### Quickstart Docker Setup Source: https://github.com/schaurian/schautrack/blob/main/README.md Use these commands to quickly set up Schautrack using Docker. Ensure you have Docker installed and then follow the steps to download the configuration files, set a session secret, and start the services. ```bash mkdir schautrack && cd schautrack curl -O https://raw.githubusercontent.com/schaurian/schautrack/main/compose.yml curl -O https://raw.githubusercontent.com/schaurian/schautrack/main/.env.example mv .env.example .env sed -i "s/please-change-me/$(openssl rand -hex 32)/" .env docker compose up -d ``` -------------------------------- ### Local Development Setup with Docker Compose Source: https://github.com/schaurian/schautrack/blob/main/CLAUDE.md Use this command to start the development environment with Docker Compose. It builds the necessary services and makes them available locally. The database is initialized from `db/init.sql`. ```bash docker compose -f compose.dev.yml up -d --build ``` -------------------------------- ### Install Schautrack using a values.yaml file Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Define configuration parameters in a `values.yaml` file for GitOps-friendly installations. This example shows how to configure session secret, admin email, PostgreSQL password, and ingress settings. ```yaml config: sessionSecret: "" # Use sealed-secrets or external-secrets adminEmail: "admin@example.com" postgresql: auth: password: "" # Use sealed-secrets or external-secrets ingress: enabled: true className: nginx hosts: - host: calories.example.com paths: - path: / pathType: Prefix ``` -------------------------------- ### Install Schautrack from Source Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Clone the Schautrack repository, navigate to the Helm chart directory, and install the chart. Similar to repository installation, generate secure secrets using `openssl`. ```bash git clone https://github.com/schaurian/schautrack.git cd schautrack helm install schautrack ./helm/schautrack \ --set config.sessionSecret=$(openssl rand -base64 32) \ --set postgresql.auth.password=$(openssl rand -base64 16) ``` -------------------------------- ### Install Schautrack with a values file Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Install the Schautrack Helm chart using a pre-defined `values.yaml` file. ```bash helm install schautrack schautrack/schautrack -f values.yaml ``` -------------------------------- ### Development Setup with Docker Compose Source: https://github.com/schaurian/schautrack/blob/main/README.md Set up a development environment for Schautrack by cloning the repository and using Docker Compose with a development-specific configuration file. This allows building from source. ```bash git clone https://github.com/schaurian/schautrack.git cd schautrack cp .env.example .env docker compose -f compose.dev.yml up --build ``` -------------------------------- ### Install Schautrack from Helm Repository Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Add the Schautrack Helm repository, update it, and install the chart. It's recommended to use `openssl` to generate secure secrets for session and PostgreSQL password. ```bash helm repo add schautrack https://helm.schautrack.com helm repo update helm install schautrack schautrack/schautrack \ --set config.sessionSecret=$(openssl rand -base64 32) \ --set postgresql.auth.password=$(openssl rand -base64 16) ``` -------------------------------- ### Local Docker Development Source: https://github.com/schaurian/schautrack/blob/main/CLAUDE.md Starts the local development environment using Docker Compose. This command also rebuilds any changed Docker images. ```bash docker compose up -d --build ``` -------------------------------- ### Configure OIDC for Single Sign-On (Google Example) Source: https://github.com/schaurian/schautrack/blob/main/README.md Enable and configure OpenID Connect for single sign-on. Add the redirect URI to your provider's OAuth client settings. ```env OIDC_ISSUER=https://accounts.google.com OIDC_CLIENT_ID=123456.apps.googleusercontent.com OIDC_CLIENT_SECRET=GOCSPX-... OIDC_LABEL=Google OIDC_REQUIRE_INVITE=false OIDC_REDIRECT_URL=https:///auth/oidc/callback ``` -------------------------------- ### Enable Ingress with TLS for Schautrack Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Configure Ingress to expose Schautrack with TLS termination. This example specifies the Nginx class, annotations for cert-manager, and TLS settings including the secret name and hosts. ```yaml ingress: enabled: true className: nginx annotations: cert-manager.io/cluster-issuer: letsencrypt-prod hosts: - host: calories.example.com paths: - path: / pathType: Prefix tls: - secretName: schautrack-tls hosts: - calories.example.com ``` -------------------------------- ### Kubernetes Deployment with Helm Source: https://github.com/schaurian/schautrack/blob/main/README.md Deploy Schautrack to Kubernetes using the provided Helm chart. This includes adding the Helm repository, updating it, and installing the chart with custom configurations for session secrets and PostgreSQL passwords. ```bash helm repo add schautrack https://helm.schautrack.com helm repo update helm install schautrack schautrack/schautrack \ --set config.sessionSecret="$(openssl rand -base64 32)" \ --set postgresql.auth.password="$(openssl rand -base64 16)" ``` -------------------------------- ### Get and Format User Timezone in Go Source: https://github.com/schaurian/schautrack/blob/main/CLAUDE.md Retrieves the viewer's timezone for their own entries and formats timestamps accordingly. For linked users, it uses the creator's timezone. ```go // Get viewer's timezone (for your own entries) tz := getUserTimezone(r, user) // checks user.Timezone, then X-Timezone header/cookie // Format timestamps in viewer's timezone (own entries) timeStr := service.FormatTimeInTz(entry.CreatedAt, tz) // For linked users, entry times show in the CREATOR's timezone displayTz := targetUser.Timezone // or "UTC" if nil ``` -------------------------------- ### External Secrets Operator configuration for Schautrack Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Example configuration for the External Secrets Operator to sync secrets from a remote store (like Vault) into a Kubernetes Secret named `my-schautrack-secrets`, which Schautrack can then reference. ```yaml apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret metadata: name: schautrack-secrets spec: secretStoreRef: name: vault-backend kind: ClusterSecretStore target: name: my-schautrack-secrets data: - secretKey: DATABASE_URL remoteRef: key: schautrack/database property: url - secretKey: SESSION_SECRET remoteRef: key: schautrack/session property: secret # ... additional keys as needed ``` -------------------------------- ### Go Build and Test Commands Source: https://github.com/schaurian/schautrack/blob/main/CLAUDE.md Commands for building the Go server and running tests. Ensure you are in the project's root directory. ```bash go build ./cmd/server/ ``` ```bash go test ./... ``` -------------------------------- ### Configure OpenAI, Claude, or Ollama AI Provider Source: https://github.com/schaurian/schautrack/blob/main/README.md Set the AI provider and model for photo-based nutrition estimation. Ensure Ollama models are downloaded beforehand. ```env AI_PROVIDER=openai AI_MODEL=gpt-4o AI_KEY=sk-... AI_ENDPOINT= AI_KEY_ENCRYPTION_SECRET=... AI_DAILY_LIMIT=10 ``` ```env AI_PROVIDER=claude AI_MODEL=claude-sonnet-4-5-20250929 AI_KEY=sk-... AI_ENDPOINT= AI_KEY_ENCRYPTION_SECRET=... AI_DAILY_LIMIT=10 ``` ```env AI_PROVIDER=ollama AI_MODEL=gemma3:12b AI_ENDPOINT=http://your-ollama-host:11434/v1 AI_KEY_ENCRYPTION_SECRET=... AI_DAILY_LIMIT=10 ``` -------------------------------- ### Schautrack Project Structure Source: https://github.com/schaurian/schautrack/blob/main/CLAUDE.md Overview of the Schautrack project's directory structure, detailing frontend (React) and backend (Go) components, configuration, and static assets. ```tree schautrack/ ├── client/ # React 19 SPA (Vite + TypeScript) │ ├── src/ │ │ ├── api/ # API client layer (fetch wrappers) │ │ ├── components/ # Shared components (Layout, ui) │ │ ├── pages/ # Page components (Dashboard, Settings, etc.) │ │ ├── hooks/ # Custom hooks (useAuth, useSSE) │ │ ├── stores/ # Zustand stores (auth, dashboard) │ │ ├── types/ # TypeScript types │ │ ├── lib/ # Shared utilities (macros, mathParser) │ │ ├── styles/ # CSS variables and global styles │ │ ├── App.tsx │ │ ├── router.tsx │ │ └── main.tsx │ ├── package.json │ ├── vite.config.ts │ └── tsconfig.json ├── cmd/server/ # Go entry point │ └── main.go # Server startup, routing, graceful shutdown ├── internal/ # Go backend (JSON API only) │ ├── config/ # Environment variable parsing │ ├── database/ # Pool, migrations, settings cache │ ├── model/ # Data models (User, Entry, etc.) │ ├── session/ # PostgreSQL session store, CSRF │ ├── middleware/ # Auth, rate limiting, security headers, timezone │ ├── handler/ # HTTP handlers (auth, entries, settings, etc.) │ ├── service/ # Business logic (macros, math parser, AI, email, etc.) │ └── sse/ # Server-Sent Events broker ├── public/ # Static assets (logo, favicons) ├── db/ │ └── init.sql # Database schema ├── Dockerfile # 3-stage build (client, Go binary, Alpine) ├── compose.yml # Production Docker Compose ├── compose.dev.yml # Local development setup ├── go.mod └── go.sum ``` -------------------------------- ### Configure