docs(architecture): sync Caddy manager gate in first-start + ownership invariant
This commit is contained in:
Brückner
@ -501,8 +501,8 @@ Default admin user (only on a blank database):
|
||||
INSERT user (name='admin', role='admin', email='admin@ghostgrid.local', password=bcrypt('admin'))
|
||||
→ log "[Init] Default admin user created"
|
||||
|
||||
Caddy route import (re-deploy safety net):
|
||||
if caddy_enabled === 'true' AND caddy table is empty:
|
||||
Caddy route import (re-deploy safety net, Caddy manager only):
|
||||
if CADDY_MANAGER === 'true' AND caddy_enabled === 'true' AND caddy table is empty:
|
||||
importCaddyfileRoutes() → seed routes from /etc/caddy/Caddyfile
|
||||
(also runs in PUT /api/settings on the disabled → enabled transition)
|
||||
|
||||
@ -841,6 +841,7 @@ Express (server.ts) ──► better-sqlite3 (ghostgrid.db, WAL)
|
||||
- A new settings key must be: **seeded** in `server-db.ts`, **allow-listed** in `PUT /api/settings`, and (if secret) added to `SECRET_KEYS`.
|
||||
- Schema changes go straight into the `CREATE TABLE` block in `server-db.ts` — fresh-install model, no migration helper.
|
||||
- The SPA catch-all (`app.get('*')`) + static serving are registered **last** in `startServer()`, after every `/api` route — otherwise GET `/api/*` falls through to `index.html`. All `/api` responses carry `Cache-Control: no-store`.
|
||||
- One Caddy per container; `POST /load` replaces the whole config. Only the `CADDY_MANAGER=true` instance may push/seed/edit routes — never let the non-manager push.
|
||||
- All user-facing strings are in **English**.
|
||||
|
||||
---
|
||||
|
||||
Reference in New Issue
Block a user