Andriy Oblivantsev
18328706bd
- bin/gen-server-keys.sh: generate Ed25519 keypair to etc/server-service.{pub,key,env}
- main.go: read keys from file (ADMIN_PUBLIC_KEY_FILE) when env empty
- docker-compose: env_file etc/server-service.env, mount etc/
- bin/up.sh: auto-run gen-server-keys if etc/server-service.env missing
- ErrRegistrationNotConfigured for clearer 503 when keys not set
- etc/README.md, etc/.gitignore
- bin/gen-admin-key.sh for one-off key gen
- .env.example
Made-with: Cursor
Momswap Geo Backend
Go backend service for user-owned GeoJSON feature collections with Ed25519 authentication and invitation-based onboarding.
What is implemented
- Ed25519 challenge-response auth (
/v1/auth/challenge,/v1/auth/login) - Hybrid invitation onboarding (signed invite payload + inviter lineage)
- User registration with ownership proof (
/v1/auth/register) - Per-user collections and Point feature CRUD endpoints
- Static no-build frontend (
web/) using Vue + Vuetify from CDN - Reusable TypeScript API client (
libs/geo-api-client) using@noble/ed25519 - Bun tests for the TS client and Go tests for API flows
- Gitea CI workflow running Go and Bun test suites
Quick start
go test ./...
go run ./cmd/api
Run tests via Docker (avoids local permission issues, e.g. var/):
docker compose --profile test run --rm test
Primary deployed base URL: https://momswap.produktor.duckdns.org/.
Local default (for development): http://localhost:8122.
Optional environment variables:
ADDR(default:8122)ADMIN_PUBLIC_KEY— required for registration: bootstrap admin + service key forregister-by-signature. Generate with./bin/gen-admin-key.shSERVICE_PUBLIC_KEY(public key users sign to register; defaults toADMIN_PUBLIC_KEY)
Deployment: Set ADMIN_PUBLIC_KEY before starting. Without it, /v1/service-key returns 503 and registration is disabled.
Docker Compose
Generate server keys (creates etc/server-service.*), then build and run:
./bin/gen-server-keys.sh
COMPOSE_BAKE=true docker compose up --build -d
Or use ./bin/up.sh which runs the key generation if needed.
This starts:
db(postgis/postgis) on5432apion8122, wired withDATABASE_URLto thedbservice
Stop the service:
docker compose down
For local development with auto-rebuild on file changes:
COMPOSE_BAKE=true docker compose --profile dev up --watch
Notes:
apiservice listens on8122inside the container, mapped to host8122(reverse proxy athttps://momswap.produktor.duckdns.org).apiservice uses the productionruntimeimage target.api-devprofile uses thedevimage target and Docker Compose watch.- DB defaults can be overridden via
POSTGRES_DB,POSTGRES_USER,POSTGRES_PASSWORD.
Frontend
Frontend is served by the Go backend at runtime.
Example:
go run ./cmd/api
Then visit:
- Production:
https://momswap.produktor.duckdns.org/web/ - Local:
http://localhost:8122/web/
API client library
Path: libs/geo-api-client
cd libs/geo-api-client
bun install
bun test
bun run build
Frontend TypeScript integration guide:
docs/typescript-frontend-integration.mddocs/ed25519-security-use-cases.md
CI
Workflow: .gitea/workflows/ci.yml
go test ./...bun testinlibs/geo-api-client
Testing policy
- Keep fast unit tests as the default (
go test ./...). - If a test requires a real Postgres instance, use embedded/ephemeral Postgres in the test process or test fixture lifecycle.
- Do not require manually running an external Postgres container for routine test runs.