Add postgate client

Author: max-lt

.vscode/settings.json

@@ -1,3 +1,3 @@
 {
-  "cSpell.words": ["buildx", "croner", "healthcheck", "openworkers"]
+  "cSpell.words": ["buildx", "croner", "healthcheck", "openworkers", "postgate", "timestamptz"]
 }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "openworkers-api",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "license": "MIT",
   "module": "src/index.ts",
   "type": "module",

scripts/generate-types.ts

@@ -36,6 +36,13 @@ import {
   WorkerLanguageSchema
 } from '../src/types/schemas/worker.schema';
 
+import {
+  DatabaseSchema,
+  DatabaseCreateInputSchema,
+  DatabaseRulesSchema,
+  SqlOperationSchema
+} from '../src/types/schemas/database.schema';
+
 // Schema definitions to generate
 const schemas = [
   // Base schemas
@@ -72,7 +79,13 @@ const schemas = [
   { schema: WorkerSchema, name: 'Worker' },
   { schema: WorkerCreateInputSchema, name: 'WorkerCreateInput' },
   { schema: WorkerUpdateInputSchema, name: 'WorkerUpdateInput' },
-  { schema: WorkerLanguageSchema, name: 'WorkerLanguage' }
+  { schema: WorkerLanguageSchema, name: 'WorkerLanguage' },
+
+  // Database
+  { schema: DatabaseSchema, name: 'Database' },
+  { schema: DatabaseCreateInputSchema, name: 'DatabaseCreateInput' },
+  { schema: DatabaseRulesSchema, name: 'DatabaseRules' },
+  { schema: SqlOperationSchema, name: 'SqlOperation' }
 ];
 
 async function generateTypes() {

src/config/index.ts

@@ -1,5 +1,8 @@
 import { z } from 'zod';
 
+// UUID-like pattern (less strict than RFC 4122)
+const uuidLike = z.string().regex(/^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$/, 'Invalid UUID format');
+
 // Environment schema
 const EnvironmentSchema = z.enum(['development', 'staging', 'production', 'test']);
 
@@ -11,15 +14,6 @@ const ConfigSchema = z.object({
   // Server
   port: z.coerce.number().int().positive().default(7000),
 
-  // Database (Postgres)
-  database: z.object({
-    host: z.string().default('localhost'),
-    port: z.coerce.number().int().positive().default(5432),
-    user: z.string().default('postgres'),
-    password: z.string().default('password'),
-    name: z.string().default('openworkers')
-  }),
-
   // JWT
   jwt: z.object({
     access: z.object({
@@ -36,6 +30,16 @@ const ConfigSchema = z.object({
   github: z.object({
     clientId: z.string().optional(),
     clientSecret: z.string().optional()
+  }),
+
+  // Postgate (SQL proxy)
+  postgate: z.object({
+    url: z.string().url().default('http://localhost:6080'),
+    // Admin database (tenant management functions) - mode schema on public
+    adminDatabaseId: uuidLike.default('00000000-0000-0000-0000-000000000000'),
+    // OpenWorkers database (API data) - mode dedicated
+    openworkersDatabaseId: uuidLike,
+    jwtSecret: z.string().min(32, 'POSTGATE_JWT_SECRET must be at least 32 characters')
   })
 });
 
@@ -48,13 +52,6 @@ function loadConfig(): Config {
   const rawConfig = {
     nodeEnv: process.env.NODE_ENV,
     port: process.env.PORT,
-    database: {
-      host: process.env.POSTGRES_HOST,
-      port: process.env.POSTGRES_PORT,
-      user: process.env.POSTGRES_USER,
-      password: process.env.POSTGRES_PASSWORD,
-      name: process.env.POSTGRES_DB
-    },
     jwt: {
       access: {
         secret: process.env.JWT_ACCESS_SECRET,
@@ -68,33 +65,34 @@ function loadConfig(): Config {
     github: {
       clientId: process.env.GITHUB_CLIENT_ID,
       clientSecret: process.env.GITHUB_CLIENT_SECRET
+    },
+    postgate: {
+      url: process.env.POSTGATE_URL,
+      adminDatabaseId: process.env.POSTGATE_ADMIN_DATABASE_ID,
+      openworkersDatabaseId: process.env.POSTGATE_OPENWORKERS_DATABASE_ID,
+      jwtSecret: process.env.POSTGATE_JWT_SECRET
     }
   };
 
   try {
     const config = ConfigSchema.parse(rawConfig);
 
