create-carlonicora-app 1.0.0

package/template/apps/web/src/proxy.ts

@@ -0,0 +1,107 @@
+import { ENV } from "@/config/middleware-env";
+import createMiddleware from "next-intl/middleware";
+import { NextResponse, type NextRequest } from "next/server";
+import { routing } from "./i18n/routing";
+
+const intlMiddleware = createMiddleware(routing);
+
+async function getNewToken(refreshToken: string): Promise<string | null> {
+  try {
+    const headers: HeadersInit = {};
+    const options: RequestInit = { method: "POST", headers: headers };
+    const uri = `${process.env.NEXT_PUBLIC_API_URL}auth/refreshtoken/${refreshToken}`;
+    const tokenRefreshResponse = await fetch(uri, options);
+
+    if (tokenRefreshResponse.ok) {
+      const data = await tokenRefreshResponse.json();
+      return data.data.attributes.token;
+    }
+
+    return null;
+  } catch (error) {
+    return null;
+  }
+}
+
+function isTokenCloseToExpiry(token: string): boolean {
+  try {
+    const base64Url = token.split(".")[1];
+    const base64 = base64Url.replace(/-/g, "+").replace(/_/g, "/");
+    const payload = JSON.parse(Buffer.from(base64, "base64").toString("utf8"));
+    const exp = payload.exp;
+    const currentTime = Math.floor(Date.now() / 1000);
+    return exp - currentTime < 300;
+  } catch (error) {
+    return false;
+  }
+}
+
+export default async function proxy(request: NextRequest) {
+  const { pathname, searchParams } = request.nextUrl;
+
+  if (pathname === "/githubconnects/callback") {
+    const code = searchParams.get("code");
+    const installation_id = searchParams.get("installation_id");
+    const setup_action = searchParams.get("setup_action");
+    const state = searchParams.get("state");
+
+    let path = null;
+    if (state && state.startsWith("{{name}}")) {
+      path = decodeURIComponent(state.substring(5));
+    }
+
+    const nextPublicAddress = ENV.APP_URL;
+    if (state && path && !nextPublicAddress.includes(path)) {
+      const redirectUrl = `${path}?code=${encodeURIComponent(code || "")}&installation_id=${encodeURIComponent(installation_id || "")}&setup_action=${encodeURIComponent(setup_action || "")}`;
+      return NextResponse.redirect(redirectUrl);
+    }
+  }
+
+  const normalizedPathname = pathname.replace(/^\/([a-z]{2})(?=\/)/, "");
+
+  const exemptPaths = ["/", "/activation", "/auth", "/invitation", "/login", "/logout", "/register", "/reset"];
+  const isExempt = exemptPaths.some((path) => normalizedPathname.startsWith(path));
+
+  const refreshToken = request.cookies.get("refreshToken")?.value;
+
+  if (!isExempt && !refreshToken) {
+    return NextResponse.redirect(new URL("/login", request.url));
+  }
+
+  const requestsSupport = normalizedPathname.startsWith("/support");
+  if (
+    (!process.env.NEXT_PUBLIC_PRIVATE_INSTALLATION ||
+      process.env.NEXT_PUBLIC_PRIVATE_INSTALLATION.toLowerCase() !== "true") &&
+    requestsSupport
+  ) {
+    return NextResponse.redirect(new URL("/", request.url));
+  }
+
+  const intlResponse = intlMiddleware(request);
+  const response = intlResponse instanceof NextResponse ? intlResponse : NextResponse.next();
+
+  const token = request.cookies.get("token")?.value;
+  if (refreshToken && (!token || isTokenCloseToExpiry(token))) {
+    const newToken = await getNewToken(refreshToken);
+    if (newToken) {
+      response.cookies.set("token", newToken, {
+        httpOnly: false,
+        path: "/",
+        expires: new Date(Date.now() + 1000 * 60 * 60 * 24),
+      });
+      response.cookies.set("reloadData", "true", {
+        httpOnly: false,
+        path: "/",
+      });
+    }
+  }
+
+  const fullUrl = request.url.replace(/^http:/, "https:");
+  response.headers.set("x-full-url", fullUrl);
+
+  return response;
+}
+
+export const config = {
+  matcher: "/((?!api|trpc|_next|_vercel|.*\\..*).*)",
+};

