Initial public release

Author: anilguleroglu

.dockerignore

@@ -0,0 +1,44 @@
+# Dependencies
+node_modules/
+
+# Version control
+.git/
+.gitignore
+
+# Build outputs
+.next/
+out/
+build/
+coverage/
+
+# Data (runtime databases, vectors)
+data/
+
+# Environment files
+.env*
+
+# Documentation source (not needed in image)
+docs/
+*.md
+!README.md
+
+# IDE / Editor
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# OS files
+.DS_Store
+Thumbs.db
+
+# Deployment configs
+deploy/
+
+# Test files
+src/__tests__/
+vitest.config.ts
+test-tracing.sh
+
+# Scripts
+scripts/

.env.example

@@ -0,0 +1,84 @@
+# ============================================================
+# Cognipeer Console — Environment Configuration
+# ============================================================
+# Copy this file to .env.local and fill in your values.
+# All variables have sensible defaults unless marked (required).
+# ============================================================
+
+# ---- Database ------------------------------------------------
+# Provider: sqlite (default, zero-dependency) | mongodb
+DB_PROVIDER=sqlite                                 # Database backend
+MAIN_DB_NAME=console_main                          # Main database name
+SQLITE_DATA_DIR=./data/sqlite                      # SQLite data directory
+
+# MongoDB (only required when DB_PROVIDER=mongodb)
+# MONGODB_URI=mongodb://localhost:27017             # MongoDB connection string
+# MONGODB_MIN_POOL_SIZE=2                           # Minimum connection pool size
+# MONGODB_MAX_POOL_SIZE=10                          # Maximum connection pool size
+# MONGODB_CONNECT_TIMEOUT_MS=10000                  # Connection timeout (ms)
+# MONGODB_SOCKET_TIMEOUT_MS=45000                   # Socket timeout (ms)
+# MONGODB_SERVER_SELECTION_TIMEOUT_MS=30000          # Server selection timeout (ms)
+
+# ---- Authentication ------------------------------------------
+JWT_SECRET=                                        # (required) JWT signing secret — min 32 random chars
+JWT_EXPIRES_IN=7d                                  # Token expiry (1d, 7d, 30d)
+# PROVIDER_ENCRYPTION_SECRET=                       # Provider credential encryption key (falls back to JWT_SECRET)
+
+# ---- License -------------------------------------------------
+# ENFORCE_LICENSE=false                              # Set to "true" to enforce license tier restrictions (default: false = all features unlocked)
+
+# ---- Email (SMTP) --------------------------------------------
+# Optional — emails will be skipped if not configured
+# SMTP_HOST=smtp.example.com                        # SMTP server hostname
+# SMTP_PORT=587                                     # SMTP port
+# SMTP_SECURE=false                                 # Use TLS (true/false)
+# SMTP_USER=                                        # SMTP username
+# SMTP_PASS=                                        # SMTP password
+# SMTP_FROM=noreply@example.com                     # Sender address (defaults to SMTP_USER)
+
+# ---- Gateway / Resilience ------------------------------------
+# GATEWAY_REQUEST_TIMEOUT_MS=120000                 # Request timeout for provider calls (ms)
+# GATEWAY_RETRY_ENABLED=true                        # Enable retry on provider failures
+# GATEWAY_RETRY_MAX_ATTEMPTS=3                      # Max retry attempts (1 = no retry)
+# GATEWAY_RETRY_INITIAL_DELAY_MS=200                # Initial retry delay (exponential backoff)
+# GATEWAY_CIRCUIT_BREAKER_ENABLED=true              # Enable circuit breaker
+# GATEWAY_CIRCUIT_BREAKER_THRESHOLD=5               # Failures to trip the breaker
+# GATEWAY_CIRCUIT_BREAKER_RESET_MS=30000            # Time before half-open reset (ms)
+
+# ---- Cache ---------------------------------------------------
+# Provider: none | memory | redis
+CACHE_PROVIDER=memory                              # Cache provider (no fallback)
+# CACHE_TTL_SECONDS=300                             # Default cache TTL (seconds)
+# REDIS_URL=                                        # Redis connection URL (required when redis)
+# REDIS_KEY_PREFIX=console:                         # Redis key prefix
+
+# ---- Rate Limiting -------------------------------------------
+# Provider: memory (default) | mongodb | redis
+RATE_LIMIT_PROVIDER=memory                         # Rate limit backend
+# RATE_LIMIT_SYNC_INTERVAL_MS=5000                  # Sync interval for distributed counters
+
+# ---- Logging -------------------------------------------------
+# LOG_LEVEL=debug                                   # error | warn | info | debug
+# LOG_FORMAT=pretty                                 # json | pretty (pretty = colorized dev output)
+# LOG_REQUEST_BODY=false                            # Log request bodies (caution: sensitive data)
+# LOG_RESPONSE_BODY=false                           # Log response bodies
+
+# ---- CORS ----------------------------------------------------
+# CORS_ENABLED=false                                # Enable CORS for /api/client/* endpoints
+# CORS_ALLOWED_ORIGINS=                             # Comma-separated origins (required when CORS enabled)
+# CORS_MAX_AGE=86400                                # Preflight cache max-age (seconds)
+
+# ---- Health ---------------------------------------------------
+# HEALTH_ENDPOINT_ENABLED=true                      # Enable /api/health/live and /api/health/ready
+
+# ---- Limits --------------------------------------------------
+# NEXT_BODY_SIZE_LIMIT=10mb                         # Max body size for server actions
+# TRACING_MAX_BODY_SIZE_MB=10                       # Max tracing session payload (MB)
+
+# ---- Application ---------------------------------------------
+NODE_ENV=development
+NEXT_PUBLIC_APP_URL=http://localhost:3000           # Public application URL (used in emails, links)
+# SHUTDOWN_TIMEOUT_MS=15000                         # Graceful shutdown timeout (ms)
+
+# ---- Provider Runtime Pool -----------------------------------
+# PROVIDER_RUNTIME_CACHE_TTL_SECONDS=300            # SDK client cache TTL (0 = no caching)

