- Replace goto statements with if-not pattern for Lua 5.1 compatibility
- Validate mail config only for API keys with mail:send permissions
- Safe display of API key info for monitoring keys without mail config
- Fix health check SMTP detection for new config structure
- Multi-tenant system tested and working on port 7811
Fixes multi-tenant config parsing, validation, and health checks.
Related to DAW/furt#89
- Add universal merkwerk binary detection from main
- Required for furt installations (no install without merkwerk)
- Maintains compatibility with multi-tenant architecture
Merges main branch changes for issue #94 into feature/issue-89-multi-tenant
- Change get_info() priority: .version_history first, merkwerk fallback
- Add read_version_history() for production deployment compatibility
- Works without merkwerk binary (tar.gz deployments)
- Maintains development fallback to merkwerk command
Production-ready: tar.gz deployments work without merkwerk installation.
- Replace read_version() with merkwerk.get_health_info()
- Health endpoint now returns content_hash, vcs_info, source tracking
- Add merkwerk_integrated feature flag
- Enhanced startup logs with content-hash and VCS info
- Maintain backward compatibility with version field
- lua51 compatible integration for OpenBSD deployment
Migration from static VERSION file to dynamic merkwerk version tracking.
Health endpoint now provides rich metadata for debugging and monitoring.
ResolvesDAW/furt#83
- Add VERSION file in repository root
- Add read_version() function with error handling
- Update /health endpoint to show file-based version
- Add version display during server startup
- Fallback to ?.?.? when VERSION file unreadable
Enables deployment tracking across dev/test/prod environments
- nginx-style furt.conf configuration
- Multi-tenant mail routing per API key
- Custom SMTP support per customer
- Backward compatibility via server.lua adapter
WIP: Ready for testing on werner
- Remove Go artifacts (cmd/, internal/, pkg/, go.mod)
- Move furt-lua/* content to repository root
- Restructure as clean src/, config/, scripts/, tests/ layout
- Rewrite README.md as practical tool documentation
- Remove timeline references and marketing language
- Clean .gitignore from Go-era artifacts
- Update config/server.lua with example.org defaults
- Add .env.production to .gitignore for security
Repository now ready for open source distribution with minimal,
focused structure and generic configuration templates.
close issue DAW/furt#86
- Add comprehensive API-key authentication system with X-API-Key header validation
- Implement permission-based access control (mail:send, * for admin)
- Add rate-limiting system (60 req/hour per API key, 100 req/hour per IP)
- Refactor monolithic 590-line main.lua into 6 modular components (<200 lines each)
- Add IP-restriction support with CIDR notation (127.0.0.1, 10.0.0.0/8)
- Implement Hugo integration with CORS support for localhost:1313
- Add production-ready configuration with environment variable support
- Create comprehensive testing suite (auth, rate-limiting, stress tests)
- Add production deployment checklist and cleanup scripts
This refactoring transforms the API gateway from a single-file monolith into a
biocodie-compliant modular architecture while adding enterprise-grade security
features. Performance testing shows 79 RPS concurrent throughput with <100ms
latency. Hugo contact form integration tested and working. System is now
production-ready for deployment to walter/aitvaras.
Resolves#47
- Add CORS headers to all API responses in main.lua
- Implement OPTIONS preflight request handling
- Add environment-variable based CORS origin configuration
- Create production.env.example for deployment documentation
- Update .env.example with CORS_ALLOWED_ORIGINS setting
Resolves cross-origin request blocking for Hugo dev server integration.
CORS origins now configurable via CORS_ALLOWED_ORIGINS environment variable
for production deployments while maintaining dev-friendly defaults.
Related to #49
- Fix create_environment_file() to preserve existing production config
- Change SMTP_SERVER to SMTP_HOST for consistency with other configs
- Add config existence check before creating new environment file
- Preserve permissions on existing config files
- Prevent accidental production config loss on redeployment
Fixes#50
- Fix OpenBSD service file pexp pattern to match actual running process
- Set pexp after sourcing rc.subr to prevent automatic override
- Update deployment script process detection from broken furt-lua pattern
- Add TTY-based daemon detection in start.sh for service vs development mode
- Implement comprehensive deployment workflow with backup and health checks
- Enable proper rcctl start/stop/check functionality on OpenBSD
Root cause: OpenBSD rc.subr automatically generates pexp from daemon+flags,
but actual process (/usr/local/bin/lua src/main.lua) differs from wrapper
(start.sh). Solution: Override pexp after rc.subr with correct Lua pattern.
