 | `voice` | Sprachnotiz (Modal gespeichert) |
 | `undo` | Letztes Ereignis rückgängig |
@@ -137,7 +146,7 @@ Empfohlene Goal-Ketten für Auswertung (nur Business!):
 7. **Kontosicherheit:** Profile Opened → Passkey Added / Local PIN Set / Recovery Rotated; Last Passkey Remove Hinted → Account Deleted (selten, aber aussagekräftig)
 8. **Internationalisierung:** Language Changed (Verteilung `to`, Pfade mit Übersetzungs-Feedback)
 9. **NMEA-Import:** NMEA Uploaded → NMEA Imported (Modus, `events`, optional Track; Upload-Funnel vs. Abbruch)
-10. **Live-Journal:** Live Log Opened → Live Log Event Logged (Verteilung `action`; z. B. `fix`, `course`, `motor_start`) → Photo Uploaded / Voice Memo Uploaded (Filter `context`: `live_log`)
+10. **Live-Journal:** Live Log Opened → Live Log Event Logged (Verteilung `action`; z. B. `position`, `course`, `motor_start`) → Photo Uploaded / Voice Memo Uploaded (Filter `context`: `live_log`)
 11. **OpenWeatherMap:** OWM Weather Fetched (Verteilung `source`; Live-Journal vs. Reisetag-Editor)
 12. **PWA-Stabilitaet:** PWA Boot Watchdog Soft → PWA Boot Watchdog Hard → PWA Boot Watchdog Fallback → PWA Boot Watchdog Manual Repair

@@ -0,0 +1,255 @@
+#!/usr/bin/env bash
+# Create a local backup of PostgreSQL, .env, docker-compose and app (git archive).
+#
+# Run on the server in repo root (/opt/kapteins-daagbok on production).
+#
+# Usage:
+#   ./scripts/backup.sh
+#   ./scripts/backup.sh -dest stage              # Staging-Container (daagbox-staging-db)
+#   ./scripts/backup.sh --reason cron
+#   ./scripts/backup.sh --reason pre-deploy --tag v0.1.1.20
+#   ./scripts/backup.sh --dry-run
+#
+# Environment overrides:
+#   BACKUP_DIR, COMPOSE_FILE, DB_CONTAINER, RETENTION, ENV_FILE
+set -euo pipefail
+
+BACKUP_DIR="${BACKUP_DIR:-/var/backups/kapteins-daagbok}"
+ENV_FILE="${ENV_FILE:-.env}"
+RETENTION="${RETENTION:-5}"
+DEST="prod"
+REASON="manual"
+EXPLICIT_TAG=""
+DRY_RUN=0
+COMPOSE_FILE=""
+DB_CONTAINER=""
+
+apply_dest_config() {
+  local dest="$1"
+  local force="${2:-0}"
+  if [[ "$dest" == "stage" ]]; then
+    if [[ "$force" == "1" || -z "${COMPOSE_FILE}" ]]; then
+      COMPOSE_FILE="docker-compose.staging.yml"
+    fi
+    if [[ "$force" == "1" || -z "${DB_CONTAINER}" ]]; then
+      DB_CONTAINER="daagbox-staging-db"
+    fi
+  else
+    if [[ "$force" == "1" || -z "${COMPOSE_FILE}" ]]; then
+      COMPOSE_FILE="docker-compose.yml"
+    fi
+    if [[ "$force" == "1" || -z "${DB_CONTAINER}" ]]; then
+      DB_CONTAINER="daagbox-prod-db"
+    fi
+  fi
+}
+
+usage() {
+  sed -n '2,14p' "$0"
+  echo ""
+  echo "Options:"
+  echo "  -dest prod|stage                  Target environment (default: prod)"
+  echo "  --reason cron|pre-deploy|manual   Backup trigger (default: manual)"
+  echo "  --tag TAG                         Git tag label (e.g. v0.1.1.20 for pre-deploy)"
+  echo "  --dry-run                         Show actions without writing backup"
+  echo "  -h, --help                        Show this help"
+}
+
+while [ $# -gt 0 ]; do
+  case "$1" in
+    -dest)
+      DEST="${2:?-dest requires an argument}"
+      shift 2
+      ;;
+    -dest=*)
+      DEST="${1#*=}"
+      shift
+      ;;
+    --reason)
+      REASON="${2:?--reason requires an argument}"
+      shift 2
+      ;;
+    --tag)
+      EXPLICIT_TAG="${2:?--tag requires an argument}"
+      shift 2
+      ;;
+    --dry-run)
+      DRY_RUN=1
+      shift
+      ;;
+    -h|--help)
+      usage
+      exit 0
+      ;;
+    *)
+      echo "Unknown option: $1" >&2
+      usage >&2
+      exit 1
+      ;;
+  esac
+done
+
+case "$DEST" in
+  prod|stage) ;;
+  *)
+    echo "Error: invalid -dest '$DEST' (use prod or stage)" >&2
+    exit 1
+    ;;
+esac
+
+apply_dest_config "$DEST"
+
+case "$REASON" in
+  cron|pre-deploy|manual) ;;
+  *)
+    echo "Error: invalid --reason '$REASON' (use cron, pre-deploy, or manual)" >&2
+    exit 1
+    ;;
+esac
+
+if [ ! -f "$COMPOSE_FILE" ]; then
+  echo "Error: $COMPOSE_FILE not found" >&2
+  exit 1
+fi
+
+TIMESTAMP="$(date +%Y%m%d-%H%M%S)"
+GIT_SHA="$(git rev-parse HEAD 2>/dev/null || echo unknown)"
+GIT_TAG="$EXPLICIT_TAG"
+if [ -z "$GIT_TAG" ]; then
+  GIT_TAG="$(git describe --tags --exact-match HEAD 2>/dev/null || true)"
+fi
+if [ -z "$GIT_TAG" ] && [ -f VERSION ]; then
+  GIT_TAG="v$(tr -d '[:space:]' < VERSION)"
+fi
+if [ -z "$GIT_TAG" ]; then
+  GIT_TAG="unknown"
+fi
+
+APP_VERSION="$(tr -d '[:space:]' < VERSION 2>/dev/null || echo unknown)"
+TAG_SLUG="${GIT_TAG}"
+if [ "$REASON" = "pre-deploy" ]; then
+  TAG_SLUG="${GIT_TAG}-predeploy"
+fi
+TAG_SLUG="${TAG_SLUG//\//-}"
+
+ARCHIVE_NAME="kapteins-daagbok_${TIMESTAMP}_${TAG_SLUG}.tar.gz"
+ARCHIVE_PATH="${BACKUP_DIR}/${ARCHIVE_NAME}"
+
+echo "Backup: reason=$REASON tag=$GIT_TAG sha=${GIT_SHA:0:8} → $ARCHIVE_PATH"
+
+if [ "$DRY_RUN" -eq 1 ]; then
+  echo "[dry-run] Would dump database from $DB_CONTAINER"
+  echo "[dry-run] Would copy $ENV_FILE and $COMPOSE_FILE"
+  echo "[dry-run] Would create git archive"
+  echo "[dry-run] Would write manifest and pack to $ARCHIVE_PATH"
+  echo "[dry-run] Would apply retention (keep $RETENTION)"
+  exit 0
+fi
+
+if [ ! -f "$ENV_FILE" ]; then
+  echo "Error: $ENV_FILE not found (run from repo root)" >&2
+  exit 1
+fi
+
+# shellcheck disable=SC1090
+set -a
+source "$ENV_FILE"
+set +a
+
+POSTGRES_USER="${POSTGRES_USER:-postgres}"
+POSTGRES_DB="${POSTGRES_DB:-daagbox}"
+
+if [ -z "${POSTGRES_PASSWORD:-}" ]; then
+  echo "Error: POSTGRES_PASSWORD not set in $ENV_FILE" >&2
+  exit 1
+fi
+
+if ! docker inspect "$DB_CONTAINER" >/dev/null 2>&1; then
+  if [[ "$DEST" == "prod" ]] && docker inspect daagbox-staging-db >/dev/null 2>&1; then
+    echo "Note: $DB_CONTAINER not found — falling back to staging (daagbox-staging-db). Use -dest stage explicitly."
+    apply_dest_config stage 1
+    DEST="stage"
+  else
+    echo "Error: DB container '$DB_CONTAINER' not found" >&2
+    exit 1
+  fi
+fi
+
+if [ "$(docker inspect -f '{{.State.Running}}' "$DB_CONTAINER")" != "true" ]; then
+  echo "Error: DB container '$DB_CONTAINER' is not running" >&2
+  exit 1
+fi
+
+mkdir -p "$BACKUP_DIR"
+chmod 700 "$BACKUP_DIR"
+
+WORK_DIR="$(mktemp -d)"
+cleanup() {
+  rm -rf "$WORK_DIR"
+}
+trap cleanup EXIT
+
+echo "Dumping PostgreSQL ($POSTGRES_DB)..."
