HomeLab/ForgeBucket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

implemented federation

Browse Source
This commit is contained in:
erangel1
2026-05-12 20:55:13 +02:00
parent e360f3697e
commit ab94775162
13 changed files with 874 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files
AGENTS.md
+15 -7
View File
@@ -40,11 +40,16 @@ internal/
controller.go — NATS subscriptions, startup, periodic ticker
drift.go — CheckDrift, handlePush, periodicCheck
reconciler.go — TriggerSync, handleDeploymentSucceeded/Failed
federation/ — ActivityPub / ForgeFed (DATA LAYER ONLY — Phase 3F stub)
federation/ — ActivityPub / ForgeFed (fully built — Phase 3F)
actor.go — GetOrCreate, ActorJSON, APID, RSA-2048 key gen
signatures.go — HTTP signature sign/verify (draft-cavage-http-signatures)
inbox.go — Receive, handleFollow (auto-accept), handleAccept, handleUndo
outbox.go — Collection builder, StubCollection
remote.go — FetchActor (cached), DeliverActivity (signed POST)
observability/ — Prometheus metrics + health (fully built — Phase 3E)
metrics.go — metric definitions, HTTP middleware, NATS watcher
health.go — Check() returning HealthStatus (DB ping + NATS)
models/ — XORM structs + 13 migration files
models/ — XORM structs + 14 migration files
config/ — ENV-driven config, fails fast on missing secrets
events/ — NATS EventBus interface + NATSBus + NoOpBus (Healthy() bool)
web/ — //go:embed target for the built React SPA
@@ -78,11 +83,9 @@ Logger → RealIP → Recoverer → Metrics → CORS → CSRF → SessionAuth
| 3C | Workspaces + secret management (Global → Workspace → Repo → Env) | **Complete** |
| 3D | GitOps controller + drift detection + auto-sync | **Complete** |
| 3E | Observability (Prometheus `/metrics`, structured `/health`, repo health API) | **Complete** |
| 3F | Federation handlers (ActivityPub inbox/outbox) | Planned |
| 3F | Federation handlers (ActivityPub WebFinger, actor, inbox/outbox, HTTP signatures, Follow/Accept) | **Complete** |
| 4 | AI diagnostics, signed artifacts, OCI registry, dep/secret scanning | Planned |
The `domain/federation/` directory is an intentional stub — the data model exists but no HTTP handlers should be wired until Phase 3F.
---
## Go Conventions
@@ -108,7 +111,7 @@ This rule is non-negotiable. It prevents command injection.
### Database
- XORM for all DB access. Structs in `internal/models/`.
- Migrations are numbered files in `internal/models/migrations/`. Always add a new file; never edit existing ones. Current highest: **013**.
- Migrations are numbered files in `internal/models/migrations/`. Always add a new file; never edit existing ones. Current highest: **014**.
- No raw SQL strings built from user input.
### Events
@@ -208,6 +211,11 @@ make lint # go vet + ESLint
| `internal/api/handlers/observability.go` | `/health` + `/repos/.../health` handlers |
| `internal/api/handlers/environment.go` | Environment + deployment CRUD |
| `internal/api/handlers/gitops.go` | GitOps config + drift HTTP endpoints |
| `internal/api/handlers/federation.go` | ActivityPub WebFinger, actor, inbox, outbox, followers/following |
| `internal/domain/federation/actor.go` | Actor lifecycle — GetOrCreate, ActorJSON, key generation |
| `internal/domain/federation/signatures.go` | HTTP signature sign/verify |
| `internal/domain/federation/inbox.go` | Receive + Follow/Accept auto-accept flow |
| `internal/domain/federation/remote.go` | FetchActor (cached remote actors), DeliverActivity |
| `internal/api/handlers/secret.go` | Scoped secret management |
| `internal/api/handlers/workspace.go` | Workspace + member management |
| `internal/api/middleware/audit.go` | Audit log middleware |
@@ -224,7 +232,7 @@ make lint # go vet + ESLint
```bash
cp .env.example .env # fill SESSION_SECRET and CSRF_SECRET
make docker-up # PostgreSQL + NATS via Docker Compose
make migrate # run XORM migrations (currently 013)
make migrate # run XORM migrations (currently 014)
make dev # Go :8080 + Vite :5173
```