test cf connection

.github/workflows/build.yaml

@@ -4,30 +4,47 @@ on:
   push:
     branches: ["main"]
 env:
-  IMAGE_NAME: "djsisson/portfolio"
+  IMAGE_NAME: "portfolio"
 
 jobs:
-  amd64:
+  setup-warp:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Setup Cloudflare WARP Connector
+        uses: wallravit/[email protected]
+        with:
+          organization: ${{ secrets.CLOUDFLARE_ORGANIZATION_ID }}
+          cloudflare_access_client_id: ${{ secrets.CF_ID }}
+          cloudflare_client_secret: ${{ secrets.CF_SECRET }}
+          cloudflare_warp_token: ${{ secrets.CLOUDFLARE_WARP_TOKEN }}
+
+      - name: Check WARP Registration
+        run: warp-cli --accept-tos registration show
+
+      - name: Check WARP Status
+        run: warp-cli --accept-tos status
+  build:
     runs-on: ubuntu-latest
     permissions:
       contents: read
       packages: write
     steps:
-      - uses: actions/checkout@v4
       - name: Login to registry
         uses: docker/login-action@v3
         with:
           registry: ${{ secrets.REGISTRY_URL }}
           username: ${{ secrets.REGISTRY_USERNAME }}
           password: ${{ secrets.REGISTRY_PASSWORD  }}
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
       - name: Build image and push to registry
         uses: docker/build-push-action@v6
         with:
           context: .
           file: Dockerfile
           platforms: linux/amd64
           push: true
-          tags: ${{ secrets.REGISTRY_URL }}/${{ env.IMAGE_NAME }}:latest
-      - name: Deploy to Coolify
-        run: |
-          curl --request GET '${{ secrets.COOLIFY_WEBHOOK }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}' --header 'CF-Access-Client-Id: ${{ secrets.CF_ID }}' --header 'CF-Access-Client-Secret: ${{ secrets.CF_SECRET }}'
+          tags: |
+            ${{ secrets.REGISTRY_URL }}/${{ env.IMAGE_NAME }}:latest
+            ${{ secrets.REGISTRY_URL }}/${{ env.IMAGE_NAME }}:${{ github.sha }}

.gitignore

@@ -27,13 +27,14 @@ yarn-error.log*
 
 # local env files
 .env*.local
+.env*.production
 .env
-
 # vercel
 .vercel
 
 # typescript
 *.tsbuildinfo
 next-env.d.ts
 docker-compose-dev.yaml
+compose.yaml
 Dockerfile.dev

package.json

@@ -10,7 +10,8 @@
     "driz-gen": "yarn drizzle-kit generate",
     "driz-mig": "yarn drizzle-kit migrate",
     "seed": "yarn dlx tsx ./src/db/seed/seed.ts",
-    "blur": "yarn dlx tsx ./processImages.ts"
+    "blur": "yarn dlx tsx ./processImages.ts",
+    "test-build": "docker buildx build -t 10.0.0.2:5000/portfolio:latest --push ."
   },
   "dependencies": {
     "@mdx-js/loader": "^3.1.0",

src/app/genshin/components/Char-Info.tsx

@@ -20,7 +20,7 @@ export default function CharInfo({ character }: { character: Characters[0] }) {
               src={value}
               alt={key}
               fill={true}
-              priority={false}
+              priority={true}
             />
           </div>
         );

src/app/layout.tsx

@@ -2,6 +2,7 @@ import type { Metadata } from "next";
 import { ThemeProvider } from "next-themes";
 import { Inter } from "next/font/google";
 import "./global.css";
+import { headers } from "next/headers";
 
 export const metadata: Metadata = {
   title: "Portfolio",
@@ -13,15 +14,16 @@ const inter = Inter({
   variable: "--font-inter",
 });
 
