roa2web-service-auto

romfast/roa2web-service-auto

Fork 0

Commit Graph

Author	SHA1	Message	Date
Marius Mutu	9008876b16	chore: Remove obsolete microservices directories and update all references - Delete data-entry-app/ (1.6GB), reports-app/ (447MB), .auto-build-data/ - Saved ~1.4GB disk space (64% reduction: 2.2GB → 845MB) Updated references across 38 files: - .claude/rules/ paths: backend/modules/, src/modules/ - .claude/commands/validate.md: all validation paths - docs/ (13 files): data-entry, telegram, README, CLAUDE.md - scripts/ (3 files): backup-secrets, restore-secrets, test-docker - security/ (2 files): git_cleanup, SECURITY_PROCEDURES - deployment/ & shared/: updated all stale comments All paths now reflect ultrathin monolith architecture: - Backend: backend/modules/{reports,data_entry,telegram}/ - Frontend: src/modules/{reports,data-entry}/ - Shared: shared/{auth,database,routes}/ 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2025-12-30 12:08:20 +02:00
Marius Mutu	60346ff7da	Add encrypted secrets backup and restore utilities Implements secure backup system for environment configuration files (.env, .env.prod) containing sensitive credentials using AES-256-CBC encryption with OpenSSL. New utilities: - scripts/backup-secrets.sh: Encrypts and backs up all .env files to timestamped directory - scripts/restore-secrets.sh: Decrypts and restores .env files from backup - scripts/README.md: Complete documentation with usage examples and best practices Features: - AES-256-CBC encryption with PBKDF2 key derivation (strong encryption) - Interactive password prompts with confirmation - Non-interactive mode via BACKUP_PASSWORD environment variable - Automatic README generation in each backup with restore instructions - Color-coded output for better UX - Validation and error handling Backup structure: secrets-backup/ └── YYYY-MM-DD_HH-MM-SS/ ├── backend-.env.enc ├── backend-.env.prod.enc ├── telegram-bot-.env.enc ├── telegram-bot-.env.prod.enc └── README.md Updated .gitignore to allow committing encrypted .gpg/.enc files while blocking decrypted .env files in secrets-backup directory. Usage: ./scripts/backup-secrets.sh # Create encrypted backup ./scripts/restore-secrets.sh [backup-date] # Restore from backup Tested with OpenSSL (pre-installed on most systems). Provides secure way to version control and sync credentials across development and production environments. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-11-11 12:36:43 +02:00

Author

SHA1

Message

Date

Marius Mutu

9008876b16

chore: Remove obsolete microservices directories and update all references

- Delete data-entry-app/ (1.6GB), reports-app/ (447MB), .auto-build-data/
- Saved ~1.4GB disk space (64% reduction: 2.2GB → 845MB)

Updated references across 38 files:
- .claude/rules/ paths: backend/modules/, src/modules/
- .claude/commands/validate.md: all validation paths
- docs/ (13 files): data-entry, telegram, README, CLAUDE.md
- scripts/ (3 files): backup-secrets, restore-secrets, test-docker
- security/ (2 files): git_cleanup, SECURITY_PROCEDURES
- deployment/ & shared/: updated all stale comments

All paths now reflect ultrathin monolith architecture:
- Backend: backend/modules/{reports,data_entry,telegram}/
- Frontend: src/modules/{reports,data-entry}/
- Shared: shared/{auth,database,routes}/

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2025-12-30 12:08:20 +02:00

Marius Mutu

60346ff7da

Add encrypted secrets backup and restore utilities

Implements secure backup system for environment configuration files (.env, .env.prod)
containing sensitive credentials using AES-256-CBC encryption with OpenSSL.

New utilities:
- scripts/backup-secrets.sh: Encrypts and backs up all .env files to timestamped directory
- scripts/restore-secrets.sh: Decrypts and restores .env files from backup
- scripts/README.md: Complete documentation with usage examples and best practices

Features:
- AES-256-CBC encryption with PBKDF2 key derivation (strong encryption)
- Interactive password prompts with confirmation
- Non-interactive mode via BACKUP_PASSWORD environment variable
- Automatic README generation in each backup with restore instructions
- Color-coded output for better UX
- Validation and error handling

Backup structure:
secrets-backup/
└── YYYY-MM-DD_HH-MM-SS/
    ├── backend-.env.enc
    ├── backend-.env.prod.enc
    ├── telegram-bot-.env.enc
    ├── telegram-bot-.env.prod.enc
    └── README.md

Updated .gitignore to allow committing encrypted .gpg/.enc files while
blocking decrypted .env files in secrets-backup directory.

Usage:
./scripts/backup-secrets.sh                    # Create encrypted backup
./scripts/restore-secrets.sh [backup-date]     # Restore from backup

Tested with OpenSSL (pre-installed on most systems). Provides secure way to
version control and sync credentials across development and production environments.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

2025-11-11 12:36:43 +02:00

2 Commits