tranquil.farm / tranquil-pds
Our Personal Data Server from scratch! tranquil.farm
oauth atproto pds rust postgresql objectstorage fun
fork atom

chore: small md file updates

lewis.moe 24845bf7 91cfc536

+76 -90
unified split
+9 -13
README.md
··· 6 7 This particular PDS thrives under harsh conditions. It is a dandelion growing through the cracks in the sidewalk concrete. 8 9 - It has full compatibility with Bluesky's reference PDS: same endpoints, same behavior, same client compatibility. Everything works: repo operations, blob storage, firehose, OAuth, handle resolution, account migration, the lot. 10 - 11 - Another excellent PDS is [Cocoon](https://tangled.org/hailey.at/cocoon), written in go. 12 13 ## What's different about Tranquil PDS 14 15 - It is a superset of the reference PDS, including: passkeys and 2FA (WebAuthn/FIDO2, TOTP, backup codes, trusted devices), SSO login and signup, did:web support (PDS-hosted subdomains or bring-your-own), multi-channel communication (email, discord, telegram, signal) for verification and alerts, granular OAuth scopes with a consent UI showing human-readable descriptions, app passwords with granular permissions (read-only, post-only, or custom scopes), account delegation (letting others manage an account with configurable permission levels), automatic backups (configurable retention and frequency, one-click restore), and a built-in web UI for account management, OAuth consent, repo browsing, and admin. 16 17 - The PDS itself is a single small binary with no node/npm runtime. It requires postgres. Blobs are stored on the local filesystem by default (S3 optional). Valkey is optional (supported as an alternative to the built-in cache). 18 19 ## Quick Start 20 21 ```bash 22 cp .env.example .env 23 - podman compose up -d 24 just run 25 ``` 26 ··· 41 42 ### Quick Deploy (Docker/Podman Compose) 43 44 - Edit `.env.prod` with your values. Generate secrets with `openssl rand -base64 48`. 45 46 ```bash 47 - cp .env.prod.example .env.prod 48 podman-compose -f docker-compose.prod.yaml up -d 49 ``` 50 51 ### Installation Guides 52 53 - | Guide | Best For | 54 - |-------|----------| 55 - | [Debian](docs/install-debian.md) | Debian 13+ with systemd | 56 - | [Containers](docs/install-containers.md) | Podman with quadlets or OpenRC | 57 - | [Kubernetes](docs/install-kubernetes.md) | You know what you're doing | 58 59 ## Maintainers to ping 60
··· 6 7 This particular PDS thrives under harsh conditions. It is a dandelion growing through the cracks in the sidewalk concrete. 8 9 + It has full compatibility with Bluesky's reference PDS. 10 11 ## What's different about Tranquil PDS 12 13 + It is a superset of the reference PDS, including: passkeys and 2FA (WebAuthn/FIDO2, TOTP, backup codes, trusted devices), SSO login and signup, did:web support (PDS-hosted subdomains or bring-your-own), multi-channel communication (email, discord, telegram, signal) for verification and alerts, granular OAuth scopes with a consent UI showing human-readable descriptions, app passwords with granular permissions (read-only, post-only, or custom scopes), account delegation (letting others manage an account with configurable permission levels), and a built-in web UI for account management, repo browsing, and admin. 