-export default function RootLayout({
+export default async function RootLayout({
   children,
 }: Readonly<{
   children: React.ReactNode;
 }>) {
+  const nonce = (await headers()).get("x-nonce");
   return (
     <html lang="en" suppressHydrationWarning>
       <body className={`${inter.variable} font-sans`}>
-        <ThemeProvider enableSystem={true} attribute="class">
+        <ThemeProvider enableSystem={true} attribute="class" nonce={nonce!}>
           {children}
         </ThemeProvider>
       </body>

src/app/todos/actions.ts

@@ -56,6 +56,7 @@ export async function listTodos() {
   if (!jwt) {
     return [] as (typeof todos.$inferSelect)[];
   }
+
   const result = await dbClient(jwt as JWTPayload).rls(async (tx) => {
     const todoList = await tx
       .select()

src/db/db.ts

@@ -7,7 +7,7 @@ import * as asteroidz_relations from "./asteroidz/relations";
 import * as forum_schema from "./forum/schema";
 import { loadEnvConfig } from "@next/env";
 
-loadEnvConfig(process.cwd(), true);
+loadEnvConfig(process.cwd(), false);
 // import * as forum_relations from "./forum/relations";
 
 const connectionString = process.env.DATABASE_URL!;

src/db/forum/db.ts

@@ -42,7 +42,7 @@ export function dbClient<Token extends SupabaseToken = SupabaseToken>(
               token.sub ?? "",
             )}', TRUE);												
             -- set local role
-            set local role ${sql.raw(token.role ?? "anon")};
+            set local role ${sql.raw(token.aud?.toString() ?? "anon")};
             `);
             return await transaction(tx);
           } finally {

src/db/forum/schema.ts

@@ -148,13 +148,13 @@ export const likes = pgTable(
       as: "permissive",
       for: "delete",
       to: authenticatedRole,
-      using: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT uid() AS uid))))`,
+      using: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT auth.uid() AS uid))))`,
     }),
     pgPolicy("likes_insert_policy", {
       as: "permissive",
       for: "insert",
       to: authenticatedRole,
-      withCheck: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT uid() AS uid))))`,
+      withCheck: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT auth.uid() AS uid))))`,
     }),
     pgPolicy("likes_select_policy", {
       as: "permissive",
@@ -166,8 +166,8 @@ export const likes = pgTable(
       as: "permissive",
       for: "update",
       to: authenticatedRole,
-      withCheck: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT uid() AS uid))))`,
-      using: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT uid() AS uid))))`,
+      withCheck: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT auth.uid() AS uid))))`,
+      using: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT auth.uid() AS uid))))`,
     }),
   ],
 );
@@ -283,13 +283,13 @@ export const user_follows = pgTable(
       as: "permissive",
       for: "delete",
       to: authenticatedRole,
-      using: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT uid() AS uid))))`,
+      using: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT auth.uid() AS uid))))`,
     }),
     pgPolicy("user_follows_insert_policy", {
       as: "permissive",
       for: "insert",
       to: authenticatedRole,
-      withCheck: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT uid() AS uid))))`,
+      withCheck: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT auth.uid() AS uid))))`,
     }),
     pgPolicy("user_follows_select_policy", {
       as: "permissive",
@@ -301,8 +301,8 @@ export const user_follows = pgTable(
       as: "permissive",
       for: "update",
       to: authenticatedRole,
-      using: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT uid() AS uid))))`,
-      withCheck: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT uid() AS uid))))`,
+      using: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT auth.uid() AS uid))))`,
+      withCheck: sql`(user_id IN ( SELECT users.id FROM users WHERE (users.user_id = ( SELECT auth.uid() AS uid))))`,
     }),
   ],
 );

src/db/genshin/schema.ts

@@ -1,4 +1,4 @@
-import { pgTable, integer, text, unique } from "drizzle-orm/pg-core";
+import { pgTable, integer, text, unique, index } from "drizzle-orm/pg-core";
 
 export const elements = pgTable(
   "elements",
@@ -42,8 +42,11 @@ export const characters = pgTable(
   },
   (table) => [
     unique("characters_name_unique").on(table.name),
-    unique("characters_city_id_cities_id_fk").on(table.city_id),
-    unique("characters_element_id_elements_id_fk").on(table.element_id),
+    index("characters_city_id_cities_id_fk").using("btree", table.city_id),
+    index("characters_element_id_elements_id_fk").using(
+      "btree",
+      table.element_id,
+    ),
   ],
 );