51 lines
1.6 KiB
TypeScript
51 lines
1.6 KiB
TypeScript
import './tracing.js';
|
|
import 'reflect-metadata';
|
|
import { NestFactory } from '@nestjs/core';
|
|
import { Logger, ValidationPipe } from '@nestjs/common';
|
|
import { FastifyAdapter, type NestFastifyApplication } from '@nestjs/platform-fastify';
|
|
import helmet from '@fastify/helmet';
|
|
import { AppModule } from './app.module.js';
|
|
import { mountAuthHandler } from './auth/auth.controller.js';
|
|
|
|
async function bootstrap(): Promise<void> {
|
|
if (!process.env['BETTER_AUTH_SECRET']) {
|
|
throw new Error('BETTER_AUTH_SECRET is required');
|
|
}
|
|
|
|
if (
|
|
process.env['AUTHENTIK_CLIENT_ID'] &&
|
|
(!process.env['AUTHENTIK_CLIENT_SECRET'] || !process.env['AUTHENTIK_ISSUER'])
|
|
) {
|
|
console.warn(
|
|
'[warn] AUTHENTIK_CLIENT_ID is set but AUTHENTIK_CLIENT_SECRET or AUTHENTIK_ISSUER is missing — Authentik SSO will not work',
|
|
);
|
|
}
|
|
|
|
const logger = new Logger('Bootstrap');
|
|
const app = await NestFactory.create<NestFastifyApplication>(
|
|
AppModule,
|
|
new FastifyAdapter({ bodyLimit: 1_048_576 }),
|
|
);
|
|
|
|
await app.register(helmet as never, { contentSecurityPolicy: false });
|
|
app.useGlobalPipes(
|
|
new ValidationPipe({
|
|
whitelist: true,
|
|
forbidNonWhitelisted: true,
|
|
transform: true,
|
|
}),
|
|
);
|
|
|
|
mountAuthHandler(app);
|
|
|
|
const port = Number(process.env['GATEWAY_PORT'] ?? 4000);
|
|
await app.listen(port, '0.0.0.0');
|
|
logger.log(`Gateway listening on port ${port}`);
|
|
}
|
|
|
|
bootstrap().catch((err: unknown) => {
|
|
const logger = new Logger('Bootstrap');
|
|
logger.error('Fatal startup error', err instanceof Error ? err.stack : String(err));
|
|
process.exit(1);
|
|
});
|