14 15 + The PDS itself is a single binary with no nodeJS runtime. However, at time of writing, Tranquil requires postgres running separately. Blobs are stored on the local filesystem by default (S3 optional). Valkey is also optional (as an alternative to the built-in cache). 16 17 ## Quick Start 18 19 ```bash 20 cp .env.example .env 21 + podman compose up db -d 22 just run 23 ``` 24 ··· 39 40 ### Quick Deploy (Docker/Podman Compose) 41 42 + Edit `.env` with your values. Generate secrets with `openssl rand -base64 48`. 43 44 ```bash 45 + cp .env.example .env 46 podman-compose -f docker-compose.prod.yaml up -d 47 ``` 48 49 ### Installation Guides 50 51 + - [Debian](docs/install-debian.md) 52 + - [Containers](docs/install-containers.md) 53 + - [Kubernetes](docs/install-kubernetes.md) 54 55 ## Maintainers to ping 56
+42 -48
docs/install-containers.md
··· 1 - # Tranquil PDS Containerized Production Deployment 2 3 This guide covers deploying Tranquil PDS using containers with podman. 4 ··· 7 8 ## Prerequisites 9 10 - - A VPS with at least 2GB RAM 11 - Disk space for blobs (depends on usage; plan for ~1GB per active user as a baseline) 12 - A domain name pointing to your server's IP 13 - A **wildcard TLS certificate** for `*.pds.example.com` (user handles are served as subdomains) 14 - - Root or sudo access 15 16 - ## Quick Start (Docker/Podman Compose) 17 18 If you just want to get running quickly: 19 ··· 38 ln -sf live/pds.example.com/privkey.pem certs/privkey.pem 39 podman-compose -f docker-compose.prod.yaml restart nginx 40 ``` 41 42 For production setups with proper service management, continue to either the Debian or Alpine section below. 43 44 - ## Standalone Containers (No Compose) 45 46 If you already have postgres running on the host (eg. from the [Debian install guide](install-debian.md)), you can run just the app containers. 47 ··· 91 92 --- 93 94 - # Debian 13+ with Systemd Quadlets 95 96 - Quadlets are the modern way to run podman containers under systemd. 97 98 - ## Install Podman 99 100 ```bash 101 apt update 102 apt install -y podman 103 ``` 104 105 - ## Create Directory Structure 106 107 ```bash 108 mkdir -p /etc/containers/systemd 109 mkdir -p /srv/tranquil-pds/{postgres,blobs,backups,certs,acme,config} 110 ``` 111 112 - ## Create Environment File 113 114 ```bash 115 cp /opt/tranquil-pds/.env.example /srv/tranquil-pds/config/tranquil-pds.env ··· 121 openssl rand -base64 48 122 ``` 123 124 - For quadlets, also add `DATABASE_URL` with the full connection string (systemd doesn't support variable expansion). 125 - 126 - ## Install Quadlet Definitions 127 128 Copy the quadlet files from the repository: 129 ```bash ··· 136 137 Optional quadlets for valkey and minio are also available in `deploy/quadlets/` if you need them. 138 139 - Note: Systemd doesn't support shell-style variable expansion in `Environment=` lines. The quadlet files expect DATABASE_URL to be set in the environment file. 140 - 141 - ## Create nginx Configuration 142 143 ```bash 144 cp /opt/tranquil-pds/nginx.frontend.conf /srv/tranquil-pds/config/nginx.conf 145 ``` 146 147 - ## Clone and Build Images 148 149 ```bash 150 cd /opt ··· 154 podman build -t tranquil-pds-frontend:latest ./frontend 155 ``` 156 157 - ## Create Podman Secrets 158 159 ```bash 160 source /srv/tranquil-pds/config/tranquil-pds.env 161 echo "$DB_PASSWORD" | podman secret create tranquil-pds-db-password - 162 ``` 163 164 - ## Start Services