package/template/apps/web/src/server-actions/auth-cookies.ts

@@ -0,0 +1,134 @@
+"use server";
+
+import { cookies } from "next/headers";
+import zlib from "zlib";
+
+export async function updateToken(params: {
+  token?: string;
+  refreshToken?: string;
+  userId?: string;
+  companyId?: string;
+  licenseExpirationDate?: Date;
+  roles?: string[];
+  features?: string[];
+  modules?: {
+    id: string;
+    permissions: {
+      create: boolean | string;
+      read: boolean | string;
+      update: boolean | string;
+      delete: boolean | string;
+    };
+  }[];
+}): Promise<void> {
+  const isProduction = process.env.NODE_ENV === "production";
+
+  if (params.token)
+    (await cookies()).set({
+      name: "token",
+      value: params.token,
+      httpOnly: false,
+      path: "/",
+      secure: isProduction,
+      expires: new Date(Date.now() + 1000 * 60 * 60 * 24),
+    });
+  if (params.refreshToken)
+    (await cookies()).set({
+      name: "refreshToken",
+      value: params.refreshToken,
+      httpOnly: true,
+      path: "/",
+      secure: isProduction,
+      expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365),
+    });
+
+  if (params.userId)
+    (await cookies()).set({
+      name: "userId",
+      value: params.userId,
+      httpOnly: true,
+      path: "/",
+      secure: isProduction,
+      expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365),
+    });
+
+  if (params.companyId)
+    (await cookies()).set({
+      name: "companyId",
+      value: params.companyId,
+      httpOnly: true,
+      path: "/",
+      secure: isProduction,
+      expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365),
+    });
+
+  if (params.licenseExpirationDate)
+    (await cookies()).set({
+      name: "licenseExpirationDate",
+      value: params.licenseExpirationDate.toISOString(),
+      httpOnly: true,
+      path: "/",
+      secure: isProduction,
+      expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365),
+    });
+
+  if (params.roles)
+    (await cookies()).set({
+      name: "roles",
+      value: JSON.stringify(params.roles),
+      httpOnly: true,
+      path: "/",
+      secure: isProduction,
+      expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365),
+    });
+
+  if (params.features)
+    (await cookies()).set({
+      name: "features",
+      value: JSON.stringify(params.features),
+      httpOnly: true,
+      path: "/",
+      secure: isProduction,
+      expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365),
+    });
+
+  if (params.modules) {
+    const compressedValue = zlib.gzipSync(JSON.stringify(params.modules)).toString("base64");
+
+    (await cookies()).set({
+      name: "modules",
+      value: JSON.stringify(compressedValue),
+      httpOnly: true,
+      path: "/",
+      secure: isProduction,
+      expires: new Date(Date.now() + 1000 * 60 * 60 * 24 * 365),
+    });
+  }
+}
+
+export async function removeToken(): Promise<void> {
+  (await cookies()).delete({
+    name: "token",
+  });
+  (await cookies()).delete({
+    name: "refreshToken",
+  });
+  (await cookies()).delete({
+    name: "userId",
+  });
+  (await cookies()).delete({
+    name: "companyId",
+  });
+  (await cookies()).delete({
+    name: "licenseExpirationDate",
+  });
+  (await cookies()).delete({
+    name: "roles",
+  });
+  (await cookies()).delete({
+    name: "features",
+  });
+  (await cookies()).delete({
+    name: "modules",
+  });
+}

package/template/apps/web/src/types/modules.d.ts

@@ -0,0 +1,10 @@
+import type { AllModuleDefinitions } from "@/config/Bootstrapper";
+import type { FoundationModuleDefinitions } from "@carlonicora/nextjs-jsonapi/core";
+
+// Simply reference the type from Bootstrapper - NO MANUAL LIST NEEDED
+// This augments AppModuleDefinitions with feature modules only
+// (foundation types already defined in library's FoundationModuleDefinitions)
+declare module "@carlonicora/nextjs-jsonapi/core" {
+  // Override the combined type to use our full definition
+  interface AppModuleDefinitions extends Omit<AllModuleDefinitions, keyof FoundationModuleDefinitions> {}
+}

