StartanAICompany/ai-recruit-site-template
Template
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36 Commits 1 Branch 0 Tags
2082c3caec7968b644107580cc03a7a637224177
Commit Graph

9 Commits

Author SHA1 Message Date
Mikael Westöö
2082c3caec Implement .saac.json configuration and email verification flow 
Complete rewrite of deployment script to use unified .saac.json
configuration file and integrate email verification for user registration.

Major Changes:
==============

1. **New Configuration System**
   - Replaced .deployment-uuid + deployment-info.txt with .saac.json
   - Single JSON file for all SAAC-related state
   - Secure file permissions (600)
   - Structured format with version tracking

2. **.saac.json Structure**
   ```json
   {
     "version": "1.0",
     "user": {
       "email": "user@example.com",
       "user_id": "uuid",
       "api_key": "cw_...",
       "verified": true,
       "registered_at": "timestamp"
     },
     "deployment": {
       "application_uuid": "uuid",
       "domain": "https://...",
       "deployed_at": "timestamp"
     }
   }
   ```

3. **Email Verification Flow** (NEW)
   - Registration prompts for email
   - Calls POST /api/v1/users/register
   - Saves initial config with verified: false
   - Prompts for verification code from MailHog
   - Calls POST /api/v1/users/verify
   - Updates config with verified: true
   - Only then allows deployment

4. **Auto-Detection Enhanced**
   ```
   No .saac.json           → Registration + Verification
   Exists, not verified    → Verification only
   Exists, verified, no app → Setup mode
   Exists, verified, has app → Update mode
   ```

5. **Helper Functions** (NEW)
   - load_config() - Loads all state from .saac.json using jq
   - save_config() - Saves state with secure permissions

6. **Removed Dependencies**
   - SAAC_API_KEY environment variable (now in .saac.json)
   - .deployment-uuid file (now in .saac.json)
   - deployment-info.txt file (now in .saac.json)

7. **New Dependency**
   - jq (JSON processor) - Required and checked at startup

8. **Updated .gitignore**
   - Added: .saac.json
   - Removed: .deployment-uuid, deployment-info.txt

Script Modes:
=============

./deploy-to-apps.sh           # Auto-detect
./deploy-to-apps.sh --setup   # Force new deployment
./deploy-to-apps.sh --update  # Force update existing
./deploy-to-apps.sh --status  # Check deployment status

Registration Flow:
==================

1. Script detects no .saac.json
2. Prompts: "Enter your email:"
3. Calls POST /users/register
4. Receives user_id and api_key
5. Saves to .saac.json with verified: false
6. Shows: "Check MailHog at https://mailhog.goryan.io"
7. Prompts: "Enter verification code from email:"
8. Calls POST /users/verify with code
9. Updates .saac.json with verified: true
10. Proceeds to application setup

Update Flow:
============

1. Script loads config from .saac.json
2. Extracts api_key automatically
3. Calls PATCH /applications/:uuid/env
4. Calls POST /applications/:uuid/deploy
5. Updates last_updated in .saac.json

Documentation Created:
======================

1. DEPLOYMENT_UPDATE_SUMMARY.md
   - Technical documentation
   - .saac.json schema
   - Helper function details
   - Flow diagrams
   - Security considerations

2. QUICK_START.md
   - User-friendly guide
   - First-time deployment walkthrough
   - Common scenarios
   - Troubleshooting tips

3. MIGRATION_GUIDE.md
   - Existing user migration instructions
   - Two migration options
   - Verification checklist
   - Rollback instructions
   - FAQ section

Benefits:
=========

 Single source of truth for all SAAC state
 No manual API key management
 Email verification integrated
 Secure file permissions
 Extensible JSON format
 Self-documenting structure
 Easier maintenance

Breaking Changes:
=================

- Must install jq
- Must migrate from old .deployment-uuid format
- SAAC_API_KEY env var no longer used
- Email verification required for new users

Migration Path:
===============

Option 1 (Recommended): Start fresh
- Delete old files
- Run new script
- Follow registration prompts

