Replaces per-member Nextcloud credentials with a BandStorage model that
supports multiple providers. Credentials are Fernet-encrypted at rest;
worker receives audio via an internal streaming endpoint instead of
direct storage access.
- Add BandStorage DB model with partial unique index (one active per band)
- Add migrations 0007 (create band_storage) and 0008 (drop old nc columns)
- Add StorageFactory that builds the correct StorageClient from BandStorage
- Add storage router: connect/nextcloud, OAuth2 authorize/callback, list, disconnect
- Add Fernet encryption helpers in security/encryption.py
- Rewrite watcher for per-band polling via internal API config endpoint
- Update worker to stream audio from API instead of accessing storage directly
- Update frontend: new storage API in bands.ts, rewritten StorageSection,
simplified band creation modal (no storage step)
- Add STORAGE_ENCRYPTION_KEY to all docker-compose files
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Store waveform peaks inline in audio_versions (JSONB columns) so WaveSurfer
can render the waveform immediately on page load without waiting for audio
decode. Adds a 100-point mini-waveform for version selector thumbnails.
Backend:
- Migration 0006: adds waveform_peaks and waveform_peaks_mini JSONB columns
- Worker generates both resolutions (500-pt full, 100-pt mini) during transcode
and stores them directly in DB — replaces file-based waveform_url approach
- AudioVersionRead schema exposes both fields inline (no extra HTTP round-trip)
- GET /versions/{id}/waveform reads from DB; adds ?resolution=mini support
Frontend:
- audioService.initialize() accepts peaks and calls ws.load(url, Float32Array)
so waveform renders instantly without audio decode
- useWaveform hook threads peaks option through to audioService
- PlayerPanel passes waveform_peaks from the active version to the hook
- New MiniWaveform SVG component (no WaveSurfer) renders mini peaks in the
version selector buttons
Fix: docker-compose.dev.yml now runs alembic upgrade head before starting
the API server, so a fresh volume gets the full schema automatically.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Changed web service port from 3001:80 to 3000:3000
- This matches the Vite development server port in the development target
- Fixes UI accessibility issue where Vite runs on port 3000 but was mapped to 3001
The issue was that docker-compose.dev.yml was using production port mapping
(3001:80 for nginx) but the development target uses Vite on port 3000.
Now the UI is accessible at http://localhost:3000 as expected.
- Fix docker-compose.dev.yml to use development targets instead of production
- Update dev:full task to properly build containers and start all services
- Add dev:clean task for environment cleanup
- Add dev:audio-debug task for focused audio debugging
- Enhance audio service with development mode detection and debugging
- Update DEV_SERVICES to include web service
These changes resolve issues with glitchy audio playback in development by:
1. Using proper development targets with hot reload
2. Ensuring proper build steps before starting services
3. Adding debugging capabilities for audio issues
4. Providing better development environment management
API: bake ENV PYTHONPATH=/app/src into the development Dockerfile stage
so it's available to uvicorn's WatchFiles reloader subprocess — relying
on compose env vars isn't reliable across process forks.
Web: replace ./web:/app bind mount (caused EACCES in Podman rootless due
to UID mismatch) with ./web/src:/app/src — this preserves the container's
package.json and node_modules while still giving Vite live access to
source files for HMR.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
uv sync runs before the source is present in the image, so the local
package install is broken. Set PYTHONPATH=/app/src so Python finds
rehearsalhub directly from the mounted source volume — same approach
the worker Dockerfile already uses.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- web/Dockerfile: add `development` stage that installs deps and runs
`vite dev --host 0.0.0.0`; source is mounted at runtime so edits
reflect immediately without rebuilding the image
- web/vite.config.ts: read proxy target from API_URL env var
(falls back to localhost:8000 for outside-compose usage)
- docker-compose.dev.yml: lightweight compose for development
- api uses existing `development` target (uvicorn --reload)
- web uses new `development` target with ./web mounted as volume
and an anonymous volume to preserve container node_modules
- worker and nc-watcher omitted (not needed for UI work)
- separate pg_data_dev volume keeps dev DB isolated from prod
Usage:
podman-compose -f docker-compose.dev.yml up --build
Frontend hot-reloads at http://localhost:3000
API auto-reloads at http://localhost:8000
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Frontend (SettingsPage):
- Sync avatarUrl state via useEffect when me.avatar_url changes after
background refetch, so profile section never shows stale avatar
- Invalidate ["comments"] after upload/generate/remove so SongPage
comment avatars update immediately instead of waiting for staleTime
- Fix Remove button: was sending avatar_url: undefined which JSON.stringify
drops entirely, so the server never cleared it; now sends ""
nginx:
- Change /api/ and /ws/ locations to use ^~ prefix so the static-asset
regex rule (~* \.(png|svg|ico)$) cannot intercept API paths; PNG/SVG
avatar uploads were returning 404 from nginx in production
- Merge nc-scan 300s timeout into ^~ /api/v1/bands/ block
- Add client_max_body_size 10m (default 1MB was silently rejecting
uploads before they reached FastAPI)
Dev tooling:
- Add docker-compose.dev.yml for hot-reload development workflow
- Add Taskfile.yml with dev, test, lint, migrate, and shell tasks
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
