cyberrex/certremind
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
40e7953ee514fd9cb747ee1299c80e949eb1d242
certremind/README.md
CyberRex 40e7953ee5 First commit
2026-05-23 17:03:05 +09:00

2.3 KiB
Raw Blame History

CertRemind

CertRemind monitors the TLS/SSL certificate expiry dates of registered HTTPS sites and sends reminders through in-app alerts, webhooks, and browser push notifications.

Requirements

  • Node.js v22
  • pnpm
  • Docker Compose
  • PostgreSQL
  • OpenSSL

Development Setup

pnpm install
docker compose up -d postgres
pnpm dev

Development URLs:

Frontend: http://127.0.0.1:5173/
API:      http://127.0.0.1:3000

Run the one-shot certificate monitor:

pnpm monitor:once

Run the certificate monitor worker every hour:

pnpm monitor:worker

Run quality checks:

pnpm lint
pnpm test
pnpm exec vite build

Database

The initial schema is in db/schema.sql. Docker Compose loads it when the PostgreSQL volume is first created.

If an existing database volume is already present, schema changes are not reapplied automatically. Apply the relevant ALTER TABLE statements from db/schema.sql, or recreate the development volume when data loss is acceptable.

Environment Variables

Copy .env.example to .env for local development.

Name Required Default Purpose
NODE_ENV No development Runtime mode. production enables secure cookies.
PORT No 3000 API server port.
DATABASE_URL No postgres://certremind:certremind@localhost:5432/certremind PostgreSQL connection string.
COOKIE_SECRET Reserved none Reserved for future signed-cookie support.
VAPID_PUBLIC_KEY For Push empty Browser Push public key.
VAPID_PRIVATE_KEY For Push empty Browser Push private key. Push delivery fails gracefully if missing.
VAPID_SUBJECT For Push mailto:admin@example.com VAPID contact subject.
OPENSSL_PATH No openssl OpenSSL executable path. On Windows, the app can also detect Git's bundled openssl.exe.

Operational Notes

  • Run pnpm monitor:worker as a long-lived Node process for hourly certificate checks.
  • pnpm monitor:once remains available for manual checks or external schedulers.
  • The monitor limits concurrent external certificate checks and records per-site failures without stopping the whole run.
  • Webhook URLs and monitored site URLs must be HTTPS and reject localhost/private IPv4 targets.
  • Existing browser Push subscriptions require valid VAPID keys to deliver successfully.
Reference in New Issue View Git Blame Copy Permalink