mirror of
https://github.com/xCyanGrizzly/DragonsStash.git
synced 2026-05-11 06:11:15 +00:00
Compare commits
9 Commits
copilot/fi
...
copilot/fi
| Author | SHA1 | Date | |
|---|---|---|---|
|
5eb2cf05b9 | ||
|
|
f73d06b3d9 | ||
|
|
cac3d518e1 | ||
|
|
987167de0c | ||
|
|
4f331d5411 | ||
|
|
8088a86feb | ||
|
|
b53934ebf2 | ||
|
|
464c86b32a | ||
|
|
fc00fb6f2e |
12
Dockerfile
12
Dockerfile
@@ -30,19 +30,19 @@ RUN addgroup --system --gid 1001 nodejs && \
|
||||
adduser --system --uid 1001 nextjs
|
||||
|
||||
# Copy public assets
|
||||
COPY --from=builder /app/public ./public
|
||||
|
||||
# Copy prisma schema + migrations for runtime migrate deploy
|
||||
COPY --from=builder /app/prisma ./prisma
|
||||
COPY --from=builder /app/prisma.config.ts ./prisma.config.ts
|
||||
COPY --from=builder --chown=nextjs:nodejs /app/public ./public
|
||||
|
||||
# Copy standalone build output
|
||||
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
|
||||
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
|
||||
|
||||
# Copy prisma schema + migrations for runtime migrate deploy
|
||||
COPY --from=builder --chown=nextjs:nodejs /app/prisma ./prisma
|
||||
COPY --from=builder --chown=nextjs:nodejs /app/prisma.config.ts ./prisma.config.ts
|
||||
|
||||
# Copy node_modules for prisma CLI (needed for migrate deploy at startup).
|
||||
# Copying the full directory ensures all transitive dependencies are present.
|
||||
COPY --from=builder /app/node_modules ./node_modules
|
||||
COPY --from=builder --chown=nextjs:nodejs /app/node_modules ./node_modules
|
||||
# Recreate the .bin/prisma symlink so Node resolves __dirname to prisma/build/,
|
||||
# where the WASM files live (COPY dereferences symlinks, breaking WASM resolution)
|
||||
RUN mkdir -p ./node_modules/.bin && \
|
||||
|
||||
@@ -125,18 +125,15 @@ docker compose up -d
|
||||
|
||||
The app will be available at [http://localhost:3000](http://localhost:3000).
|
||||
|
||||
### Adding Telegram Services
|
||||
### Adding the Telegram Bot
|
||||
|
||||
The worker and bot run as optional profiles so `docker compose up` works with just the app + database:
|
||||
The worker starts by default with `docker compose up`. The bot runs as an optional profile:
|
||||
|
||||
```bash
|
||||
# App + DB + Telegram worker (needs TELEGRAM_API_ID + TELEGRAM_API_HASH in .env)
|
||||
docker compose --profile telegram up -d
|
||||
|
||||
# App + DB + Worker + Bot (also needs BOT_TOKEN in .env)
|
||||
docker compose --profile full up -d
|
||||
|
||||
# Or just the bot (alongside app + db)
|
||||
# Or just the bot (alongside app + db + worker)
|
||||
docker compose --profile bot up -d
|
||||
```
|
||||
|
||||
|
||||
@@ -16,7 +16,6 @@ services:
|
||||
retries: 5
|
||||
|
||||
worker:
|
||||
profiles: ["telegram", "full"]
|
||||
build:
|
||||
context: .
|
||||
dockerfile: worker/Dockerfile
|
||||
|
||||
@@ -10,9 +10,13 @@ services:
|
||||
- DATABASE_URL=postgresql://${POSTGRES_USER:-dragons}:${POSTGRES_PASSWORD:-stash}@db:5432/${POSTGRES_DB:-dragonsstash}
|
||||
- AUTH_SECRET=${AUTH_SECRET:?Set AUTH_SECRET in .env}
|
||||
- AUTH_TRUST_HOST=true
|
||||
- AUTH_GITHUB_ID=${AUTH_GITHUB_ID:-}
|
||||
- AUTH_GITHUB_SECRET=${AUTH_GITHUB_SECRET:-}
|
||||
- NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL:-http://localhost:3000}
|
||||
- TELEGRAM_API_KEY=${TELEGRAM_API_KEY:-}
|
||||
- BOT_TOKEN=${BOT_TOKEN:-}
|
||||
- BOT_USERNAME=${BOT_USERNAME:-}
|
||||
- LOG_LEVEL=${LOG_LEVEL:-info}
|
||||
depends_on:
|
||||
db:
|
||||
condition: service_healthy
|
||||
@@ -21,7 +25,7 @@ services:
|
||||
interval: 30s
|
||||
timeout: 5s
|
||||
retries: 3
|
||||
start_period: 30s
|
||||
start_period: 60s
|
||||
restart: unless-stopped
|
||||
deploy:
|
||||
resources:
|
||||
@@ -31,7 +35,6 @@ services:
|
||||
- frontend
|
||||
|
||||
worker:
|
||||
profiles: ["telegram", "full"]
|
||||
build:
|
||||
context: .