-    // Sanity check: test database should end with "test"
-    if (config.nodeEnv === 'test' && !config.database.name.endsWith('test')) {
-      throw new Error(`Database name should end with "test" in test mode, got "${config.database.name}"`);
-    }
-
     // Log configuration status
     if (config.nodeEnv === 'development') {
-      console.log('🔧 Running in DEVELOPMENT mode');
+      console.log('Running in DEVELOPMENT mode');
     } else if (config.nodeEnv === 'production') {
-      console.log('🚀 Running in PRODUCTION mode');
+      console.log('Running in PRODUCTION mode');
     }
 
     // Warn about missing GitHub OAuth
     if (!config.github.clientId || !config.github.clientSecret) {
-      console.warn('⚠️  GitHub OAuth not configured (GITHUB_CLIENT_ID/GITHUB_CLIENT_SECRET missing)');
+      console.warn('GitHub OAuth not configured (GITHUB_CLIENT_ID/GITHUB_CLIENT_SECRET missing)');
     }
 
     return config;
   } catch (error) {
     if (error instanceof z.ZodError) {
-      console.error('❌ Configuration validation failed:');
+      console.error('Configuration validation failed:');
       error.issues.forEach((err) => {
         console.error(`  - ${err.path.join('.')}: ${err.message}`);
       });
@@ -104,8 +102,10 @@ function loadConfig(): Config {
   }
 }
 
+console.log('Loading configuration...', process.env.POSTGATE_OPENWORKERS_DATABASE_ID);
+
 // Export singleton config instance
 export const config = loadConfig();
 
 // Export individual sections for convenience
-export const { nodeEnv, port, database, jwt, github } = config;
+export const { nodeEnv, port, jwt, github, postgate } = config;

src/index.ts

@@ -8,6 +8,7 @@ import workers from './routes/workers';
 import crons from './routes/crons';
 import environments from './routes/environments';
 import domains from './routes/domains';
+import databases from './routes/databases';
 import pkg from '../package.json';
 
 export const app = new Hono();
@@ -41,8 +42,8 @@ v1.route('/workers', workers);
 v1.route('/crons', crons);
 v1.route('/environments', environments);
 v1.route('/domains', domains);
+v1.route('/databases', databases);
 v1.route('/', users);
-// TODO: Add more routes
 
 app.route('/api/v1', v1);
 

src/routes/databases.ts

@@ -0,0 +1,82 @@
+import { Hono } from 'hono';
+import { databasesService } from '../services/databases';
+import { DatabaseSchema, DatabaseCreateInputSchema } from '../types';
+import { jsonResponse, jsonArrayResponse } from '../utils/validate';
+
+const databases = new Hono();
+
+// GET /databases - List all databases for current user
+databases.get('/', async (c) => {
+  const userId = c.get('userId');
+
+  try {
+    const dbs = await databasesService.findAll(userId);
+    return jsonArrayResponse(c, DatabaseSchema, dbs);
+  } catch (error) {
+    console.error('Failed to fetch databases:', error);
+    return c.json({ error: 'Failed to fetch databases' }, 500);
+  }
+});
+
+// GET /databases/:id - Get single database
+databases.get('/:id', async (c) => {
+  const userId = c.get('userId');
+  const id = c.req.param('id');
+
+  try {
+    const db = await databasesService.findById(userId, id);
+
+    if (!db) {
+      return c.json({ error: 'Database not found' }, 404);
+    }
+
+    return jsonResponse(c, DatabaseSchema, db);
+  } catch (error) {
+    console.error('Failed to fetch database:', error);
+    return c.json({ error: 'Failed to fetch database' }, 500);
+  }
+});
+
+// POST /databases - Create new database
+databases.post('/', async (c) => {
+  const userId = c.get('userId');
+  const body = await c.req.json();
+
+  try {
+    const payload = DatabaseCreateInputSchema.parse(body);
+
+    const db = await databasesService.create(userId, payload);
+
+    return jsonResponse(c, DatabaseSchema, db, 201);
+  } catch (error) {
+    console.error('Failed to create database:', error);
+    return c.json(
+      {
+        error: 'Failed to create database',
+        message: error instanceof Error ? error.message : 'Unknown error'
+      },
+      500
+    );
+  }
+});
+
+// DELETE /databases/:id - Delete database
+databases.delete('/:id', async (c) => {
+  const userId = c.get('userId');
+  const id = c.req.param('id');
+
+  try {
+    const deleted = await databasesService.delete(userId, id);
+
+    if (!deleted) {
+      return c.json({ error: 'Database not found' }, 404);
+    }
+
+    return c.json({ deleted: true });
+  } catch (error) {
+    console.error('Failed to delete database:', error);
+    return c.json({ error: 'Failed to delete database' }, 500);
+  }
+});
+
+export default databases;

