mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 22:01:09 +02:00

History

Wuesteon 4d15d9e764 🔒 security(auth): migrate to EdDSA JWT and add automated monitoring BREAKING: JWT keys are now auto-managed by Better Auth (EdDSA/Ed25519) - Remove all JWT_PRIVATE_KEY, JWT_PUBLIC_KEY, JWT_SECRET references - Keys stored in auth.jwks database table (auto-generated on first run) - Delete obsolete generate-keys.sh and generate-staging-secrets.sh scripts - Clean up legacy AUTH_*.md analysis files from root Security Improvements: - Add security_events table for audit logging - Add SecurityEventsService for tracking auth events - Enhanced security headers (HSTS, CSP, X-Frame-Options) - Rate limiting configuration Monitoring Setup: - Add auth-health-check.sh for automated testing - Add generate-dashboard.sh for HTML status dashboard - Tests: health endpoint, JWKS (EdDSA), security headers, response time - Ready for Hetzner cron deployment Documentation: - Update deployment docs with Better Auth notes - Update environment variable references - Add security improvements documentation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>		2025-12-18 21:42:47 +01:00
..
architecture	docs(architecture): add Workspace Orchestrator architecture decision	2025-12-12 03:48:11 +01:00
archive	🔒 security(auth): migrate to EdDSA JWT and add automated monitoring	2025-12-18 21:42:47 +01:00
central-services	feat(splitscreen): add split-screen feature for multi-app side-by-side view	2025-12-12 13:00:26 +01:00
daily-reports	feat: major update with network graphs, themes, todo extensions, and more	2025-12-10 02:37:46 +01:00
optimizable	feat(contacts): integrate contacts into Todo and Calendar apps	2025-12-11 18:14:35 +01:00
pr-reviews	docs(pr-reviews): add code review for PR #14	2025-12-10 21:12:06 +01:00
sessions	docs: add comprehensive session report for runtime config implementation	2025-12-16 00:34:06 +01:00
test-examples	style: auto-format codebase with Prettier	2025-11-27 18:33:16 +01:00
CI_CD_SETUP.md	🔒 security(auth): migrate to EdDSA JWT and add automated monitoring	2025-12-18 21:42:47 +01:00
CORS_CONFIGURATION_GUIDE.md	✨ feat(cors): add cross-app communication bundle	2025-12-17 18:11:13 +01:00
DATABASE_MIGRATIONS.md	✨ feat(db): add production-safe migration system with advisory locks	2025-12-09 02:13:11 +01:00
DEPLOYMENT.md	🔒 security(auth): migrate to EdDSA JWT and add automated monitoring	2025-12-18 21:42:47 +01:00
DEPLOYMENT_ARCHITECTURE.md	🔒 security(auth): migrate to EdDSA JWT and add automated monitoring	2025-12-18 21:42:47 +01:00
DEPLOYMENT_DIAGRAMS.md	feat: major update with network graphs, themes, todo extensions, and more	2025-12-10 02:37:46 +01:00
DEPLOYMENT_HETZNER.md	docs: add Hetzner deployment guide and update lockfile	2025-11-27 14:47:35 +01:00
DEPLOYMENT_RUNBOOKS.md	🔒 security(auth): migrate to EdDSA JWT and add automated monitoring	2025-12-18 21:42:47 +01:00
DEVELOPMENT_SCRIPTS.md	style: auto-format codebase with Prettier	2025-11-27 18:33:16 +01:00
DOCKER_GUIDE.md	style: auto-format codebase with Prettier	2025-11-27 18:33:16 +01:00
ENVIRONMENT_VARIABLES.md	🔒 security(auth): migrate to EdDSA JWT and add automated monitoring	2025-12-18 21:42:47 +01:00
GIT_WORKFLOW.md	docs: update git workflow - keep individual commits	2025-12-10 21:12:06 +01:00
HETZNER_PRODUCTION_GUIDE.md	fix(ci): build shared packages before tests and fix formatting	2025-12-01 23:15:00 +01:00
I18N.md	Feat: New project chat, uload refactor (postgress), hosting plans, uload landingpage	2025-11-25 13:01:41 +01:00
LOCAL_DEVELOPMENT.md	🧑‍💻 dx: add automatic database setup and dev:*:full commands	2025-12-08 14:38:18 +01:00
MANADECK_POSTGRES_MIGRATION.md	fix(db): use TEXT for user_id columns across entire codebase	2025-12-09 16:30:51 +01:00
PWA_GUIDE.md	feat(todo): add PWA support with offline capabilities	2025-12-09 14:40:42 +01:00
README.md	📝 docs: restructure CLAUDE.md and documentation (74% reduction)	2025-12-16 17:37:19 +01:00
RUNTIME_CONFIG.md	feat: add multi-layered runtime config protection system	2025-12-16 00:28:57 +01:00
SELF-HOSTING-GUIDE.md	feat: major update with network graphs, themes, todo extensions, and more	2025-12-10 02:37:46 +01:00
SETUP_TEMPLATES.md	docs: add setup templates and checklists for recurring tasks	2025-12-09 01:00:02 +01:00
SHARED_PACKAGES_ROADMAP.md	style: auto-format codebase with Prettier	2025-11-27 18:33:16 +01:00
STAGING_DEPLOYMENT_ISSUES.md	docs: comprehensive staging deployment troubleshooting guide	2025-12-08 23:11:01 +01:00
STAGING_SETUP.md	1. Brevo email integration (API key, sender settings)	2025-12-17 18:11:13 +01:00
SVELTE_CHECK_ISSUES.md	♿️ fix: resolve all svelte-check a11y warnings across web apps	2025-12-15 19:09:01 +01:00
TESTING.md	first implementation	2025-11-27 17:26:18 +01:00
ULOAD-DEPLOYMENT.md	feat: major update with network graphs, themes, todo extensions, and more	2025-12-10 02:37:46 +01:00
USER_SETTINGS.md	✨ feat(auth): add centralized user settings synced across all apps	2025-12-03 00:09:47 +01:00

