feat(01-01): compose file, env example, gitignore, bootstrap migration
- compose.yaml: postgres:16-alpine with pg_isready healthcheck (no seed mounts)
- .env.example: DATABASE_URL, PORT, ENV (D-15)
- .gitignore: bin/, tmp/, .env, generated tailwind.css, bootstrap-downloaded htmx.min.js, *_templ.go, sqlc output
- migrations/0001_init.sql: goose no-op bootstrap migration
2026-05-14 15:54:18 +00:00
|
|
|
# Postgres connection string used by the web + worker binaries (and `just migrate`).
|
|
|
|
|
DATABASE_URL=postgres://xtablo:xtablo@localhost:5432/xtablo?sslmode=disable
|
|
|
|
|
|
feat(02-01): create internal/auth package skeleton, test DB harness, env docs
- auth/doc.go: package comment explaining consolidated layout (Open Question 3 resolved)
- auth/types.go: User + Session structs, SessionCookieName (D-12), SessionTTL (D-09),
SessionExtendThreshold (D-09), ErrSessionNotFound, ErrInvalidHash, ErrIncompatibleVersion
- auth/testdb_test.go: setupTestDB creates isolated per-test schema (test_<uuid>),
runs goose Up with unique version table, drops schema on cleanup (D-26)
TestSetupTestDB_Roundtrip smoke test verifies users table visible
- go.mod: added github.com/pressly/goose/v3 v3.27.1 as direct dependency
- .env.example: added TEST_DATABASE_URL and SESSION_SECRET with comments (D-14, D-26)
2026-05-14 19:56:45 +00:00
|
|
|
# Postgres connection string used by integration tests (auth, session, etc.).
|
|
|
|
|
# Falls back to DATABASE_URL if unset; tests skip if neither is set.
|
|
|
|
|
# The test harness creates an isolated schema per test run and drops it on cleanup.
|
feat(07-02): add S3/R2, DOMAIN, and MAX_UPLOAD_SIZE_MB vars to .env.example
- Add S3_ENDPOINT, S3_BUCKET, S3_REGION, S3_ACCESS_KEY, S3_SECRET_KEY with MinIO dev defaults
- Add S3_USE_PATH_STYLE (true for MinIO, false for R2 virtual-hosted)
- Add MAX_UPLOAD_SIZE_MB=25 with default note
- Add commented DOMAIN=app.yourdomain.com for Caddy TLS in docker-compose.prod.yaml (D-04)
- Clarify TEST_DATABASE_URL is dev/test only and must not appear in .env.prod
- All original vars (DATABASE_URL, SESSION_SECRET, PORT, ENV) preserved
2026-05-15 16:19:58 +00:00
|
|
|
# DEV/TEST ONLY — do NOT include TEST_DATABASE_URL in .env.prod (not used at runtime).
|
feat(02-01): create internal/auth package skeleton, test DB harness, env docs
- auth/doc.go: package comment explaining consolidated layout (Open Question 3 resolved)
- auth/types.go: User + Session structs, SessionCookieName (D-12), SessionTTL (D-09),
SessionExtendThreshold (D-09), ErrSessionNotFound, ErrInvalidHash, ErrIncompatibleVersion
- auth/testdb_test.go: setupTestDB creates isolated per-test schema (test_<uuid>),
runs goose Up with unique version table, drops schema on cleanup (D-26)
TestSetupTestDB_Roundtrip smoke test verifies users table visible
- go.mod: added github.com/pressly/goose/v3 v3.27.1 as direct dependency
- .env.example: added TEST_DATABASE_URL and SESSION_SECRET with comments (D-14, D-26)
2026-05-14 19:56:45 +00:00
|
|
|
TEST_DATABASE_URL=postgres://xtablo:xtablo@localhost:5432/xtablo?sslmode=disable
|
|
|
|
|
|
|
|
|
|
# Session secret — 32 random bytes hex-encoded. Used as the CSRF authentication key.
|
|
|
|
|
# Generate a new value with: openssl rand -hex 32
|
|
|
|
|
# MUST be persistent across restarts (changing it invalidates all active CSRF tokens).
|
|
|
|
|
SESSION_SECRET=
|
|
|
|
|
|
2026-05-15 19:10:45 +00:00
|
|
|
# ---------------------------------------------------------------------------
|
|
|
|
|
# Social sign-in providers (optional in local/dev)
|
|
|
|
|
# ---------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
# Google OAuth/OIDC. Leave blank to render a disabled Google button locally.
|
|
|
|
|
GOOGLE_CLIENT_ID=
|
|
|
|
|
GOOGLE_CLIENT_SECRET=
|
|
|
|
|
GOOGLE_REDIRECT_URL=http://localhost:8080/auth/google/callback
|
|
|
|
|
|
feat(01-01): compose file, env example, gitignore, bootstrap migration
- compose.yaml: postgres:16-alpine with pg_isready healthcheck (no seed mounts)
- .env.example: DATABASE_URL, PORT, ENV (D-15)
- .gitignore: bin/, tmp/, .env, generated tailwind.css, bootstrap-downloaded htmx.min.js, *_templ.go, sqlc output