Deployment script also had incorrect process detection pattern looking for
'furt-lua' string that doesn't exist in process name.
Technical details:
- Service file: pexp="/usr/local/bin/lua src/main.lua.*" after rc.subr
- Process detection: pgrep -u _furt -f 'src/main.lua'
- TTY detection: [ ! -t 0 ] for daemon vs interactive mode
- Complete deployment workflow with stop/sync/start/health-check cycle
Fixes#77 - OpenBSD rc.d service file problem resolved
Related: Deployment automation now fully functional karl→walter
- Add automated rsync-based file synchronization with _furt user permissions
- Implement OpenBSD rcctl service management with backup/rollback functionality
- Add port availability checks and health validation after deployment
- Include comprehensive error handling and status reporting
- Support dry-run mode for safe deployment testing
- Provide automatic service file generation with correct paths
Features:
- SSH-based secure transfer with permission preservation
- Pre-deployment backup with configurable retention (3 backups)
- Intelligent service stop/start handling for OpenBSD rcctl
- Health check validation via HTTP endpoint
- Colored output and structured logging for better UX
- Support for --dry-run, --rollback, and --force modes
Successfully deploys furt-lua from development (karl) to staging (walter).
Manual service management required due to OpenBSD rc.d pexp pattern issues.
Closes#76 (deployment automation)
Related: Service file pexp pattern matching requires follow-up investigation
Files:
- scripts/deploy/deploy_walter.sh (new)
- Add automatic SSL library detection (luaossl/luasec)
- Support Arch Linux (luaossl) and OpenBSD (luasec)
- Maintain backward compatibility with existing configurations
- Enable production deployment on OpenBSD with _furt service user
- Implement transparent API abstraction for different SSL libraries
Technical improvements:
- Auto-detection prevents manual SSL library configuration
- Compatible with package managers (no custom builds required)
- Tested on karl (Arch/luaossl) and walter (OpenBSD/luasec)
- Both systems successfully send emails via Port 465 SSL
- DKIM authentication passes on both platforms
Production readiness:
- Service user compatibility (_furt on OpenBSD)
- Config detection (/usr/local/etc/furt/environment)
- Multi-distribution support (Arch + OpenBSD)
- No OpenSSL command dependencies (tech sovereignty compliance)
Fixes#74
Files modified:
- furt-lua/src/smtp.lua
- Split REPO_ROOT and PROJECT_DIR for different purposes
- REPO_ROOT: Repository-wide configs (.env, system configs)
- PROJECT_DIR: Lua-specific working directory (src/, cd)
- Fix config detection across development and production environments
Changes:
- REPO_ROOT="$(dirname "$(dirname "$SCRIPT_DIR")")" # 2 levels up for .env
- PROJECT_DIR="$(dirname "$SCRIPT_DIR")" # 1 level up for src/
- Config loading uses REPO_ROOT (.env location)
- Working directory and Lua paths use PROJECT_DIR (furt-lua/)
Tested on:
- karl (Linux/Development): .env loading + lua51 execution ✅
- walter (OpenBSD/Production): system config + lua execution ✅
Cross-platform SMTP functionality verified:
- karl: Full E2E test with successful mail delivery
- walter: HTTP server + config detection working
Fixes#68 (Universal Config Detection)
Fixes#70 (karl start.sh regression after universal script update)
- Add multi-distribution config path detection
- Support /usr/local/etc/furt/environment (OpenBSD)
- Support /etc/furt/environment (Debian/Ubuntu/RHEL)
- Maintain .env support for development
- Add configurable Lua command via LUA_COMMAND environment variable
POSIX compatibility improvements:
- Replace command -v with [ -x ] for service user compatibility
- Change shebang from #!/bin/bash to #!/bin/sh for OpenBSD
- Replace ${BASH_SOURCE[0]} with $0 for POSIX shell compatibility
walter deployment changes:
- Migrate directory structure to /usr/local/furt/furt-lua/
- Set up _furt user permissions
- Configure system config in /usr/local/etc/furt/environment
Known issues:
- karl development environment regression (lua51 detection failed)
- walter SSL missing for SMTP (luasec vs luaossl compatibility)
- Config strategy needs comprehensive redesign for multi-implementation
Related: #68
Files modified:
- furt-lua/scripts/start.sh (POSIX compatibility + universal config)
- .env.example (added LUA_COMMAND and LUA_VERSION)
- walter: /usr/local/etc/furt/environment (system config setup)
- Add native Lua SMTP client with SSL/TLS support for mail.dragons-at-work.de:465
- Implement POST /v1/mail/send endpoint with real email delivery functionality
- Add environment variable integration (SMTP_*) for secure credential management
- Add comprehensive input validation and error handling for mail requests
- Add health check endpoint with SMTP configuration status reporting
- Add multi-line SMTP response handling for robust server communication
- Add request ID tracking system for debugging and monitoring
- Update start.sh script for automatic .env loading and dependency checking
- Add complete testing suite for SMTP functionality verification
This completes the Week 2 Challenge migration from Go to pure Lua HTTP server
with full production-ready SMTP capabilities. The implementation eliminates all
Google/corporate dependencies while achieving superior performance (18ms response
time) and maintaining digital sovereignty principles.