package/template/apps/web/src/utils/metadata.ts

@@ -0,0 +1,50 @@
+import { ENV } from "@/config/env";
+import { Metadata } from "next";
+import { getTranslations } from "next-intl/server";
+import { headers } from "next/headers";
+
+//https://nextjs.org/docs/app/api-reference/functions/generate-metadata
+
+export async function generateSpecificMetadata(params: {
+  title?: string;
+  description?: string;
+  url?: string;
+}): Promise<Metadata> {
+  const t = await getTranslations();
+
+  const url = (await headers()).get("x-full-url") ?? ENV.APP_URL ?? "{{name}}.com";
+
+  const title: string = params.title ? `${params.title} | ${t(`generic.title`)}` : t(`generic.title`);
+  const description = params.description ? params.description : t(`generic.description`);
+
+  const response: Metadata = {
+    title: title,
+    description: description,
+    keywords: [],
+    publisher: "Phlow",
+    openGraph: {
+      type: "website",
+      title: title,
+      description: description,
+      url: url,
+      siteName: "Phlow",
+    },
+    twitter: {
+      card: "summary_large_image",
+      title: title,
+      description: description,
+    },
+    metadataBase: new URL(ENV.APP_URL ?? "{{name}}.com"),
+    alternates: {
+      canonical: url,
+      languages: {
+        en: "/en",
+        it: "/it",
+        fr: "/fr",
+        fi: "/fi",
+      },
+    },
+  };
+
+  return response;
+}

package/template/apps/web/src/utils/revalidation.ts

@@ -0,0 +1,7 @@
+"use server";
+
+import { revalidatePath } from "next/cache";
+
+export async function revalidatePaths(path: string): Promise<void> {
+  revalidatePath(path, "page");
+}

package/template/apps/web/tsconfig.json

@@ -0,0 +1,51 @@
+{
+  "extends": "../../tsconfig.base.json",
+  "composite": true,
+  "compilerOptions": {
+    "baseUrl": ".",
+    "target": "esnext",
+    "lib": ["dom", "dom.iterable", "esnext"],
+    "allowJs": true,
+    "skipLibCheck": true,
+    "strict": false,
+    "strictNullChecks": false,
+    "noImplicitAny": false,
+    "strictBindCallApply": false,
+    "strictFunctionTypes": false,
+    "strictPropertyInitialization": false,
+    "noImplicitThis": false,
+    "alwaysStrict": false,
+    "forceConsistentCasingInFileNames": false,
+    "noEmit": true,
+    "noEmitOnError": false,
+    "esModuleInterop": true,
+    "module": "esnext",
+    "moduleResolution": "bundler",
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "jsx": "preserve",
+    "incremental": true,
+    "noUnusedLocals": false,
+    "noUnusedParameters": false,
+    "noImplicitReturns": false,
+    "declaration": false,
+    "declarationMap": false,
+    "plugins": [
+      {
+        "name": "next"
+      }
+    ],
+    "paths": {
+      "@/*": ["./src/*"]
+    }
+  },
+  "include": [
+    "next-env.d.ts",
+    "**/*.ts",
+    "**/*.tsx",
+    "**/*.mdx",
+    "**/*.test.ts",
+    ".next/types/**/*.ts"
+  ],
+  "exclude": ["node_modules", "jest.setup.tsx"]
+}