src/services/databases.ts

@@ -0,0 +1,122 @@
+import { createAdminSqlClient } from './db/client';
+import * as db from './db/databases';
+import type { IDatabase, IDatabaseCreateInput } from '../types';
+
+// Admin SQL client for postgate database management
+const adminSql = createAdminSqlClient();
+
+interface PostgateDatabaseRow {
+  id: string;
+  name: string;
+  schema_name: string | null;
+}
+
+export class DatabasesService {
+  /**
+   * Create a new tenant database
+   * 1. Create entry in postgate_databases (via admin sql)
+   * 2. Create entry in openworkers databases table
+   */
+  async create(userId: string, input: IDatabaseCreateInput): Promise<IDatabase> {
+    const { name, allowed_operations, max_rows, timeout_seconds } = input;
+
+    // Generate schema name
+    const schemaName = `tenant_${userId.substring(0, 8)}_${name}`;
+
+    // Build rules JSON
+    const rules = {
+      allowed_operations: allowed_operations || ['SELECT', 'INSERT', 'UPDATE', 'DELETE'],
+      max_rows: max_rows || 1000,
+      timeout_seconds: timeout_seconds || 30
+    };
+
+    // Create in postgate
+    const postgateResult = await adminSql<PostgateDatabaseRow>(
+      `INSERT INTO postgate_databases (name, backend_type, schema_name, rules)
+      VALUES ($1, 'schema', $2, $3::jsonb)
+      RETURNING id, name, schema_name`,
+      [name, schemaName, JSON.stringify(rules)]
+    );
+
+    if (postgateResult.length === 0) {
+      throw new Error('Failed to create database in postgate');
+    }
+
+    const postgateDb = postgateResult[0]!;
+
+    // Create in openworkers
+    const owDb = await db.createDatabase(userId, name, postgateDb.id, postgateDb.schema_name);
+
+    return {
+      id: owDb.id,
+      name: owDb.name,
+      desc: null,
+      schemaName: owDb.schemaName ?? undefined,
+      createdAt: owDb.createdAt,
+      updatedAt: owDb.updatedAt
+    };
+  }
+
+  /**
+   * List all databases for a user
+   */
+  async findAll(userId: string): Promise<IDatabase[]> {
+    const rows = await db.findAllDatabases(userId);
+
+    return rows.map((row) => ({
+      id: row.id,
+      name: row.name,
+      desc: null,
+      schemaName: row.schemaName ?? undefined,
+      createdAt: row.createdAt,
+      updatedAt: row.updatedAt
+    }));
+  }
+
+  /**
+   * Get a specific database by ID
+   */
+  async findById(userId: string, id: string): Promise<IDatabase | null> {
+    const row = await db.findDatabaseById(userId, id);
+
+    if (!row) {
+      return null;
+    }
+
+    return {
+      id: row.id,
+      name: row.name,
+      desc: null,
+      schemaName: row.schemaName ?? undefined,
+      createdAt: row.createdAt,
+      updatedAt: row.updatedAt
+    };
+  }
+
+  /**
+   * Delete a database
+   * 1. Get openworkers db entry to find postgate_id
+   * 2. Delete from postgate
+   * 3. Delete from openworkers
+   */
+  async delete(userId: string, id: string): Promise<boolean> {
+    // Get openworkers entry
+    const owDb = await db.findDatabaseById(userId, id);
+    if (!owDb) {
+      return false;
+    }
+
+    // Delete from postgate
+    await adminSql(
+      `DELETE FROM postgate_databases WHERE id = $1::uuid`,
+      [owDb.postgateId]
+    );
+
+    // Delete from openworkers
+    const deleted = await db.deleteDatabase(userId, id);
+
+    return deleted > 0;
+  }
+}
+
+export const databasesService = new DatabasesService();

src/services/db/client.ts

@@ -1,13 +1,2 @@
-import { SQL } from 'bun';
-import { database } from '../../config';
-
-// Initialize DB connection
-export const sql = new SQL({
-  host: database.host,
-  port: database.port,
-  user: database.user,
-  password: database.password,
-  database: database.name,
-  adapter: 'postgres',
-  max: 10
-});
+// Re-export from sql-client
+export { sql, createSqlClient, createAdminSqlClient, type PostgateSqlClient, type SqlResult } from './sql-client';