mirror of
https://github.com/nestriness/nestri.git
synced 2025-12-12 16:55:37 +02:00
70d629227a
Description <!-- Briefly describe the purpose and scope of your changes --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced comprehensive account management with combined user and team info. - Added advanced, context-aware logging utilities. - Implemented invite code generation for teams with uniqueness guarantees. - Expanded example data for users, teams, subscriptions, sessions, and games. - **Enhancements** - Refined user, team, member, and Steam account schemas for richer data and validation. - Streamlined user creation, login acknowledgment, and error handling. - Improved API authentication and unified actor context management. - Added persistent shared temporary volume support to API and auth services. - Enhanced Steam account management with create, update, and event notifications. - Refined team listing and serialization integrating Steam accounts as members. - Simplified event, context, and logging systems. - Updated API and auth middleware for better token handling and actor provisioning. - **Bug Fixes** - Fixed multiline log output to prefix each line with log level. - **Removals** - Removed machine and subscription management features, including schemas and DB tables. - Disabled machine-based authentication and removed related subject schemas. - Removed deprecated fields and legacy logic from member and team management. - Removed legacy event and error handling related to teams and members. - **Chores** - Reorganized and cleaned exports across utility and API modules. - Updated database schemas for users, teams, members, and Steam accounts. - Improved internal code structure, imports, and error messaging. - Moved logger patching to earlier initialization for consistent logging. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
99 lines
2.8 KiB
TypeScript
99 lines
2.8 KiB
TypeScript
import { bus } from "./bus";
|
|
import { domain } from "./dns";
|
|
import { cluster } from "./cluster";
|
|
import { postgres } from "./postgres";
|
|
import { secret, steamEncryptionKey } from "./secret";
|
|
|
|
export const authService = new sst.aws.Service("Auth", {
|
|
cluster,
|
|
cpu: $app.stage === "production" ? "1 vCPU" : undefined,
|
|
memory: $app.stage === "production" ? "2 GB" : undefined,
|
|
command: ["bun", "run", "./src/auth/index.ts"],
|
|
link: [
|
|
bus,
|
|
postgres,
|
|
secret.PolarSecret,
|
|
steamEncryptionKey,
|
|
secret.GithubClientID,
|
|
secret.DiscordClientID,
|
|
secret.GithubClientSecret,
|
|
secret.DiscordClientSecret,
|
|
],
|
|
image: {
|
|
dockerfile: "packages/functions/Containerfile",
|
|
},
|
|
environment: {
|
|
NO_COLOR: "1",
|
|
STORAGE: "/tmp/persist.json"
|
|
},
|
|
loadBalancer: {
|
|
rules: [
|
|
{
|
|
listen: "80/http",
|
|
forward: "3002/http",
|
|
},
|
|
],
|
|
},
|
|
permissions: [
|
|
{
|
|
actions: ["ses:SendEmail"],
|
|
resources: ["*"],
|
|
},
|
|
],
|
|
dev: {
|
|
command: "bun dev:auth",
|
|
directory: "packages/functions",
|
|
url: "http://localhost:3002",
|
|
},
|
|
scaling:
|
|
$app.stage === "production"
|
|
? {
|
|
min: 2,
|
|
max: 10,
|
|
}
|
|
: undefined,
|
|
//For temporarily persisting the persist.json
|
|
transform: {
|
|
taskDefinition: (args) => {
|
|
const volumes = $output(args.volumes).apply(v => {
|
|
const next = [...v, {
|
|
name: "shared-tmp",
|
|
dockerVolumeConfiguration: {
|
|
scope: "shared",
|
|
driver: "local"
|
|
}
|
|
}];
|
|
|
|
return next;
|
|
})
|
|
|
|
// "containerDefinitions" is a JSON string, parse first
|
|
let containers = $jsonParse(args.containerDefinitions);
|
|
|
|
containers = containers.apply((containerDefinitions) => {
|
|
containerDefinitions[0].mountPoints = [
|
|
...(containerDefinitions[0].mountPoints ?? []),
|
|
{
|
|
sourceVolume: "shared-tmp",
|
|
containerPath: "/tmp"
|
|
}
|
|
]
|
|
return containerDefinitions;
|
|
});
|
|
|
|
args.volumes = volumes
|
|
args.containerDefinitions = $jsonStringify(containers);
|
|
}
|
|
}
|
|
});
|
|
|
|
export const auth = !$dev ? new sst.aws.Router("AuthRoute", {
|
|
routes: {
|
|
// I think auth.url should work all the same
|
|
"/*": authService.nodes.loadBalancer.dnsName,
|
|
},
|
|
domain: {
|
|
name: "auth." + domain,
|
|
dns: sst.cloudflare.dns(),
|
|
},
|
|
}) : authService |