Upload files to "/"

Legals

.gitignore

@@ -0,0 +1,2 @@
+# Mac OS system files
+.DS_Store

meetings/ 20250416.md

@@ -0,0 +1,5 @@
+[design]
+
+- To change up the colors / test it out with black purple white and see how that goes
+- On user login, checks if it's a new user or not, if yes, popup appears to to ask user if this npub is a normal user/consumer or producer (this would affect how their profile page works, and a product cannot review any other product / they can just publish product)
+- There's two profiles, one user and one producer

meetings/20250319.md

@@ -0,0 +1,4 @@
+
+- reviewed tasting menu.
+- when creating tasting notes, they shouldn't be saved immediately, but rather saved as a draft
+- need option to skip to comments

meetings/20250326.md

@@ -0,0 +1,3 @@
+- Use MongoDB instead of Cassandra.
+- Add precommit hook checking licenses of the third-party libraries.
+- Add CI/CD step to double-check licenses of the third-party libraries.

meetings/20250409.md

@@ -0,0 +1,11 @@
+[design]
+
+- Edit the design of of initial search in hero section in the landing page (remove search bard, and all selections: product, type, style, characteristic, location (this one specifically has filter checkboxes in its popup) [search button]), popups remain.
+- don't change navigation bar
+- round corners where seemed appropriate, like buttons and maybe tags
+- add / change review submission to include a lengthy selection process, and present it
+- - to also have a summary design of total reviews (excluding text reviews of course)
+- reply system/style is similar to deg mods (popup depth system)
+- remove "Seller Name's Latest Products" section
+- Add "Product Details" or "Details" tab (last tab) after reviews/comments
+- Publishing a review costs money, replying (normal commenting/replying) to review doesn't (free), and commenting is also free

meetings/20250423.md

@@ -0,0 +1,8 @@
+# Product
+
+- `Producer` can modify product only during 24 hours after submition.
+- `Producer` can delete product at any time.
+
+# Review
+
+- `Reviwer` can modify review only during 24 hours after submition.