package/template/docker-compose.yml

@@ -0,0 +1,211 @@
+# =============================================================================
+# ASSETTRACK MONOREPO - DOCKER COMPOSE CONFIGURATION
+# =============================================================================
+# This docker-compose.yml references environment variables from the root .env file
+# It can also work with Coolify where variables are injected via Coolify's UI
+#
+# IMPORTANT: Infrastructure services (Neo4j, Redis, MinIO) are expected to run
+# externally and are configured via the .env file connection strings.
+#
+# Usage:
+#   docker compose up                     # Start all three services (api, worker, web)
+#   docker compose up api                 # Start only API service
+#   docker compose up worker              # Start only Worker service
+#   docker compose up web                 # Start only Web service
+#   docker compose up api worker          # Start API and Worker services
+# =============================================================================
+x-api-worker-shared-env: &api_worker_shared_env
+  # Database - Use .env values (external services)
+  NEO4J_URI: ${NEO4J_URI}
+  NEO4J_USER: ${NEO4J_USER}
+  NEO4J_PASSWORD: ${NEO4J_PASSWORD}
+  NEO4J_DATABASE: ${NEO4J_DATABASE}
+
+  # Cache & Queue - Use .env values (external services)
+  REDIS_HOST: ${REDIS_HOST}
+  REDIS_PORT: ${REDIS_PORT}
+  REDIS_PASSWORD: ${REDIS_PASSWORD}
+  REDIS_USERNAME: ${REDIS_USERNAME}
+  REDIS_QUEUE: ${REDIS_QUEUE}
+
+  # Authentication
+  JWT_SECRET: ${JWT_SECRET}
+  JWT_EXPIRES_IN: ${JWT_EXPIRES_IN}
+
+  # Web Push - VAPID
+  VAPID_PUBLIC_KEY: ${VAPID_PUBLIC_KEY}
+  VAPID_PRIVATE_KEY: ${VAPID_PRIVATE_KEY}
+  VAPID_EMAIL: ${VAPID_EMAIL}
+
+  # Email Configuration
+  EMAIL_PROVIDER: ${EMAIL_PROVIDER}
+  EMAIL_API_KEY: ${EMAIL_API_KEY}
+  EMAIL_FROM: ${EMAIL_FROM}
+  EMAIL_HOST: ${EMAIL_HOST}
+  EMAIL_PORT: ${EMAIL_PORT}
+  EMAIL_SECURE: ${EMAIL_SECURE}
+  EMAIL_USERNAME: ${EMAIL_USERNAME}
+  EMAIL_PASSWORD: ${EMAIL_PASSWORD}
+
+  # Logging - Loki
+  LOKI_ENABLED: ${LOKI_ENABLED}
+  LOKI_HOST: ${LOKI_HOST}
+  LOKI_USERNAME: ${LOKI_USERNAME}
+  LOKI_PASSWORD: ${LOKI_PASSWORD}
+  LOKI_APP_LABEL: ${LOKI_APP_LABEL}
+
+  # Tracing - Tempo
+  TEMPO_ENABLED: ${TEMPO_ENABLED}
+  TEMPO_ENDPOINT: ${TEMPO_ENDPOINT}
+  TEMPO_SERVICE_NAME: ${TEMPO_SERVICE_NAME}
+  TEMPO_SERVICE_VERSION: ${TEMPO_SERVICE_VERSION}
+
+  # Object Storage - S3/MinIO - Use .env values (external services)
+  S3_TYPE: ${S3_TYPE}
+  S3_ENDPOINT: ${S3_ENDPOINT}
+  S3_BUCKET: ${S3_BUCKET}
+  S3_ACCESS_KEY_ID: ${S3_ACCESS_KEY_ID}
+  S3_SECRET_ACCESS_KEY: ${S3_SECRET_ACCESS_KEY}
+  S3_REGION: ${S3_REGION}
+
+  # ai
+  AI_PROVIDER: ${AI_PROVIDER}
+  AI_API_KEY: ${AI_API_KEY}
+  AI_MODEL: ${AI_MODEL}
+  AI_URL: ${AI_URL}
+  AI_REGION: ${AI_REGION}
+  AI_SECRET: ${AI_SECRET}
+  AI_INSTANCE: ${AI_INSTANCE}
+  AI_API_VERSION: ${AI_API_VERSION}
+  AI_INPUT_COST_PER_1M_TOKENS: ${AI_INPUT_COST_PER_1M_TOKENS}
+  AI_OUTPUT_COST_PER_1M_TOKENS: ${AI_OUTPUT_COST_PER_1M_TOKENS}
+  
+  #transcriber
+  TRANSCRIBER_PROVIDER: ${TRANSCRIBER_PROVIDER}
+  TRANSCRIBER_API_KEY: ${TRANSCRIBER_API_KEY}
+  TRANSCRIBER_MODEL: ${TRANSCRIBER_MODEL}
+  TRANSCRIBER_URL: ${TRANSCRIBER_URL}
+  TRANSCRIBER_API_VERSION: ${TRANSCRIBER_API_VERSION}
+
+  # embedder
+  EMBEDDER_PROVIDER: ${EMBEDDER_PROVIDER}
+  EMBEDDER_API_KEY: ${EMBEDDER_API_KEY}
+  EMBEDDER_MODEL: ${EMBEDDER_MODEL}
+  EMBEDDER_INSTANCE: ${EMBEDDER_INSTANCE}
+  EMBEDDER_API_VERSION: ${EMBEDDER_API_VERSION}
+  EMBEDDER_DIMENSIONS: ${EMBEDDER_DIMENSIONS}
+
+# =============================================================================
+
+services:
+  # ---------------------------------------------------------------------------
+  # API Server (NestJS Backend)
+  # ---------------------------------------------------------------------------