+export PGPASSWORD="$POSTGRES_PASSWORD"
+if ! docker exec -e PGPASSWORD="$POSTGRES_PASSWORD" "$DB_CONTAINER" \
+  pg_dump -U "$POSTGRES_USER" -d "$POSTGRES_DB" --no-owner --no-acl \
+  | gzip > "$WORK_DIR/database.sql.gz"; then
+  echo "Error: pg_dump failed" >&2
+  exit 1
+fi
+unset PGPASSWORD
+
+cp "$ENV_FILE" "$WORK_DIR/.env"
+chmod 600 "$WORK_DIR/.env"
+cp "$COMPOSE_FILE" "$WORK_DIR/docker-compose.yml"
+
+echo "Creating app snapshot (git archive)..."
+if git archive --format=tar HEAD | gzip > "$WORK_DIR/app.tar.gz"; then
+  :
+else
+  echo "Warning: git archive failed — backup continues without app.tar.gz" >&2
+  rm -f "$WORK_DIR/app.tar.gz"
+fi
+
+python3 - "$WORK_DIR/manifest.json" <<PY
+import json
+import socket
+import sys
+from datetime import datetime, timezone
+
+manifest = {
+    "timestamp": datetime.now(timezone.utc).strftime("%Y-%m-%dT%H:%M:%SZ"),
+    "local_timestamp": "${TIMESTAMP}",
+    "destination": "${DEST}",
+    "reason": "${REASON}",
+    "git_tag": "${GIT_TAG}",
+    "git_sha": "${GIT_SHA}",
+    "app_version": "${APP_VERSION}",
+    "compose_file": "${COMPOSE_FILE}",
+    "db_container": "${DB_CONTAINER}",
+    "postgres_db": "${POSTGRES_DB}",
+    "hostname": socket.gethostname(),
+    "archive_name": "${ARCHIVE_NAME}",
+}
+with open(sys.argv[1], "w", encoding="utf-8") as f:
+    json.dump(manifest, f, indent=2)
+    f.write("\n")
+PY
+
+echo "Packing backup archive..."
+tar -czf "$ARCHIVE_PATH" -C "$WORK_DIR" \
+  manifest.json database.sql.gz .env docker-compose.yml \
+  $( [ -f "$WORK_DIR/app.tar.gz" ] && echo app.tar.gz )
+chmod 600 "$ARCHIVE_PATH"
+
+echo "Applying retention (keep last $RETENTION backups)..."
+mapfile -t ALL_BACKUPS < <(ls -1t "$BACKUP_DIR"/kapteins-daagbok_*.tar.gz 2>/dev/null || true)
+if [ "${#ALL_BACKUPS[@]}" -gt "$RETENTION" ]; then
+  for ((i = RETENTION; i < ${#ALL_BACKUPS[@]}; i++)); do
+    echo "Removing old backup: ${ALL_BACKUPS[$i]}"
+    rm -f "${ALL_BACKUPS[$i]}"
+  done
+fi
+
+echo "Backup complete: $ARCHIVE_PATH"
+echo "$ARCHIVE_PATH"
@@ -0,0 +1,11 @@
+# Kapteins Daagbok — Production backup cron (install on 10.0.0.25)
+#
+# Install:
+#   crontab -e
+#   (paste the line below)
+#
+# Ensure log directory exists:
+#   touch /var/log/kapteins-backup.log && chmod 600 /var/log/kapteins-backup.log
+
+# Daily backup at 03:00 UTC — keeps last 5 in /var/backups/kapteins-daagbok/
+0 3 * * * cd /opt/kapteins-daagbok && ./scripts/backup.sh --reason cron >> /var/log/kapteins-backup.log 2>&1
@@ -0,0 +1,95 @@
+#!/usr/bin/env node
+/**
+ * Generates the sharepic PNGs (landscape & portrait) from HTML files
+ *
+ * Usage:
+ *   node scripts/generate-sharepic.mjs
+ */
+
+import { execSync } from 'node:child_process'
+import { dirname, resolve } from 'node:path'
+import { fileURLToPath, pathToFileURL } from 'node:url'
+import { createRequire } from 'node:module'
+
+const __dirname = dirname(fileURLToPath(import.meta.url))
+const repoRoot = resolve(__dirname, '..')
+const clientDir = resolve(repoRoot, 'client')
+const marketingDir = resolve(repoRoot, 'docs/marketing')
+
+const require = createRequire(resolve(clientDir, 'package.json'))
+
+function isMissingBrowserError(err) {
+  const msg = err instanceof Error ? err.message : String(err)
+  return msg.includes("Executable doesn't exist") || msg.includes('browserType.launch')
+}
+
+async function ensurePlaywrightChromium(playwright) {
+  try {
+    const browser = await playwright.chromium.launch({ headless: true })
+    await browser.close()
+    return
+  } catch (err) {
+    if (!isMissingBrowserError(err)) throw err
+  }
+
+  console.log('Playwright Chromium fehlt — installiere Browser (einmalig)…')
+  execSync('npx playwright install chromium', {
+    cwd: clientDir,
+    stdio: 'inherit'
+  })
+}
+
+function loadPlaywright() {
+  try {
+    return require('playwright')
+  } catch {
+    console.error('Fehlende Abhängigkeit: "npm install -D playwright" in client/ ausführen.')
+    process.exit(1)
+  }
+}
+
+async function renderSharepic(browser, htmlName, pngName, width, height) {
+  const htmlPath = resolve(marketingDir, htmlName)
+  const pngPath = resolve(marketingDir, pngName)
+  
+  console.log(`Generating sharepic (${width}x${height}) from ${htmlName}...`)
+  
+  const context = await browser.newContext({
+    viewport: { width, height },
+    deviceScaleFactor: 2 // High-DPI for crisp text
+  })
+  const page = await context.newPage()
+  
+  try {
+    await page.goto(pathToFileURL(htmlPath).href, { waitUntil: 'networkidle' })
+    await page.screenshot({
+      path: pngPath,
+      type: 'png'
+    })
+    console.log('Successfully wrote:', pngPath)
+  } finally {
+    await page.close()
+  }
+}
+
+async function main() {
+  const playwright = loadPlaywright()
+  await ensurePlaywrightChromium(playwright)
+  
+  const browser = await playwright.chromium.launch({ headless: true })
+  
+  try {
+    // Landscape 1200x630
+    await renderSharepic(browser, 'sharepic.html', 'kapteins-daagbok-sharepic.png', 1200, 630)
+    
+    // Portrait 1080x1920
+    await renderSharepic(browser, 'sharepic-portrait.html', 'kapteins-daagbok-sharepic-portrait.png', 1080, 1920)
+  } finally {
+    await browser.close()
+  }
+}
+
+main().catch((err) => {
+  console.error('Error generating sharepics:', err)
+  process.exit(1)
+})
@@ -0,0 +1,345 @@
+#!/usr/bin/env bash
+# Restore server backup created by scripts/backup.sh
+#
+# Usage:
+#   ./scripts/restore-backup.sh --list
+#   ./scripts/restore-backup.sh -dest stage --restore PATH
+#   ./scripts/restore-backup.sh --restore /var/backups/kapteins-daagbok/kapteins-daagbok_....tar.gz
+#
+# Environment overrides:
+#   BACKUP_DIR, COMPOSE_FILE, DB_CONTAINER, BACKEND_CONTAINER, ENV_FILE
+set -euo pipefail
+
+BACKUP_DIR="${BACKUP_DIR:-/var/backups/kapteins-daagbok}"
+ENV_FILE="${ENV_FILE:-.env}"
+MAX_WAIT=90
+DEST="prod"
+COMPOSE_FILE=""
+DB_CONTAINER=""
+BACKEND_CONTAINER=""
+
+apply_dest_config() {
+  local dest="$1"
+  local force="${2:-0}"
+  if [[ "$dest" == "stage" ]]; then
+    if [[ "$force" == "1" || -z "${COMPOSE_FILE}" ]]; then
+      COMPOSE_FILE="docker-compose.staging.yml"
+    fi
+    if [[ "$force" == "1" || -z "${DB_CONTAINER}" ]]; then
+      DB_CONTAINER="daagbox-staging-db"
+    fi
+    if [[ "$force" == "1" || -z "${BACKEND_CONTAINER}" ]]; then
+      BACKEND_CONTAINER="daagbox-staging-backend"
+    fi
+  else
+    if [[ "$force" == "1" || -z "${COMPOSE_FILE}" ]]; then
+      COMPOSE_FILE="docker-compose.yml"
+    fi
+    if [[ "$force" == "1" || -z "${DB_CONTAINER}" ]]; then
+      DB_CONTAINER="daagbox-prod-db"
+    fi
+    if [[ "$force" == "1" || -z "${BACKEND_CONTAINER}" ]]; then
+      BACKEND_CONTAINER="daagbox-prod-backend"
+    fi
+  fi
+}
+
+MODE="full"
+RESTORE_PATH=""
+LIST=0
+ASSUME_YES=0
+
+usage() {
+  sed -n '2,10p' "$0"
+  echo ""
+  echo "Options:"
+  echo "  -dest prod|stage                  Target environment (default: prod)"
+  echo "  --list                            List available backups"
+  echo "  --restore PATH                    Backup archive to restore"
+  echo "  --full                            Restore DB + .env (default)"
+  echo "  --db-only                         Restore database only"
+  echo "  --env-only                        Restore .env only"
+  echo "  --yes                             Skip confirmation prompts"
+  echo "  -h, --help                        Show this help"
+}
+
+confirm() {
+  local prompt="$1"
+  if [ "$ASSUME_YES" -eq 1 ]; then
+    return 0
+  fi
+  read -r -p "$prompt [y/N] " answer
+  [[ "$answer" =~ ^[yY]$ ]]
+}
+
+while [ $# -gt 0 ]; do
+  case "$1" in
+    -dest)
+      DEST="${2:?-dest requires an argument}"
+      shift 2
+      ;;
+    -dest=*)
+      DEST="${1#*=}"
+      shift
+      ;;
+    --list)
+      LIST=1
+      shift
+      ;;
+    --restore)
+      RESTORE_PATH="${2:?--restore requires a path}"
+      shift 2
+      ;;
+    --full)
+      MODE="full"
+      shift
+      ;;
+    --db-only)
+      MODE="db-only"
+      shift
+      ;;
+    --env-only)
+      MODE="env-only"
+      shift
+      ;;
+    --yes)
+      ASSUME_YES=1
+      shift
+      ;;
+    -h|--help)
+      usage
+      exit 0
+      ;;
+    *)
+      echo "Unknown option: $1" >&2
+      usage >&2
+      exit 1
+      ;;
+  esac
+done
+
+case "$DEST" in
+  prod|stage) ;;
+  *)
+    echo "Error: invalid -dest '$DEST' (use prod or stage)" >&2
+    exit 1
+    ;;
+esac
+
+apply_dest_config "$DEST"
+
+list_backups() {
+  if [ ! -d "$BACKUP_DIR" ]; then
+    echo "No backup directory: $BACKUP_DIR"
+    return 0
+  fi
+
+  local found=0
+  while IFS= read -r archive; do
+    found=1
+    echo "=== $archive ==="
+    tar -xOf "$archive" manifest.json 2>/dev/null | python3 -m json.tool 2>/dev/null || echo "(no manifest)"
+    echo ""
+  done < <(ls -1t "$BACKUP_DIR"/kapteins-daagbok_*.tar.gz 2>/dev/null || true)
+
+  if [ "$found" -eq 0 ]; then
+    echo "No backups found in $BACKUP_DIR"
+  fi
+}
+
+if [ "$LIST" -eq 1 ]; then
+  list_backups
+  exit 0
+fi
+
+if [ -z "$RESTORE_PATH" ]; then
+  echo "Error: --restore PATH or --list required" >&2
+  usage >&2
+  exit 1
+fi
+
+if [ ! -f "$RESTORE_PATH" ]; then
+  echo "Error: backup archive not found: $RESTORE_PATH" >&2
+  exit 1
+fi
+
+WORK_DIR="$(mktemp -d)"
+cleanup() {
+  rm -rf "$WORK_DIR"
+}
+trap cleanup EXIT
+
+echo "Extracting $RESTORE_PATH..."
