New feature

.air.dev.toml

@@ -0,0 +1,31 @@
+# =============================================================
+#  Air config for `make dev` / dev.sh — red-engine
+#  Same as .air.toml but WITHOUT the Tailwind pre_cmd, because
+#  dev.sh already runs `npx tailwindcss --watch` in the background.
+#  Avoids rebuilding CSS twice on every change.
+# =============================================================
+root = "."
+tmp_dir = "tmp"
+
+[build]
+  cmd = "go build -o ./tmp/red ./cmd/red"
+  bin = "./tmp/red"
+  full_bin = "APP_ENV=dev ./tmp/red"
+  include_ext = ["go", "html", "md", "json"]
+  exclude_dir = ["tmp", "vendor", "node_modules", "data"]
+  exclude_regex = ["_test\\.go", "registry\\.db"]
+  delay = 200
+  stop_on_error = true
+  kill_delay = "500ms"
+
+[log]
+  time = true
+
+[color]
+  main = "magenta"
+  watcher = "cyan"
+  build = "yellow"
+  runner = "green"
+
+[misc]
+  clean_on_exit = true

.air.toml

@@ -1,16 +1,38 @@
-# .air.toml
+# =============================================================
+#  Air config — red-engine (Project R.E.D)
+#  Hot-reloads the Go server AND rebuilds Tailwind on changes.
+#
+#  Matches your repo layout:
+#    cmd/red/main.go                       — entrypoint
+#    internal/router/static/tailwind-input.css  — Tailwind entry
+#    internal/router/static/tailwind.css        — build output (served)
+#    internal/router/templates/*.html           — Go templates
+#
+#  Two ways to run (see Makefile / dev.sh):
+#   1) `make dev`  — `npx tailwindcss --watch` + `air` together
+#                    (instant CSS rebuilds, recommended)
+#   2) `air`       — single process; the pre_cmd below rebuilds
+#                    Tailwind before each Go build (simpler, slower CSS)
+# =============================================================
 root = "."
 tmp_dir = "tmp"
 
 [build]
-  cmd = "go build -o ./tmp/red-engine ./cmd/red/main.go"
-  bin = "./tmp/red-engine"
-  include_ext = ["go", "html", "tmpl"]
-  exclude_dir = ["data", "node_modules", "tmp", "caddy_routing"]
-  delay = 1000
+  # Rebuild the CSS, then compile the server.
+  pre_cmd = ["npx tailwindcss -i ./internal/router/static/tailwind-input.css -o ./internal/router/static/tailwind.css --minify"]
+  cmd = "go build -o ./tmp/red ./cmd/red"
+  bin = "./tmp/red"
+  full_bin = "APP_ENV=dev ./tmp/red"
+
+  # Watch Go, templates, the CSS source, and content Markdown (data/**).
+  include_ext = ["go", "html", "css", "md", "json"]
+  # Don't loop on generated output, vendored assets, or the content DB.
+  exclude_dir = ["tmp", "vendor", "node_modules", "data"]
+  exclude_regex = ["_test\\.go", "tailwind\\.css", "registry\\.db"]
+  delay = 200            # ms — debounce rapid saves
   stop_on_error = true
-  send_interrupt = true
-  kill_delay = 500
+  send_interrupt = false
+  kill_delay = "500ms"
 
 [log]
   time = true
@@ -22,4 +44,4 @@ tmp_dir = "tmp"
   runner = "green"
 
 [misc]
-  clean_on_exit = true
+  clean_on_exit = true

.gitignore

@@ -1,20 +1,35 @@
 // DO NOT REMOVE
 
 red-engine
-red
+!cmd/red
 
 data/
-test-integrity.sh
-fix-ports.sh
-
+data1/
+.nodetest/
+registry.db
 .github/discord.yml
 podman-flush.sh
 
