mirror of
https://github.com/DeBrosOfficial/orama.git
synced 2026-06-16 22:54:12 +00:00
32a2a62e0d
HTTP/2 forbids the `Connection: Upgrade` and `Upgrade: websocket`
headers per RFC 7540 §8.1.2.2. With h2 advertised at the listener,
ALPN negotiates h2 for TLS-capable clients, the WS-upgrade request
arrives at Caddy with those headers stripped, and Caddy forwards a
plain HTTP/1.1 GET to the gateway. The gateway's `isWebSocketUpgrade(r)`
then returns false, the `?api_key=` / `?jwt=` query-string WS-auth
fallback never runs, and clients see 401.
RFC 8441 ("Bootstrapping WebSockets with HTTP/2") fixes this, but iOS
RN and most other mobile WS libraries don't implement it. Until they
do, h1 is the only protocol that keeps WS auth working.
Trade-off: lose h2 multiplexing on plain HTTP traffic. Acceptable for
an API gateway whose dominant workload is REST + WebSocket — neither
benefits much from h2 streams.
caddy_test.go adds a regression guard so anyone re-enabling h2 in the
listener protocols fails CI loud.
Also (separate, was uncommitted): pkg/cli/build/builder.go now reads
VERSION from the repo-root /VERSION file first, falling back to
parsing the Makefile only if absent. The previous Makefile-only path
broke after VERSION moved to /VERSION (Makefile got `$(shell cat ...)`
which the CLI builder pulled in literally).
VERSION bumped to 0.122.13.
Orama Network
A decentralized infrastructure platform combining distributed SQL, IPFS storage, caching, serverless WASM execution, and privacy relay — all managed through a unified API gateway.
Packages
| Package | Language | Description |
|---|---|---|
| core/ | Go | API gateway, distributed node, CLI, and client SDK |
| sdk/ | TypeScript | @debros/orama — JavaScript/TypeScript SDK (npm) |
| website/ | TypeScript | Marketing website and invest portal |
| vault/ | Zig | Distributed secrets vault (Shamir's Secret Sharing) |
| os/ | Go + Buildroot | OramaOS — hardened minimal Linux for network nodes |
Quick Start
# Build the core network binaries
make core-build
# Run tests
make core-test
# Start website dev server
make website-dev
# Build vault
make vault-build
Documentation
| Document | Description |
|---|---|
| Architecture | System architecture and design patterns |
| Deployment Guide | Deploy apps, databases, and domains |
| Dev & Deploy | Building, deploying to VPS, rolling upgrades |
| Security | Security hardening and threat model |
| Monitoring | Cluster health monitoring |
| Client SDK | Go SDK documentation |
| Serverless | WASM serverless functions |
| Common Problems | Troubleshooting known issues |
Contributing
See CONTRIBUTING.md for setup, development, and PR guidelines.