commit acae24cfb58e27dff72121b8317795ce1a19a739 · bretton.dev/coves

+2 -1

Dockerfile

···

       42
        
       COPY --from=builder /build/coves-server /app/coves-server

     

       43
        
       

     

       44
        
       # Copy migrations (needed for goose)

     

       45
       -
       COPY --from=builder /build/internal/db/migrations /app/migrations

     

       0
        
       
     

       46
        
       

     

       47
        
       # Set ownership

     

       48
        
       RUN chown -R coves:coves /app

···

       42
        
       COPY --from=builder /build/coves-server /app/coves-server

     

       43
        
       

     

       44
        
       # Copy migrations (needed for goose)

     

       45
       +
       # Must maintain path structure as app looks for internal/db/migrations

     

       46
       +
       COPY --from=builder /build/internal/db/migrations /app/internal/db/migrations

     

       47
        
       

     

       48
        
       # Set ownership

     

       49
        
       RUN chown -R coves:coves /app

+13 -2

docker-compose.prod.yml

···

       68
        
             # Jetstream (Bluesky production firehose)

     

       69
        
             JETSTREAM_URL: wss://jetstream2.us-east.bsky.network/subscribe

     

       70
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       71
        
             # Security - MUST be false in production

     

       72
        
             AUTH_SKIP_VERIFY: "false"

     

       73
        
             SKIP_DID_WEB_VERIFICATION: "false"

     
···

       84
        
       

     

       85
        
             # Encryption key for community credentials

     

       86
        
             ENCRYPTION_KEY: ${ENCRYPTION_KEY}

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       87
        
           networks:

     

       88
        
             - coves-internal

     

       89
        
           depends_on:

     
···

       131
        
             PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ${PDS_ROTATION_KEY}

     

       132
        
       

     

       133
        
             # Email (optional, for account recovery)

     

       134
       -
             PDS_EMAIL_SMTP_URL: ${PDS_EMAIL_SMTP_URL:-}

     

       135
       -
             PDS_EMAIL_FROM_ADDRESS: ${PDS_EMAIL_FROM_ADDRESS:-noreply@coves.me}

     

       0
        
       
     

       136
        
       

     

       137
        
             # Production mode

     

       138
        
             PDS_DEV_MODE: "false"

···

       68
        
             # Jetstream (Bluesky production firehose)

     

       69
        
             JETSTREAM_URL: wss://jetstream2.us-east.bsky.network/subscribe

     

       70
        
       

     

       71
       +
             # Custom lexicon consumers (use production Jetstream with collection filters)

     

       72
       +
             COMMUNITY_JETSTREAM_URL: wss://jetstream2.us-east.bsky.network/subscribe?wantedCollections=social.coves.community.profile&wantedCollections=social.coves.community.subscription

     

       73
       +
             POST_JETSTREAM_URL: wss://jetstream2.us-east.bsky.network/subscribe?wantedCollections=social.coves.community.post

     

       74
       +
             AGGREGATOR_JETSTREAM_URL: wss://jetstream2.us-east.bsky.network/subscribe?wantedCollections=social.coves.aggregator.service&wantedCollections=social.coves.aggregator.authorization

     

       75
       +
             VOTE_JETSTREAM_URL: wss://jetstream2.us-east.bsky.network/subscribe?wantedCollections=social.coves.feed.vote

     

       76
       +
             COMMENT_JETSTREAM_URL: wss://jetstream2.us-east.bsky.network/subscribe?wantedCollections=social.coves.community.comment

     

       77
       +
       

     

       78
        
             # Security - MUST be false in production

     

       79
        
             AUTH_SKIP_VERIFY: "false"

     

       80
        
             SKIP_DID_WEB_VERIFICATION: "false"

     
···

       91
        
       

     

       92
        
             # Encryption key for community credentials

     

       93
        
             ENCRYPTION_KEY: ${ENCRYPTION_KEY}

     

       94
       +
       

     

       95
       +
             # Cursor encryption for pagination

     

       96
       +
             CURSOR_SECRET: ${CURSOR_SECRET}

     

       97
        
           networks:

     

       98
        
             - coves-internal

     

       99
        
           depends_on:

     
···

       141
        
             PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: ${PDS_ROTATION_KEY}

     

       142
        
       

     

       143
        
             # Email (optional, for account recovery)

     

       144
       +
             # NOTE: Must set BOTH or NEITHER - PDS fails with partial config

     

       145
       +
             # PDS_EMAIL_SMTP_URL: ${PDS_EMAIL_SMTP_URL}

     

       146
       +
             # PDS_EMAIL_FROM_ADDRESS: ${PDS_EMAIL_FROM_ADDRESS}

     

       147
        
       

     

       148
        
             # Production mode

     

       149
        
             PDS_DEV_MODE: "false"