 
+Project-RED-main.zip
+node_modules/
+tmp/
+internal/router/static/dist/
 
 .DS_Store
 Thumbs.db
 
 .vscode/
 .idea/
 
+.env
+*.log
+*.bak
+*.tmp
+*.md
+*.txt
+
+!*.sh
+!README.md
+!LICENSE
+.claude

ADDITIONAL_TERMS.md

@@ -0,0 +1,21 @@
+# Additional Terms — GNU AGPL-3.0, Section 7(b)
+
+As permitted by Section 7 of the GNU Affero General Public License v3,
+the following additional attribution term applies to this software:
+
+Any deployment of this software — modified or unmodified — that serves
+content to end users over a network must display the text:
+
+    Powered by RED Collective
+
+in a location that is reasonably visible to those users (e.g. a page
+footer, about page, or equivalent UI element). The display requires no
+specific logo, color, font, or styling. The text alone is sufficient.
+
+This requirement:
+- applies to all forks and derivative works
+- survives modification of the source code
+- does not restrict you from rebranding, building your own UI, or
+  presenting the deployment as your own product
+
+Full license terms: LICENSE

CHANGELOG.md

@@ -1,3 +1,34 @@
+## [Unreleased] - 2026-06-01
+
+### Added
+- **Navigation System:** New `internal/navigation` package with filesystem scanner, SQLite-backed index (`nav_folders`, `nav_guides`, `nav_description_overrides` tables), and three HTTP endpoints:
+  - `GET /api/navigation` — tree or flat content listing with `path`, `content_type`, and `flat` query params
+  - `POST /-/admin/navigation/rescan` — trigger a fresh filesystem walk
+  - `PUT /-/admin/navigation/folder/description` — set or override a folder's description
+- **DB-Backed Node Settings:** New `node_settings` key-value table in `registry.db`. `site_name` and `node_name` are now runtime-editable without restarting the container. Changes take effect on the next request.
+- **Environment Variable Overrides:** All critical config values can now be set via `RED_*` environment variables, taking priority over `config.json`. Supported: `RED_ADMIN_TOKEN`, `RED_WEBHOOK_SECRET`, `RED_ADDR`, `RED_DATA_DIR`, `RED_SITE_NAME`, `RED_NODE_NAME`.
+- **Admin Lockdown Mode:** If neither `config.json` nor `RED_ADMIN_TOKEN` is present at startup, the node starts in read-only lockdown — content is served but the admin panel returns HTTP 401. No credentials are auto-generated silently.
+- **Unified `setup.sh` Script:** Single entry point replacing four separate scripts. Commands: `test`, `dev`, `install`, `update`, `token`, `backup`, `status`, `help`. Default (no argument) runs the first-time setup wizard.
+- **First-Time Setup Wizard:** Interactive wizard in `setup.sh` collects addr, data dir, site name, and node name. Writes credentials to both `.env` (primary resilient store) and `config.json`. Requires the operator to type `I understand` before setting the node name, with an explicit warning about federation identity permanence.
+- **One-Time Config Migration:** On first boot, `site_name` and `node_name` values from `config.json` are automatically migrated to the `node_settings` table. `startupSync` entries are migrated to the `registry.db` startup sync table.
+
+### Changed
+- **`entrypoint.sh`:** No longer auto-creates a stub `config.json`. If both `config.json` and `RED_ADMIN_TOKEN` are absent, it prints a clear lockdown warning and starts normally. The `chown` of `config.json` is now conditional on the file existing.
+- **`docker-compose.yml`:** Added `environment:` block to pass all `RED_*` vars into the container from `.env`. Changed `expose: 8080` to `ports: 127.0.0.1:8080:8080` so the node is directly reachable at `http://localhost:8080` without requiring Caddy. Removed dead `contributors.json` volume mount.
+- **`config.json`:** Trimmed to four fields: `addr`, `dataDir`, `adminToken`, `webhookSecret`. Dead fields (`sourceURL`, `sourceType`) removed. `startupSync`, `siteName`, `nodeName` retained only for one-time migration and then ignored.
+- **`siteName` / `nodeName` resolution:** Both now read from `registry.GetSetting()` on every request. Fallbacks: `site_name` → `"RED Engine"`, `node_name` → `os.Hostname()`. The config fields are only read during startup migration.
+- **`.env` as resilient credential store:** `setup.sh` writes credentials to `.env` as the primary store. If `config.json` is deleted, env vars keep the node fully operational on next restart. `.env` is automatically added to `.gitignore`.
+
+### Removed
+- `install-red-engine.sh`, `install-red-engine.ps1`, `install-red-dependencies.pssc` — superseded by `setup.sh`
+- `manage-token.sh`, `manage-token.ps1` — superseded by `./setup.sh token`
+- `node-test.sh` — superseded by `./setup.sh test`
+- `backup-data.sh` — superseded by `./setup.sh backup`
+- Dead `sync.RWMutex` field from `config.Config` struct
+- Dead `SourceURL`, `SourceType` fields from `config.Config` struct
+
+---
+
 ## [Unreleased] - 2026-05-29
 