and Initialize 165 166 ```bash 167 systemctl daemon-reload ··· 169 sleep 10 170 ``` 171 172 - Run migrations: 173 - ```bash 174 - cargo install sqlx-cli --no-default-features --features postgres 175 - DATABASE_URL="postgres://tranquil_pds:your-db-password@localhost:5432/pds" sqlx migrate run --source /opt/tranquil-pds/migrations 176 - ``` 177 - 178 - ## Obtain Wildcard SSL Certificate 179 180 User handles are served as subdomains (eg. `alice.pds.example.com`), so you need a wildcard certificate. Wildcard certs require DNS-01 validation. 181 ··· 209 systemctl restart tranquil-pds-nginx 210 ``` 211 212 - ## Enable All Services 213 214 ```bash 215 systemctl enable tranquil-pds-db tranquil-pds-app tranquil-pds-frontend tranquil-pds-nginx 216 ``` 217 218 - ## Configure Firewall 219 220 ```bash 221 apt install -y ufw ··· 225 ufw enable 226 ``` 227 228 - ## Certificate Renewal 229 230 Add to root's crontab (`crontab -e`): 231 ``` ··· 234 235 --- 236 237 - # Alpine 3.23+ with OpenRC 238 239 - Alpine uses OpenRC, not systemd. We'll use podman-compose with an OpenRC service wrapper. 240 241 - ## Install Podman 242 243 ```sh 244 apk update ··· 253 rc-service podman start 254 ``` 255 256 - ## Create Directory Structure 257 258 ```sh 259 mkdir -p /srv/tranquil-pds/{data,config} 260 mkdir -p /srv/tranquil-pds/data/{postgres,blobs,backups,certs,acme} 261 ``` 262 263 - ## Clone Repository and Build Images 264 265 ```sh 266 cd /opt ··· 270 podman build -t tranquil-pds-frontend:latest ./frontend 271 ``` 272 273 - ## Create Environment File 274 275 ```sh 276 cp /opt/tranquil-pds/.env.example /srv/tranquil-pds/config/tranquil-pds.env ··· 282 openssl rand -base64 48 283 ``` 284 285 - ## Set Up Compose and nginx 286 287 Copy the production compose and nginx configs: 288 ```sh ··· 297 Edit `/srv/tranquil-pds/config/nginx.conf` to update cert paths: 298 - Change `/etc/nginx/certs/live/${PDS_HOSTNAME}/` to `/etc/nginx/certs/` 299 300 - ## Create OpenRC Service 301 302 ```sh 303 cat > /etc/init.d/tranquil-pds << 'EOF' 304 #!/sbin/openrc-run 305 name="tranquil-pds" 306 - description="Tranquil PDS AT Protocol PDS (containerized)" 307 command="/usr/bin/podman-compose" 308 command_args="-f /srv/tranquil-pds/docker-compose.yml up" 309 command_background=true ··· 331 chmod +x /etc/init.d/tranquil-pds 332 ``` 333 334 - ## Initialize Services 335 336 Start services: 337 ```sh ··· 349 DATABASE_URL="postgres://tranquil_pds:$DB_PASSWORD@$DB_IP:5432/pds" sqlx migrate run --source /opt/tranquil-pds/migrations 350 ``` 351 352 - ## Obtain Wildcard SSL Certificate 353 354 User handles are served as subdomains (eg. `alice.pds.example.com`), so you need a wildcard certificate. Wildcard certs require DNS-01 validation. 355 ··· 381 rc-service tranquil-pds restart 382 ``` 383 384 - ## Enable Service at Boot 385 386 ```sh 387 rc-update add tranquil-pds 388 ``` 389 390 - ## Configure Firewall 391 392 ```sh 393 apk add iptables ip6tables ··· 409 /etc/init.d/ip6tables save 410 ``` 411 412 - ## Certificate Renewal 413 414 Add to root's crontab (`crontab -e`): 415 ``` ··· 418 419 --- 420 421 - # Verification and Maintenance 422 423 - ## Verify Installation 424 425 ```sh 426 curl -s https://pds.example.com/xrpc/_health | jq 427 curl -s https://pds.example.com/.well-known/atproto-did 428 ``` 429 430 - ## View Logs 431 432 **Debian:** 433 ```bash ··· 462 rc-service tranquil-pds restart 463 ``` 464 465 - ## Backup Database 466 467 **Debian:** 468 ```bash ··· 474 podman exec tranquil-pds-db-1 pg_dump -U tranquil_pds pds > /var/backups/pds-$(date +%Y%m%d).sql 475 ``` 476 477 - ## Custom Homepage 478 479 The frontend container serves `homepage.html` as the landing page. To customize it, either: 480