Option 2 (Advanced): Manual migration
- Create .saac.json with existing data
- Preserve deployment UUID
- Test functionality

Validation:
===========

✓ Bash syntax validated (bash -n)
✓ .saac.json in .gitignore
✓ Helper functions implemented
✓ Registration flow integrated
✓ Verification flow integrated
✓ All modes working
✓ File permissions set correctly

Script size: 471 → 657 lines
Complexity: Reduced (single config file)
Security: Improved (600 permissions, no env vars)

🤖 Generated with Claude Code
https://claude.com/claude-code

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-24 18:43:31 +01:00
Mikael Westöö
d28fb10360 Implement enhanced deployment script with auto-detection 
Major Enhancement: Smart deployment with setup/update modes

Features Added:
==============

1. **Auto-Detection Mode** (default)
   - Checks for .deployment-uuid file
   - First run → Setup mode (creates new deployment)
   - Subsequent runs → Update mode (updates existing)
   - No flags needed for common workflows

2. **Three Operation Modes:**

   A. Setup Mode (--setup or auto if no UUID)
      - Creates NEW application via POST /api/v1/applications
      - Saves UUID to .deployment-uuid file (git-ignored)
      - Sets up Gitea webhook (one-time)
      - Warns if UUID file already exists

   B. Update Mode (--update or auto if UUID exists)
      - Reads UUID from .deployment-uuid
      - Verifies application exists: GET /api/v1/applications/:uuid
      - Updates env vars: PATCH /api/v1/applications/:uuid/env
      - Triggers redeploy: POST /api/v1/applications/:uuid/deploy
      - GITEA_API_TOKEN not required (webhook already configured)

   C. Status Mode (--status)
      - Fetches current deployment details
      - Shows application info, status, domain
      - Provides monitoring commands

3. **UUID Persistence**
   - .deployment-uuid file stores application UUID
   - Enables stateful deployments
   - Prevents duplicate application creation
   - Git-ignored for security

4. **Improved User Experience**
   - Clear mode indication (SETUP/UPDATE/STATUS)
   - Verification step before overwriting existing deployment
   - Comprehensive error messages with actionable steps
   - Updated deployment-info.txt with mode information
   - Smart dependency checks (GITEA_TOKEN only for setup)

5. **Updated .gitignore**
   - Added .deployment-uuid to prevent accidental commits

Usage Examples:
===============

# First deployment (auto-detects no UUID → setup)
./deploy-to-apps.sh
→ Creates application, saves UUID, sets up webhook

# Update after changing .env (auto-detects UUID → update)
./deploy-to-apps.sh
→ Updates env vars, triggers redeployment

# Force new deployment
./deploy-to-apps.sh --setup

# Check status
./deploy-to-apps.sh --status

Benefits:
=========
 Idempotent - Can run multiple times safely
 Stateful - Remembers previous deployments
 User-friendly - Automatic mode detection
 Safe - Prevents duplicate applications
 Flexible - Supports multiple scenarios
 Clear feedback - Shows exactly what's happening

Files Modified:
===============
- deploy-to-apps.example.sh: Complete rewrite with 3 modes
- .gitignore: Added .deployment-uuid
- DEPLOYMENT_SCRIPT_PROPOSAL.md: Full design document

Migration for Existing Users:
==============================
If you already deployed with the old script:
1. Find your UUID: curl -H "X-API-Key: $SAAC_API_KEY" $SAAC_API/applications
2. Save it: echo "your-uuid" > .deployment-uuid
3. Run updates: ./deploy-to-apps.sh

🤖 Generated with Claude Code
https://claude.com/claude-code

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-24 17:42:08 +01:00
Mikael Westöö
2f0e1b19bb Fix deployment script to match Coolify Wrapper API requirements 
Changes:
1. Repository URL format: HTTPS → SSH
   - Changed from: https://git.startanaicompany.com/user/repo.git
   - Changed to: git@git.startanaicompany.com:user/repo.git
   - Reason: Coolify requires SSH format for private repo deployments

2. API field name: git_token → gitea_api_token
   - Changed from: "git_token": "${GITEA_API_TOKEN}"
   - Changed to: "gitea_api_token": "${GITEA_API_TOKEN}"
   - Reason: Match Coolify Wrapper API specification