Real mail delivery confirmed: test email successfully sent to admin@dragons-at-work.de
Ready for Hugo website integration and production deployment with security layer.
Closes#65
- Add furt-lua/ directory with pure Lua implementation
- Replace planned Go implementation with Corporate-free technology
- Complete Week 1 Challenge: HTTP-Server to production-ready in 48min
- HTTP-Server in pure Lua (185 lines, lua-socket based)
- JSON API endpoints with request/response parsing
- Modular architecture: each file < 200 lines
- Error handling for 404, 400, validation scenarios
- GET /health - Service health check with timestamp
- POST /test - Development testing with request echo
- POST /v1/mail/send - Mail service foundation with validation
- Comprehensive error responses with structured JSON
- Smart startup script with dependency auto-detection
- Automated test suite with lua-socket HTTP client
- Manual curl test suite for development workflow
- Complete documentation and installation guide
- FROM: Go (Google-controlled) → TO: Lua (PUC-Rio University)
- Corporate-free dependency chain: lua-socket + lua-cjson + lua-ssl
- Performance superior: < 1ms response time, minimal memory usage
- Foundation for planned C+Lua hybrid architecture
- furt-lua/src/main.lua - HTTP-Server implementation
- furt-lua/config/server.lua - Lua-based configuration
- furt-lua/scripts/start.sh - Startup with dependency checks
- furt-lua/scripts/test_curl.sh - Manual testing suite
- furt-lua/tests/test_http.lua - Automated test framework
- furt-lua/README.md - Implementation documentation
- README.md - Document Go→Lua migration strategy
- .gitignore - Add Lua artifacts, luarocks, issue-scripts
All endpoints tested and working:
✓ Health check returns proper JSON status
✓ Test endpoint processes POST requests with JSON
✓ Mail endpoint validates required fields (name, email, message)
✓ Error handling returns appropriate HTTP status codes
Ready for Week 2: SMTP integration with mail.dragons-at-work.de
Completes #63
Related #62
- create_issue.sh: 800+ lines monster (functional but unmaintainable)
- update_script_labels.sh: 15KB auto-update system (too complex)
- get_issues.sh: 7KB grown over time (needs simplification)
- update_issue.sh: 5KB functional (part of old system)
Preparing clean slate for low-tech generation-2 system
- Complete project documentation for API gateway development
- API gateway-specific development processes and standards
- Comprehensive issue management system with script automation
- Go-specific testing guidelines for multi-service architecture
New Documentation:
- devdocs/KONZEPT.md: project philosophy, architecture, service integration patterns
- devdocs/TESTING_GUIDELINES.md: Go testing, API tests, gateway-service integration
- devdocs/development-process.md: API gateway development, multi-service coordination
- devdocs/furt-issue-management-guide.md: Furt-specific issue management workflows
Issue Management System:
- scripts/create_issue.sh: 8 preconfigured templates for API gateway development
- Furt-specific issue types: service-request, architecture, performance, security
- Script-based workflows for efficient development
- Integration with existing get_issues.sh and update_issue.sh scripts
API Gateway Development Standards:
- Service integration patterns for gateway ↔ service communication
- API-contract-first development with OpenAPI specifications
- Security-first patterns for authentication and input validation
- Multi-service testing strategies for coordinated development
This documentation enables immediate, efficient API gateway development
with clear standards, proven patterns, and automated workflows.
- Go-Projektstruktur nach Low-Tech-Prinzipien
- Issue-Templates für Service-Requests und Bug-Reports
- Konfiguration für sichere Entwicklung (.env.example)
- Scripts-Verzeichnis für Build und Deployment
- Dokumentationsstruktur für Dev und User Docs
- Apache 2.0 Lizenz für Open-Source-Entwicklung
Furt (Durchgang) vereint Services unter einheitlicher API
für vollständige digitale Souveränität.
