✨ feat: Add auth flow (#146)

This adds a simple way to incorporate a centralized authentication flow. The idea is to have the user, API and SSH (for machine authentication) all in one place using `openauthjs` + `SST` We also have a database now :) > We are using InstantDB as it allows us to authenticate a use with just the email. Plus it is super simple simple to use _of course after the initial fumbles trying to design the db and relationships_
2025-12-12 08:45:38 +02:00 · 2025-01-04 00:02:28 +03:00
parent 33895974a7
commit fc5a755408
136 changed files with 3512 additions and 1914 deletions
--- a/apps/docs/RELAY.md
+++ b/apps/docs/RELAY.md
@@ -0,0 +1,87 @@
+# How to Deploy Your Own MoQ Relay on a Server
+
+This guide will walk you through the steps to deploy your own MoQ relay on a server.
+
+## Prerequisites
+
+1. **Server Requirements:**
+   - Ensure port 443 is open for both TCP and UDP (`:443/udp & :443/tcp`).
+   - The server should have a minimum of **4GB RAM** and **2 vCPUs**.
+   - Supports ARM or AMD64 architecture.
+
+2. **Software Requirements:**
+   - Docker and `docker-compose` must be installed on the server. You can use [this installation script](https://github.com/docker/docker-install) for Docker.
+   - Git must be installed to clone the necessary repository.
+
+3. **Certificates:**
+   - You will need private and public certificates. It is recommended to use certificates from a trusted CA rather than self-signed certificates.
+
+## Installation Steps
+
+### Step 1: Clone the Repository
+
+Clone the `kixelated/moq-rs` repository to your local machine:
+
+```bash
+git clone https://github.com/kixelated/moq-rs moq
+```
+
+### Step 2: Verify Port Availability
+
+Check if port 443 is already in use on your server:
+
+```bash
+sudo netstat -tulpn | grep ':443' | grep LISTEN
+```
+or
+```bash
+sudo lsof -i -P -n | grep LISTEN | grep 443
+```
+
+If you find any processes using port 443, consider terminating them.
+
+### Step 3: Configure Ports
+
+Navigate to the cloned directory and edit the Docker compose file to use port 443:
+
+```bash
+cd moq
+vim docker-compose.yml
+```
+
+Change the ports section from lines 34 to 35 to:
+
+```yaml
+ports:
+  - "443:443"
+  - "443:443/udp"
+```
+
+### Step 4: Prepare Certificates
+
+Copy your generated certificates into the `moq/dev` directory and rename them:
+
+```bash
+cp cert.pem moq/dev/localhost.crt
+cp key.pem moq/dev/localhost.key
+```
+
+### Step 5: Start Docker Instances
+
+Ensure you are in the root directory of the `moq` project, then start the Docker containers:
+
+```bash
+docker compose up -d
+```
+
+### Step 6: Link Domain to Server IP
+
+Configure your DNS settings to connect your server's IP address to your domain:
+
+```
+Record Type: A
+Subdomain: relay.fst.so
+IP Address: xx.xxx.xx.xxx
+```
+
+Congratulations, your MoQ server is now set up! You can verify its functionality by using the [MoQ Checker](https://nestri.pages.dev/moq/checker).
--- a/apps/docs/sst-env.d.ts
+++ b/apps/docs/sst-env.d.ts
@@ -0,0 +1,42 @@
+/* This file is auto-generated by SST. Do not edit. */
+/* tslint:disable */
+/* eslint-disable */
+/* deno-fmt-ignore-file */
+import "sst"
+export {}
+declare module "sst" {
+  export interface Resource {
+    "Api": {
+      "type": "sst.cloudflare.Worker"
+      "url": string
+    }
+    "Auth": {
+      "type": "sst.cloudflare.Worker"
+      "url": string
+    }
+    "AuthFingerprintKey": {
+      "type": "random.index/randomString.RandomString"
+      "value": string
+    }
+    "CloudflareAuthKV": {
+      "type": "sst.cloudflare.Kv"
+    }
+    "InstantAdminToken": {
+      "type": "sst.sst.Secret"
+      "value": string
+    }
+    "InstantAppId": {
+      "type": "sst.sst.Secret"
+      "value": string
+    }
+    "LoopsApiKey": {
+      "type": "sst.sst.Secret"
+      "value": string
+    }
+    "Urls": {
+      "api": string
+      "auth": string
+      "type": "sst.sst.Linkable"
+    }
+  }
+}