initial commit

serenity-kit · Jun 13, 2024 · 24cd48c · 24cd48c
commit 24cd48c
Show file tree

Hide file tree

Showing 175 changed files with 21,257 additions and 0 deletions.
diff --git a/.github/workflows/deploy-server.yml b/.github/workflows/deploy-server.yml
@@ -0,0 +1,33 @@
+name: "Deploy Server"
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: pnpm/action-setup@v3
+        with:
+          version: 9
+      - name: Use Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: 20
+          cache: "pnpm"
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+        working-directory: ./apps/server
+      - name: Generate Prisma Client
+        working-directory: ./apps/server
+        run: pnpm prisma generate
+      - name: Build
+        working-directory: ./apps/server
+        run: pnpm build
+      - uses: superfly/flyctl-actions/setup-flyctl@master
+      - run: flyctl deploy --remote-only ./apps/server/build
+        env:
+          FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}
diff --git a/.github/workflows/deploy-web-client.yml b/.github/workflows/deploy-web-client.yml
@@ -0,0 +1,40 @@
+name: Deploy Web
+env:
+  VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}
+  VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}
+on:
+  push:
+    branches:
+      - main
+jobs:
+  Deploy:
+    defaults:
+      run:
+        working-directory: ./apps/app
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: pnpm/action-setup@v3
+        with:
+          version: 9
+      - name: Use Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: 20
+          cache: "pnpm"
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+      - name: Generate Prisma Client
+        run: cd ../server && pnpm prisma generate
+      - name: Setup production .env
+        run: cp .env.production .env
+      - name: Pre-build Tailwind CSS # fix for https://github.com/nativewind/nativewind/issues/591#issuecomment-1939369454
+        run: npx tailwindcss -i ./src/global.css -o ./node_modules/.cache/nativewind/global.css.web.css
+      - name: Install Vercel CLI
+        run: npm install --global vercel@latest
+      - name: Pull Vercel Environment Information
+        run: vercel pull --yes --environment=production --token=${{ secrets.VERCEL_TOKEN }}
+      - name: Build Project Artifacts
+        run: vercel build --prod --token=${{ secrets.VERCEL_TOKEN }}
+      - name: Deploy Project Artifacts to Vercel
+        run: vercel deploy --prebuilt --prod --token=${{ secrets.VERCEL_TOKEN }}
diff --git a/.github/workflows/tests-and-check.yml b/.github/workflows/tests-and-check.yml
@@ -0,0 +1,40 @@
+name: Tests and Checks
+
+on: [push]
+
+jobs:
+  typecheck:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: pnpm/action-setup@v3
+        with:
+          version: 9
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+      - name: Generate Prisma Client
+        run: cd apps/server && pnpm prisma generate
+      - name: Typecheck
+        run: pnpm ts:check
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: pnpm/action-setup@v3
+        with:
+          version: 9
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+      - name: Linting
+        run: pnpm lint
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: pnpm/action-setup@v3
+        with:
+          version: 9
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+      - name: Test
+        run: pnpm test
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,38 @@
+# Learn more https://docs.github.com/en/get-started/getting-started-with-git/ignoring-files
+
+# dependencies
+node_modules/
+
+# Expo
+.expo/
+dist/
+web-build/
+
+ios
+android
+
+# Native
+*.orig.*
+*.jks
+*.p8
+*.p12
+*.key
+*.mobileprovision
+
+# Metro
+.metro-health-check*
+
+# debug
+npm-debug.*
+yarn-debug.*
+yarn-error.*
+
+# macOS
+.DS_Store
+*.pem
+
+# local env files
+.env*.local
+
+# typescript
+*.tsbuildinfo
diff --git a/.npmrc b/.npmrc
@@ -0,0 +1 @@
+node-linker=hoisted
diff --git a/README.md b/README.md
@@ -0,0 +1,117 @@
+## Development
+
+### Setup
+
+```sh
+pnpm install
+docker-compose up
+```
+
+```sh
+# in another tab
+cd apps/server
+cp .env.example .env
+npx @serenity-kit/opaque@latest create-server-setup
+# copy the string value as OPAQUE_SERVER_SETUP .env
+pnpm prisma migrate dev
+pnpm dev
+```
+
+```sh
+# in another tab
+cd apps/app
+cp .env.example .env
+pnpm dev
+```
+
+### Updating the Database Schema
+
+1. Make changes
+2. Run `pnpm prisma migrate dev`
+3. Run `pnpm prisma generate`
+4. Restart the TS server in your editor
+
+### DB UI
+
+```bash
+cd apps/backend
+pnpm prisma studio
+```
+
+### Wipe all local data
+
+```bash
+cd apps/backend
+pnpm prisma migrate reset
+```
