jeffemmett
/
rsocials-online
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
36 Commits 2 Branches 0 Tags 622 KiB
Commit Graph

5 Commits

Author SHA1 Message Date
Jeff Emmett f5c61a3992 fix: migrate OAuth URLs from auth.jeffemmett.com to auth.ridentity.online 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-25 14:27:16 -08:00
Jeff Emmett dca3140065 feat: remove Sablier + add Phase 2 SIWE auth and CRDT token gating 
Sablier removal:
- Postiz needs Temporal running 24/7 for scheduled posts, so Sablier
  auto-sleep is incompatible. Default changed to sablier: false.
- Template engine and provisioning route updated accordingly.

Phase 2 - Authentication & Token Gating:
- SIWE (Sign-In with Ethereum) wallet auth via siwe + viem
- Nonce endpoint at GET /v1/auth/nonce
- Dual auth: API key (admin) or SIWE Bearer token (wallet users)
- CRDT token gate checks balance via rSpace internal API
- Token burn tracking in SQLite (token_burns table)
- x402 payment middleware ported from rspace-online (Phase 4 ready)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 21:30:28 -08:00
Jeff Emmett 8ef5c678c2 feat: wire Postiz spaces to pull secrets from Infisical at runtime 
- Template uses entrypoint-wrapper.sh to inject secrets at container start
- Only INFISICAL_* credentials + POSTGRES_PASSWORD in .env (3 values)
- All other secrets (JWT, EMAIL_PASS, OAuth, social API keys) from Infisical
- Generator produces minimal .env templates per space
- Added infisical_slug to spaces.yml for each Postiz project
- Added missing EMAIL_PASS + POSTGRES_PASSWORD to Infisical projects

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 21:10:59 -08:00
Jeff Emmett 0d265ddf03 feat: update spaces config to match all deployed Postiz instances 
- Add all 3 active spaces: crypto-commons (cc), p2pfoundation (p2pf),
  bondingcurve (bcrg) with correct slugs matching container names
- Add Sablier auto-sleep labels for resource conservation
- Add Pocket ID OAuth config with per-space client credentials
- Use multi-host routing (Host || Host) instead of redirect middleware
- Switch to restart: unless-stopped matching server deployments
- Generator now handles dynamic blocks (OAuth, Sablier, Traefik labels)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-24 09:21:18 -08:00
Jeff Emmett ced6b1f49f feat: add centralized spaces config + Infisical secret management 
Single spaces.yml defines all community Postiz instances. generate.sh
reads it and produces per-space docker-compose files with correct
Traefik labels, redirect middleware, and networking. Infisical
deployment config added for secrets.jeffemmett.com.

Adding a new space is now a single block in spaces.yml + ./generate.sh.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-23 17:35:15 -08:00