+tar -xzf "$RESTORE_PATH" -C "$WORK_DIR"
+
+if [ ! -f "$WORK_DIR/manifest.json" ]; then
+  echo "Error: manifest.json missing in backup archive" >&2
+  exit 1
+fi
+
+MANIFEST="$WORK_DIR/manifest.json"
+echo "Backup manifest:"
+python3 -m json.tool "$MANIFEST"
+echo ""
+
+read_manifest_field() {
+  python3 -c "import json; print(json.load(open('$MANIFEST')).get('$1', '') or '')"
+}
+
+MANIFEST_COMPOSE="$(read_manifest_field compose_file)"
+MANIFEST_DB="$(read_manifest_field db_container)"
+MANIFEST_DEST="$(read_manifest_field destination)"
+
+if [ -n "$MANIFEST_COMPOSE" ]; then
+  COMPOSE_FILE="$MANIFEST_COMPOSE"
+fi
+if [ -n "$MANIFEST_DB" ]; then
+  DB_CONTAINER="$MANIFEST_DB"
+fi
+if [ -n "$MANIFEST_DEST" ]; then
+  if [[ "$MANIFEST_DEST" == "stage" ]]; then
+    BACKEND_CONTAINER="${BACKEND_CONTAINER:-daagbox-staging-backend}"
+  else
+    BACKEND_CONTAINER="${BACKEND_CONTAINER:-daagbox-prod-backend}"
+  fi
+fi
+
+if ! docker inspect "$DB_CONTAINER" >/dev/null 2>&1; then
+  if [[ "$DEST" == "prod" ]] && docker inspect daagbox-staging-db >/dev/null 2>&1; then
+    echo "Note: $DB_CONTAINER not found — falling back to staging (daagbox-staging-db). Use -dest stage explicitly."
+    apply_dest_config stage 1
+    DEST="stage"
+  else
+    echo "Error: DB container '$DB_CONTAINER' not found" >&2
+    exit 1
+  fi
+fi
+
+GIT_TAG="$(read_manifest_field git_tag)"
+GIT_SHA="$(read_manifest_field git_sha)"
+BACKUP_TS="$(read_manifest_field local_timestamp)"
+
+if ! confirm "Restore backup from $BACKUP_TS (tag: $GIT_TAG)? Mode: $MODE"; then
+  echo "Aborted."
+  exit 1
+fi
+
+restore_env() {
+  if [ ! -f "$WORK_DIR/.env" ]; then
+    echo "Error: .env missing in backup archive" >&2
+    exit 1
+  fi
+
+  if [ -f "$ENV_FILE" ]; then
+    BAK="${ENV_FILE}.bak-restore.$(date +%Y%m%d-%H%M%S)"
+    cp "$ENV_FILE" "$BAK"
+    echo "Current $ENV_FILE saved to $BAK"
+  fi
+
+  cp "$WORK_DIR/.env" "$ENV_FILE"
+  chmod 600 "$ENV_FILE"
+  echo "Restored $ENV_FILE"
+}
+
+restore_db() {
+  if [ ! -f "$WORK_DIR/database.sql.gz" ]; then
+    echo "Error: database.sql.gz missing in backup archive" >&2
+    exit 1
+  fi
+
+  if [ ! -f "$ENV_FILE" ]; then
+    echo "Error: $ENV_FILE required for database restore" >&2
+    exit 1
+  fi
+
+  # shellcheck disable=SC1090
+  set -a
+  source "$ENV_FILE"
+  set +a
+
+  POSTGRES_USER="${POSTGRES_USER:-postgres}"
+  POSTGRES_DB="${POSTGRES_DB:-daagbox}"
+
+  if [ -z "${POSTGRES_PASSWORD:-}" ]; then
+    echo "Error: POSTGRES_PASSWORD not set in $ENV_FILE" >&2
+    exit 1
+  fi
+
+  if ! docker inspect "$DB_CONTAINER" >/dev/null 2>&1; then
+    echo "Error: DB container '$DB_CONTAINER' not found" >&2
+    exit 1
+  fi
+
+  echo "Stopping backend before database restore..."
+  docker compose -f "$COMPOSE_FILE" stop backend || true
+
+  echo "Resetting public schema..."
+  export PGPASSWORD="$POSTGRES_PASSWORD"
+  docker exec -e PGPASSWORD="$POSTGRES_PASSWORD" "$DB_CONTAINER" \
+    psql -U "$POSTGRES_USER" -d "$POSTGRES_DB" -v ON_ERROR_STOP=1 <<SQL
+DROP SCHEMA IF EXISTS public CASCADE;
+CREATE SCHEMA public;
+GRANT ALL ON SCHEMA public TO "${POSTGRES_USER}";
+GRANT ALL ON SCHEMA public TO public;
+SQL
+
+  echo "Importing database dump..."
+  gunzip -c "$WORK_DIR/database.sql.gz" | docker exec -i -e PGPASSWORD="$POSTGRES_PASSWORD" "$DB_CONTAINER" \
+    psql -U "$POSTGRES_USER" -d "$POSTGRES_DB" -v ON_ERROR_STOP=1
+  unset PGPASSWORD
+
+  echo "Database restore complete."
+}
+
+wait_for_healthy() {
+  echo "Starting stack and waiting for health..."
+  docker compose -f "$COMPOSE_FILE" up -d
+
+  local counter=0
+  while [ "$counter" -lt "$MAX_WAIT" ]; do
+    local status
+    status="$(docker inspect --format='{{if .State.Health}}{{.State.Health.Status}}{{end}}' "$BACKEND_CONTAINER" 2>/dev/null || true)"
+    if [ "$status" = "healthy" ]; then
+      echo "Backend is healthy."
+      return 0
+    fi
+    if curl -sf "http://127.0.0.1/api/health" | grep -q '"status":"ok"'; then
+      echo "API health check OK."
+      return 0
+    fi
+    sleep 1
+    counter=$((counter + 1))
+    printf "."
+  done
+  echo ""
+  echo "Warning: backend did not become healthy in time." >&2
+  return 1
+}
+
+case "$MODE" in
+  env-only)
+    restore_env
+    ;;
+  db-only)
+    restore_db
+    wait_for_healthy || exit 1
+    ;;
+  full)
+    restore_env
+    restore_db
+    wait_for_healthy || exit 1
+    if [ -f "$WORK_DIR/app.tar.gz" ] && [ "$GIT_TAG" != "unknown" ]; then
+      if confirm "Checkout app code at tag $GIT_TAG? (git fetch + checkout)"; then
+        git fetch --tags origin
+        git checkout "$GIT_TAG"
+        echo "Checked out $GIT_TAG"
+      fi
+    fi
+    ;;
+  *)
+    echo "Error: unknown mode $MODE" >&2
+    exit 1
+    ;;
+esac
+
+echo "Restore finished (mode: $MODE, tag: $GIT_TAG, sha: ${GIT_SHA:0:8})."