|
||||
dockerfile: worker/Dockerfile
|
||||
|
||||
@@ -10,7 +10,10 @@ if [ "$AUTH_SECRET" = "change-me-to-a-random-secret-in-production" ] || [ -z "$A
|
||||
fi
|
||||
|
||||
echo "Running database migrations..."
|
||||
./node_modules/.bin/prisma migrate deploy
|
||||
if ! ./node_modules/.bin/prisma migrate deploy; then
|
||||
echo "ERROR: Database migration failed. Check DATABASE_URL and database connectivity."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ "$SEED_DATABASE" = "true" ]; then
|
||||
echo "Seeding database..."
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
-- Promote all existing users to ADMIN (self-hosted: every user is an admin)
|
||||
UPDATE "User" SET "role" = 'ADMIN' WHERE "role" = 'USER';
|
||||
|
||||
-- Change the default role for new users to ADMIN
|
||||
ALTER TABLE "User" ALTER COLUMN "role" SET DEFAULT 'ADMIN';
|
||||
@@ -22,7 +22,7 @@ model User {
|
||||
emailVerified DateTime?
|
||||
image String?
|
||||
hashedPassword String?
|
||||
role Role @default(USER)
|
||||
role Role @default(ADMIN)
|
||||
createdAt DateTime @default(now())
|
||||
updatedAt DateTime @updatedAt
|
||||
|
||||
|
||||
@@ -21,17 +21,13 @@ export async function registerUser(input: unknown): Promise<ActionResult<{ id: s
|
||||
|
||||
const hashedPassword = await bcrypt.hash(parsed.data.password, 10);
|
||||
|
||||
// First user to register becomes ADMIN (self-hosted owner)
|
||||
const user = await prisma.$transaction(async (tx) => {
|
||||
const userCount = await tx.user.count();
|
||||
const role = userCount === 0 ? "ADMIN" : "USER";
|
||||
|
||||
return tx.user.create({
|
||||
// Self-hosted: all users are admins
|
||||
const user = await prisma.user.create({
|
||||
data: {
|
||||
name: parsed.data.name,
|
||||
email: parsed.data.email,
|
||||
hashedPassword,
|
||||
role,
|
||||
role: "ADMIN",
|
||||
settings: {
|
||||
create: {
|
||||
lowStockThreshold: 10,
|
||||
@@ -42,7 +38,6 @@ export async function registerUser(input: unknown): Promise<ActionResult<{ id: s
|
||||
},
|
||||
},
|
||||
});
|
||||
});
|
||||
|
||||
return { success: true, data: { id: user.id } };
|
||||
}
|
||||
|
||||
@@ -18,12 +18,12 @@ export const { auth, handlers, signIn, signOut } = NextAuth({
|
||||
async jwt({ token, user }) {
|
||||
if (user) {
|
||||
token.id = user.id!;
|
||||
// Fetch the role from the database to pick up first-user ADMIN promotion
|
||||
// Fetch the role from the database to ensure token reflects current role
|
||||
const dbUser = await prisma.user.findUnique({
|
||||
where: { id: user.id! },
|
||||
select: { role: true },
|
||||
});
|
||||
token.role = dbUser?.role ?? user.role ?? "USER";
|
||||
token.role = dbUser?.role ?? user.role ?? "ADMIN";
|
||||
}
|
||||
return token;
|
||||
},
|
||||
@@ -38,17 +38,11 @@ export const { auth, handlers, signIn, signOut } = NextAuth({
|
||||
events: {
|
||||
async createUser({ user }) {
|
||||
if (user.id) {
|
||||
// First user to register becomes ADMIN (self-hosted owner)
|
||||
const adminExists = await prisma.user.findFirst({
|
||||
where: { role: "ADMIN" },
|
||||
select: { id: true },
|
||||
});
|
||||
if (!adminExists) {
|
||||
// Self-hosted: all users are admins
|
||||
await prisma.user.update({
|
||||
where: { id: user.id },
|
||||
data: { role: "ADMIN" },
|
||||
});
|
||||
}
|
||||
|
||||
await prisma.userSettings.upsert({
|
||||
where: { userId: user.id },
|
||||
|
||||
Reference in New Issue
Block a user