From d11603722d220922e9b8741afdae2d74266498f6 Mon Sep 17 00:00:00 2001 From: Joders Date: Sun, 18 Jan 2026 06:13:10 +0000 Subject: [PATCH] Update README.md --- README.md | 47 +++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 41 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 7163b6e..003869b 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,42 @@ -TODO: - -UI changes and UX: - -onboarding: -Pressing enter submits and goes to next step +Here is dummy ai explanation for you my friend +Stack +Backend: Node + Fastify + Prisma (Postgres) +Frontend: React + Vite +Scheduler: separate worker container (cron tasks) +Reverse proxy (prod) +Default: Nginx (skymoneybudget.com.conf) +Alternative: Caddy (Caddyfile.prod) +API is under /api path +Web is static from /var/www/skymoney/dist +HTTPS + HSTS already configured in the prod config +Required env vars (production) +DATABASE_URL +JWT_SECRET (32+ chars) +COOKIE_SECRET (32+ chars) +CORS_ORIGIN (set to https://skymoneybudget.com) +Optional: COOKIE_DOMAIN=skymoneybudget.com +Cookies + Security +HttpOnly + Secure in prod +CSRF protection required for non‑GET +/auth/logout requires CSRF now +Mutation endpoints rate‑limited +Cron jobs +rollover worker (6 AM user time) +auto‑payment worker (9 AM user time) +Jobs run every 15 minutes and only process users whose local time has reached the threshold +DB / Prisma +Postgres required +Prisma migrations must be applied before running +The app blocks default secrets in prod +Build + deploy +web/ builds to web/dist +API runs on port 8080 internally (exposed as 8081 in compose) +Nginx proxies /api to 127.0.0.1:8081 +Logs +Prod logs are limited (PII reduced) +Key logging: job success/failure counts +Backups +Scripts exist: backup.sh, restore.sh +Restore requires admin DB privileges (created DB) +Optional but recommended to test once