generated from coulomb/repo-seed
Bernd Worsch
3cac021213
Some checks failed
Test / test (push) Has been cancelled
Delivers the full Phase 9 external API layer: - Versioned REST API (/api/v2/) with OpenAPI 3.1 spec; enum arrays for widget_type, event_type, annotation category drawn live from registry tables - OAuth 2.0 client credentials flow (/api/v2/token); hub:*:write scopes gated on active HubCapabilityManifest FK - API key management: SHA256-hashed tokens, key_prefix for display, one-time reveal on creation, revocation support - TypeScript and Python consumer SDKs generated from registry tables (/api/v2/sdk/ihf-client.ts, /api/v2/sdk/ihf-client.py) - Webhook delivery: HMAC-SHA256 signing, append-only webhook_deliveries, fire-and-forget dispatch via forkIO, 3-retry logic - Admin API dashboard with 24h stats (request count, error rate, last seen) - Rate limiting (per-minute) and daily quota enforcement via api_request_log - Schema migration: api_consumers, api_keys, webhook_subscriptions (CHECK constraint on 6 framework lifecycle topics), webhook_deliveries (append-only trigger), api_request_log - ARCHITECTURE-LAYERS.md scorecard: 3.34 → 3.41 (approaching Strong) - contracts/functional/interaction-reporting-v1.md extended with Phase 9 endpoint catalogue and 422 validation error format GAAF: no bare TEXT discriminators; webhook event_type uses CHECK constraint over 6 allowed framework lifecycle topic strings (not widget event types). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
119 lines
5.2 KiB
Nix
119 lines
5.2 KiB
Nix
{
|
|
inputs = {
|
|
ihp.url = "github:digitallyinduced/ihp/v1.5";
|
|
nixpkgs.follows = "ihp/nixpkgs";
|
|
nixpkgs-nixos.follows = "ihp/nixpkgs-nixos";
|
|
flake-parts.follows = "ihp/flake-parts";
|
|
devenv.follows = "ihp/devenv";
|
|
systems.follows = "ihp/systems";
|
|
devenv-root = {
|
|
url = "file+file:///dev/null";
|
|
flake = false;
|
|
};
|
|
};
|
|
|
|
outputs = inputs@{ self, nixpkgs, nixpkgs-nixos, ihp, flake-parts, systems, ... }:
|
|
flake-parts.lib.mkFlake { inherit inputs; } {
|
|
|
|
systems = import systems;
|
|
imports = [ ihp.flakeModules.default ];
|
|
|
|
perSystem = { pkgs, ... }: {
|
|
ihp = {
|
|
appName = "inter-hub";
|
|
enable = true;
|
|
projectPath = ./.;
|
|
packages = with pkgs; [
|
|
# Native dependencies, e.g. imagemagick
|
|
];
|
|
haskellPackages = p: with p; [
|
|
# Haskell dependencies go here
|
|
p.ihp
|
|
base
|
|
wai
|
|
text
|
|
# ihp-mail # Email support: https://ihp.digitallyinduced.com/Guide/mail.html
|
|
# ihp-datasync # Real-time DataSync
|
|
# ihp-job-dashboard # Job dashboard UI
|
|
# ihp-typed-sql # Type-safe SQL queries
|
|
# ihp-pglistener # PostgreSQL LISTEN/NOTIFY
|
|
# Phase 5: Anthropic API calls
|
|
http-conduit
|
|
aeson
|
|
string-conversions
|
|
# Phase 9: External API, crypto, SDK generation
|
|
cryptohash-sha256
|
|
base16-bytestring
|
|
random-bytestring
|
|
yaml
|
|
network-uri
|
|
];
|
|
devHaskellPackages = p: with p; [
|
|
cabal-install
|
|
hlint
|
|
hspec
|
|
ihp-hspec
|
|
];
|
|
|
|
# Hoogle documentation server (enabled by default on port 8002)
|
|
# withHoogle = false; # Disable to save memory
|
|
|
|
# Disable relation type machinery for faster compilation
|
|
# relationSupport = false;
|
|
|
|
# Skip tests/haddock for specific packages to speed up builds
|
|
# dontCheckPackages = [ "my-package" ];
|
|
# doJailbreakPackages = [ "my-package" ];
|
|
# dontHaddockPackages = [ "my-package" ];
|
|
|
|
# Production build tuning
|
|
# optimizationLevel = "2"; # Default: "1", use "2" for more optimized production binaries
|
|
# rtsFlags = "-A96m -N"; # GHC runtime flags for compiled binaries
|
|
|
|
# Mount additional directories under /static/ in production builds
|
|
# static.extraDirs = {
|
|
# # Frontend = self.packages.${system}.frontend;
|
|
# };
|
|
# static.makeBundling = true; # Set false if not using Makefile for CSS/JS bundling
|
|
};
|
|
|
|
# Custom configuration that will start with `devenv up`
|
|
devenv.shells.default = {
|
|
# Start Mailhog on local development to catch outgoing emails
|
|
# services.mailhog.enable = true;
|
|
|
|
# PostgreSQL extensions
|
|
# services.postgres.extensions = extensions: [ extensions.postgis ];
|
|
|
|
# Custom processes that don't appear in https://devenv.sh/reference/options/
|
|
processes = {
|
|
# Uncomment if you use tailwindcss.
|
|
# tailwind.exec = "tailwindcss -c tailwind/tailwind.config.js -i ./tailwind/app.css -o static/app.css --watch=always";
|
|
};
|
|
};
|
|
};
|
|
|
|
# Adding the new NixOS configuration for "production"
|
|
# See https://ihp.digitallyinduced.com/Guide/deployment.html#deploying-with-deploytonixos for more info
|
|
# Used to deploy the IHP application
|
|
flake.nixosConfigurations."production" = import ./Config/nix/hosts/production/host.nix { inherit inputs; };
|
|
};
|
|
|
|
# The following configuration speeds up build times by using the devenv, cachix and digitallyinduced binary caches
|
|
# You can add your own cachix cache here to speed up builds. For that uncomment the following lines and replace `CHANGE-ME` with your cachix cache name
|
|
nixConfig = {
|
|
extra-substituters = [
|
|
"https://devenv.cachix.org"
|
|
"https://cachix.cachix.org"
|
|
"https://digitallyinduced.cachix.org"
|
|
# "https://CHANGE-ME.cachix.org"
|
|
];
|
|
extra-trusted-public-keys = [
|
|
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
|
|
"cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
|
|
"digitallyinduced.cachix.org-1:y+wQvrnxQ+PdEsCt91rmvv39qRCYzEgGQaldK26hCKE="
|
|
# "CHANGE-ME.cachix.org-1:CHANGE-ME-PUBLIC-KEY"
|
|
];
|
|
};
|
|
}
|