Add full SEO optimization for Spanglish social and language events

- Add comprehensive metadata to root layout with Open Graph, Twitter cards
- Create dynamic sitemap.ts for all pages and events
- Create robots.ts with proper allow/disallow rules
- Add JSON-LD Event structured data to event detail pages
- Add page-specific metadata to events, community, contact, FAQ pages
- Add FAQ structured data schema
- Update footer with local SEO text for Asunción, Paraguay
- Add web manifest for mobile SEO
- Create 404 page with proper noindex
- Optimize image alt text and add lazy loading
- Add NEXT_PUBLIC_SITE_URL env variable
- Add about/ folder to gitignore

deploy/back-end_nginx.conf

@@ -24,6 +24,10 @@ server {
 
     server_name api.spanglishcommunity.com;
 
+    # Upload size limit (avoid nginx 413 on media uploads)
+    # Keep this >= backend MEDIA_MAX_UPLOAD_MB (default 10MB).
+    client_max_body_size 20m;
+
     # SSL
     ssl_certificate /etc/letsencrypt/live/spanglishcommunity.com/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/spanglishcommunity.com/privkey.pem;
@@ -39,34 +43,44 @@ server {
     access_log /var/log/nginx/spanglish_api_access.log;
     error_log  /var/log/nginx/spanglish_api_error.log;
 
+    # CORS Configuration (set once, used everywhere)
+    set $cors_origin "";
+    if ($http_origin ~* "^https://(www\.)?spanglishcommunity\.com$") {
+        set $cors_origin $http_origin;
+    }
+
+    # Add CORS headers to all responses (including nginx-generated errors)
+    add_header 'Access-Control-Allow-Origin' $cors_origin always;
+    add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always;
+    add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
+    add_header 'Access-Control-Allow-Credentials' 'true' always;
+    add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+
+    # Ensure 413 returns JSON + CORS (browser otherwise reports "CORS blocked")
+    error_page 413 = @payload_too_large;
+    location @payload_too_large {
+        default_type application/json;
+        return 413 '{"error":"Payload too large (413). Please upload a smaller file."}';
+    }
+
     location / {
         limit_req zone=spanglish_api_limit burst=50 nodelay;
 
-        # CORS Configuration
-        set $cors_origin "";
-        if ($http_origin ~* "^https://(www\.)?spanglishcommunity\.com$") {
-            set $cors_origin $http_origin;
-        }
-
         # Handle preflight OPTIONS requests
+        # NOTE: add_header inside if{} does NOT inherit server-level headers,
+        # so we must repeat all CORS headers here.
         if ($request_method = 'OPTIONS') {
             add_header 'Access-Control-Allow-Origin' $cors_origin always;
             add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always;
             add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
             add_header 'Access-Control-Allow-Credentials' 'true' always;
+            add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
             add_header 'Access-Control-Max-Age' 86400 always;
             add_header 'Content-Type' 'text/plain; charset=utf-8';
             add_header 'Content-Length' 0;
             return 204;
         }
 
-        # Add CORS headers to all responses
-        add_header 'Access-Control-Allow-Origin' $cors_origin always;
-        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always;
-        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
-        add_header 'Access-Control-Allow-Credentials' 'true' always;
-        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
-
         proxy_pass http://spanglish_backend;
         proxy_http_version 1.1;
 
@@ -75,6 +89,13 @@ server {
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
 
+        # Strip CORS headers from backend (nginx handles CORS at server level)
+        proxy_hide_header 'Access-Control-Allow-Origin';
+        proxy_hide_header 'Access-Control-Allow-Methods';
+        proxy_hide_header 'Access-Control-Allow-Headers';
+        proxy_hide_header 'Access-Control-Allow-Credentials';
+        proxy_hide_header 'Access-Control-Expose-Headers';
+
         proxy_read_timeout 300s;
         proxy_connect_timeout 300s;
     }

deploy/front-end_nginx.conf

@@ -24,6 +24,9 @@ server {
 
     server_name spanglishcommunity.com www.spanglishcommunity.com;
 
+    # Upload size limit (covers same-origin /api uploads via this vhost)
+    client_max_body_size 20m;
+
     # SSL
     ssl_certificate /etc/letsencrypt/live/spanglishcommunity.com/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/spanglishcommunity.com/privkey.pem;