This document describes the current 1proxy infrastructure and the local development equivalent.
| Component | Provider | Notes |
|---|---|---|
| Frontend | GitHub Pages | Static Next.js export under /1proxy |
| Backend | Railway | FastAPI app, background scraper/validator workers, health check at /health |
| Database | Supabase Postgres | SQLAlchemy async connection through Railway DATABASE_URL |
| Cache | Redis-compatible URL, optional | Used when REDIS_URL is configured |
graph TD
User[Users] --> FE[GitHub Pages Frontend]
FE --> API[Railway FastAPI Backend]
API --> DB[(Supabase Postgres)]
API --> Workers[Background Scraper and Validator]
Workers --> DB
Backend:
cd 1proxy-backend
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
cp .env.example .env
alembic upgrade head
uvicorn app.main:app --reloadFrontend:
cd 1proxy-frontend
npm install
npm run devDocker Compose remains useful for local smoke testing with Redis:
docker-compose upBackend variables are documented in ../.env.example, ../1proxy-backend/.env.example, and deployment.md.
Key production variables:
DATABASE_URL: Supabase Postgres URL in SQLAlchemy async format.SECRET_KEY: Random JWT signing key.API_URL: Railway backend public URL.FRONTEND_URL: GitHub Pages/custom frontend URL.FRONTEND_BASE_PATH:/1proxyfor the current GitHub Pages deployment.- OAuth provider credentials: stored only in Railway variables.
- Backend health:
GET /health. - API docs:
/docson the Railway backend. - Metrics:
/metricson the backend. - Migrations: Railway container runs
alembic upgrade headbefore Uvicorn.
- Never commit
.envfiles or provider credentials. - Never expose Supabase service-role JWTs to the frontend.
- Use Supabase database connection strings only in Railway
DATABASE_URL. - Rotate any token pasted into chat, logs, issues, screenshots, or commits.
- Keep OAuth callback URLs pointed at the Railway backend.
See deployment.md for the detailed deployment and rotation checklist.