+
+## EAS Build
+
+Simulator build:
+
+```sh
+eas build --profile development-simulator --platform ios
+```
+
+Internal distribution build:
+
+```sh
+eas build --profile preview --platform ios
+```
+
+## Setup Production Environment and CI
+
+see [docs/setup-production-environment-and-ci.md](docs/setup-production-environment-and-ci.md)
+
+## Connect to the Production Database
+
+```sh
+fly postgres connect -a <production-app-db-name>
+```
+
+```sh
+# list dbs
+\list
+# connect to a db
+\c <db_name>;
+# list tables
+\dt
+# query a table
+SELECT * FROM "Document";
+```
+
+## Architecture
+
+### Authentication
+
+Users use OPAQUE to authenticate with the server. After Login the server creates a session and stores it as HTTP-Only Cookie. The session is used to authenticate the user for authenticated requests and also to connect to the Websocket.
+
+### Invitation
+
+Users can invite other users to a list via an invitation link.
+
+Creating an invitation link:
+
+```ts
+const seed = generateSeed();
+const (privKey, pubKey) = generateKeyPair(seed);
+const listKeyLockbox = encrypt(pubKey, listKey);
+const invitation = {
+  listKeyLockbox,
+};
+const encryptedInvitation = encrypt(invitation, sessionKey);
+```
+
+InvitationLink: `${token}/#accessKey=${seed}`
+
+Accepting an invitation:
+
+```ts
+const (privKey, pubKey) = generateKeyPair(seed);
+const encryptedInvitation getInvitationByToken(token);
+const invitation = decrypt(encryptedInvitation, sessionKey)
+const listKey = decrypt(invitation.listKeyLockbox, privKey)
+acceptInvitation(listId, listKey)
+```
+
+TODO better version where the token is also never exposed to the network so not even the ciphertext can be retrieved by a network attacker
diff --git a/apps/app/.env b/apps/app/.env
@@ -0,0 +1,3 @@
+EXPO_PUBLIC_API_ENDPOINT=http://localhost:3030/api
+EXPO_PUBLIC_SECSYNC_WS_ENDPOINT=ws://localhost:3030
+EXPO_PUBLIC_WEB_APP_ORIGIN=http://localhost:8081
diff --git a/apps/app/.env.example b/apps/app/.env.example
@@ -0,0 +1,3 @@
+EXPO_PUBLIC_API_ENDPOINT=http://localhost:3030/api
+EXPO_PUBLIC_SECSYNC_WS_ENDPOINT=ws://localhost:3030
+EXPO_PUBLIC_WEB_APP_ORIGIN=http://localhost:8081
diff --git a/apps/app/.env.production b/apps/app/.env.production
@@ -0,0 +1,3 @@
+EXPO_PUBLIC_API_ENDPOINT=https://lini-api-production.fly.dev/api
+EXPO_PUBLIC_SECSYNC_WS_ENDPOINT=wss://lini-api-production.fly.dev
+EXPO_PUBLIC_WEB_APP_ORIGIN=https://www.lini.app
diff --git a/apps/app/.gitignore b/apps/app/.gitignore
@@ -0,0 +1,16 @@
+node_modules/
+.expo/
+dist/
+npm-debug.*
+*.jks
+*.p8
+*.p12
+*.key
+*.mobileprovision
+*.orig.*
+web-build/
+
+# macOS
+.DS_Store
+
+.vercel
diff --git a/apps/app/app.json b/apps/app/app.json
@@ -0,0 +1,41 @@
+{
+  "expo": {
+    "name": "Lini",
+    "slug": "lini",
+    "owner": "naisho-gmbh",
+    "scheme": "acme",
+    "version": "1.0.0",
+    "orientation": "portrait",
+    "icon": "./assets/images/icon.png",
+    "userInterfaceStyle": "dark",
+    "splash": {
+      "image": "./assets/images/splash.png",
+      "resizeMode": "contain",
+      "backgroundColor": "#ffffff"
+    },
+    "assetBundlePatterns": ["**/*"],
+    "ios": {
+      "supportsTablet": true,
+      "bundleIdentifier": "app.lini.app"
+    },
+    "android": {
+      "adaptiveIcon": {
+        "foregroundImage": "./assets/images/adaptive-icon.png",
+        "backgroundColor": "#ffffff"
+      }
+    },
+    "web": {
+      "favicon": "./assets/images/favicon.png",
+      "bundler": "metro"
+    },
+    "plugins": ["expo-router", "expo-secure-store"],
+    "extra": {
+      "router": {
+        "origin": false
+      },
+      "eas": {
+        "projectId": "59758628-b173-4b85-9fab-f3593b274895"
+      }
+    }
+  }
+}
diff --git a/apps/app/assets/fonts/SpaceMono-Regular.ttf b/apps/app/assets/fonts/SpaceMono-Regular.ttf
diff --git a/apps/app/assets/images/adaptive-icon.png b/apps/app/assets/images/adaptive-icon.png
diff --git a/apps/app/assets/images/favicon.png b/apps/app/assets/images/favicon.png
diff --git a/apps/app/assets/images/icon.png b/apps/app/assets/images/icon.png
diff --git a/apps/app/assets/images/splash.png b/apps/app/assets/images/splash.png
diff --git a/apps/app/babel.config.js b/apps/app/babel.config.js
@@ -0,0 +1,11 @@
+/* eslint-disable unicorn/prefer-module */
+module.exports = (api) => {
+  api.cache(true);
+  return {
+    presets: [
+      ["babel-preset-expo", { jsxImportSource: "nativewind" }],
+      "nativewind/babel",
+    ],
+    plugins: ["react-native-reanimated/plugin"],
+  };
+};
diff --git a/apps/app/components.json b/apps/app/components.json
@@ -0,0 +1,7 @@
+{
+  "platforms": "universal",
+  "aliases": {
+    "components": "~/components",
+    "lib": "~/lib"
+  }
+}