Update README.md
This commit is contained in:
81
README.md
81
README.md
@@ -1,42 +1,43 @@
|
||||
Here is dummy ai explanation for you my friend
|
||||
|
||||
Stack
|
||||
Backend: Node + Fastify + Prisma (Postgres)
|
||||
Frontend: React + Vite
|
||||
Scheduler: separate worker container (cron tasks)
|
||||
Reverse proxy (prod)
|
||||
Default: Nginx (skymoneybudget.com.conf)
|
||||
Alternative: Caddy (Caddyfile.prod)
|
||||
API is under /api path
|
||||
Web is static from /var/www/skymoney/dist
|
||||
HTTPS + HSTS already configured in the prod config
|
||||
Required env vars (production)
|
||||
DATABASE_URL
|
||||
JWT_SECRET (32+ chars)
|
||||
COOKIE_SECRET (32+ chars)
|
||||
CORS_ORIGIN (set to https://skymoneybudget.com)
|
||||
Optional: COOKIE_DOMAIN=skymoneybudget.com
|
||||
Cookies + Security
|
||||
HttpOnly + Secure in prod
|
||||
CSRF protection required for non‑GET
|
||||
/auth/logout requires CSRF now
|
||||
Mutation endpoints rate‑limited
|
||||
Cron jobs
|
||||
rollover worker (6 AM user time)
|
||||
auto‑payment worker (9 AM user time)
|
||||
Jobs run every 15 minutes and only process users whose local time has reached the threshold
|
||||
DB / Prisma
|
||||
Postgres required
|
||||
Prisma migrations must be applied before running
|
||||
The app blocks default secrets in prod
|
||||
Build + deploy
|
||||
web/ builds to web/dist
|
||||
API runs on port 8080 internally (exposed as 8081 in compose)
|
||||
Nginx proxies /api to 127.0.0.1:8081
|
||||
Logs
|
||||
Prod logs are limited (PII reduced)
|
||||
Key logging: job success/failure counts
|
||||
Backups
|
||||
Scripts exist: backup.sh, restore.sh
|
||||
Restore requires admin DB privileges (created DB)
|
||||
Optional but recommended to test once
|
||||
##Stack
|
||||
* Backend: Node + Fastify + Prisma (Postgres)
|
||||
* Frontend: React + Vite
|
||||
* Scheduler: separate worker container (cron tasks)
|
||||
* Reverse proxy (prod)
|
||||
* Default: Nginx (skymoneybudget.com.conf)
|
||||
* Alternative: Caddy (Caddyfile.prod)
|
||||
* API is under /api path
|
||||
* Web is static from /var/www/skymoney/dist
|
||||
* HTTPS + HSTS already configured in the prod config
|
||||
###Required env vars (production)
|
||||
* DATABASE_URL
|
||||
* JWT_SECRET (32+ chars)
|
||||
* COOKIE_SECRET (32+ chars)
|
||||
* CORS_ORIGIN (set to https://skymoneybudget.com)
|
||||
* Optional: COOKIE_DOMAIN=skymoneybudget.com
|
||||
* Cookies + Security
|
||||
* HttpOnly + Secure in prod
|
||||
* CSRF protection required for non‑GET
|
||||
### Other Features
|
||||
* /auth/logout requires CSRF now
|
||||
* Mutation endpoints rate‑limited
|
||||
* Cron jobs
|
||||
* rollover worker (6 AM user time)
|
||||
* auto‑payment worker (9 AM user time)
|
||||
* Jobs run every 15 minutes and only process users whose local time has reached the threshold
|
||||
* DB / Prisma
|
||||
* Postgres required
|
||||
* Prisma migrations must be applied before running
|
||||
* The app blocks default secrets in prod
|
||||
* Build + deploy
|
||||
* web/ builds to web/dist
|
||||
* API runs on port 8080 internally (exposed as 8081 in compose)
|
||||
* Nginx proxies /api to 127.0.0.1:8081
|
||||
* Logs
|
||||
* Prod logs are limited (PII reduced)
|
||||
* Key logging: job success/failure counts
|
||||
* Backups
|
||||
* Scripts exist: backup.sh, restore.sh
|
||||
* Restore requires admin DB privileges (created DB)
|
||||
* Optional but recommended to test once (tested, backup worked restore failed)
|
||||
|
||||
Reference in New Issue
Block a user