create-pds 0.0.11 → 0.0.12

package/dist/index.js

@@ -2521,8 +2521,9 @@ const BANNER = `
   ██║     ██║██╔══██╗██╔══██╗██║   ██║╚════██║
   ╚██████╗██║██║  ██║██║  ██║╚██████╔╝███████║
    ╚═════╝╚═╝╚═╝  ╚═╝╚═╝  ╚═╝ ╚═════╝ ╚══════╝
-
-   ☁️  The lightest PDS in the Atmosphere  ☁️
+    ☁️      ☁️  ☁️      ☁️  ☁️    ☁️    ☁️  ☁️
+  ☁️    ☁️  Your personal data server  ☁️    ☁️
+     ☁️    ☁️     ☁️  ☁️      ☁️      ☁️    ☁️
 `;
 function detectPackageManager() {
 	const userAgent = process.env.npm_config_user_agent || "";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-pds",
-  "version": "0.0.11",
+  "version": "0.0.12",
   "description": "Create a new Cirrus AT Protocol PDS on Cloudflare Workers",
   "type": "module",
   "bin": {

package/templates/pds-worker/README.md

@@ -2,9 +2,22 @@
 
 A single-user AT Protocol Personal Data Server running on Cloudflare Workers.
 
-> **⚠️ Beta Software**
+> **⚠️ Experimental Beta Software**
 >
-> This is under active development. Account migration has been tested and works, but breaking changes may still occur. Consider backing up important data before migrating a primary account.
+> This is experimental software under active development. While account migration has been tested and works, this PDS implementation is still being refined. Breaking changes may occur, and not all edge cases have been discovered. **Strongly consider backing up important data before migrating a primary account.**
+
+## Before You Get Started
+
+Before setting up your PDS, make sure you have:
+
+1. **A Cloudflare account** – Sign up at [cloudflare.com](https://cloudflare.com) if you don't have one
+2. **Your domain added to Cloudflare** – Add the domain you plan to use for your PDS to your Cloudflare account:
+   - Log into the Cloudflare dashboard
+   - Click "Add a site" and enter your domain
+   - Follow the instructions to update your domain's nameservers to point to Cloudflare
+   - Wait for DNS propagation (usually a few minutes, can take up to 24 hours)
+
+Once your domain is active in Cloudflare, you're ready to proceed with the setup below.
 
 ## Getting Started
 
@@ -24,6 +37,7 @@ pnpm pds init
 ```
 
 This prompts for:
+
 - **PDS hostname** – The deployment domain (e.g., `pds.example.com`)
 - **Handle** – The Bluesky username (e.g., `alice.example.com`)
 - **Password** – For logging in from Bluesky apps
@@ -39,7 +53,7 @@ pnpm dev
 The PDS is now running at http://localhost:5173. Test it with:
 
 ```bash
-curl http://localhost:5173/health
+curl http://localhost:5173/xrpc/_health
 curl http://localhost:5173/.well-known/did.json
 ```
 
@@ -84,6 +98,7 @@ pnpm pds identity
 ```
 
 This updates your DID document to point to your new PDS. You'll need to:
+
 1. Enter your password for the source PDS
 2. Enter the confirmation token sent to your email
 
@@ -116,19 +131,19 @@ pnpm pds status                  # Verify everything is working
 