+  api:
+    build:
+      context: .
+      dockerfile: Dockerfile
+      target: api-production
+      args:
+        - API_PORT=${API_PORT:-3400}
+    ports:
+      - "${API_PORT:-3400}:${API_PORT:-3400}"
+    environment:
+      <<: *api_worker_shared_env
+      # Build & Application Mode
+      PORT: ${API_PORT:-3400}
+      API_URL: ${API_URL}
+      API_PORT: ${API_PORT:-3400}
+      NODE_OPTIONS: ${API_NODE_OPTIONS:-"--max-old-space-size=6144"}
+
+      # Cache Configuration
+      CACHE_ENABLED: ${CACHE_ENABLED}
+      CACHE_DEFAULT_TTL: ${CACHE_DEFAULT_TTL}
+      CACHE_SKIP_PATTERNS: ${CACHE_SKIP_PATTERNS}
+
+      # Rate Limiting
+      RATE_LIMIT_ENABLED: ${RATE_LIMIT_ENABLED}
+      RATE_LIMIT_TTL: ${RATE_LIMIT_TTL}
+      RATE_LIMIT_REQUESTS: ${RATE_LIMIT_REQUESTS}
+      IP_RATE_LIMIT_REQUESTS: ${IP_RATE_LIMIT_REQUESTS}
+
+      # CORS Configuration
+      CORS_ORIGINS: ${CORS_ORIGINS}
+      CORS_ORIGIN_PATTERNS: ${CORS_ORIGIN_PATTERNS}
+      CORS_CREDENTIALS: ${CORS_CREDENTIALS}
+      CORS_METHODS: ${CORS_METHODS}
+      CORS_ALLOWED_HEADERS: ${CORS_ALLOWED_HEADERS}
+      CORS_MAX_AGE: ${CORS_MAX_AGE}
+      CORS_PREFLIGHT_CONTINUE: ${CORS_PREFLIGHT_CONTINUE}
+      CORS_OPTIONS_SUCCESS_STATUS: ${CORS_OPTIONS_SUCCESS_STATUS}
+      CORS_LOG_VIOLATIONS: ${CORS_LOG_VIOLATIONS}
+    healthcheck:
+      test: ["CMD", "node", "-e", "require('http').get({host:'localhost',port:process.env.API_PORT||3400,path:'/version'},(r)=>process.exit(r.statusCode>=200&&r.statusCode<500?0:1))"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 40s
+
+  # ---------------------------------------------------------------------------
+  # Worker (Background Job Processing)
+  # ---------------------------------------------------------------------------
+  worker:
+    build:
+      context: .
+      dockerfile: Dockerfile
+      target: api-production
+    environment:
+      <<: *api_worker_shared_env
+      NODE_OPTIONS: ${WORKER_NODE_OPTIONS:-"--max-old-space-size=6144"}
+    healthcheck:
+      test: ["CMD", "pgrep", "-f", "node.*dist/main.*worker"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 30s
+    command:
+      - node
+      - dist/main
+      - --mode=worker
+
+  # ---------------------------------------------------------------------------
+  # Web Application (Next.js Frontend)
+  # ---------------------------------------------------------------------------
+  web:
+    build:
+      context: .
+      dockerfile: Dockerfile
+      target: web-production
+      args:
+        - NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL}
+        - NEXT_PUBLIC_ADDRESS=${NEXT_PUBLIC_ADDRESS}
+        - NEXT_PUBLIC_VAPID_PUBLIC_KEY=${NEXT_PUBLIC_VAPID_PUBLIC_KEY}
+        - NEXT_PUBLIC_GOOGLE_MAPS_API_KEY=${NEXT_PUBLIC_GOOGLE_MAPS_API_KEY}
+        - PORT=${PORT:-3401}
+    ports:
+      - "${PORT:-3401}:${PORT:-3401}"
+    environment:
+      # Build & Application Configuration
+      - PORT=${PORT:-3401}
+      - APP_URL=${APP_URL}
+      - NODE_OPTIONS=${WEB_NODE_OPTIONS:-"--max-old-space-size=4096"}
+
+      # API Connection
+      - NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL}
+      - NEXT_PUBLIC_ADDRESS=${NEXT_PUBLIC_ADDRESS}
+      - API_INTERNAL_URL=${API_INTERNAL_URL:-http://api:3400/}
+
+      # Web Push - VAPID
+      - NEXT_PUBLIC_VAPID_PUBLIC_KEY=${NEXT_PUBLIC_VAPID_PUBLIC_KEY}
+
+      # Image Sources
+      - IMAGE_SOURCES=${IMAGE_SOURCES}
+
+      # Google Maps API Key
+      - NEXT_PUBLIC_GOOGLE_MAPS_API_KEY=${NEXT_PUBLIC_GOOGLE_MAPS_API_KEY}
+    healthcheck:
+      test: ["CMD", "node", "-e", "require('http').get({host:'localhost',port:process.env.PORT||3401,path:'/'},(r)=>process.exit(r.statusCode>=200&&r.statusCode<500?0:1))"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 40s