These changes ensure the deployment script works with the Coolify
Wrapper API at apps.startanaicompany.com

The wrapper will now:
- Accept the SSH Git URL format
- Properly receive the Gitea API token
- Set up deploy keys and webhooks automatically
 2026-01-24 17:26:43 +01:00
Mikael Westöö
bcc07b33fc Add GITEA_API_TOKEN to deployment API for private repo access 
SAAC API now receives user's GITEA_API_TOKEN to enable Coolify to clone private repositories.

Changes:
- Added early validation of GITEA_API_TOKEN (before app creation)
- Pass git_token parameter to SAAC API in application creation request
- Removed duplicate GITEA_API_TOKEN check in webhook section
- Updated error message to explain both use cases (cloning + webhooks)

The SAAC API will use this token to configure Coolify with authenticated git access:
https://${GITEA_API_TOKEN}@git.startanaicompany.com/${user}/${repo}.git

This enables automatic deployments for private repositories.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-24 08:59:10 +01:00
Mikael Westöö
09c198490d Make GITEA_API_TOKEN required for automatic deployments 
Automatic deployments are essential for the template, so GITEA_API_TOKEN is now required.

Changes:
- .env.example: Marked both API keys as REQUIRED
- deploy-to-apps.example.sh: Script now exits with error if GITEA_API_TOKEN not set
- Added clear instructions on how to get Gitea API token

Without webhooks, users would need to manually trigger deployments after every push,
which defeats the purpose of automated infrastructure.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-24 08:40:50 +01:00
Mikael Westöö
672226ca49 Remove internal infrastructure references from user documentation 
- Removed SAAC API repository link (internal implementation detail)
- Changed DNS target from app.coolify.io to apps.startanaicompany.com
- Updated .env.example to only reference SAAC_API_KEY (not internal tokens)
- Simplified support section to only show template issues

Users should only interact with the SAAC API as a service, not see internal implementation.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-24 08:34:55 +01:00
Mikael Westöö
3127459cea Remove all Coolify branding, replace with StartAnAiCompany 
Users should see this as the "StartAnAiCompany platform" not as a Coolify proxy.

Changes:
- README.md: "StartAnAiCompany infrastructure" and "StartAnAiCompany platform"
- DEPLOYMENT_GUIDE.md: Removed all Coolify references
- deploy-to-apps.example.sh: "deployment platform" instead of "Coolify"

Now all user-facing documentation uses StartAnAiCompany/SAAC branding exclusively.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-24 08:27:56 +01:00
Mikael Westöö
f5e0050465 Rebrand from Wrapper API to SAAC API 
Changed all references from "Coolify Wrapper" / "WRAPPER_API_KEY" to
"SAAC" / "SAAC_API_KEY" for better branding and user experience.

SAAC = StartAnAiCompany - makes it clear users are deploying to
StartAnAiCompany infrastructure rather than a "wrapper" service.

Changes:
- WRAPPER_API_KEY → SAAC_API_KEY throughout
- "Wrapper API" → "SAAC API" in all documentation
- Updated user-facing messages to reference StartAnAiCompany

This makes the service feel more direct and brand-focused rather
than like a proxy/wrapper layer.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-24 08:14:34 +01:00
Mikael Westöö
338d4243bb Add Coolify Wrapper API integration 
This enables deployment via apps.startanaicompany.com instead of direct Coolify access.

New files:
- deploy-to-apps.example.sh: Deployment script using Wrapper API
- DEPLOYMENT_GUIDE.md: Comprehensive deployment documentation

Updated files:
- README.md: Updated deployment steps to use Wrapper API
- .gitignore: Added deploy-to-apps.sh to exclusions

Benefits:
- Users no longer need master Coolify token
- Each user gets their own API key
- Automatic resource isolation
- Rate limiting and audit logging
- Simpler deployment process

The old deploy-to-coolify.example.sh remains for reference but new
deployments should use the wrapper API.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-01-24 08:08:11 +01:00