 ### Added
@@ -9,11 +40,11 @@
 ### Changed
 - **Replaced `fsnotify`:** Local file watching is now handled by a 2-second interval background poller, which directly feeds into the new granular memory hot-reloading module.
 - **Silent Background Poller:** Refactored the 1-minute brute force loop in `cmd/red/main.go`. It now uses `fetch.PullDelta` to silently check for remote Git changes without downloading entire repository archives.
-- **Installation Scripts:** Updated `install-red-engine.sh` and `install-red-engine.ps1` to automatically assign global read/write permissions (`chmod 777` and `icacls Everyone`) to the `data/` volume. 
+- **Installation Scripts:** Updated `install-red-engine.sh` and `install-red-engine.ps1` to automatically assign global read/write permissions (`chmod 777` and `icacls Everyone`) to the `data/` volume.
 - **Docker Dependencies:** Updated `Dockerfile` to install `ca-certificates`, `git`, and `openssh` directly into the Alpine container for native Git support.
 
 ### Fixed
 - **Podman Permission Trap:** Prevented the restricted `reduser` (UID 1000) from being locked out of the `data/` directory when the host machine auto-creates missing volume mounts as `root`.
 - **Mutex Panic in Store:** Fixed a fatal runtime concurrency bug in `store.go` where a deferred `mu.Unlock()` would cause a panic if security definitions (`manifest.json` or `contributors.json`) were modified.
 - **Webhook Global Loop Bug:** Fixed an issue where a single webhook ping would force the engine to blindly re-download every tracked repository in the configuration list.
-- **ZIP Archive Loop Bug:** Changed default URLs in `config.json` from `/archive/HEAD.zip` to `.git` to prevent the background sync from repeatedly destroying and recreating directories every 60 seconds.
+- **ZIP Archive Loop Bug:** Changed default URLs in `config.json` from `/archive/HEAD.zip` to `.git` to prevent the background sync from repeatedly destroying and recreating directories every 60 seconds.

LICENSE

@@ -1,3 +1,8 @@
+This software is licensed under the GNU Affero General Public License v3,
+with Additional Terms as described in ADDITIONAL_TERMS.md.
+
+---
+
                     GNU AFFERO GENERAL PUBLIC LICENSE
                        Version 3, 19 November 2007
 

Makefile

@@ -0,0 +1,33 @@
+# =============================================================
+#  red-engine — dev tooling (Project R.E.D)
+# =============================================================
+
+.PHONY: dev air vite build run tidy clean
+
+## dev: run Vite (CSS/JS HMR on :5173) + Air (Go hot reload on :8080)
+##      Open http://localhost:5173 in your browser.
+dev:
+	@./red-dev.sh
+
+## air: hot-reload the Go server only (no Vite, no CSS HMR)
+air:
+	DEV_MODE=true air -c .air.dev.toml
+
+## vite: start Vite dev server only (requires Go already running on :8080)
+vite:
+	npx vite
+
+## build: production build — compile CSS/JS via Vite, then the Go binary
+build:
+	npx vite build
+	go build -o ./red ./cmd/red
+
+## run: build + run once (no watching)
+run: build
+	./red
+
+tidy:
+	go mod tidy
+
+clean:
+	rm -rf tmp internal/router/static/dist