@@ -81,7 +81,7 @@ require_node_toolchain() {
  echo ""
  echo "On the production host, prefer updating the running stack:"
  echo "  docker compose -f docker-compose.yml up -d --build"
-  echo "  # or from your workstation: ./scripts/update-prod.sh"
+  echo "  # or from your workstation: ./scripts/update-remotes.sh -dest prod"
  exit 1
 }

@@ -1,254 +0,0 @@
-#!/bin/bash
-
-set -euo pipefail
-
-# Remote deployment configuration
-# Override any of these via environment variables if needed, e.g.:
-#   REMOTE_HOST=192.168.1.10 ./scripts/update-prod.sh
-REMOTE_USER="${REMOTE_USER:-root}"
-REMOTE_HOST="${REMOTE_HOST:-10.0.0.25}"
-REMOTE_DIR="${REMOTE_DIR:-/opt/kapteins-daagbok}"
-REMOTE_TARGET="${REMOTE_USER}@${REMOTE_HOST}"
-
-# Configuration
-COMPOSE_FILE="docker-compose.yml"
-BACKEND_CONTAINER="daagbox-prod-backend"
-MAX_WAIT=35
-
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
-VERSION_FILE="$REPO_ROOT/VERSION"
-DEFAULT_VERSION="0.1.0.0"
-
-echo "=================================================="
-echo "    Kapteins Daagbok Prod Environment Update     "
-echo "=================================================="
-echo "Target: ${REMOTE_TARGET}:${REMOTE_DIR}"
-echo "=================================================="
-
-cd "$REPO_ROOT"
-
-read_current_version() {
-  if [ -f "$VERSION_FILE" ]; then
-    tr -d '[:space:]' < "$VERSION_FILE"
-    return
-  fi
-
-  local latest_tag
-  latest_tag="$(git tag -l 'v*' --sort=-v:refname | head -n 1 || true)"
-  if [ -n "$latest_tag" ]; then
-    echo "${latest_tag#v}"
-    return
-  fi
-
-  echo "$DEFAULT_VERSION"
-}
-
-bump_patch_version() {
-  local version="$1"
-  local major minor patch build
-
-  IFS='.' read -r major minor patch build <<< "$version"
-  major="${major:-0}"
-  minor="${minor:-1}"
-  patch="${patch:-0}"
-  build="${build:-0}"
-
-  build=$((10#$build + 1))
-  echo "${major}.${minor}.${patch}.${build}"
-}
-
-ensure_clean_git_tree() {
-  if [ -z "$(git status --porcelain)" ]; then
-    return 0
-  fi
-
-  echo ""
-  echo "Uncommitted local changes detected:"
-  git status --short
-  echo ""
-  read -r -p "Commit all changes now before release? [y/N] " answer
-
-  if [[ ! "$answer" =~ ^[yY]$ ]]; then
-    echo "Aborting: working tree is not clean."
-    exit 1
-  fi
-
-  read -r -p "Commit message: " commit_message
-  if [ -z "$commit_message" ]; then
-    echo "Aborting: commit message is required."
-    exit 1
-  fi
-
-  git add -A
-  git commit -m "$commit_message"
-}
-
-prepare_release() {
-  local current_version release_version next_version tag_name
-
-  ensure_clean_git_tree
-
-  current_version="$(read_current_version)"
-  release_version="$current_version"
-  next_version="$(bump_patch_version "$current_version")"
-  tag_name="v${release_version}"
-
-  if git rev-parse "$tag_name" >/dev/null 2>&1; then
-    echo "Error: Git tag '$tag_name' already exists."
-    exit 1
-  fi
-
-  echo "$next_version" > "$VERSION_FILE"
-  git add "$VERSION_FILE"
-  git commit -m "chore: release ${tag_name}"
-  git tag -a "$tag_name" -m "Release ${tag_name}"
-
-  echo ""
-  echo "Prepared release ${tag_name}"
-  echo "  Released:  ${tag_name}"
-  echo "  Next prep: v${next_version}"
-  echo ""
-
-  read -r -p "Push commit and tag to origin? [Y/n] " push_answer
-  if [[ ! "$push_answer" =~ ^[nN]$ ]]; then
-    current_branch="$(git branch --show-current)"
-    git push origin "$current_branch"
-    git push origin "$tag_name"
-    echo "Pushed ${current_branch} and ${tag_name} to origin."
-  else
-    echo "Skipped push. Remote host must receive this commit/tag manually."
-  fi
-
-  export APP_VERSION="$release_version"
-}
-
-prepare_release
-
-if [[ "${SKIP_PREDEPLOY_CHECK:-}" == "1" ]]; then
-  echo "Skipping pre-deploy checks (SKIP_PREDEPLOY_CHECK=1)."
-else
-  echo "=================================================="
-  echo "    Pre-deploy checks (local)"
-  echo "=================================================="
-  "$SCRIPT_DIR/predeploy-check.sh"
-fi
-
-echo "=================================================="
-echo "Deploying ${APP_VERSION} to ${REMOTE_TARGET}:${REMOTE_DIR}"
-echo "=================================================="
-
-# Run the whole update procedure remotely over SSH.
-ssh -o ConnectTimeout=10 "$REMOTE_TARGET" 'bash -s' -- \
-  "$REMOTE_DIR" "$COMPOSE_FILE" "$BACKEND_CONTAINER" "$MAX_WAIT" "$REMOTE_HOST" "$APP_VERSION" <<'REMOTE_SCRIPT'
-set -uo pipefail
-
-REMOTE_DIR="$1"
-COMPOSE_FILE="$2"
-BACKEND_CONTAINER="$3"
-MAX_WAIT="$4"
-REMOTE_HOST="$5"
-APP_VERSION="$6"
-
-cd "$REMOTE_DIR" || { echo "Error: Remote directory '$REMOTE_DIR' not found."; exit 1; }
-
-echo "Syncing repository from origin..."
-CURRENT_BRANCH="$(git branch --show-current)"
-if [ -z "$CURRENT_BRANCH" ]; then
-  echo "Error: Could not determine current Git branch."
-  exit 1
-fi
-
-if ! git diff-index --quiet HEAD -- || [ -n "$(git status --porcelain)" ]; then
-  echo "Warning: Local changes on deployment host will be discarded."
-fi
-
-git fetch --tags origin
-if [ $? -ne 0 ]; then
-  echo "Error: Git fetch failed."
-  exit 1
-fi
-
-git reset --hard "origin/${CURRENT_BRANCH}"
-if [ $? -ne 0 ]; then
-  echo "Error: Git reset to origin/${CURRENT_BRANCH} failed."
-  exit 1
-fi
-
-REMOTE_VERSION="$(tr -d '[:space:]' < VERSION)"
-if [ "$REMOTE_VERSION" != "$APP_VERSION" ]; then
-  echo "Note: Remote VERSION file already points to next release (v${REMOTE_VERSION})."
-  echo "      Building deployed release v${APP_VERSION}."
-fi
-
-export APP_VERSION="$APP_VERSION"
-
-echo "Rebuilding Docker images without cache (APP_VERSION=${APP_VERSION})..."
-docker compose -f "$COMPOSE_FILE" build --no-cache
-if [ $? -ne 0 ]; then
-  echo "Error: Docker compose build failed."
-  exit 1
-fi
-
-echo "Starting updated container stack..."
-docker compose -f "$COMPOSE_FILE" up -d
-if [ $? -ne 0 ]; then
-  echo "Error: Failed to spin up docker-compose stack."
-  exit 1
-fi
-
-echo "Cleaning up old/unused Docker resources..."
-docker system prune -f
-if [ $? -ne 0 ]; then
-  echo "Warning: Docker system prune failed to run completely."
-fi
-
-echo "Waiting for services to become healthy..."
-COUNTER=0
-IS_READY=false
-
-while [ $COUNTER -lt $MAX_WAIT ]; do
-  STATUS=$(docker inspect --format='{{.State.Health.Status}}' "$BACKEND_CONTAINER" 2>/dev/null)
-
-  if [ "$STATUS" = "healthy" ]; then
-    IS_READY=true
-    break
-  fi
-
-  sleep 1
-  COUNTER=$((COUNTER + 1))
-  printf "."
-done
-echo ""
-
-echo "=================================================="
-echo "Container Statuses:"
-docker compose -f "$COMPOSE_FILE" ps
-echo "=================================================="
-
-if [ "$IS_READY" = true ]; then
-  echo "SUCCESS: Production environment updated and healthy!"
-  echo " -> Version:               v${APP_VERSION}"
-  echo " -> App Frontend (Nginx):  http://${REMOTE_HOST}"
-  echo " -> Backend API Health:    http://${REMOTE_HOST}/api/health"
-  echo "=================================================="
-else
-  echo "WARNING: Backend did not transition to healthy in time."
-  echo "Check backend container logs for details:"
-  echo " -> docker compose logs backend"
-  echo "=================================================="
-  exit 3
-fi
-REMOTE_SCRIPT
-
-REMOTE_EXIT=$?
