chiguyong
|
2055b62afd
|
fix(security): apply code review fixes and rewrite README
Deploy EternalAI / deploy (push) Failing after 29s
Details
- fix(P1): prevent YAML injection in adaptToHermesConfig via yamlString() and sanitizeComment()
- fix(P2): add @@index([userId, createdAt]) to ApiKey model
- fix(P2): change Hermes error responses from text/plain to JSON
- fix(P2): set .env file permissions to 600 in setup-server.sh
- fix(P2): remove dead model fallback code
- fix(P2): unify API Key response naming (GET returns { apiKeys })
- fix(P3): add console.warn to fire-and-forget catch
- fix(P3): correct keyPrefix comment (8 -> 12 chars)
- fix(P3): move require() to file top in auth.js
- fix(P3): stop printing database password in setup-server.sh
- docs: rewrite README with architecture, operation flow, and Hermes interaction flow
|
2026-06-21 14:05:37 +08:00 |
chiguyong
|
0028091f34
|
ci: add CI/CD deployment scripts with PM2, Nginx, and auto-setup
- Add ecosystem.config.js for PM2 process management
- Add deploy/setup-server.sh for one-shot server initialization (auto-detects OS, installs Node.js 20/PostgreSQL 15/PM2/Nginx)
- Add deploy/deploy.sh for repeatable deployments (pull -> install -> migrate -> reload -> health check)
- Add deploy/nginx.conf reverse proxy template with security headers
- Rewrite .gitea/workflows/deploy.yml with full CI/CD pipeline (checkout -> build -> migrate -> deploy -> health check)
- Add .env.example template with DATABASE_URL/JWT_SECRET/PORT/ALLOWED_ORIGINS
- Add docs/deployment.md (full deployment guide) and docs/business-processes.md
- Update package.json scripts (db:generate, test:e2e, deploy)
- Add logs/ to .gitignore
|
2026-06-21 14:05:37 +08:00 |