package/template/package.json

@@ -0,0 +1,72 @@
+{
+  "name": "{{name}}",
+  "version": "0.1.0",
+  "private": true,
+  "description": "Role Playing Game platform powered by AI",
+  "engines": {
+    "node": ">=22.0.0",
+    "pnpm": ">=10.0.0"
+  },
+  "packageManager": "pnpm@10.25.0",
+  "scripts": {
+    "dev": "turbo run dev dev:worker",
+    "dev:api": "turbo run dev --filter={{name}}-api",
+    "dev:web": "turbo run dev --filter={{name}}-web",
+    "dev:worker": "turbo run start:worker:dev --filter={{name}}-api",
+    "build": "turbo run build",
+    "build:api": "turbo run build --filter={{name}}-api",
+    "build:web": "turbo run build --filter={{name}}-web",
+    "start": "turbo run start",
+    "start:prod": "turbo run start:prod",
+    "test": "turbo run test",
+    "test:watch": "turbo run test:watch",
+    "test:e2e": "turbo run test:e2e",
+    "test:cov": "turbo run test:cov",
+    "lint": "turbo run lint",
+    "format": "turbo run format",
+    "clean": "turbo run clean && rm -rf node_modules .turbo",
+    "clean:all": "pnpm clean && pnpm -r exec rm -rf node_modules dist .next .turbo",
+    "structure": "bash scripts/import-structure.sh",
+    "prepare": "husky",
+    "preinstall": "npx only-allow pnpm",
+    "neo4jsonapi-migrate": "node ./packages/nestjs-neo4jsonapi/dist/tools/migrate-entity/index.js"
+  },
+  "dependencies": {
+    "dotenv-cli": "^11.0.0",
+    "zod": "^4.1.13"
+  },
+  "devDependencies": {
+    "@eslint/eslintrc": "^3.3.3",
+    "@semantic-release/changelog": "^6.0.3",
+    "@semantic-release/commit-analyzer": "^13.0.1",
+    "@semantic-release/git": "^10.0.1",
+    "@semantic-release/npm": "^13.1.2",
+    "@semantic-release/release-notes-generator": "^14.1.0",
+    "@types/node": "^25.0.1",
+    "@typescript-eslint/eslint-plugin": "^8.49.0",
+    "@typescript-eslint/parser": "^8.49.0",
+    "conventional-changelog-conventionalcommits": "^9.1.0",
+    "eslint": "^9.39.1",
+    "eslint-config-prettier": "^10.1.8",
+    "eslint-plugin-prettier": "^5.5.4",
+    "husky": "^9.1.7",
+    "prettier": "^3.7.4",
+    "semantic-release": "^25.0.2",
+    "ts-node": "^10.9.2",
+    "turbo": "^2.6.3",
+    "typescript": "^5.9.3"
+  },
+  "workspaces": [
+    "api",
+    "web",
+    "packages/*"
+  ],
+  "pnpm": {
+    "overrides": {
+      "yjs": "^13.6.27",
+      "validator": ">=13.15.20",
+      "@types/react": "19.2.7",
+      "@types/react-dom": "19.2.3"
+    }
+  }
+}

package/template/packages/shared/package.json

@@ -0,0 +1,23 @@
+{
+  "name": "@{{name}}/shared",
+  "version": "1.0.0",
+  "private": true,
+  "main": "./dist/index.js",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    }
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "clean": "rm -rf dist"
+  },
+  "devDependencies": {
+    "tsup": "^8.5.0"
+  }
+}

package/template/packages/shared/src/const/roles.id.ts

@@ -0,0 +1,5 @@
+import { SystemRoles } from "./system.roles.id";
+
+export const RoleId = {
+  ...SystemRoles,
+} as const;

package/template/packages/shared/src/const/system.roles.id.ts

@@ -0,0 +1,4 @@
+export const SystemRoles = {
+  Administrator: "53394cb8-1e87-11ef-8b48-bed54b8f8aba",
+  CompanyAdministrator: "2e1eee00-6cba-4506-9059-ccd24e4ea5b0",
+} as const;

package/template/packages/shared/src/index.ts

@@ -0,0 +1 @@
+export { RoleId } from "./const/roles.id";