Compare commits
6 Commits
dev
...
4cd586dee5
| Author | SHA1 | Date | |
|---|---|---|---|
| 4cd586dee5 | |||
| 3b3ea92c8d | |||
| 2ee5a9f012 | |||
| 89d1bb1a4f | |||
| a8d06f5342 | |||
| 75d70f0db5 |
@@ -1,9 +1,9 @@
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: HCPStaticSecret
|
||||
kind: VaultStaticSecret
|
||||
metadata:
|
||||
name: taskarr-ap
|
||||
name: taskarr-app
|
||||
spec:
|
||||
method: GET
|
||||
type: kv-v2
|
||||
mount: secret
|
||||
path: taskarr/app
|
||||
destination:
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: HCPStaticSecret
|
||||
kind: VaultStaticSecret
|
||||
metadata:
|
||||
name: taskarr-db
|
||||
spec:
|
||||
method: GET
|
||||
type: kv-v2
|
||||
mount: secret
|
||||
path: taskarr/db
|
||||
destination:
|
||||
|
||||
19
deploy/base/db-taskarr-user.yaml
Normal file
19
deploy/base/db-taskarr-user.yaml
Normal file
@@ -0,0 +1,19 @@
|
||||
apiVersion: secrets.hashicorp.com/v1beta1
|
||||
kind: HCPDynamicSecret
|
||||
metadata:
|
||||
name: taskarr-db-app-user
|
||||
spec:
|
||||
mount: database
|
||||
path: creds/taskarr-role
|
||||
method: GET
|
||||
destination:
|
||||
name: taskarr-db-url
|
||||
create: true
|
||||
# This is where the magic happens
|
||||
transformation:
|
||||
templates:
|
||||
DATABASE_URL:
|
||||
# Use Go template syntax to build the string
|
||||
# 'username' and 'password' come from the Vault response
|
||||
content: "postgresql://{{ .username }}:{{ .password }}@postgres-service.taskarr.svc.cluster.local:5432/taskarr_db?sslmode=disable"
|
||||
refreshAfter: 1h
|
||||
@@ -48,7 +48,7 @@ spec:
|
||||
- name: DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: taskarr-app
|
||||
name: taskarr-db-url
|
||||
key: DATABASE_URL
|
||||
- name: ORIGIN
|
||||
valueFrom:
|
||||
|
||||
@@ -13,3 +13,4 @@ resources:
|
||||
- ./postgres.yaml
|
||||
- ./database-secret.yaml
|
||||
- ./app-secret.yaml
|
||||
- ./db-taskarr-user.yaml
|
||||
|
||||
38
package.json
38
package.json
@@ -1,24 +1,6 @@
|
||||
{
|
||||
"name": "taskarr-mgr",
|
||||
"private": true,
|
||||
"version": "0.0.1",
|
||||
"type": "module",
|
||||
"scripts": {
|
||||
"dev": "vite dev",
|
||||
"build": "vite build",
|
||||
"preview": "vite preview",
|
||||
"prepare": "svelte-kit sync || echo ''",
|
||||
"check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
|
||||
"check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
|
||||
"lint": "prettier --check . && eslint .",
|
||||
"format": "prettier --write .",
|
||||
"db:start": "podman compose up",
|
||||
"db:push": "drizzle-kit push",
|
||||
"db:generate": "drizzle-kit generate",
|
||||
"db:migrate": "drizzle-kit migrate",
|
||||
"db:studio": "drizzle-kit studio",
|
||||
"auth:schema": "better-auth generate --config src/lib/server/auth.ts --output src/lib/server/db/auth.schema.ts --yes"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@better-auth/cli": "~1.4.21",
|
||||
"@eslint/compat": "^2.0.4",
|
||||
@@ -48,5 +30,23 @@
|
||||
"typescript": "^6.0.2",
|
||||
"typescript-eslint": "^8.58.1",
|
||||
"vite": "^8.0.7"
|
||||
}
|
||||
},
|
||||
"private": true,
|
||||
"scripts": {
|
||||
"dev": "vite dev",
|
||||
"build": "vite build",
|
||||
"preview": "vite preview",
|
||||
"prepare": "svelte-kit sync || echo ''",
|
||||
"check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
|
||||
"check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
|
||||
"lint": "prettier --check . && eslint .",
|
||||
"format": "prettier --write .",
|
||||
"db:start": "podman compose up",
|
||||
"db:push": "drizzle-kit push",
|
||||
"db:generate": "drizzle-kit generate",
|
||||
"db:migrate": "drizzle-kit migrate",
|
||||
"db:studio": "drizzle-kit studio",
|
||||
"auth:schema": "better-auth generate --config src/lib/server/auth.ts --output src/lib/server/db/auth.schema.ts --yes"
|
||||
},
|
||||
"type": "module"
|
||||
}
|
||||
|
||||
@@ -1 +1,93 @@
|
||||
// If you see this file, you have not run the auth:schema script yet, but you should!
