Each registered user now has their own ActivityPub actor:
- Generate RSA keys per user on registration
- Webfinger resolves any registered user (@user@domain)
- Actor endpoints work for any registered user
- Each user has their own outbox (filtered activities)
- Activities signed with the publishing user's keys
- Objects attributed to the asset owner
Removed:
- ARTDAG_USER config (no longer single-actor)
- L1_SERVER config (comes with each request)
Added:
- /ui/users page listing all registered users
- user_exists() helper function
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add l1_server field to RecordRunRequest
- L2 fetches run data from the specified L1 URL instead of hardcoded config
- Store l1_server in provenance and metadata
- Remove ARTDAG_L1 config requirement from L2
- Update docker-stack.yml comments
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Move ARTDAG_DOMAIN, ARTDAG_USER, ARTDAG_L1, JWT_SECRET to .env
- Update docker-stack.yml L1 config to use env_file
- Add .env.example with all required variables
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add POST /registry/publish-cache for publishing cache items with metadata
- Requires origin (self or external URL) for publishing
- Add PATCH /registry/{name} for updating existing assets
- Update activities now created when assets are modified
- Ownership check ensures only asset owner can update
- Origin info included in ActivityPub objects (generator/source)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add authentication to /registry endpoint
- Add authentication to /registry/record-run endpoint
- Extract register logic to _register_asset_impl helper
- Store owner username in registered assets
- Use authenticated user for ActivityPub actor ID in activities
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Home page showing README and stats
- Login/register forms with HTMX
- Registry and activities pages
- Cookie-based auth for web UI
- JWT secret from Docker secrets (/run/secrets/jwt_secret)
- Updated README with secret generation instructions
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- POST /auth/register - create account
- POST /auth/login - get JWT token
- GET /auth/me - get current user
- POST /auth/verify - verify token (for L1)
- Password hashing with bcrypt
- 30-day JWT tokens
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- keys.py: Generate/load RSA-2048 keypairs, sign activities
- setup_keys.py: CLI to generate keys
- Real RsaSignature2017 signing (falls back to placeholder if no keys)
- Public key included in actor profile
- Private keys gitignored
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Dockerfile for L2 ActivityPub server
- docker-compose.yml for standalone L2
- docker-stack.yml for full swarm deployment (L1+L2+Redis)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Registry for owned assets
- ActivityPub endpoints (webfinger, actor, inbox, outbox)
- Create activities with signatures
- Record L1 runs as owned assets with provenance
- Federation support (followers, inbox)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