-echo "=================================================="
-if [ $REMOTE_EXIT -eq 0 ]; then
-  echo "Remote update completed successfully on ${REMOTE_TARGET} (v${APP_VERSION})."
-elif [ $REMOTE_EXIT -eq 3 ]; then
-  echo "Remote update finished, but the backend was not healthy in time on ${REMOTE_TARGET}."
-else
-  echo "Remote update FAILED on ${REMOTE_TARGET} (exit code: ${REMOTE_EXIT})."
-fi
-echo "=================================================="
-exit $REMOTE_EXIT
@@ -0,0 +1,432 @@
+#!/bin/bash
+
+set -euo pipefail
+
+usage() {
+  cat <<EOF
+Usage: $(basename "$0") [-dest prod|stage]
+
+Deploy Kapteins Daagbok to production or staging.
+
+  -dest prod   Production (default): release tag, bump VERSION, deploy to 10.0.0.25
+  -dest stage  Staging: no release tag, deploy branch to 10.0.0.27
+
+Environment overrides (optional):
+  REMOTE_HOST, REMOTE_USER, REMOTE_DIR, COMPOSE_FILE, BACKEND_CONTAINER
+  DEPLOY_BRANCH (stage only, default: master)
+  SKIP_PREDEPLOY_CHECK=1
+
+Local repo must be clean and match origin before deploy (git fetch + compare HEAD).
+
+Examples:
+  $(basename "$0") -dest prod
+  $(basename "$0") -dest stage
+  DEPLOY_BRANCH=feature/foo $(basename "$0") -dest stage
+EOF
+}
+
+DEST="prod"
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    -dest)
+      if [[ $# -lt 2 ]]; then
+        echo "Error: -dest requires an argument (prod or stage)." >&2
+        usage
+        exit 1
+      fi
+      DEST="$2"
+      shift 2
+      ;;
+    -dest=*)
+      DEST="${1#*=}"
+      shift
+      ;;
+    -h|--help)
+      usage
+      exit 0
+      ;;
+    *)
+      echo "Error: Unknown argument: $1" >&2
+      usage
+      exit 1
+      ;;
+  esac
+done
+
+case "$DEST" in
+  prod|stage) ;;
+  *)
+    echo "Error: Invalid -dest '$DEST' (use prod or stage)." >&2
+    usage
+    exit 1
+    ;;
+esac
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
+VERSION_FILE="$REPO_ROOT/VERSION"
+DEFAULT_VERSION="0.1.0.0"
+MAX_WAIT=90
+
+REMOTE_USER="${REMOTE_USER:-root}"
+
+if [[ "$DEST" == "stage" ]]; then
+  REMOTE_HOST="${REMOTE_HOST:-10.0.0.27}"
+  REMOTE_DIR="${REMOTE_DIR:-/opt/kapteins-daagbok-staging}"
+  COMPOSE_FILE="${COMPOSE_FILE:-docker-compose.staging.yml}"
+  BACKEND_CONTAINER="${BACKEND_CONTAINER:-daagbox-staging-backend}"
+  APP_URL="${APP_URL:-https://staging.kapteins-daagbok.eu}"
+  DEPLOY_BRANCH="${DEPLOY_BRANCH:-master}"
+  ENV_LABEL="Staging"
+else
+  REMOTE_HOST="${REMOTE_HOST:-10.0.0.25}"
+  REMOTE_DIR="${REMOTE_DIR:-/opt/kapteins-daagbok}"
+  COMPOSE_FILE="${COMPOSE_FILE:-docker-compose.yml}"
+  BACKEND_CONTAINER="${BACKEND_CONTAINER:-daagbox-prod-backend}"
+  APP_URL="${APP_URL:-https://kapteins-daagbok.eu}"
+  DEPLOY_BRANCH=""
+  ENV_LABEL="Production"
+fi
+
+REMOTE_TARGET="${REMOTE_USER}@${REMOTE_HOST}"
+
+echo "=================================================="
+echo "    Kapteins Daagbok ${ENV_LABEL} Update"
+echo "=================================================="
+echo "Destination: ${DEST}"
+echo "Target:      ${REMOTE_TARGET}:${REMOTE_DIR}"
+if [[ "$DEST" == "stage" ]]; then
+  echo "Branch:      ${DEPLOY_BRANCH}"
+fi
+echo "URL:         ${APP_URL}"
+echo "=================================================="
+
+cd "$REPO_ROOT"
+
+read_current_version() {
+  if [ -f "$VERSION_FILE" ]; then
+    tr -d '[:space:]' < "$VERSION_FILE"
+    return
+  fi
+
+  local latest_tag
+  latest_tag="$(git tag -l 'v*' --sort=-v:refname | head -n 1 || true)"
+  if [ -n "$latest_tag" ]; then
+    echo "${latest_tag#v}"
+    return
+  fi
+
+  echo "$DEFAULT_VERSION"
+}
+
+bump_patch_version() {
+  local version="$1"
+  local major minor patch build
+
+  IFS='.' read -r major minor patch build <<< "$version"
+  major="${major:-0}"
+  minor="${minor:-1}"
+  patch="${patch:-0}"
+  build="${build:-0}"
+
+  build=$((10#$build + 1))
+  echo "${major}.${minor}.${patch}.${build}"
+}
+
+ensure_clean_git_tree() {
+  if [ -z "$(git status --porcelain)" ]; then
+    return 0
+  fi
+
+  echo ""
+  echo "Uncommitted local changes detected:"
+  git status --short
+  echo ""
+  read -r -p "Commit all changes now before release? [y/N] " answer
+
+  if [[ ! "$answer" =~ ^[yY]$ ]]; then
+    echo "Aborting: working tree is not clean."
+    exit 1
+  fi
+
+  read -r -p "Commit message: " commit_message
+  if [ -z "$commit_message" ]; then
+    echo "Aborting: commit message is required."
+    exit 1
+  fi
+
+  git add -A
+  git commit -m "$commit_message"
+}
+
+ensure_local_sync_with_origin() {
+  local branch="$1"
+  local local_sha origin_sha current_branch
+
+  if [ -z "$branch" ]; then
+    echo "Error: deploy branch is not set." >&2
+    exit 1
+  fi
+
+  if [ -n "$(git status --porcelain)" ]; then
+    echo "Error: Working tree is not clean. Commit or stash changes before deploying." >&2
+    git status --short
+    exit 1
+  fi
+
+  current_branch="$(git branch --show-current)"
+  if [ -z "$current_branch" ]; then
+    echo "Error: Detached HEAD — checkout branch '$branch' before deploying." >&2
+    exit 1
+  fi
+
+  if [ "$current_branch" != "$branch" ]; then
+    echo "Error: On branch '$current_branch', expected '$branch'." >&2
+    exit 1
+  fi
+
+  echo "Syncing with origin..."
+  git fetch --tags origin
+  if [ $? -ne 0 ]; then
+    echo "Error: git fetch origin failed." >&2
+    exit 1
+  fi
+
+  if ! git rev-parse --verify "origin/${branch}" >/dev/null 2>&1; then
+    echo "Error: origin/${branch} does not exist." >&2
+    exit 1
+  fi
+
+  local_sha="$(git rev-parse HEAD)"
+  origin_sha="$(git rev-parse "origin/${branch}")"
+
+  if [ "$local_sha" = "$origin_sha" ]; then
+    echo "Local branch '$branch' matches origin/${branch} ($(git rev-parse --short HEAD))."
+    return 0
+  fi
+
+  echo "Error: Local '$branch' is not in sync with origin/${branch}." >&2
+  echo "  local:  $(git rev-parse --short HEAD) $(git log -1 --format='%s' HEAD)" >&2
+  echo "  origin: $(git rev-parse --short "origin/${branch}") $(git log -1 --format='%s' "origin/${branch}")" >&2
+
+  if git merge-base --is-ancestor "$local_sha" "origin/${branch}" 2>/dev/null; then
+    echo "Hint: run 'git pull' to fast-forward." >&2
+  elif git merge-base --is-ancestor "origin/${branch}" "$local_sha" 2>/dev/null; then
+    echo "Hint: run 'git push origin ${branch}' before deploying." >&2
+  else
+    echo "Hint: branches have diverged — reconcile manually before deploying." >&2
+  fi
+  exit 1
+}
+
+prepare_release() {
+  local current_version release_version next_version tag_name
+
+  ensure_clean_git_tree
+
+  current_version="$(read_current_version)"
+  release_version="$current_version"
+  next_version="$(bump_patch_version "$current_version")"
+  tag_name="v${release_version}"
+
+  if git rev-parse "$tag_name" >/dev/null 2>&1; then
+    echo "Error: Git tag '$tag_name' already exists."
+    exit 1
+  fi
+
+  echo "$next_version" > "$VERSION_FILE"
+  git add "$VERSION_FILE"
+  git commit -m "chore: release ${tag_name}"
+  git tag -a "$tag_name" -m "Release ${tag_name}"
+
+  echo ""
+  echo "Prepared release ${tag_name}"
+  echo "  Released:  ${tag_name}"
+  echo "  Next prep: v${next_version}"
+  echo ""
+
+  read -r -p "Push commit and tag to origin? [Y/n] " push_answer
+  if [[ ! "$push_answer" =~ ^[nN]$ ]]; then
+    current_branch="$(git branch --show-current)"
+    git push origin "$current_branch"
+    git push origin "$tag_name"
+    echo "Pushed ${current_branch} and ${tag_name} to origin."