- migrations/0001_init.sql: goose no-op bootstrap migration
2026-05-14 15:54:18 +00:00
|
|
|
# HTTP port for cmd/web.
|
|
|
|
|
PORT=8080
|
|
|
|
|
|
|
|
|
|
# Environment selector: "development" enables the slog text handler; "production" switches to JSON.
|
|
|
|
|
ENV=development
|
feat(07-02): add S3/R2, DOMAIN, and MAX_UPLOAD_SIZE_MB vars to .env.example
- Add S3_ENDPOINT, S3_BUCKET, S3_REGION, S3_ACCESS_KEY, S3_SECRET_KEY with MinIO dev defaults
- Add S3_USE_PATH_STYLE (true for MinIO, false for R2 virtual-hosted)
- Add MAX_UPLOAD_SIZE_MB=25 with default note
- Add commented DOMAIN=app.yourdomain.com for Caddy TLS in docker-compose.prod.yaml (D-04)
- Clarify TEST_DATABASE_URL is dev/test only and must not appear in .env.prod
- All original vars (DATABASE_URL, SESSION_SECRET, PORT, ENV) preserved
2026-05-15 16:19:58 +00:00
|
|
|
|
|
|
|
|
# ---------------------------------------------------------------------------
|
|
|
|
|
# S3-compatible object storage (Cloudflare R2 in production, MinIO in dev)
|
|
|
|
|
# ---------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
# S3 endpoint URL.
|
|
|
|
|
# Dev (MinIO): http://localhost:9000
|
|
|
|
|
# Production (R2): https://<account-id>.r2.cloudflarestorage.com (D-06)
|
|
|
|
|
S3_ENDPOINT=http://localhost:9000
|
|
|
|
|
|
|
|
|
|
# S3 bucket name.
|
|
|
|
|
S3_BUCKET=xtablo-dev
|
|
|
|
|
|
|
|
|
|
# S3 region. Cloudflare R2 accepts "auto" or a standard region token; "us-east-1" is safe default.
|
|
|
|
|
S3_REGION=us-east-1
|
|
|
|
|
|
2026-05-15 16:46:30 +00:00
|
|
|
# S3 access key. Dev (MinIO default): minioadmin — CHANGE for production R2.
|
|
|
|
|
S3_ACCESS_KEY=your-access-key-id
|
feat(07-02): add S3/R2, DOMAIN, and MAX_UPLOAD_SIZE_MB vars to .env.example
- Add S3_ENDPOINT, S3_BUCKET, S3_REGION, S3_ACCESS_KEY, S3_SECRET_KEY with MinIO dev defaults
- Add S3_USE_PATH_STYLE (true for MinIO, false for R2 virtual-hosted)
- Add MAX_UPLOAD_SIZE_MB=25 with default note
- Add commented DOMAIN=app.yourdomain.com for Caddy TLS in docker-compose.prod.yaml (D-04)
- Clarify TEST_DATABASE_URL is dev/test only and must not appear in .env.prod
- All original vars (DATABASE_URL, SESSION_SECRET, PORT, ENV) preserved
2026-05-15 16:19:58 +00:00
|
|
|
|
2026-05-15 16:46:30 +00:00
|
|
|
# S3 secret key. Dev (MinIO default): minioadmin — CHANGE for production R2.
|
|
|
|
|
S3_SECRET_KEY=your-secret-access-key
|
feat(07-02): add S3/R2, DOMAIN, and MAX_UPLOAD_SIZE_MB vars to .env.example
- Add S3_ENDPOINT, S3_BUCKET, S3_REGION, S3_ACCESS_KEY, S3_SECRET_KEY with MinIO dev defaults
- Add S3_USE_PATH_STYLE (true for MinIO, false for R2 virtual-hosted)
- Add MAX_UPLOAD_SIZE_MB=25 with default note
- Add commented DOMAIN=app.yourdomain.com for Caddy TLS in docker-compose.prod.yaml (D-04)
- Clarify TEST_DATABASE_URL is dev/test only and must not appear in .env.prod
- All original vars (DATABASE_URL, SESSION_SECRET, PORT, ENV) preserved
2026-05-15 16:19:58 +00:00
|
|
|
|
|
|
|
|
# Use path-style S3 URLs.
|
|
|
|
|
# true — for MinIO and other self-hosted S3 (path-style: http://host/bucket/key).
|
|
|
|
|
# false — for Cloudflare R2 (virtual-hosted-style: https://bucket.host/key).
|
|
|
|
|
S3_USE_PATH_STYLE=true
|
|
|
|
|
|
|
|
|
|
# Maximum file upload size in megabytes. Default 25 if unset.
|
|
|
|
|
MAX_UPLOAD_SIZE_MB=25
|
|
|
|
|
|
|
|
|
|
# ---------------------------------------------------------------------------
|
|
|
|
|
# Production domain (used in docker-compose.prod.yaml for Caddy TLS — D-04)
|
|
|
|
|
# ---------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
# Uncomment and set to your domain in .env.prod.
|
|
|
|
|
# DOMAIN=app.yourdomain.com
|
