jeena/pollux
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Refine repository structure

Browse source 
- Update .gitignore for dev/ and tmp/ directories
- Move certificate setup to dev/ directory with README
- Remove production references from AGENTS.md
- Clean up directory structure and documentation
- Repository now ready for development workflow
This commit is contained in:
Jeena 2026-01-15 08:31:43 +09:00
parent 1ed443ff2a
commit e00195c5be
3 changed files with 24 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

20
.gitignore vendored
View file

@ -1,22 +1,24 @@
# Rust build artifacts # Development directories
/target/ dev/
Cargo.lock tmp/
test_files/
sample_data/
# Development files # Temporary files
*.log *.log
*.md.tmp *.tmp
# OS files
.DS_Store .DS_Store
Thumbs.db
# TLS certificates - NEVER commit to repository # TLS certificates - NEVER commit to repository
*.pem *.pem
*.key *.key
*.crt *.crt
certs/
certbot/ certbot/
# Rust build artifacts
/target/
Cargo.lock
# IDE files # IDE files
.vscode/ .vscode/
.idea/ .idea/

17
AGENTS.md
View file

@ -23,22 +23,9 @@ We have UnitTests which should be kept up to date before committing any new code
Fix every compiler warning before committing. Fix every compiler warning before committing.
### Certificate Management ### Development Notes
Development Development
- Generate self-signed certificates for local testing - Generate self-signed certificates for local testing in `dev/` directory
- Store in `certs/` directory (gitignored)
- Use CN=localhost for development - Use CN=localhost for development
Production
- Use Let's Encrypt or CA-signed certificates
- Store certificates outside repository
- Set appropriate file permissions (600 for keys, 644 for certs)
- Implement certificate renewal monitoring
- Never include private keys in documentation or commits
Deployment Security
- Certificate files should be owned by service user
- Use systemd service file with proper User/Group directives
- Consider using systemd's `LoadCredential` for certificate paths

28
README.md
View file

@ -29,31 +29,25 @@ port = 1965
log_level = "info" log_level = "info"
``` ```
## Certificate Setup ## Development Setup
### Development
Generate self-signed certificates for local testing:
### Quick Start with Self-Signed Certs
```bash ```bash
mkdir -p certs mkdir -p dev
openssl req -x509 -newkey rsa:2048 -keyout certs/key.pem -out certs/cert.pem -days 365 -nodes -subj "/CN=localhost" openssl req -x509 -newkey rsa:2048 \
-keyout dev/key.pem \
-out dev/cert.pem \
-days 365 \
-nodes \
-subj "/CN=localhost"
``` ```
Update `config.toml`: Update `config.toml`:
```toml ```toml
cert = "certs/cert.pem" cert = "dev/cert.pem"
key = "certs/key.pem" key = "dev/key.pem"
``` ```
### Production
Use Let's Encrypt for production:
```bash
sudo certbot certonly --standalone -d yourdomain.com
```
Then update config.toml paths to your certificate locations.
Run the server: Run the server:
```bash ```bash