schema.md

@@ -0,0 +1,155 @@
+## Database Schema:
+
+preferably using Cassandra: A distributed NoSQL database
+
+1. **Events** (Nostr protocol's core data structure):
+
+- `id` (unique identifier)
+- `pubkey` (public key of the event creator)
+- `created_at` (timestamp)
+- `kind` (event type, e.g., review, article, comment)
+- `tags` (array of keywords or hashtags)
+- `content` (text content of the event)
+
+This duplicates the relay, so should only be relevant kinds (eg nominated Review kind)
+
+2. **User Reviews**:
+
+- `event_id` (foreign key referencing the Events table)
+- `product_id` (unique identifier for the product)
+- `rating` (numerical rating, e.g., 1-100)
+- `review_text` (text content of the review)
+- `tasting_notes` (array of tasting notes, e.g., flavors, aromas)
+
+3. **Wines**:
+
+- `product_id` (uuid)
+- `wine_id` ( type/style/characteristic, EAN/UPC, sku)
+- `type` (white, amber, rose, red)
+- `style` (bubbles+fizz, table, dessert, fortified, vermouth)
+- `characteristic` (light aromatic, textural, fruit forward, structural & savoury, powerful)
+- `country`
+- `region` (appellation, village, sub-region, vineyard)
+- `name` (label)
+- `producer`
+- `varietal` (if more than one, listl as 'blend')
+- `vintage` (year, nv, mv)
+- `alcohol`
+- `standard drinks` (Australia)
+- `viticulture` (biodynamic, organic, conventional)
+- `sulfites` (parts per million)
+- `filtration`
+- `vegan`
+- `kosher`
+- `closure` (cork, crown-seal, screwcap)
+- `price` (NIP-89, NIP-99)
+- `image` (optional image URL)cellar.social
+- `description` (detailed description of the product)
+- `url` (e.g. producer's website)
+- `availability` (in stock, out of stock, discontinued)
+
+4. **Sake**:
+
+- `product_id` (uuid)
+- `sake_id` (designation, polish rate, starter, yeast, EAN/UPC, sku )
+- `country`
+- `region`
+- `name` (label)
+- `producer`
+- `designation` (table, pure, blended, mirin: new/true/salt)
+- `polish rate` (%)
+- `starter` (koji)
+- `yeast strain`
+- `alcohol`
+- `standard drinks` (Australia)
+- `vintage` (year, nv, mv)
+- `price` (NIP-89, NIP-99)
+- `image` (optional image URL)
+- `description` (detailed description of the product)
+- `url` (e.g. producer's website)
+- `availability` (in stock, out of stock, discontinued)
+
+5. **Spirits**:
+
+- `product_id` (uuid)
+- `spirit_id` (EAN/UPC, sku)
+- `country`
+- `region`
+- `name` (label)
+- `producer`
+- `type`(white, dark, liqueurs)
+- `variant`(vodka, rum, liqueur cream, etc)
+- `flavouring/ingredients`
+- `alcohol`
+- `standard drinks` (Australia)
+- `vintage` (year, VS/VSOP/XO, age statement)
+- `price` (NIP-89, NIP-99)
+- `image` (optional image URL)
+- `description` (detailed description of the product)
+- `url` (e.g. producer's website)
+- `availability` (in stock, out of stock, discontinued)
+
+6. **Coffee**:
+
+- `coffee_id` (unique identifier)
+- `country`
+- `region`
+- `origin`
+- `variety`
+- `processing` (type: de-caff/honey/semi-dry/swiss water/sundried/washed)
+- `producer` (roaster)
+- `roast`
+- `price` (g/kg/ton, NIP-89, NIP-99)
+- `image` (optional image URL)cellar.social
+- `description` (detailed description of the product)
+- `url` (e.g. producer's website)
+- `availability` (in stock, out of stock, discontinued)
+
+7. **Articles**:
+
+- `event_id` (foreign key referencing the Events table)
+- `title`
+- `content` (text content of the article)
+- `author` (public key of the author)
+- `tags` (array of keywords or hashtags)
+
+8. **Comments**:
+
+- `event_id` (foreign key referencing the Events table)
+- `parent_event_id` (foreign key referencing the Events table)
+- `content` (text content of the comment)
+
+## Frontend Schema:
+
+1. **Review Page**:
+
+- Display details (name, producer, region, varietal, vintage)
+- Display review text and rating
+- Display tasting notes
+- Allow users to create new reviews and comments
+
+2. **Article Page**:
+
+- Display article title and content
+- Display author information (public key, profile picture)
+- Allow users to create new comments
+
+3. **Wine List Page**:
+
+- Display a list of wines with basic information (name, producer, region)
+- Allow users to filter by region, varietal, or vintage
+- Allow users to create new wine reviews
+
+4. **Tag Page**:
+
+- Display a list of events (reviews, articles, comments) associated with a particular tag
+- Allow users to create new events with the same tag
+
+## Nostr Protocol Integration:
+
+1. Use a Nostr client library to connect to the Nostr network and retrieve events.
+2. Use the `pubkey` field to authenticate users and authorize actions (e.g., creating new reviews
+   or comments).
+3. Use the `created_at` field to display events in chronological order.
+4. Use the `kind` field to determine the type of event and render it accordingly (e.g., review,
+   article, comment).cellar.social