 ## CLI Commands
 
-| Command | Description |
-|---------|-------------|
-| `pnpm pds init` | Interactive setup wizard (prompts for Cloudflare deploy) |
-| `pnpm pds migrate` | Transfer account from source PDS |
-| `pnpm pds migrate --clean` | Reset and re-import data |
-| `pnpm pds identity` | Update DID document to point to new PDS |
-| `pnpm pds activate` | Enable writes (go live) |
-| `pnpm pds deactivate` | Disable writes (for re-import) |
-| `pnpm pds status` | Check account and repository status |
-| `pnpm pds passkey add` | Register a passkey for passwordless login |
-| `pnpm pds secret key` | Generate new signing keypair |
-| `pnpm pds secret jwt` | Generate new JWT secret |
-| `pnpm pds secret password` | Set account password |
+| Command                    | Description                                              |
+| -------------------------- | -------------------------------------------------------- |
+| `pnpm pds init`            | Interactive setup wizard (prompts for Cloudflare deploy) |
+| `pnpm pds migrate`         | Transfer account from source PDS                         |
+| `pnpm pds migrate --clean` | Reset and re-import data                                 |
+| `pnpm pds identity`        | Update DID document to point to new PDS                  |
+| `pnpm pds activate`        | Enable writes (go live)                                  |
+| `pnpm pds deactivate`      | Disable writes (for re-import)                           |
+| `pnpm pds status`          | Check account and repository status                      |
+| `pnpm pds passkey add`     | Register a passkey for passwordless login                |
+| `pnpm pds secret key`      | Generate new signing keypair                             |
+| `pnpm pds secret jwt`      | Generate new JWT secret                                  |
+| `pnpm pds secret password` | Set account password                                     |
 
 Add `--dev` to target your local development server instead of production.
 
@@ -136,27 +151,28 @@ Add `--dev` to target your local development server instead of production.
 
 ### Public Variables (wrangler.jsonc)
 
-| Variable | Description |
-|----------|-------------|
-| `PDS_HOSTNAME` | Public hostname (e.g., pds.example.com) |
-| `DID` | Account DID |
-| `HANDLE` | Account handle |
-| `SIGNING_KEY_PUBLIC` | Public key for DID document |
+| Variable             | Description                             |
+| -------------------- | --------------------------------------- |
+| `PDS_HOSTNAME`       | Public hostname (e.g., pds.example.com) |
+| `DID`                | Account DID                             |
+| `HANDLE`             | Account handle                          |
+| `SIGNING_KEY_PUBLIC` | Public key for DID document             |
 
 ### Secrets (.dev.vars or Cloudflare)
 
-| Variable | Description |
-|----------|-------------|
-| `AUTH_TOKEN` | Bearer token for API write operations |
-| `SIGNING_KEY` | Private signing key |
-| `JWT_SECRET` | Secret for session tokens |
-| `PASSWORD_HASH` | Bcrypt hash of the account password |
+| Variable        | Description                           |
+| --------------- | ------------------------------------- |
+| `AUTH_TOKEN`    | Bearer token for API write operations |
+| `SIGNING_KEY`   | Private signing key                   |
+| `JWT_SECRET`    | Secret for session tokens             |
+| `PASSWORD_HASH` | Bcrypt hash of the account password   |
 
 ## Handle Verification
 
 Bluesky verifies control of the handle domain.
 
 **If the handle matches the PDS hostname** (for example, both are `pds.example.com`):
+
 - No extra setup needed. The PDS handles verification automatically.
 
 **If the handle is on a different domain** (for example, handle `alice.example.com`, PDS at `pds.example.com`):
@@ -192,12 +208,14 @@ Ensure the worker is deployed (`pnpm run deploy`) or the dev server is running (
 ### "Failed to resolve handle"
 
 Check the handle configuration:
+
 - For DNS verification: ensure the TXT record has propagated (`dig TXT _atproto.yourhandle.com`)
 - For same-domain handles: ensure the PDS is accessible at `https://yourdomain.com/.well-known/atproto-did`
 
 ### Migration issues
 
 If migration fails partway through:
+
 - Run `pnpm pds migrate` again to resume from where you left off
 - Use `pnpm pds migrate --clean` to start fresh (only on deactivated accounts)
 

package/templates/pds-worker/wrangler.jsonc

@@ -40,7 +40,11 @@
 		// Account DID - usually did:web:<hostname>
 		"DID": "",
 		// Account handle (e.g., "alice.example.com")
-		"HANDLE": ""
+		"HANDLE": "",
+		// ⚠️  DATA_LOCATION: Controls where your Durable Objects are created.
+		// ⚠️  WARNING: This CANNOT be changed after deployment!
+		// ⚠️  Changing this value after your PDS is live will break your installation.
+		"DATA_LOCATION": ""
 	},
 	// Secrets (set via `pds init` or `pds secret <name>`):
 	// - AUTH_TOKEN: Bearer token for API write operations