Security Settings Source: https://github.com/schaurian/schautrack/blob/main/README.md Adjust security parameters like trusting reverse proxy headers, rate limiting for authentication attempts, and the time-to-live for step-up authentication. ```env TRUST_PROXY=true RATE_LIMIT_AUTH=10 STEP_UP_TTL=30m ``` -------------------------------- ### Run Go Tests Source: https://github.com/schaurian/schautrack/blob/main/CLAUDE.md Execute all tests within the Go project. This command is crucial for verifying new or changed functionality and is also run by the CI pipeline. ```bash go test ./... ``` -------------------------------- ### Configure SMTP for Password Resets Source: https://github.com/schaurian/schautrack/blob/main/README.md Set up SMTP server details for sending password reset emails. Ensure all required fields are populated. ```env SMTP_HOST=smtp.example.com SMTP_PORT=587 SMTP_USER=user@example.com SMTP_PASS=your_password SMTP_FROM=noreply@example.com SMTP_SECURE=true ``` -------------------------------- ### Configure Passkeys for Passwordless Login Source: https://github.com/schaurian/schautrack/blob/main/README.md Enable WebAuthn-based passwordless login by setting the Relying Party ID. Customize display name and allowed origins if needed. ```env PASSKEYS_RP_ID=schautrack.com PASSKEYS_RP_NAME=Schautrack PASSKEYS_RP_ORIGINS=https://schautrack.com,https://www.schautrack.com ``` -------------------------------- ### Configure Schautrack with an external database Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Disable the bundled PostgreSQL by setting `postgresql.enabled` to `false` and provide the connection string for an external database using `externalDatabase.url`. ```yaml postgresql: enabled: false externalDatabase: url: "postgres://user:password@host:5432/schautrack" ``` -------------------------------- ### Enable AI features in Schautrack Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Configure Schautrack to use AI-powered nutrition estimation. Specify the AI provider (e.g., `openai`, `claude`, `ollama`), API key, model, and optionally a key encryption secret and daily limit. ```yaml ai: provider: openai # or: claude, ollama key: "sk-..." model: "gpt-4o" keyEncryptionSecret: "" # Generate with: openssl rand -hex 32 dailyLimit: 10 # Per-user limit when using global key ``` -------------------------------- ### Enable SMTP for password reset in Schautrack Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Configure SMTP settings for Schautrack to enable features like password resets. Provide the SMTP host, port, username, password, sender address, and security settings. ```yaml smtp: host: smtp.example.com port: 587 user: noreply@example.com pass: "your-password" from: "Schautrack " secure: false ``` -------------------------------- ### Configure Schautrack with an existing secret Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Specify an existing Kubernetes Secret to manage sensitive values like database credentials and session secrets, instead of letting the chart create them. This is recommended for production environments using secret management tools. ```yaml existingSecret: "my-schautrack-secrets" # These values are ignored when existingSecret is set: # config.sessionSecret, smtp.user, smtp.pass, ai.key, ai.keyEncryptionSecret, # postgresql.auth.password, externalDatabase.url ``` -------------------------------- ### Uninstall Schautrack Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Remove the Schautrack Helm release from the Kubernetes cluster. ```bash helm uninstall schautrack ``` -------------------------------- ### Git Merge Staging to Main Source: https://github.com/schaurian/schautrack/blob/main/CLAUDE.md Merges the 'staging' branch into the 'main' branch for deployment. This command should be used after verifying the staging environment. ```bash git checkout main && git merge staging --no-edit && git push origin main ``` -------------------------------- ### Go Health Check Endpoint Source: https://github.com/schaurian/schautrack/blob/main/CLAUDE.md Defines the `/api/health` endpoint for Go applications, used for Kubernetes liveness and readiness probes. It checks database connectivity and returns application information or a service unavailable status. ```go GET /api/health ``` -------------------------------- ### Delete Persistent Volume Claims Source: https://github.com/schaurian/schautrack/blob/main/helm/schautrack/README.md Manually delete Persistent Volume Claims (PVCs) associated with the Schautrack instance to remove all persistent data. This is a separate step after `helm uninstall`. ```bash kubectl delete pvc -l app.kubernetes.io/instance=schautrack ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.