··· 1 + # Tranquil PDS containerized production deployment 2 3 This guide covers deploying Tranquil PDS using containers with podman. 4 ··· 7 8 ## Prerequisites 9 10 + - A server :p 11 - Disk space for blobs (depends on usage; plan for ~1GB per active user as a baseline) 12 - A domain name pointing to your server's IP 13 - A **wildcard TLS certificate** for `*.pds.example.com` (user handles are served as subdomains) 14 + - Root/sudo/doas access 15 16 + ## Quickstart (docker/podman compose) 17 18 If you just want to get running quickly: 19 ··· 38 ln -sf live/pds.example.com/privkey.pem certs/privkey.pem 39 podman-compose -f docker-compose.prod.yaml restart nginx 40 ``` 41 + 42 + The end!!! 43 + 44 + Or wait, you want more? Perhaps a deployment that comes back on server restart? 45 46 For production setups with proper service management, continue to either the Debian or Alpine section below. 47 48 + ## Standalone containers (no compose) 49 50 If you already have postgres running on the host (eg. from the [Debian install guide](install-debian.md)), you can run just the app containers. 51 ··· 95 96 --- 97 98 + # Debian with systemd quadlets 99 100 + Quadlets are a nice way to run podman containers under systemd. 101 102 + ## Install podman 103 104 ```bash 105 apt update 106 apt install -y podman 107 ``` 108 109 + ## Create the directory structure 110 111 ```bash 112 mkdir -p /etc/containers/systemd 113 mkdir -p /srv/tranquil-pds/{postgres,blobs,backups,certs,acme,config} 114 ``` 115 116 + ## Create an environment file 117 118 ```bash 119 cp /opt/tranquil-pds/.env.example /srv/tranquil-pds/config/tranquil-pds.env ··· 125 openssl rand -base64 48 126 ``` 127 128 + ## Install quadlet definitions 129 130 Copy the quadlet files from the repository: 131 ```bash ··· 138 139 Optional quadlets for valkey and minio are also available in `deploy/quadlets/` if you need them. 140 141 + ## Create nginx configuration 142 143 ```bash 144 cp /opt/tranquil-pds/nginx.frontend.conf /srv/tranquil-pds/config/nginx.conf 145 ``` 146 147 + ## Clone and build images 148 149 ```bash 150 cd /opt ··· 154 podman build -t tranquil-pds-frontend:latest ./frontend 155 ``` 156 157 + ## Create podman secrets 158 159 ```bash 160 source /srv/tranquil-pds/config/tranquil-pds.env 161 echo "$DB_PASSWORD" | podman secret create tranquil-pds-db-password - 162 ``` 163 164 + ## Start services and initialize 165 166 ```bash 167 systemctl daemon-reload ··· 169 sleep 10 170 ``` 171 172 + ## Obtain a wildcard SSL cert 173 174 User handles are served as subdomains (eg. `alice.pds.example.com`), so you need a wildcard certificate. Wildcard certs require DNS-01 validation. 175 ··· 203 systemctl restart tranquil-pds-nginx 204 ``` 205 206 + ## Enable all services 207 208 ```bash 209 systemctl enable tranquil-pds-db tranquil-pds-app tranquil-pds-frontend tranquil-pds-nginx 210 ``` 211 212 + ## Configure firewall if you're into that sort of thing 213 214 ```bash 215 apt install -y ufw ··· 219 ufw enable 220 ``` 221 222 + ## Cert renewal 223 224 Add to root's crontab (`crontab -e`): 225 ``` ··· 228 229 --- 230 231 + # Alpine with OpenRC 232 233 + Alpine uses OpenRC, not systemd. So instead of quadlets we'll use podman-compose with an OpenRC service wrapper. 