server-configuration/staging.md

@@ -0,0 +1,236 @@
+# Server configuration of the staging server
+
+Staging server has `51.161.134.20` IP address and `staging.cellar.social` DNS record associated with it.
+
+`otto` user has sudo rights at staging server, all operations that require sudo rights will be performed under this user.
+
+## Fail2ban
+
+Install `fail2ban` to scan the log files for too many failed login attempts and block the IP address which is showing malicious signs.
+
+```bash
+sudo apt-get install fail2ban
+```
+
+## Nginx
+
+Under `otto` user:
+
+```bash
+# Update packages
+sudo apt update
+
+# Install Nginx
+sudo apt install nginx
+
+# List the application configurations that ufw knows how to work with
+sudo ufw app list
+
+# Activate firewall
+sudo ufw enable
+
+# Allow ssh connections
+sudo ufw allow 'OpenSSH'
+
+# Allow HTTPS traffic
+sudo ufw allow 'Nginx HTTPS'
+
+# Allow HTTP traffic (HTTP traffic should be allowed to equire SSL certificate and will be disabled later)
+sudo ufw allow 'Nginx HTTP'
+
+# Check ufw status
+sudo ufw status
+
+# Check Nginx status
+systemctl status nginx
+
+# Create the directory for `api` domain
+sudo mkdir -p /var/www/api/html
+
+# Assign ownership of the directory to the `api` user
+sudo chown -R api:api /var/www/api/html
+
+# Adjust permissions
+sudo chmod -R 755 /var/www/api
+
+# Install certbot
+sudo apt install certbot python3-certbot-nginx
+
+# Fetch a certificate from Let's Encrypt and follow the prompts
+sudo certbot --nginx -d staging.cellar.social
+
+# Verify that certificate renewal is on
+sudo systemctl status certbot.timer
+
+# Create a configuration file for api subdomain
+sudo nano /etc/nginx/sites-available/api
+```
+
+Paste into `/etc/nginx/sites-available/api`:
+
+```bash
+server {
+    listen 80;
+    listen [::]:80;
+
+    root /var/www/html;
+    index index.html index.htm index.nginx-debian.html;
+
+    # Put your domain name here
+    server_name staging.cellar.social;
+
+    # Needed for Let's Encrypt verification
+    location ~ /.well-known/acme-challenge {
+	    allow all;
+    }
+
+    # Force HTTP to HTTPS
+    location / {
+	    return 301 https://$http_host$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl http2;
+
+    ssl on;
+
+    # SSL certificate by Let's Encrypt in this Nginx
+    ssl_certificate      /etc/letsencrypt/live/staging.cellar.social/fullchain.pem;
+    ssl_certificate_key  /etc/letsencrypt/live/staging.cellar.social/privkey.pem;
+
+    # root /var/www/html;
+    # index index.html index.htm index.nginx-debian.html;
+
+    # domain name here
+    server_name staging.cellar.social;
+
+    location /api/ {
+	proxy_pass http://127.0.0.1:3000/;
+
+	proxy_set_header Host $http_host;
+	proxy_set_header X-Forwarded-Proto $scheme;
+	proxy_set_header X-Real-IP $remote_addr;
+	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+	proxy_set_header Upgrade $http_upgrade;
+    }
+
+    # Needed for Let's Encrypt verification
+    location ~ /.well-known/acme-challenge {
+	allow all;
+    }
+}
+```
+
+Next:
+
+```bash
+# Enable the file by creating a link from it to the sites-enabled directory, which Nginx reads from during startup
+sudo ln -s /etc/nginx/sites-available/api /etc/nginx/sites-enabled/
+
+# Restart Nginx
+sudo systemctl restart nginx
+
+# Check Nginx status
+systemctl status nginx
+
+# Check firewall status
+sudo ufw status
+
+# Deny HTTP traffic
+sudo ufw deny 'Nginx HTTP'
+
+# Check firewall status
+sudo ufw status
+```
+
+## Install Node and NPM
+
+```bash
+# Update packages
+sudo apt update
+
+# Install nvm (node version manager)
+curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh | bash
+
+# Install Node v20
+nvm install 20.12.2
+
+# Set 20.12.2 as a default version of Node
+nvm alias default 20.12.2
+
+# Use default Node version
+nvm use default
+```
+
+## API user
+
+`api` user doesn't have sudo rights and will be used to run `cellar-api` and all related processes.
+
+Under `otto` user:
+
+```bash
+# Create api user
+sudo adduser api
+
+# Switch to api user
+su api
+```
+
+Under `api` user:
+
+```bash
+# Generate SSH keys.
+# These keys will be used by CI/CD pipeline.
+ssh-keygen
+
+# Change to ssh directory
+cd .ssh/
+
+# Create authorized_keys file
+touch authorized_keys
+
+# Copy public key from `id_ed25519.pub` and paste into `authorized_keys` file
+# Private key is stored in SSH_STAGING_PRIVATE_KEY variable of the CI/CD pipeline.
+
+# Install PM2 package globally
+npm i -g pm2
+
+# Clone cellar/cs-backend repository
+git clone ssh://git@git.nostrdev.com:29418/cellar/cs-backend.git
+
+# Change to cs-backend directory
+cd cs-backend
+
+# Install dependencies
+npm ci
+
+# Build API app
+npm run build
+
+# Start API app
+npm run start
+
+# Verify that cellar-api process is running
+pm2 list
+```
+
+## Docker
+
+Under `otto` user:
+
+```bash
+# Install docker
+curl -fsSL https://get.docker.com | sudo sh
+
+# Add api user to the docker group so it can run docker without sudo rights
+sudo usermod -aG docker api
+```
+
+Under `api` user:
+
+```bash
+# Log in to docker group to avoid to log out and log in again
+newgrp docker
+```

