ai/log
1
0
Fork 0
Code Pull Requests Actions Wiki Activity
Files
5ce03098bdd13eea850cb63f6678fd0fadcdd806
log/DEPLOYMENT.md
syui 637028c264
Some checks are pending
Deploy ailog / build-and-deploy (push) Waiting to run
Details
add oauth
2025-06-11 12:53:31 +09:00

3.3 KiB
Raw Blame History

ai.log Deployment Guide

🌐 Cloudflare Tunnel Setup

ATProto OAuth requires HTTPS for proper CORS handling. Use Cloudflare Tunnel for secure deployment.

Prerequisites

  1. Install cloudflared:

    brew install cloudflared

  2. Login and create tunnel (if not already done):

    cloudflared tunnel login
cloudflared tunnel create ailog

  3. Configure DNS:

    • Add a CNAME record: log.syui.ai[tunnel-id].cfargotunnel.com

Configuration Files

cloudflared-config.yml

tunnel: a6813327-f880-485d-a9d1-376e6e3df8ad
credentials-file: /Users/syui/.cloudflared/a6813327-f880-485d-a9d1-376e6e3df8ad.json

ingress:
  - hostname: log.syui.ai
    service: http://localhost:8080
    originRequest:
      noHappyEyeballs: true
  - service: http_status:404

Production Client Metadata

static/client-metadata-prod.json:

{
  "client_id": "https://log.syui.ai/client-metadata.json",
  "client_name": "ai.log Blog Comment System",
  "client_uri": "https://log.syui.ai",
  "redirect_uris": ["https://log.syui.ai/"],
  "grant_types": ["authorization_code"],
  "response_types": ["code"],
  "token_endpoint_auth_method": "none",
  "application_type": "web"
}

Deployment Commands

Quick Start

# All-in-one deployment
./scripts/tunnel.sh

Manual Steps

# 1. Build for production
PRODUCTION=true cargo run -- build

# 2. Start local server
cargo run -- serve --port 8080 &

# 3. Start tunnel
cloudflared tunnel --config cloudflared-config.yml run

Environment Detection

The system automatically detects environment:

  • Development (localhost:8080): Uses local client-metadata.json
  • Production (log.syui.ai): Uses HTTPS client-metadata.json

CORS Resolution

With Cloudflare Tunnel:

  • HTTPS domain: https://log.syui.ai
  • Valid SSL certificate
  • Proper CORS headers
  • ATProto OAuth works correctly

With localhost:

  • HTTP only: http://localhost:8080
  • CORS restrictions
  • ATProto OAuth may fail

Troubleshooting

ATProto OAuth Errors

// Check client metadata URL in browser console
console.log('Environment:', window.location.hostname);
console.log('Client ID:', clientId);

Tunnel Connection Issues

# Check tunnel status
cloudflared tunnel info ailog

# Test local server
curl http://localhost:8080/client-metadata.json

DNS Propagation

# Check DNS resolution
dig log.syui.ai
nslookup log.syui.ai

Security Notes

  • Client metadata is publicly accessible (required by ATProto)
  • Credentials file contains tunnel secrets (keep secure)
  • HTTPS only for production OAuth
  • Domain validation by ATProto servers

Integration with ai.ai Ecosystem

This deployment enables:

  • ai.log: Comment system with ATProto authentication
  • ai.card: Shared OAuth widget
  • ai.gpt: Memory synchronization via ATProto
  • ai.verse: Future 3D world integration

Monitoring

# Monitor tunnel logs
cloudflared tunnel --config cloudflared-config.yml run --loglevel debug

# Monitor blog server
tail -f /path/to/blog/logs

# Check ATProto connectivity
curl -I https://log.syui.ai/client-metadata.json

🔗 Live URL: https://log.syui.ai
📊 Status: Production Ready
🌐 ATProto: OAuth Enabled