mirror of
https://github.com/DeBrosOfficial/orama.git
synced 2026-06-16 23:14:13 +00:00
07638354d2
Migration 028: namespace_push_credentials
- Per-(namespace, provider) AES-256-GCM encrypted credential blob.
- Generic schema — apns/ntfy/expo/future plug in with zero migration.
- Separated from migration 026's namespace_push_config (preferences vs
credentials, different access patterns).
pkg/push/credentials
- Manager + Registry + RQLite store; HKDF purpose "namespace-push-credentials"
via pkg/secrets. Provider Validator interface for per-provider schema.
pkg/push/providers/apns
- Apple Push Notification service direct provider (no Expo proxy).
- Validator + dispatcher; credentials are p8 signing key + key_id + team_id.
pkg/push/providers/ntfy/credentials.go
- ntfy credential schema (auth_token + default topic). Used both with
the public ntfy.sh and our self-hosted instance.
pkg/environments/production/installers/ntfy.go
- Self-hosted ntfy server installer. Binary, system user, hardened
/etc/ntfy/server.yml, systemd unit. Listens on 127.0.0.1:NtfyListenPort
only — Caddy is the only public path.
pkg/environments/production/installers/caddy.go
- Emit reverse_proxy block for push.<dnsZone> -> 127.0.0.1:NtfyListenPort
when operator enables ntfy on a node.
CLI: install/upgrade orchestrators learn a new "ntfy" install/preserve
phase; flag gating in install/flags.go + upgrade/flags.go.
Gateway handlers/push/credentials_handler.go
- GET/PUT/DELETE /v1/namespace/push-credentials/{provider}.
- PUT validates against provider Validator before encrypting and storing.
- GET returns a redacted view (booleans + non-secret fields only).
Push manager: provider resolution now also consults
namespace_push_credentials before falling back to YAML defaults.
Docs: core/docs/PUSH_NOTIFICATIONS.md walks through end-to-end setup.
VERSION bumped to 0.122.14.
83 lines
1.8 KiB
JSON
83 lines
1.8 KiB
JSON
{
|
|
"name": "@debros/orama",
|
|
"version": "0.122.14",
|
|
"description": "TypeScript SDK for Orama Network - Database, PubSub, Cache, Storage, Vault, and more",
|
|
"type": "module",
|
|
"main": "./dist/index.js",
|
|
"types": "./dist/index.d.ts",
|
|
"license": "MIT",
|
|
"author": "DeBrosOfficial",
|
|
"keywords": [
|
|
"debros",
|
|
"network",
|
|
"sdk",
|
|
"typescript",
|
|
"database",
|
|
"rqlite",
|
|
"pubsub",
|
|
"websocket",
|
|
"cache",
|
|
"olric",
|
|
"ipfs",
|
|
"storage",
|
|
"wasm",
|
|
"serverless",
|
|
"distributed",
|
|
"gateway",
|
|
"vault",
|
|
"secrets",
|
|
"shamir",
|
|
"encryption",
|
|
"guardian"
|
|
],
|
|
"repository": {
|
|
"type": "git",
|
|
"url": "https://github.com/DeBrosOfficial/network",
|
|
"directory": "sdk"
|
|
},
|
|
"bugs": {
|
|
"url": "https://github.com/DeBrosOfficial/network/issues"
|
|
},
|
|
"exports": {
|
|
".": {
|
|
"types": "./dist/index.d.ts",
|
|
"default": "./dist/index.js"
|
|
}
|
|
},
|
|
"files": [
|
|
"dist",
|
|
"src"
|
|
],
|
|
"scripts": {
|
|
"build": "tsup",
|
|
"dev": "tsup --watch",
|
|
"typecheck": "tsc --noEmit",
|
|
"lint": "eslint src tests",
|
|
"test": "vitest",
|
|
"test:e2e": "vitest run tests/e2e",
|
|
"release:npm": "npm publish --access public --registry=https://registry.npmjs.org/",
|
|
"release:gh": "npm publish --registry=https://npm.pkg.github.com"
|
|
},
|
|
"dependencies": {
|
|
"@noble/ciphers": "^0.5.3",
|
|
"@noble/hashes": "^1.4.0",
|
|
"isomorphic-ws": "^5.0.0"
|
|
},
|
|
"devDependencies": {
|
|
"@types/node": "^20.0.0",
|
|
"@typescript-eslint/eslint-plugin": "^6.0.0",
|
|
"@typescript-eslint/parser": "^6.0.0",
|
|
"@vitest/coverage-v8": "^1.0.0",
|
|
"dotenv": "^17.2.3",
|
|
"eslint": "^8.0.0",
|
|
"tsup": "^8.0.0",
|
|
"typedoc": "^0.25.0",
|
|
"typescript": "^5.3.0",
|
|
"vitest": "^1.0.0"
|
|
},
|
|
"publishConfig": {
|
|
"registry": "https://registry.npmjs.org/",
|
|
"access": "public"
|
|
}
|
|
}
|