+  else
+    echo "Skipped push. Remote host must receive this commit/tag manually."
+  fi
+
+  export APP_VERSION="$release_version"
+}
+
+if [[ "$DEST" == "prod" ]]; then
+  prepare_release
+  ensure_local_sync_with_origin "$(git branch --show-current)"
+else
+  ensure_local_sync_with_origin "$DEPLOY_BRANCH"
+  APP_VERSION="$(read_current_version)"
+fi
+
+if [[ "${SKIP_PREDEPLOY_CHECK:-}" == "1" ]]; then
+  echo "Skipping pre-deploy checks (SKIP_PREDEPLOY_CHECK=1)."
+else
+  echo "=================================================="
+  echo "    Pre-deploy checks (local)"
+  echo "=================================================="
+  "$SCRIPT_DIR/predeploy-check.sh"
+fi
+
+echo "=================================================="
+echo "Deploying v${APP_VERSION} to ${REMOTE_TARGET}:${REMOTE_DIR}"
+echo "=================================================="
+
+ssh -o ConnectTimeout=10 "$REMOTE_TARGET" 'bash -s' -- \
+  "$REMOTE_DIR" "$COMPOSE_FILE" "$BACKEND_CONTAINER" "$MAX_WAIT" "$APP_URL" "$APP_VERSION" "$DEST" "$DEPLOY_BRANCH" <<'REMOTE_SCRIPT'
+set -uo pipefail
+
+REMOTE_DIR="$1"
+COMPOSE_FILE="$2"
+BACKEND_CONTAINER="$3"
+MAX_WAIT="$4"
+APP_URL="$5"
+APP_VERSION="$6"
+DEST="$7"
+DEPLOY_BRANCH="${8:-}"
+
+cd "$REMOTE_DIR" || { echo "Error: Remote directory '$REMOTE_DIR' not found."; exit 1; }
+
+if ! git diff-index --quiet HEAD -- || [ -n "$(git status --porcelain)" ]; then
+  echo "Warning: Local changes on deployment host will be discarded."
+fi
+
+if [[ "$DEST" == "prod" ]]; then
+  echo "Creating pre-deploy backup..."
+  if [ -x "./scripts/backup.sh" ]; then
+    if ! ./scripts/backup.sh --reason pre-deploy --tag "v${APP_VERSION}"; then
+      echo "Error: Pre-deploy backup failed. Aborting update."
+      exit 1
+    fi
+  else
+    echo "Warning: scripts/backup.sh not found or not executable — skipping backup."
+  fi
+fi
+
+if [[ "$DEST" == "stage" ]]; then
+  echo "Syncing repository from origin/${DEPLOY_BRANCH}..."
+  git fetch origin
+  if [ $? -ne 0 ]; then
+    echo "Error: Git fetch failed."
+    exit 1
+  fi
+  git checkout "$DEPLOY_BRANCH" 2>/dev/null || git checkout -b "$DEPLOY_BRANCH" "origin/${DEPLOY_BRANCH}"
+  git reset --hard "origin/${DEPLOY_BRANCH}"
+  if [ $? -ne 0 ]; then
+    echo "Error: Git reset to origin/${DEPLOY_BRANCH} failed."
+    exit 1
+  fi
+else
+  echo "Syncing repository from origin..."
+  CURRENT_BRANCH="$(git branch --show-current)"
+  if [ -z "$CURRENT_BRANCH" ]; then
+    echo "Error: Could not determine current Git branch."
+    exit 1
+  fi
+
+  git fetch --tags origin
+  if [ $? -ne 0 ]; then
+    echo "Error: Git fetch failed."
+    exit 1
+  fi
+
+  git reset --hard "origin/${CURRENT_BRANCH}"
+  if [ $? -ne 0 ]; then
+    echo "Error: Git reset to origin/${CURRENT_BRANCH} failed."
+    exit 1
+  fi
+
+  REMOTE_VERSION="$(tr -d '[:space:]' < VERSION)"
+  if [ "$REMOTE_VERSION" != "$APP_VERSION" ]; then
+    echo "Note: Remote VERSION file already points to next release (v${REMOTE_VERSION})."
+    echo "      Building deployed release v${APP_VERSION}."
+  fi
+fi
+
+export APP_VERSION="$APP_VERSION"
+
+if [[ "$DEST" == "prod" ]]; then
+  echo "Rebuilding Docker images without cache (APP_VERSION=${APP_VERSION})..."
+  docker compose -f "$COMPOSE_FILE" build --no-cache
+else
+  echo "Rebuilding Docker images (APP_VERSION=${APP_VERSION})..."
+  docker compose -f "$COMPOSE_FILE" build
+fi
+if [ $? -ne 0 ]; then
+  echo "Error: Docker compose build failed."
+  exit 1
+fi
+
+echo "Starting updated container stack..."
+docker compose -f "$COMPOSE_FILE" up -d
+if [ $? -ne 0 ]; then
+  echo "Error: Failed to spin up docker-compose stack."
+  exit 1
+fi
+
+echo "Cleaning up old/unused Docker resources..."
+docker system prune -f || echo "Warning: Docker system prune failed."
+
+echo "Waiting for services to become healthy..."
+COUNTER=0
+IS_READY=false
+
+while [ $COUNTER -lt $MAX_WAIT ]; do
+  STATUS=$(docker inspect --format='{{if .State.Health}}{{.State.Health.Status}}{{end}}' "$BACKEND_CONTAINER" 2>/dev/null || true)
+
+  if [ "$STATUS" = "healthy" ]; then
+    IS_READY=true
+    break
+  fi
+
+  # End-to-end fallback via frontend nginx (covers missing/stale container health state)
+  if curl -sf "http://127.0.0.1/api/health" | grep -q '"status":"ok"'; then
+    IS_READY=true
+    break
+  fi
+
+  sleep 1
+  COUNTER=$((COUNTER + 1))
+  printf "."
+done
+echo ""
+
+echo "=================================================="
+echo "Container Statuses:"
+docker compose -f "$COMPOSE_FILE" ps
+echo "=================================================="
+
+if [ "$IS_READY" = true ]; then
+  echo "SUCCESS: ${DEST} environment updated and healthy!"
+  echo " -> Version:            v${APP_VERSION}"
+  echo " -> App Frontend:       ${APP_URL}"
+  echo " -> Backend API Health: ${APP_URL}/api/health"
+  echo "=================================================="
+else
+  echo "WARNING: Backend did not transition to healthy in time."
+  echo "Check backend container logs:"
+  echo " -> docker compose -f ${COMPOSE_FILE} logs backend"
+  echo "=================================================="
+  exit 3
+fi
+REMOTE_SCRIPT
+
+REMOTE_EXIT=$?
+echo "=================================================="
+if [ $REMOTE_EXIT -eq 0 ]; then
+  echo "${ENV_LABEL} update completed successfully on ${REMOTE_TARGET} (v${APP_VERSION})."
+elif [ $REMOTE_EXIT -eq 3 ]; then
+  echo "${ENV_LABEL} update finished, but the backend was not healthy in time on ${REMOTE_TARGET}."
+else
+  echo "${ENV_LABEL} update FAILED on ${REMOTE_TARGET} (exit code: ${REMOTE_EXIT})."
