Add entrypoint.sh that authenticates with Infisical via universal auth
and injects secrets as environment variables before the main process
starts. Update Dockerfile with ENTRYPOINT directive and add Infisical
connection vars to all services in both compose files (dev and prod).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Celery containers inherited the HTTP healthcheck from the Dockerfile
but don't run a web server. Added celery inspect ping for the worker
and schedule file check for beat.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The read_only filesystem prevents celery-beat from writing its
schedule file to /app. Redirect to /tmp which is a writable tmpfs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add direct.rfiles.online A record (DNS only, not proxied through CF)
- Add TLS-enabled Traefik router with Let's Encrypt for direct subdomain
- Add DirectUploadAPIView that accepts space slug as form field
- All uploads now go to https://direct.rfiles.online/api/upload/
- CORS allows *.rfiles.online origins
- Middleware treats 'direct' as reserved (not a shared space)
- Removes chunked upload complexity (no longer needed)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Extracted from PKMN (personal-knowledge-management-network) into its own
repo with separate database, file storage, and Docker stack.
- files app: SharedSpace, MediaFile, PublicShare, FileAccessLog models
- portal app: Landing page, upload, file management, shared space views
- Host-based URL routing for subdomain shared spaces (*.rfiles.online)
- PWA with service worker and share target support
- Celery tasks for expired share cleanup and file processing
- Docker Compose for dev and production (Traefik + PostgreSQL + Redis)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Jeff Emmett