lakebed 0.0.15 → 0.0.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +36 -5
- package/package.json +1 -1
- package/src/anonymous-server.js +2119 -157
- package/src/anonymous.js +149 -44
- package/src/cli.js +173 -17
- package/src/source-runtime-worker.js +5 -0
- package/src/source-runtime.js +4 -1
- package/src/version.js +1 -1
package/README.md
CHANGED
|
@@ -122,13 +122,14 @@ lakebed new [name] [--template todo] [--no-git]
|
|
|
122
122
|
lakebed create [name] [--template todo] [--no-git]
|
|
123
123
|
lakebed dev [capsule-dir] [--port 3000]
|
|
124
124
|
lakebed build [capsule-dir] --target anonymous [--out .lakebed/artifacts/app.json] [--json]
|
|
125
|
-
lakebed deploy [capsule-dir] [--api <url>] [--json]
|
|
125
|
+
lakebed deploy [capsule-dir] [--api <url>] [--public-inspect] [--json]
|
|
126
126
|
lakebed claim [capsule-dir] [--api <url>] [--json]
|
|
127
|
+
lakebed domains add <subdomain.lakebed.app> [--api <url>] [--json]
|
|
127
128
|
lakebed anonymous-server [--port 8787] [--public-root-url <url>] [--app-base-domain <domain>]
|
|
128
|
-
lakebed inspect <deploy-id-or-url> [--api <url>] [--json]
|
|
129
|
-
lakebed db list [deploy-id-or-url] [--port 3000]
|
|
130
|
-
lakebed db dump [deploy-id-or-url] [--port 3000]
|
|
131
|
-
lakebed logs [deploy-id-or-url] [--port 3000]
|
|
129
|
+
lakebed inspect <deploy-id-or-url> [--api <url>] [--inspect-token <token>] [--json]
|
|
130
|
+
lakebed db list [deploy-id-or-url] [--port 3000] [--inspect-token <token>]
|
|
131
|
+
lakebed db dump [deploy-id-or-url] [--port 3000] [--inspect-token <token>]
|
|
132
|
+
lakebed logs [deploy-id-or-url] [--port 3000] [--inspect-token <token>]
|
|
132
133
|
```
|
|
133
134
|
|
|
134
135
|
## Current Constraints
|
|
@@ -167,6 +168,26 @@ LAKEBED_APP_BASE_DOMAIN=lakebed.app
|
|
|
167
168
|
|
|
168
169
|
With a verified `*.lakebed.app` custom domain on the runner, deploy responses use `https://<slug>.lakebed.app`.
|
|
169
170
|
|
|
171
|
+
Anonymous deploy creation is relaxed for local `localhost` runners. When `PUBLIC_ROOT_URL` points at a non-local origin, the runner defaults to 50 anonymous deploy creates per forwarded client per UTC day and 5,000 globally. Override those with:
|
|
172
|
+
|
|
173
|
+
```sh
|
|
174
|
+
LAKEBED_ANONYMOUS_DEPLOY_CREATE_PER_CLIENT_PER_DAY=50
|
|
175
|
+
LAKEBED_ANONYMOUS_DEPLOY_CREATE_GLOBAL_PER_DAY=5000
|
|
176
|
+
LAKEBED_ANONYMOUS_DEPLOY_CREATE_DISABLED=0
|
|
177
|
+
LAKEBED_ANONYMOUS_REQUESTS_PER_CLIENT_PER_DAY=100000
|
|
178
|
+
LAKEBED_ANONYMOUS_MUTATIONS_PER_CLIENT_PER_DAY=10000
|
|
179
|
+
```
|
|
180
|
+
|
|
181
|
+
Deploy creation, app requests, and app mutations also have per-client IP backstops. Forwarded client IP headers are trusted automatically on Railway only when the request comes through Railway's edge proxy. For other proxy setups, set `LAKEBED_TRUST_PROXY_HEADERS=1` only when your proxy strips untrusted inbound forwarding headers before adding its own.
|
|
182
|
+
|
|
183
|
+
Expired unclaimed deploys are cleaned up by the runner. By default, cleanup marks expired anonymous deploys terminated after a 1 hour grace window and deletes their state, logs, env, quota rows, slug mapping, and unreferenced artifacts after 7 days:
|
|
184
|
+
|
|
185
|
+
```sh
|
|
186
|
+
LAKEBED_ANONYMOUS_CLEANUP_GRACE=1h
|
|
187
|
+
LAKEBED_ANONYMOUS_CLEANUP_RETENTION=7d
|
|
188
|
+
LAKEBED_ANONYMOUS_CLEANUP_INTERVAL=1h
|
|
189
|
+
```
|
|
190
|
+
|
|
170
191
|
Deploy responses include claim metadata. Configure GitHub OAuth on the runner, then run `lakebed claim` to open the claim page and attach the anonymous deploy to a developer account:
|
|
171
192
|
|
|
172
193
|
```sh
|
|
@@ -178,6 +199,16 @@ LAKEBED_SERVER_ENV_SECRET=...
|
|
|
178
199
|
|
|
179
200
|
Claimed deploys are listed at `/deploys` on the deploy API origin. They keep the same resource limits as anonymous deploys and do not expire. Anonymous deploys cannot use outbound `fetch` or hosted server env; after a deploy is claimed, `lakebed deploy` can update it with a source-backed server artifact that supports async handlers, server-side fetch, and `.env.lakebed.server` sync. If the first deploy already needs server-side `fetch` or server env, `lakebed deploy` creates a claim-required preview, saves its claim metadata, and prints the `lakebed claim` command. Run that command, then run `lakebed deploy` again to publish the real source-backed app. Set `LAKEBED_SERVER_ENV_SECRET` on Postgres-backed runners to encrypt stored server env values.
|
|
180
201
|
|
|
202
|
+
Hosted inspection is private by default. `lakebed inspect`, `lakebed db list`, `lakebed db dump`, and `lakebed logs` send the saved claim token automatically when run from the capsule directory.
|
|
203
|
+
|
|
204
|
+
After a deploy is claimed, reserve a Lakebed-owned app subdomain from the capsule directory:
|
|
205
|
+
|
|
206
|
+
```sh
|
|
207
|
+
npx lakebed domains add my-app.lakebed.app
|
|
208
|
+
```
|
|
209
|
+
|
|
210
|
+
Reserved product names such as `api`, `admin`, `docs`, and `www` are rejected.
|
|
211
|
+
|
|
181
212
|
## Admin Dashboard
|
|
182
213
|
|
|
183
214
|
Set `LAKEBED_ADMIN_PASSWORD` on the anonymous deploy runner, then open `/admin` on the runner origin. The password is exchanged for an HttpOnly cookie so the dashboard stays unlocked until the cookie expires or the password changes. The resource table can terminate active deploys while preserving their resource history, and the users table can set per-user request and mutation limit overrides for claimed deploys.
|