jeffemmett
/
rsocials-online
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
37 Commits 2 Branches 0 Tags 622 KiB
Commit Graph

8 Commits

Author SHA1 Message Date
Jeff Emmett 7ce078478e chore: mark TASK-6 complete — all plaintext .env files removed 
All 3 Postiz spaces migrated to Infisical secret injection.
Old backup .env files deleted from server. All ACs checked.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-25 01:22:32 -08:00
Jeff Emmett f6481d99e3 chore: mark TASK-2 multi-tenant provisioning as Done (all 5 phases) 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 21:46:26 -08:00
Jeff Emmett dca3140065 feat: remove Sablier + add Phase 2 SIWE auth and CRDT token gating 
Sablier removal:
- Postiz needs Temporal running 24/7 for scheduled posts, so Sablier
  auto-sleep is incompatible. Default changed to sablier: false.
- Template engine and provisioning route updated accordingly.

Phase 2 - Authentication & Token Gating:
- SIWE (Sign-In with Ethereum) wallet auth via siwe + viem
- Nonce endpoint at GET /v1/auth/nonce
- Dual auth: API key (admin) or SIWE Bearer token (wallet users)
- CRDT token gate checks balance via rSpace internal API
- Token burn tracking in SQLite (token_burns table)
- x402 payment middleware ported from rspace-online (Phase 4 ready)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 21:30:28 -08:00
Jeff Emmett dc78c119b3 feat: add Phase 1 provisioning API (Hono/Bun) 
Self-service API for provisioning Postiz instances at <slug>.rsocials.online.

- Hono server on port 3001 with API key auth
- SQLite instance registry with provision logging
- Template engine (TypeScript port of generate.sh)
- Docker compose deployer with health checks
- Sablier config auto-management (add/remove routing)
- Cloudflare tunnel hostname auto-management
- Resource monitor (/proc/meminfo, max 12 instances)
- Secret generation (JWT + Postgres password)

Routes: POST/GET/DELETE /v1/spaces, GET /health

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 21:16:40 -08:00
Jeff Emmett 8ef5c678c2 feat: wire Postiz spaces to pull secrets from Infisical at runtime 
- Template uses entrypoint-wrapper.sh to inject secrets at container start
- Only INFISICAL_* credentials + POSTGRES_PASSWORD in .env (3 values)
- All other secrets (JWT, EMAIL_PASS, OAuth, social API keys) from Infisical
- Generator produces minimal .env templates per space
- Added infisical_slug to spaces.yml for each Postiz project
- Added missing EMAIL_PASS + POSTGRES_PASSWORD to Infisical projects

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 21:10:59 -08:00
Jeff Emmett dc95494ab8 chore: backlog update - close completed tasks, add cleanup items 
- TASK-4: Infisical secret migration (Done)
- TASK-5: Centralized spaces config with Sablier + OAuth (Done)
- TASK-6: Remove plaintext .env files from server (To Do)
- TASK-7: Clean up duplicate rsocials-online Infisical project (To Do)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 21:03:09 -08:00
Jeff Emmett 2bff030a92 chore: backlog cleanup of votc-socials and cc.rsocials.online 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-23 20:45:00 -08:00
Jeff Emmett d3dccda86c chore: initialize backlog with domain routing and platform tasks 
TASK-1 (Done): Route socials.valleyofthecommons.com to crypto-commons Postiz
TASK-2 (To Do): Multi-tenant provisioning platform (backlogged)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-23 19:56:10 -08:00