+fi
+echo "=================================================="
+exit $REMOTE_EXIT
@@ -0,0 +1,25 @@
+const ADMIN_ENV_KEY = 'ADMIN_USER_IDS'
+
+export function getAdminUserIds(): Set<string> {
+  const raw = process.env[ADMIN_ENV_KEY]
+  if (!raw) {
+    return new Set()
+  }
+
+  const ids = raw
+    .split(',')
+    .map((id) => id.trim())
+    .filter((id) => id.length > 0)
+
+  if (ids.length === 0) {
+    return new Set()
+  }
+
+  return new Set(ids)
+}
+
+export function isAdminUserId(userId: string): boolean {
+  const adminIds = getAdminUserIds()
+  return adminIds.has(userId)
+}
+
@@ -12,6 +12,7 @@ import pushRouter from './routes/push.js'
 import weatherRouter from './routes/weather.js'
 import aiRouter from './routes/ai.js'
 import feedbackRouter from './routes/feedback.js'
+import adminRouter from './routes/admin.js'
 import { prisma } from './db.js'
 import { buildCorsOptions } from './cors.js'

@@ -121,6 +122,7 @@ export function createApp(): express.Express {
  app.use('/api/weather', weatherRouter)
  app.use('/api/ai', aiRouter)
  app.use('/api/feedback', feedbackRouter)
+  app.use('/api/admin', adminRouter)

  app.get('/api/health', async (_req, res) => {
    try {
@@ -1,5 +1,6 @@
 import type { Request, Response, NextFunction } from 'express'
 import { hasValidReauth, readSessionFromRequest } from '../session.js'
+import { isAdminUserId } from '../adminConfig.js'

 export interface AuthedRequest extends Request {
  userId: string
@@ -31,3 +32,21 @@ export function requireReauth(req: Request, res: Response, next: NextFunction):
  ;(req as AuthedRequest).session = session
  next()
 }
+
+export function requireAdmin(req: Request, res: Response, next: NextFunction): void {
+  const session = readSessionFromRequest(req)
+  if (!session) {
+    res.status(401).json({ error: 'Unauthorized: valid session required' })
+    return
+  }
+
+  if (!isAdminUserId(session.userId)) {
+    res.status(403).json({ error: 'Forbidden: admin access required' })
+    return
+  }
+
+  ;(req as AuthedRequest).userId = session.userId
+  ;(req as AuthedRequest).session = session
+  next()
+}
+
@@ -0,0 +1,151 @@
+import { Router } from 'express'
+import { prisma } from '../db.js'
+import { requireUser, requireAdmin, type AuthedRequest } from '../middleware/auth.js'
+
+const router = Router()
+
+router.get('/me', requireUser, requireAdmin, (req, res) => {
+  const { userId } = req as AuthedRequest
+  res.json({ isAdmin: true, userId })
+})
+
+router.get('/summary', requireUser, requireAdmin, async (_req, res) => {
+  try {
+    const [totalUsers, totalLogbooks, totalPhotos, totalVoiceMemos, totalGpsTracks, totalCollaborations, totalInvitations, aiSummaryEntries] =
+      await Promise.all([
+        prisma.user.count(),
+        prisma.logbook.count(),
+        prisma.photoPayload.count(),
+        prisma.voiceMemoPayload.count(),
+        prisma.gpsTrackPayload.count(),
+        prisma.collaboration.count(),
+        prisma.invitation.count(),
+        prisma.aiSummaryUsage.count()
+      ])
+
+    res.json({
+      totalUsers,
+      totalLogbooks,
+      totalPhotos,
+      totalVoiceMemos,
+      totalGpsTracks,
+      totalCollaborations,
+      totalInvitations,
+      aiSummaryEntries
+    })
+  } catch (error: unknown) {
+    console.error('admin/summary error', error)
+    res.status(500).json({ error: 'Failed to load admin summary' })
+  }
+})
+
+type TimeBucket = 'day' | 'week' | 'month'
+
+interface TimeSeriesPoint {
+  date: string
+  count: number
+}
+
+interface TimeSeries {
+  metric: string
+  points: TimeSeriesPoint[]
+}
+
+function normalizeBucket(value: string | undefined | null): TimeBucket {
+  if (value === 'week' || value === 'month') return value
+  return 'day'
+}
+
+function parseWindowDays(raw: string | undefined | null): number {
+  const n = raw ? Number.parseInt(raw, 10) : NaN
+  if (!Number.isFinite(n) || n <= 0) return 90
+  return Math.min(n, 365)
+}
+
+function startOfDay(date: Date): Date {
+  const d = new Date(date)
+  d.setUTCHours(0, 0, 0, 0)
+  return d
+}
+
+function startOfWeek(date: Date): Date {
+  const d = startOfDay(date)
+  const day = d.getUTCDay() || 7
+  d.setUTCDate(d.getUTCDate() - (day - 1))
+  return d
+}
+
+function startOfMonth(date: Date): Date {
+  const d = startOfDay(date)
+  d.setUTCDate(1)
+  return d
+}
+
+function bucketDate(date: Date, bucket: TimeBucket): string {
+  const base =
+    bucket === 'week' ? startOfWeek(date) : bucket === 'month' ? startOfMonth(date) : startOfDay(date)
+  return base.toISOString().slice(0, 10)
+}
+
+async function buildTimeSeries(bucket: TimeBucket, windowDays: number): Promise<TimeSeries[]> {
+  const since = new Date()
+  since.setUTCDate(since.getUTCDate() - windowDays)
+
+  const [users, logbooks, photos] = await Promise.all([
+    prisma.user.findMany({
+      where: { createdAt: { gte: since } },
+      select: { createdAt: true }
+    }),
+    prisma.logbook.findMany({
+      where: { createdAt: { gte: since } },
+      select: { createdAt: true }
+    }),
+    prisma.photoPayload.findMany({
+      where: { updatedAt: { gte: since } },
+      select: { updatedAt: true }
+    })
+  ])
+
+  function aggregate(dates: Date[], metric: string): TimeSeries {
+    const map = new Map<string, number>()
+    for (const d of dates) {
+      const key = bucketDate(d, bucket)
+      map.set(key, (map.get(key) ?? 0) + 1)
+    }
+    const points = Array.from(map.entries())
+      .sort(([a], [b]) => (a < b ? -1 : a > b ? 1 : 0))
+      .map(([date, count]) => ({ date, count }))
+    return { metric, points }
+  }
+
+  return [
+    aggregate(
+      users.map((u) => u.createdAt),
+      'users_created'
+    ),
+    aggregate(
+      logbooks.map((l) => l.createdAt),
+      'logbooks_created'
+    ),
+    aggregate(
+      photos.map((p) => p.updatedAt),
+      'photos_updated'
+    )
+  ]
+}
+
+router.get('/timeseries', requireUser, requireAdmin, async (req, res) => {
+  try {
+    const bucket = normalizeBucket(typeof req.query.bucket === 'string' ? req.query.bucket : undefined)
+    const windowDays = parseWindowDays(typeof req.query.window === 'string' ? req.query.window : undefined)
+
+    const series = await buildTimeSeries(bucket, windowDays)
+    res.json({ bucket, windowDays, series })
+  } catch (error: unknown) {
+    console.error('admin/timeseries error', error)
+    res.status(500).json({ error: 'Failed to load admin time series' })
+  }
+})
+
+export default router
+
Author	SHA1	Message	Date
elpatron	41acbaebac	chore: release v0.1.1.22	2026-06-05 19:58:21 +02:00
elpatron	6c83cd7d36	feat: differentiate weather fetch errors by cause	2026-06-05 19:52:33 +02:00
elpatron	9089e1c6f9	feat: resolve user profile photos in chronological event log	2026-06-05 19:46:18 +02:00
elpatron	1504960d85	chore: release v0.1.1.21	2026-06-05 19:13:20 +02:00
elpatron	599f090895	fix: resolve unbound variable error on remote deploy to prod	2026-06-05 19:13:03 +02:00
elpatron	4eb2b4c517	chore: release v0.1.1.20	2026-06-05 19:07:30 +02:00
elpatron	be3b23ed8c	docs: update marketing sticker image	2026-06-05 19:07:21 +02:00
elpatron	697c5781b7	feat(deploy): Unterstützung für Staging-Backups und -Wiederherstellungen Erweitert die Backup- und Restore-Skripte um die Möglichkeit, Staging-Umgebungen zu unterstützen. Fügt die Option `-dest stage` hinzu, um spezifische Konfigurationen für Staging zu verwenden, einschließlich separater Docker-Compose-Dateien und Datenbankcontainer. Dokumentation aktualisiert, um manuelle Tests und Umgebungsvariablen für Staging zu reflektieren.	2026-06-05 18:45:52 +02:00
elpatron	4c36c9160a	feat(deploy): Server-Backup und Restore für Produktion Automatisiert pg_dump, .env, Compose und Git-Archiv mit Tag-Zuordnung, Retention (5) und Pre-Deploy-Hook nur für Prod. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 18:40:47 +02:00
elpatron	d559a762d2	fix(deploy): Vor Deploy sauberen und synchronen Git-Stand erzwingen update-remotes.sh bricht ab, wenn uncommitted Änderungen bestehen oder HEAD nicht mit origin übereinstimmt. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 18:24:21 +02:00
elpatron	a2180a302c	refactor(tour): interne z-index-Schichtung im Overlay vereinfachen Ersetzt irreführende 10001/10002-Werte durch relative Layer 1–3 innerhalb von .app-tour-root und dokumentiert den Stacking-Context. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 18:15:17 +02:00
elpatron	cd29115233	fix(tour): Tour-Tooltip über hervorgehobenen Profil-Schritten anzeigen Erhöht den z-index des Tour-Overlays über app-tour-target-active, damit das Modal in Schritt 8 (Stammcrew & Skipper) nicht von der Spotlight-Karte verdeckt wird. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 18:12:28 +02:00
elpatron	e4b07ca896	refactor(deploy): update-prod.sh zu update-remotes.sh umbenennen Ein Skript für Prod und Staging; update-staging.sh entfällt. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 18:12:08 +02:00
elpatron	f0c3cacb06	feat(analytics): Plausible über PLAUSIBLE_ENABLED und PLAUSIBLE_HOST steuerbar Runtime-Konfiguration im Frontend-Container trennt Prod und Staging; Staging deaktiviert Analytics standardmäßig. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 18:04:31 +02:00
