github-mirrors/netris-nestri
1
0
Fork 0
mirror of https://github.com/nestriness/nestri.git synced 2025-12-12 08:45:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: New account system with improved team management (#273)

Browse Source 
Description
<!-- Briefly describe the purpose and scope of your changes -->


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

- **New Features**
- Introduced comprehensive account management with combined user and
team info.
  - Added advanced, context-aware logging utilities.
- Implemented invite code generation for teams with uniqueness
guarantees.
- Expanded example data for users, teams, subscriptions, sessions, and
games.

- **Enhancements**
- Refined user, team, member, and Steam account schemas for richer data
and validation.
  - Streamlined user creation, login acknowledgment, and error handling.
  - Improved API authentication and unified actor context management.
- Added persistent shared temporary volume support to API and auth
services.
- Enhanced Steam account management with create, update, and event
notifications.
- Refined team listing and serialization integrating Steam accounts as
members.
  - Simplified event, context, and logging systems.
- Updated API and auth middleware for better token handling and actor
provisioning.

- **Bug Fixes**
  - Fixed multiline log output to prefix each line with log level.

- **Removals**
- Removed machine and subscription management features, including
schemas and DB tables.
- Disabled machine-based authentication and removed related subject
schemas.
- Removed deprecated fields and legacy logic from member and team
management.
- Removed legacy event and error handling related to teams and members.

- **Chores**
  - Reorganized and cleaned exports across utility and API modules.
- Updated database schemas for users, teams, members, and Steam
accounts.
  - Improved internal code structure, imports, and error messaging.
- Moved logger patching to earlier initialization for consistent
logging.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This commit is contained in:
Wanjohi
2025-05-06 07:26:59 +03:00
committed by GitHub
parent a0dc353561
commit 70d629227a
39 changed files with 1194 additions and 1480 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
infra/api.ts
View File

@@ -1,19 +1,19 @@
import { bus } from "./bus";
import { auth } from "./auth";
import { domain } from "./dns";
import { secret } from "./secret";
import { cluster } from "./cluster";
import { postgres } from "./postgres";
import { secret, steamEncryptionKey } from "./secret";
export const api = new sst.aws.Service("Api", {
export const apiService = new sst.aws.Service("Api", {
cluster,
cpu: $app.stage === "production" ? "2 vCPU" : undefined,
memory: $app.stage === "production" ? "4 GB" : undefined,
command: ["bun", "run", "./src/api/index.ts"],
link: [
bus,
auth,
postgres,
steamEncryptionKey,
secret.PolarSecret,
secret.PolarWebhookSecret,
secret.NestriFamilyMonthly,
@@ -22,12 +22,10 @@ export const api = new sst.aws.Service("Api", {
secret.NestriProMonthly,
secret.NestriProYearly,
],
command: ["bun", "run", "./src/api/index.ts"],
image: {
dockerfile: "packages/functions/Containerfile",
},
environment: {
NO_COLOR: "1",
},
loadBalancer: {
rules: [
{
@@ -37,9 +35,9 @@ export const api = new sst.aws.Service("Api", {
],
},
dev: {
url: "http://localhost:3001",
command: "bun dev:api",
directory: "packages/functions",
url: "http://localhost:3001",
},
scaling:
$app.stage === "production"
@@ -48,16 +46,49 @@ export const api = new sst.aws.Service("Api", {
max: 10,
}
: undefined,
// For persisting actor state
transform: {
taskDefinition: (args) => {
const volumes = $output(args.volumes).apply(v => {
const next = [...v, {
name: "shared-tmp",
dockerVolumeConfiguration: {
scope: "shared",
driver: "local"
}
}];
return next;
})
// "containerDefinitions" is a JSON string, parse first
let containers = $jsonParse(args.containerDefinitions);
containers = containers.apply((containerDefinitions) => {
containerDefinitions[0].mountPoints = [
...(containerDefinitions[0].mountPoints ?? []),
{
sourceVolume: "shared-tmp",
containerPath: "/tmp"
},
]
return containerDefinitions;
});
args.volumes = volumes
args.containerDefinitions = $jsonStringify(containers);
}
}
});
export const apiRoute = new sst.aws.Router("ApiRoute", {
export const api = !$dev ? new sst.aws.Router("ApiRoute", {
routes: {
// I think api.url should work all the same
"/*": api.nodes.loadBalancer.dnsName,
"/*": apiService.nodes.loadBalancer.dnsName,
},
domain: {
name: "api." + domain,
dns: sst.cloudflare.dns(),
},
})
}) : apiService

47
infra/auth.ts
View File

@@ -1,11 +1,10 @@
import { bus } from "./bus";
import { domain } from "./dns";
import { secret } from "./secret";
import { cluster } from "./cluster";
import { postgres } from "./postgres";
import { secret, steamEncryptionKey } from "./secret";
//FIXME: Use a shared /tmp folder
export const auth = new sst.aws.Service("Auth", {
export const authService = new sst.aws.Service("Auth", {
cluster,
cpu: $app.stage === "production" ? "1 vCPU" : undefined,
memory: $app.stage === "production" ? "2 GB" : undefined,
@@ -14,6 +13,7 @@ export const auth = new sst.aws.Service("Auth", {
bus,
postgres,
secret.PolarSecret,
steamEncryptionKey,
secret.GithubClientID,
secret.DiscordClientID,
secret.GithubClientSecret,
@@ -24,7 +24,7 @@ export const auth = new sst.aws.Service("Auth", {
},
environment: {
NO_COLOR: "1",
STORAGE: $dev ? "/tmp/persist.json" : "/mnt/efs/persist.json"
STORAGE: "/tmp/persist.json"
},
loadBalancer: {
rules: [
@@ -52,15 +52,48 @@ export const auth = new sst.aws.Service("Auth", {
max: 10,
}
: undefined,
//For temporarily persisting the persist.json
transform: {
taskDefinition: (args) => {
const volumes = $output(args.volumes).apply(v => {
const next = [...v, {
name: "shared-tmp",
dockerVolumeConfiguration: {
scope: "shared",
driver: "local"
}
}];
return next;
})
// "containerDefinitions" is a JSON string, parse first
let containers = $jsonParse(args.containerDefinitions);
containers = containers.apply((containerDefinitions) => {
containerDefinitions[0].mountPoints = [
...(containerDefinitions[0].mountPoints ?? []),
{
sourceVolume: "shared-tmp",
containerPath: "/tmp"
}
]
return containerDefinitions;
});
args.volumes = volumes
args.containerDefinitions = $jsonStringify(containers);
}
}
});
export const authRoute = new sst.aws.Router("AuthRoute", {
export const auth = !$dev ? new sst.aws.Router("AuthRoute", {
routes: {
// I think auth.url should work all the same
"/*": auth.nodes.loadBalancer.dnsName,
"/*": authService.nodes.loadBalancer.dnsName,
},
domain: {
name: "auth." + domain,
dns: sst.cloudflare.dns(),
},
})
}) : authService

15
infra/secret.ts
View File

@@ -14,4 +14,17 @@ export const secret = {
NestriFamilyYearly: new sst.Secret("NestriFamilyYearly"),
};
export const allSecrets = Object.values(secret);
export const allSecrets = Object.values(secret);
sst.Linkable.wrap(random.RandomString, (resource) => ({
properties: {
value: resource.result,
},
}));
export const steamEncryptionKey = new random.RandomString(
"SteamEncryptionKey",
{
length: 32,
},
);