technical-design.md

@@ -0,0 +1,116 @@
+# Cellar Social Technical Design
+
+## Description
+
+Cellar Social is a platform where admirers of international wine, sake, spirits and coffee can review, discuss, and order it.
+
+## Key Features
+
+Cellar Social will provide the following capabilities:
+
+- Login using Nostr identity.
+- View products.
+- Leave product review.
+  - Evaluate multiple properties of the product.
+  - Provide a description.
+  - Upload media files.
+- View product review.
+  - Leave a comment.
+  - Zap a review or a comment.
+- Visit the product producer page.
+  - Leave a comment.
+  - Zap a producer or a comment.
+- Order the product.
+- Engage with product related community.
+- Provide NIP-05 names.
+- View and sign up to in-person events.
+
+## Design
+
+Cellar Social consists of the backend and frontend apps supported by the database and the relay.
+
+All hosted services will be containerised and deployed to the linux ([Ubuntu](https://ubuntu.com/)) server and traffic routing will be managed by [Nginx](https://nginx.org/). The entire server should be backed up (at the host level) daily.
+
+Cellar Social will also use an external service ([nostr.build](http://nostr.build/)) for media hosting to avoid inappropriate data.
+
+![Alt text](./technical-design-assets/technical-design.svg)
+
+Website - [frontend app](#frontend)
+
+`API` - [API app](#api-app)
+
+`DB` - [database](#database)
+
+`APP Relay` - [relay](#relay)
+
+`Media Server` - [media server](#media-server)
+
+`NIP-05` - NIP-05 name register
+
+`Npub Whitelist` - collection of whitelisted Npubs
+
+`Nostr Communication Platform` - flotilla.social is planned to be used as a communication platform over Nostr
+
+`Shopstr Marketplace` - shopstr.store is planned to be used as a Nostr marketplace
+
+### Frontend
+
+The frontend app (`Website`) is a web application that users will be able to use by visiting a URL via browser (browsers list is not defined at the moment). The app will be built using the following technologies:
+
+- [TypeScript](https://www.typescriptlang.org/)
+- [React](https://react.dev/)
+- [Nostr Login](https://github.com/nostrband/nostr-login) (authentication)
+
+HTTP requests to Cellar Social API should include Nostr signatures to conform to [NIP-98](https://github.com/nostr-protocol/nips/blob/master/98.md). The `API` app will be able to validate and authorize requests based on `Authorization` header.
+
+Frontend app will use websocket connections to the `APP Relay` to read/write appropriate data.
+
+Frontend app should let users register [NIP-05](https://github.com/nostr-protocol/nips/blob/master/05.md) names and manage users' metadata.
+
+### Backend
+
+The backend includes API app and Database.
+
+#### API App
+
+The backend app (`API`) is a RESTful API that can be used via HTTP requests. It will be built using the following technologies:
+
+- [TypeScript](https://www.typescriptlang.org/)
+- [Node.js](https://nodejs.org/en)
+- [Express.js](https://expressjs.com/)
+
+HTTP requests to the backend app should include Nostr signatures, so the app will be able to validate it and provide the response.
+
+The backend app will have access to the database and will perform CRUD (create/read/update/delete) operations.
+
+The backend app will also manage Npub whitelisting that `APP Relay` will use.
+
+#### Database
+
+[MongoDB Community Edition](https://www.mongodb.com/products/self-managed/community-edition) will be used as a NoSQL database (`DB`) to persist business data. Only the backend app will have access to the database.
+
+The following tables are planned in the database:
+
+- Users
+- Coffee
+- Sake
+- Spirits
+- Wine
+- Reviews
+- NostrEvents
+
+Database will be backed up daily during daily server backup.
+
+### Relay
+
+[strfry](https://github.com/hoytech/strfry) (`APP Relay`) will be used for Nostr events.
+
+Npub whitelisting has to be enabled for strict relay access. An example of JavaScript function that can be used for whitelisting can be found here.
+
+`APP Relay` will be available for communication at flotilla.social (users' npubs will be taken into account).
+
+Multiple Shopstr instances will use the `APP Relay` to read and write data. Each Shopstr instance will have a dedicated subdomain at Cellar Social.
+
+### Media Server
+
+[nostr.build](https://nostr.build/) will be used as a media server. It is used because of their excellent service and safety protections. Users can make use of their existing nostr.build subscriptions when they upload content. More info can be found [here](https://nostr.build/features/).