234 235 + ## Install podman 236 237 ```sh 238 apk update ··· 247 rc-service podman start 248 ``` 249 250 + ## Create the directory structure 251 252 ```sh 253 mkdir -p /srv/tranquil-pds/{data,config} 254 mkdir -p /srv/tranquil-pds/data/{postgres,blobs,backups,certs,acme} 255 ``` 256 257 + ## Clone the repo and build images 258 259 ```sh 260 cd /opt ··· 264 podman build -t tranquil-pds-frontend:latest ./frontend 265 ``` 266 267 + ## Create an environment file 268 269 ```sh 270 cp /opt/tranquil-pds/.env.example /srv/tranquil-pds/config/tranquil-pds.env ··· 276 openssl rand -base64 48 277 ``` 278 279 + ## Set up compose and nginx 280 281 Copy the production compose and nginx configs: 282 ```sh ··· 291 Edit `/srv/tranquil-pds/config/nginx.conf` to update cert paths: 292 - Change `/etc/nginx/certs/live/${PDS_HOSTNAME}/` to `/etc/nginx/certs/` 293 294 + ## Create OpenRC service 295 296 ```sh 297 cat > /etc/init.d/tranquil-pds << 'EOF' 298 #!/sbin/openrc-run 299 name="tranquil-pds" 300 + description="Tranquil PDS AT Protocol PDS" 301 command="/usr/bin/podman-compose" 302 command_args="-f /srv/tranquil-pds/docker-compose.yml up" 303 command_background=true ··· 325 chmod +x /etc/init.d/tranquil-pds 326 ``` 327 328 + ## Initialize services 329 330 Start services: 331 ```sh ··· 343 DATABASE_URL="postgres://tranquil_pds:$DB_PASSWORD@$DB_IP:5432/pds" sqlx migrate run --source /opt/tranquil-pds/migrations 344 ``` 345 346 + ## Obtain wildcard SSL cert 347 348 User handles are served as subdomains (eg. `alice.pds.example.com`), so you need a wildcard certificate. Wildcard certs require DNS-01 validation. 349 ··· 375 rc-service tranquil-pds restart 376 ``` 377 378 + ## Enable service at boot time 379 380 ```sh 381 rc-update add tranquil-pds 382 ``` 383 384 + ## Configure firewall if you're into that sort of thing 385 386 ```sh 387 apk add iptables ip6tables ··· 403 /etc/init.d/ip6tables save 404 ``` 405 406 + ## Cert renewal 407 408 Add to root's crontab (`crontab -e`): 409 ``` ··· 412 413 --- 414 415 + # Verification and maintenance 416 417 + ## Verify installation 418 419 ```sh 420 curl -s https://pds.example.com/xrpc/_health | jq 421 curl -s https://pds.example.com/.well-known/atproto-did 422 ``` 423 424 + ## View logs 425 426 **Debian:** 427 ```bash ··· 456 rc-service tranquil-pds restart 457 ``` 458 459 + ## Backup database 460 461 **Debian:** 462 ```bash ··· 468 podman exec tranquil-pds-db-1 pg_dump -U tranquil_pds pds > /var/backups/pds-$(date +%Y%m%d).sql 469 ``` 470 471 + ## Custom homepage 472 473 The frontend container serves `homepage.html` as the landing page. To customize it, either: 474
+21 -25
docs/install-debian.md