README.md

Manacore Monorepo Documentation

Welcome to the Manacore monorepo documentation. This guide helps you find exactly what you need.

I want to...	Go here
Start developing locally	Local Development
Set up environment variables	Environment Setup
Understand the architecture	Deployment Architecture
Work with databases	Database Migrations
Deploy to staging	Staging Setup
Deploy to production	Deployment Runbooks
Use Docker locally	Docker Guide
Debug an issue	Staging Issues
Learn code patterns	Guidelines
Configure CI/CD	CI/CD Setup
Work with runtime config	Runtime Config
Self-host the platform	Self-Hosting Guide

📁 Documentation Structure

Getting Started

First-time setup, environment configuration, and basic workflows.

Local Development - Complete local development setup
Setup Templates - Templates for new projects

Architecture & Design

System design, technology choices, and architectural patterns.

Deployment Architecture - Complete infrastructure overview
Deployment Diagrams - Visual architecture diagrams

Development Workflows

Day-to-day development, migrations, and Docker.

Database Migrations - Migration best practices
Docker Guide - Local Docker setup
Git Workflow - Git branching and commit conventions
Development Scripts - Helper scripts

Deployment & Operations

CI/CD, staging, production deployment, and operational procedures.

Deployment Overview - Deployment strategy overview
Deployment Runbooks - Step-by-step deployment procedures
Staging Setup - Hetzner staging environment
Staging Issues - Known issues and solutions
Hetzner Production Guide - Production deployment
CI/CD Setup - GitHub Actions configuration
Runtime Config - Dynamic configuration injection

Specialized Topics

PWA Guide - Progressive Web App setup
I18N - Internationalization
User Settings - User settings architecture
Self-Hosting Guide - Self-hosting instructions
Testing Guide - Testing strategies

Project-Specific

ManaDeck Postgres Migration - ManaDeck database migration
Uload Deployment - Uload-specific deployment

Archived Documentation

Historical documentation and analysis reports moved to archive/.

🎯 Documentation Philosophy

This documentation follows these principles:

Progressive Disclosure - Start with essentials, link to deep dives
Single Source of Truth - Each topic has one authoritative document
Task-Oriented - Organized by what you're trying to accomplish
Keep Current - Archive or delete outdated docs instead of letting them linger

📝 For AI Assistants

If you're Claude or another AI assistant:

Start with CLAUDE.md for essential patterns
Reference Guidelines for detailed coding patterns
Use this README to find specific documentation topics
Always check file modification dates to ensure information is current

🔄 Maintenance

When updating documentation:

Update this README if you add/move/remove major docs
Archive outdated docs to archive/ rather than deleting
Keep cross-references up to date
Update the modification date in this file

Last Updated: 2025-12-16