|
||||
import { relations } from "drizzle-orm";
|
||||
import { pgTable, text, timestamp, boolean, index } from "drizzle-orm/pg-core";
|
||||
|
||||
export const user = pgTable("user", {
|
||||
id: text("id").primaryKey(),
|
||||
name: text("name").notNull(),
|
||||
email: text("email").notNull().unique(),
|
||||
emailVerified: boolean("email_verified").default(false).notNull(),
|
||||
image: text("image"),
|
||||
createdAt: timestamp("created_at").defaultNow().notNull(),
|
||||
updatedAt: timestamp("updated_at")
|
||||
.defaultNow()
|
||||
.$onUpdate(() => /* @__PURE__ */ new Date())
|
||||
.notNull(),
|
||||
});
|
||||
|
||||
export const session = pgTable(
|
||||
"session",
|
||||
{
|
||||
id: text("id").primaryKey(),
|
||||
expiresAt: timestamp("expires_at").notNull(),
|
||||
token: text("token").notNull().unique(),
|
||||
createdAt: timestamp("created_at").defaultNow().notNull(),
|
||||
updatedAt: timestamp("updated_at")
|
||||
.$onUpdate(() => /* @__PURE__ */ new Date())
|
||||
.notNull(),
|
||||
ipAddress: text("ip_address"),
|
||||
userAgent: text("user_agent"),
|
||||
userId: text("user_id")
|
||||
.notNull()
|
||||
.references(() => user.id, { onDelete: "cascade" }),
|
||||
},
|
||||
(table) => [index("session_userId_idx").on(table.userId)],
|
||||
);
|
||||
|
||||
export const account = pgTable(
|
||||
"account",
|
||||
{
|
||||
id: text("id").primaryKey(),
|
||||
accountId: text("account_id").notNull(),
|
||||
providerId: text("provider_id").notNull(),
|
||||
userId: text("user_id")
|
||||
.notNull()
|
||||
.references(() => user.id, { onDelete: "cascade" }),
|
||||
accessToken: text("access_token"),
|
||||
refreshToken: text("refresh_token"),
|
||||
idToken: text("id_token"),
|
||||
accessTokenExpiresAt: timestamp("access_token_expires_at"),
|
||||
refreshTokenExpiresAt: timestamp("refresh_token_expires_at"),
|
||||
scope: text("scope"),
|
||||
password: text("password"),
|
||||
createdAt: timestamp("created_at").defaultNow().notNull(),
|
||||
updatedAt: timestamp("updated_at")
|
||||
.$onUpdate(() => /* @__PURE__ */ new Date())
|
||||
.notNull(),
|
||||
},
|
||||
(table) => [index("account_userId_idx").on(table.userId)],
|
||||
);
|
||||
|
||||
export const verification = pgTable(
|
||||
"verification",
|
||||
{
|
||||
id: text("id").primaryKey(),
|
||||
identifier: text("identifier").notNull(),
|
||||
value: text("value").notNull(),
|
||||
expiresAt: timestamp("expires_at").notNull(),
|
||||
createdAt: timestamp("created_at").defaultNow().notNull(),
|
||||
updatedAt: timestamp("updated_at")
|
||||
.defaultNow()
|
||||
.$onUpdate(() => /* @__PURE__ */ new Date())
|
||||
.notNull(),
|
||||
},
|
||||
(table) => [index("verification_identifier_idx").on(table.identifier)],
|
||||
);
|
||||
|
||||
export const userRelations = relations(user, ({ many }) => ({
|
||||
sessions: many(session),
|
||||
accounts: many(account),
|
||||
}));
|
||||
|
||||
export const sessionRelations = relations(session, ({ one }) => ({
|
||||
user: one(user, {
|
||||
fields: [session.userId],
|
||||
references: [user.id],
|
||||
}),
|
||||
}));
|
||||
|
||||
export const accountRelations = relations(account, ({ one }) => ({
|
||||
user: one(user, {
|
||||
fields: [account.userId],
|
||||
references: [user.id],
|
||||
}),
|
||||
}));
|
||||
|
||||
Reference in New Issue
Block a user