··· 1 - # Tranquil PDS Production Installation on Debian 2 3 - This guide covers installing Tranquil PDS on Debian 13. 4 5 ## Prerequisites 6 7 - - A VPS with at least 2GB RAM 8 - - Disk space for blobs (depends on usage; plan for ~1GB per active user as a baseline) 9 - A domain name pointing to your server's IP 10 - A wildcard TLS certificate for `*.pds.example.com` (user handles are served as subdomains) 11 - - Root or sudo access 12 13 - ## System Setup 14 15 ```bash 16 apt update && apt upgrade -y 17 apt install -y curl git build-essential pkg-config libssl-dev 18 ``` 19 20 - ## Install Rust 21 22 ```bash 23 curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y ··· 38 sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE pds TO tranquil_pds;" 39 ``` 40 41 - ## Create Blob Storage Directories 42 43 ```bash 44 mkdir -p /var/lib/tranquil/blobs /var/lib/tranquil/backups ··· 54 echo 'export PATH="$HOME/.deno/bin:$PATH"' >> ~/.bashrc 55 ``` 56 57 - ## Clone and Build Tranquil PDS 58 59 ```bash 60 cd /opt ··· 66 cargo build --release 67 ``` 68 69 - ## Install sqlx-cli and Run Migrations 70 - 71 - ```bash 72 - cargo install sqlx-cli --no-default-features --features postgres 73 - export DATABASE_URL="postgres://tranquil_pds:your-secure-password@localhost:5432/pds" 74 - sqlx migrate run 75 - ``` 76 - 77 ## Configure Tranquil PDS 78 79 ```bash ··· 87 openssl rand -base64 48 88 ``` 89 90 - ## Install Frontend Files 91 92 ```bash 93 mkdir -p /var/www/tranquil-pds ··· 95 chown -R www-data:www-data /var/www/tranquil-pds 96 ``` 97 98 - ## Create Systemd Service 99 100 ```bash 101 useradd -r -s /sbin/nologin tranquil-pds ··· 127 systemctl start tranquil-pds 128 ``` 129 130 - ## Install and Configure nginx 131 132 ```bash 133 apt install -y nginx certbot python3-certbot-nginx ··· 264 systemctl reload nginx 265 ``` 266 267 - ## Obtain Wildcard SSL Certificate 268 269 User handles are served as subdomains (eg., `alice.pds.example.com`), so you need a wildcard certificate. 270 ··· 289 systemctl reload nginx 290 ``` 291 292 - ## Configure Firewall 293 294 ```bash 295 apt install -y ufw ··· 299 ufw enable 300 ``` 301 302 - ## Verify Installation 303 304 ```bash 305 systemctl status tranquil-pds ··· 323 systemctl stop tranquil-pds 324 cp target/release/tranquil-pds /usr/local/bin/ 325 cp -r frontend/dist/* /var/www/tranquil-pds/ 326 - DATABASE_URL="postgres://tranquil_pds:your-secure-password@localhost:5432/pds" sqlx migrate run 327 systemctl start tranquil-pds 328 ``` 329 330 Backup database: 331 ```bash 332 sudo -u postgres pg_dump pds > /var/backups/pds-$(date +%Y%m%d).sql 333 ``` 334 335 - ## Custom Homepage 336 337 Drop a `homepage.html` in `/var/www/tranquil-pds/` and it becomes your landing page. Account dashboard is at `/app/` so you won't break anything. 338
··· 1 + # Tranquil PDS production installation on debian 2 3 + This guide covers installing Tranquil PDS on Debian. 4 + 5 + It is a "compile the thing on the server itself" -style guide. 6 + This cop-out is because Tranquil isn't built and released via CI as of yet. 7 8 ## Prerequisites 9 10 + - A server :p 11 + - Disk space enough for blobs (depends on usage; plan for ~1GB per active user as a baseline) 12 - A domain name pointing to your server's IP 13 - A wildcard TLS certificate for `*.pds.example.com` (user handles are served as subdomains) 14 + - Root/sudo/doas access 15 16 + ## System setup 17 18 ```bash 19 apt update && apt upgrade -y 20 apt install -y curl git build-essential pkg-config libssl-dev 21 ``` 22 23 + ## Install rust 24 25 ```bash 26 curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y ··· 41 sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE pds TO tranquil_pds;" 42 ``` 43 44 + ## Create blob storage directories 45 46 ```bash 47 mkdir -p /var/lib/tranquil/blobs /var/lib/tranquil/backups ··· 57 echo 'export PATH="$HOME/.deno/bin:$PATH"' >> ~/.bashrc 58 ``` 59 60 + ## Clone and build Tranquil PDS 61 62 ```bash 63 cd /opt ··· 69 cargo build --release 70 ``` 71 72 ## Configure Tranquil PDS 73 74 ```bash ··· 82 openssl rand -base64 48 83 ``` 84 85 + ## Install frontend files 86 87 ```bash 88 mkdir -p /var/www/tranquil-pds ··· 90 chown -R www-data:www-data /var/www/tranquil-pds 91 ``` 92 93 + ## Create systemd service 94 95 ```bash 96 useradd -r -s /sbin/nologin tranquil-pds ··· 122 systemctl start tranquil-pds 123 ``` 124 125 + ## Install and configure nginx 126 127 ```bash 128 apt install -y nginx certbot python3-certbot-nginx ··· 259 systemctl reload nginx 260 ``` 261 262 + ## Obtain a wildcard SSL cert 263 264 User handles are served as subdomains (eg., `alice.pds.example.com`), so you need a wildcard certificate. 265 ··· 284 systemctl reload nginx 285 ``` 286 287 + ## Configure firewall if you're into that sort of thing 288 289 ```bash 290 apt install -y ufw ··· 294 ufw enable 295 ``` 296 297 + ## Verify installation 298 299 ```bash 300 systemctl status tranquil-pds ··· 318 systemctl stop tranquil-pds 319 cp target/release/tranquil-pds /usr/local/bin/ 320 cp -r frontend/dist/* /var/www/tranquil-pds/ 321 systemctl start tranquil-pds 322 ``` 323 + 324 + Tranquil should auto-migrate if there are any new migrations to be applied to the db, so you don't need to worry. 325 326 Backup database: 327 ```bash 328 sudo -u postgres pg_dump pds > /var/backups/pds-$(date +%Y%m%d).sql 329 ``` 330 331 + ## Custom homepage 332 333 Drop a `homepage.html` in `/var/www/tranquil-pds/` and it becomes your landing page. Account dashboard is at `/app/` so you won't break anything. 334
+2 -2
docs/install-kubernetes.md
··· 1 - # Tranquil PDS on Kubernetes 2 3 If you're reaching for kubernetes for this app, you're experienced enough to know how to spin up: 4 ··· 19 20 Health check: `GET /xrpc/_health` 21 22 - ## Custom Homepage 23 24 Mount a ConfigMap with your `homepage.html` into the container's frontend directory and it becomes your landing page. Go nuts with it. Account dashboard is at `/app/` so you won't break anything. 25
··· 1 + # Tranquil PDS on kubernetes 2 3 If you're reaching for kubernetes for this app, you're experienced enough to know how to spin up: 4 ··· 19 20 Health check: `GET /xrpc/_health` 21 22 + ## Custom homepage 23 24 Mount a ConfigMap with your `homepage.html` into the container's frontend directory and it becomes your landing page. Go nuts with it. Account dashboard is at `/app/` so you won't break anything. 25
+2 -2
frontend/public/homepage.html
··· 420 and alerts, granular OAuth scopes with human-readable descriptions, 421 app passwords with configurable permissions (read-only, post-only, 422 or custom scopes), account delegation with permission levels and 423 - audit logging, and a built-in web UI for account management, OAuth 424 - consent, repo browsing, and admin. 425 </p> 426 </div> 427 </section>
··· 420 and alerts, granular OAuth scopes with human-readable descriptions, 421 app passwords with configurable permissions (read-only, post-only, 422 or custom scopes), account delegation with permission levels and 423 + audit logging, and a built-in web UI for account management, 424 + repo browsing, and admin. 425 </p> 426 </div> 427 </section>