From 505df6ebb64fd8d604f7984a5b26cad97087d7c9 Mon Sep 17 00:00:00 2001
From: Joders <jholt1008@gmail.com>
Date: Sun, 18 Jan 2026 19:27:48 +0000
Subject: [PATCH] Update README.md

---
 README.md | 81 ++++++++++++++++++++++++++++---------------------------
 1 file changed, 41 insertions(+), 40 deletions(-)

diff --git a/README.md b/README.md
index 003869b..94ba3bd 100644
--- a/README.md
+++ b/README.md
@@ -1,42 +1,43 @@
 Here is dummy ai explanation for you my friend
 
-Stack
-Backend: Node + Fastify + Prisma (Postgres)
-Frontend: React + Vite
-Scheduler: separate worker container (cron tasks)
-Reverse proxy (prod)
-Default: Nginx (skymoneybudget.com.conf)
-Alternative: Caddy (Caddyfile.prod)
-API is under /api path
-Web is static from /var/www/skymoney/dist
-HTTPS + HSTS already configured in the prod config
-Required env vars (production)
-DATABASE_URL
-JWT_SECRET (32+ chars)
-COOKIE_SECRET (32+ chars)
-CORS_ORIGIN (set to https://skymoneybudget.com)
-Optional: COOKIE_DOMAIN=skymoneybudget.com
-Cookies + Security
-HttpOnly + Secure in prod
-CSRF protection required for non‑GET
-/auth/logout requires CSRF now
-Mutation endpoints rate‑limited
-Cron jobs
-rollover worker (6 AM user time)
-auto‑payment worker (9 AM user time)
-Jobs run every 15 minutes and only process users whose local time has reached the threshold
-DB / Prisma
-Postgres required
-Prisma migrations must be applied before running
-The app blocks default secrets in prod
-Build + deploy
-web/ builds to web/dist
-API runs on port 8080 internally (exposed as 8081 in compose)
-Nginx proxies /api to 127.0.0.1:8081
-Logs
-Prod logs are limited (PII reduced)
-Key logging: job success/failure counts
-Backups
-Scripts exist: backup.sh, restore.sh
-Restore requires admin DB privileges (created DB)
-Optional but recommended to test once
+##Stack
+* Backend: Node + Fastify + Prisma (Postgres)
+* Frontend: React + Vite
+* Scheduler: separate worker container (cron tasks)
+* Reverse proxy (prod)
+* Default: Nginx (skymoneybudget.com.conf)
+* Alternative: Caddy (Caddyfile.prod)
+* API is under /api path
+* Web is static from /var/www/skymoney/dist
+* HTTPS + HSTS already configured in the prod config
+ ###Required env vars (production)
+* DATABASE_URL
+* JWT_SECRET (32+ chars)
+* COOKIE_SECRET (32+ chars)
+* CORS_ORIGIN (set to https://skymoneybudget.com)
+* Optional: COOKIE_DOMAIN=skymoneybudget.com
+* Cookies + Security
+* HttpOnly + Secure in prod
+* CSRF protection required for non‑GET
+### Other Features
+* /auth/logout requires CSRF now
+* Mutation endpoints rate‑limited
+* Cron jobs
+* rollover worker (6 AM user time)
+* auto‑payment worker (9 AM user time)
+* Jobs run every 15 minutes and only process users whose local time has reached the threshold
+* DB / Prisma
+* Postgres required
+* Prisma migrations must be applied before running
+* The app blocks default secrets in prod
+* Build + deploy
+* web/ builds to web/dist
+* API runs on port 8080 internally (exposed as 8081 in compose)
+* Nginx proxies /api to 127.0.0.1:8081
+* Logs
+* Prod logs are limited (PII reduced)
+* Key logging: job success/failure counts
+* Backups
+* Scripts exist: backup.sh, restore.sh
+* Restore requires admin DB privileges (created DB)
+* Optional but recommended to test once (tested, backup worked restore failed)