elpatron	5821e20086	fix(deploy): Backend-Healthcheck und Staging-Wrapper absichern Expliziter Compose-Healthcheck für das Backend, curl-Fallback und längeres MAX_WAIT im Deploy-Skript; update-staging.sh lehnt -dest ab. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 17:52:05 +02:00
elpatron	aff8d1517d	feat(deploy): Staging-Umgebung und einheitliches Deploy-Skript Fügt docker-compose.staging.yml, Staging-Dokumentation und -dest prod\|stage in update-prod.sh hinzu, damit Prod und Staging über ein Skript deploybar sind. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 17:47:12 +02:00
elpatron	f4d6b11414	chore: release v0.1.1.19	2026-06-05 11:47:07 +02:00
elpatron	968e81f4fb	feat(auth): Session-Wiederherstellung nach Reload ohne vollen Login Nach gültigem Server-Cookie wird automatisch Passkey oder PIN zum Entsperren angeboten, statt die komplette Anmelde-Maske zu zeigen. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 11:42:06 +02:00
elpatron	10835c9def	chore: release v0.1.1.18	2026-06-05 11:30:44 +02:00
elpatron	cdbc618521	fix(admin): kompakteres Mobile-Layout für Admin-Dashboard KPI-Karten bleiben auf schmalen Viewports in zwei Spalten, Header und Filter nutzen weniger vertikalen Platz. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 11:30:25 +02:00
elpatron	f75fe42910	chore: release v0.1.1.17	2026-06-05 11:15:46 +02:00
elpatron	212775ffdc	fix(deploy): pass ADMIN_USER_IDS into backend container Docker Compose did not forward the admin whitelist from .env, so production always treated every user as non-admin. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 11:14:56 +02:00
elpatron	c80760db02	chore: release v0.1.1.16	2026-06-05 11:05:03 +02:00
elpatron	cd1dd12c15	fix: require auth before rendering admin dashboard Show login instead of AdminDashboard on /admin when unauthenticated to avoid pointless admin API calls. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 10:31:54 +02:00
elpatron	43cf589613	feat: add in-app admin navigation for whitelisted users Detect admin access after login and expose a header button that opens /admin via client-side routing so the session stays unlocked when returning to the app. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 10:03:46 +02:00
elpatron	e1cb2754c4	fix: keep session when leaving admin Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 09:32:30 +02:00
elpatron	5dedb8fac0	feat: add admin dashboard with usage stats Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-05 09:26:55 +02:00
elpatron	78f1659db4	chore: release v0.1.1.15	2026-06-04 19:30:53 +02:00
elpatron	935c263648	style: link KnorrLabs to dashy with compass icon badge	2026-06-04 19:29:59 +02:00
elpatron	29ac96f892	chore: release v0.1.1.14	2026-06-04 19:27:12 +02:00
elpatron	4d3b7210b3	style: replace name with email address in footer mail link badge	2026-06-04 19:27:00 +02:00
elpatron	369bca2ef1	chore: release v0.1.1.13	2026-06-04 19:23:13 +02:00
elpatron	2fcc741f5e	style: style email link in footer as icon badge similar to Ko-Fi badge	2026-06-04 19:22:43 +02:00
elpatron	27722186d1	AI Video updated	2026-06-04 19:18:10 +02:00
elpatron	5710c74706	feat: add square sticker/sharepic image	2026-06-04 19:09:27 +02:00
elpatron	cd27dfa27d	Add AI generated marketing video	2026-06-04 19:05:36 +02:00
elpatron	c4c7d42de4	feat: add portrait sharepic and update generation script	2026-06-04 18:39:07 +02:00
elpatron	71025b3d61	style: add QR code to sharepic layout	2026-06-04 18:36:51 +02:00
elpatron	f790a6adcc	feat: add sharepic HTML template, generation script, and client package task	2026-06-04 18:36:12 +02:00
elpatron	de5a46938b	chore: release v0.1.1.12	2026-06-04 18:26:15 +02:00
elpatron	16944c1a26	chore: update contact email in footer to moin@kapteins-daagbok.eu	2026-06-04 18:26:02 +02:00
elpatron	fae7b20f90	chore: release v0.1.1.11	2026-06-03 19:39:37 +02:00
elpatron	73e7613a1b	feat(logbook): attribute log events to creator and show in exports	2026-06-03 19:39:15 +02:00
elpatron	6c8aa5af4c	chore: release v0.1.1.10	2026-06-03 19:17:02 +02:00
elpatron	9554f4b66e	style(client): center PWA update and install banners properly	2026-06-03 19:16:56 +02:00
elpatron	5c77bbfdc3	style(client): hide version footer on mobile when bottom navigation is active	2026-06-03 19:15:09 +02:00
elpatron	979b572136	chore: release v0.1.1.9	2026-06-03 19:11:29 +02:00
elpatron	f189317dfc	chore: remove visual debug logs panel from voice recording modal	2026-06-03 19:11:25 +02:00
elpatron	c54f834311	chore: release v0.1.1.8	2026-06-03 19:07:07 +02:00
elpatron	9d05005bb7	fix: allow blob and data urls in Content-Security-Policy media-src directive	2026-06-03 19:07:03 +02:00
elpatron	40c4874156	chore: release v0.1.1.7	2026-06-03 18:56:39 +02:00
elpatron	2de0636608	fix: call load() to force mobile browsers to fetch blob URL metadata and fix player duration	2026-06-03 18:56:32 +02:00
elpatron	9e7c6f4397	chore: release v0.1.1.6	2026-06-03 18:51:14 +02:00
elpatron	6600ceafce	debug: add verbose console logging and on-screen logs area to LiveVoiceCapture	2026-06-03 18:51:08 +02:00
elpatron	d7a497a4a2	chore: release v0.1.1.5	2026-06-03 18:44:56 +02:00
elpatron	4c04086d63	fix: solve audio recording on iOS/Safari and fix Dockerfile health check	2026-06-03 18:44:51 +02:00
elpatron	79ce42bec6	chore: release v0.1.1.4	2026-06-03 18:33:39 +02:00
elpatron	72c956162c	fix: resolve 0-second duration issue on WebM voice recordings in Chrome/Android	2026-06-03 18:33:35 +02:00
elpatron	3080b59dc8	chore: release v0.1.1.3	2026-06-03 18:27:00 +02:00
elpatron	d054e42cc0	style: add sunset background image to login screen	2026-06-03 18:26:52 +02:00
elpatron	d299fc1d93	chore: release v0.1.1.2	2026-06-03 18:23:23 +02:00
elpatron	6447e95d7d	fix: defer stopping media stream tracks until media recorder finishes stopping	2026-06-03 18:22:30 +02:00
elpatron	7ec5a1eccc	chore: release v0.1.1.1	2026-06-03 18:14:13 +02:00
elpatron	4cf70a3431	style: increase footer and Ko-Fi badge font-size	2026-06-03 18:14:07 +02:00
elpatron	6ed8b2a8e7	chore: release v0.1.1.0	2026-06-03 18:10:37 +02:00
elpatron	bff00cf0a3	fix: camera error modal rendering and voice memo player box-sizing	2026-06-03 18:10:20 +02:00
elpatron	3cab735754	refactor: replace parseFloat with parseAppDecimal and formatAppDecimal for improved number handling Updated various components to utilize parseAppDecimal and formatAppDecimal for consistent decimal parsing and formatting. This change enhances the handling of numeric inputs across the application, ensuring better accuracy and user experience in forms and displays.	2026-06-03 18:07:22 +02:00
elpatron	79762a0baf	fix(gps): Genauigkeitsanzeige unter und ab 100 m unterscheiden Der tote Ternär lieferte in beiden Zweigen dieselbe Rundung; ab 100 m wird jetzt auf 10 m gerundet, damit schwache Fixes nicht falsch präzise wirken. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-03 17:57:11 +02:00
elpatron	24160b6c5d	feat(gps): klare Fehlerhinweise, Empfangsqualität und Live-Log-Freigabe Nutzer sehen spezifische Meldungen bei GPS-Problemen, eine Schätzung des Empfangs aus der Browser-Genauigkeit und beim ersten Live-Log-Besuch nur dann einen Freigabe-Hinweis, wenn die Standortberechtigung noch offen ist. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-03 17:53:58 +02:00
elpatron	1326045b25	fix(live-log): Fehlermeldung wenn keine Systemkamera vorhanden ist Prüft videoinput-Geräte beim Öffnen des Foto-Modals und zeigt eine klare Meldung statt leerem Kamera-UI; getUserMedia-Fehler differenziert. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-03 17:44:11 +02:00
elpatron	e014e997de	refactor(live-log): Position-Terminologie und Modal-UX vereinheitlichen Fix/Standort heißen überall Position (__live:position, Legacy __live:fix). Nachfüll-Buttons + Diesel/+ Wasser, Abbruch statt Nein in Live-Modals. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-03 17:42:08 +02:00
elpatron	1bc449687d	style: add spacing around voice memo player controls Widen native audio controls and separate remarks column from event actions. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-03 17:31:33 +02:00
elpatron	35ee705510	fix: Klammern bei Signatur-Scoring in scoreTodayEntry Stellt sicher, dass signSkipper und signCrew gemeinsam für den Punktewert bei der Auswahl des Tageseintrags ausgewertet werden. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-03 17:30:46 +02:00
elpatron	9f76c200b0	style: highlight delete actions and align event row buttons Add btn-icon danger styling, strengthen btn-delete and photo delete, and fix events table action layout. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-03 17:27:46 +02:00
elpatron	ac627a022f	fix: ensure only one travel day per calendar date Serialize Live-log day creation, prune empty duplicates, and use local dates for "today". Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-03 17:24:51 +02:00
elpatron	9ae24aa6fb	fix: allow microphone access for voice memos in PWA Permissions-Policy blocked getUserMedia; allow microphone on same origin like camera. Co-authored-by: Cursor <cursoragent@cursor.com>	2026-06-03 17:18:49 +02:00