cyberrex/certremind
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

First commit

Browse Source
This commit is contained in:
CyberRex
2026-05-23 17:03:05 +09:00
commit 40e7953ee5
52 changed files with 13004 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
README.md Normal file
View File

@@ -0,0 +1,75 @@
# CertRemind
CertRemind monitors the TLS/SSL certificate expiry dates of registered HTTPS sites and sends reminders through in-app alerts, webhooks, and browser push notifications.
## Requirements
- Node.js v22
- pnpm
- Docker Compose
- PostgreSQL
- OpenSSL
## Development Setup
```text
pnpm install
docker compose up -d postgres
pnpm dev
```
Development URLs:
```text
Frontend: http://127.0.0.1:5173/
API: http://127.0.0.1:3000
```
Run the one-shot certificate monitor:
```text
pnpm monitor:once
```
Run the certificate monitor worker every hour:
```text
pnpm monitor:worker
```
Run quality checks:
```text
pnpm lint
pnpm test
pnpm exec vite build
```
## Database
The initial schema is in `db/schema.sql`. Docker Compose loads it when the PostgreSQL volume is first created.
If an existing database volume is already present, schema changes are not reapplied automatically. Apply the relevant `ALTER TABLE` statements from `db/schema.sql`, or recreate the development volume when data loss is acceptable.
## Environment Variables
Copy `.env.example` to `.env` for local development.
| Name | Required | Default | Purpose |
| --- | --- | --- | --- |
| `NODE_ENV` | No | `development` | Runtime mode. `production` enables secure cookies. |
| `PORT` | No | `3000` | API server port. |
| `DATABASE_URL` | No | `postgres://certremind:certremind@localhost:5432/certremind` | PostgreSQL connection string. |
| `COOKIE_SECRET` | Reserved | none | Reserved for future signed-cookie support. |
| `VAPID_PUBLIC_KEY` | For Push | empty | Browser Push public key. |
| `VAPID_PRIVATE_KEY` | For Push | empty | Browser Push private key. Push delivery fails gracefully if missing. |
| `VAPID_SUBJECT` | For Push | `mailto:admin@example.com` | VAPID contact subject. |
| `OPENSSL_PATH` | No | `openssl` | OpenSSL executable path. On Windows, the app can also detect Git's bundled `openssl.exe`. |
## Operational Notes
- Run `pnpm monitor:worker` as a long-lived Node process for hourly certificate checks.
- `pnpm monitor:once` remains available for manual checks or external schedulers.
- The monitor limits concurrent external certificate checks and records per-site failures without stopping the whole run.
- Webhook URLs and monitored site URLs must be HTTPS and reject localhost/private IPv4 targets.
- Existing browser Push subscriptions require valid VAPID keys to deliver successfully.