All 3 Postiz spaces migrated to Infisical secret injection.
Old backup .env files deleted from server. All ACs checked.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Self-service API for provisioning Postiz instances at <slug>.rsocials.online.
- Hono server on port 3001 with API key auth
- SQLite instance registry with provision logging
- Template engine (TypeScript port of generate.sh)
- Docker compose deployer with health checks
- Sablier config auto-management (add/remove routing)
- Cloudflare tunnel hostname auto-management
- Resource monitor (/proc/meminfo, max 12 instances)
- Secret generation (JWT + Postgres password)
Routes: POST/GET/DELETE /v1/spaces, GET /health
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Template uses entrypoint-wrapper.sh to inject secrets at container start
- Only INFISICAL_* credentials + POSTGRES_PASSWORD in .env (3 values)
- All other secrets (JWT, EMAIL_PASS, OAuth, social API keys) from Infisical
- Generator produces minimal .env templates per space
- Added infisical_slug to spaces.yml for each Postiz project
- Added missing EMAIL_PASS + POSTGRES_PASSWORD to Infisical projects
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Jeff Emmett