79 lines
3.4 KiB
Markdown
79 lines
3.4 KiB
Markdown
# Plan 1 Complete — Foundation
|
|
|
|
Done: 2026-05-31
|
|
|
|
## What landed
|
|
|
|
- Two LXCs provisioned: `void2-db` (CT 310 @ 192.168.1.15 — Postgres 16.14 +
|
|
pgvector 0.8.2 + pgcrypto) and `void2-app` (CT 311 — Node 22 + Express)
|
|
- PVE replication jobs `310-0` and `311-0` to Z3 every 15 min for `pct migrate`-based HA
|
|
- Schema migrations 001-006:
|
|
- **001** core (spaces, projects, tasks) with composite-FK tenancy
|
|
- **002** knowledge (pages, page_revisions, refs) with FTS + vector indexes
|
|
- **003** resources, resource_dependencies, resource_credentials, source_docs
|
|
(composite FKs on both endpoints, source_docs anchored by NOT NULL FK)
|
|
- **004** agents, agent_tokens (bcrypt), conversations, messages (FTS GIN)
|
|
- **005** tags, entity_tags, entity_links, attachments (polymorphic — see
|
|
`docs/security-followups.md` for tenant-boundary tradeoffs)
|
|
- **006** audit_log (append-only) + pending_changes
|
|
- Repos: spaces, projects, tasks, pages, refs, resources, source_docs, agents,
|
|
conversations, messages, tags, links, attachments, audit, pending_changes —
|
|
all accept an `actor` parameter on mutating ops and emit audit rows
|
|
- Real audit log with redaction of `token`, `token_hash`, `password`, `api_key`,
|
|
`secret`, `authorization` keys (case-insensitive, nested)
|
|
- Capability check (`canAct`) with user / cron / worker / system → allow; agents
|
|
tiered allow / suggest / deny based on `capabilities` + `scopes`
|
|
- Owner bearer-token auth middleware on all `/api/*`; `/health` is open
|
|
- Express server with `/health` (DB ping + version) and smoke `/api/spaces`
|
|
- systemd unit + `deploy/push.sh` rsync deploy + setup README
|
|
- **72 tests across 24 test files — all green**
|
|
|
|
## What's NOT here
|
|
|
|
- Routes for every entity (Plan 2)
|
|
- The Void 2.0 UI shell (Plan 2)
|
|
- Capture workers — Karakeep poll, YouTube, PDF/OCR, screenshots (Plan 3 + 4)
|
|
- MCP server for Claude / Ollama integration (Plan 5)
|
|
- Vaultwarden integration for credential storage (deferred, tracked in user memory)
|
|
- Migrations from Void 1.x / BookStack / Karakeep (Plan 7)
|
|
|
|
## Known follow-ups
|
|
|
|
- `docs/security-followups.md` — three security-plugin findings on the polymorphic
|
|
tables in migration 005 (HIGH: no `space_id`; MEDIUM: global tag namespace; MEDIUM:
|
|
no cascade on parent delete). The polymorphic shape was an approved spec decision;
|
|
decide tighten-vs-defer before Plan 1 is declared production-ready.
|
|
- `lib/db/repos/audit_stub.js` re-exports from `audit.js` for backwards compatibility
|
|
with the 14 existing imports. Future repos should import from `audit.js` directly.
|
|
- `void` DB role currently has SUPERUSER for test extension creation. Acceptable
|
|
for dev; revoke before exposing the DB beyond the LXC perimeter.
|
|
- vitest `fileParallelism: false` is a workaround for `resetDb` racing on
|
|
`DROP SCHEMA + CREATE EXTENSION`. Tests run sequentially — ~20s for the full
|
|
suite. Acceptable at current size.
|
|
|
|
## How to verify
|
|
|
|
```bash
|
|
cd /project/src/void-v2
|
|
|
|
npm test
|
|
# Expect: 24 files, 72 tests, all passing.
|
|
|
|
npm run migrate
|
|
# Expect: silent success (migrations are idempotent — re-running is a no-op).
|
|
|
|
OWNER_TOKEN=test npm start &
|
|
sleep 1
|
|
curl -s localhost:3000/health
|
|
# {"ok":true,"db_ok":true,"version":"2.0.0-alpha.1"}
|
|
curl -s -H "Authorization: Bearer test" localhost:3000/api/spaces
|
|
# []
|
|
kill %1
|
|
```
|
|
|
|
## Commit history
|
|
|
|
22 commits on `main`, each scoped to a single Plan 1 task. See `git log --oneline`.
|
|
|
|
## Next: Plan 2 — Core REST API + Void UI shell
|