.github/CODEOWNERS

@@ -0,0 +1,7 @@
+# Replace or extend these owners to match your GitHub usernames or teams.
+# This scaffold keeps the repository ready for automatic review routing once the public repo is live.
+
+* @anilguleroglu
+docs/ @anilguleroglu
+src/server/ @anilguleroglu
+src/lib/ @anilguleroglu

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,60 @@
+name: Bug report
+description: Report a reproducible defect in Cognipeer Console.
+title: "[Bug]: "
+labels:
+  - bug
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Use this form for product or code defects. Do not disclose security vulnerabilities here.
+  - type: textarea
+    id: summary
+    attributes:
+      label: Summary
+      description: What broke?
+    validations:
+      required: true
+  - type: textarea
+    id: steps
+    attributes:
+      label: Reproduction steps
+      description: Provide a minimal, deterministic reproduction.
+      placeholder: |
+        1. Start the app with ...
+        2. Open ...
+        3. Observe ...
+    validations:
+      required: true
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected behavior
+    validations:
+      required: true
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual behavior
+    validations:
+      required: true
+  - type: input
+    id: version
+    attributes:
+      label: Version or commit
+      placeholder: main / tag / commit sha
+  - type: dropdown
+    id: runtime
+    attributes:
+      label: Runtime mode
+      options:
+        - SQLite
+        - MongoDB
+        - Docker
+        - Kubernetes
+        - Other
+  - type: textarea
+    id: logs
+    attributes:
+      label: Relevant logs or screenshots
+      render: shell

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Security issue
+    url: https://github.com/Cognipeer/cognipeer-console/security/advisories/new
+    about: Report security vulnerabilities privately.
+  - name: Commercial inquiry
+    url: https://github.com/Cognipeer/cognipeer-console/blob/main/COMMERCIAL.md
+    about: Read the commercial licensing and support guidance.

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,39 @@
+name: Feature request
+description: Propose a new capability or improvement.
+title: "[Feature]: "
+labels:
+  - enhancement
+body:
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem statement
+      description: What user or operator pain does this solve?
+    validations:
+      required: true
+  - type: textarea
+    id: proposal
+    attributes:
+      label: Proposed solution
+      description: Describe the desired behavior or API.
+    validations:
+      required: true
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+  - type: dropdown
+    id: area
+    attributes:
+      label: Area
+      options:
+        - Docs
+        - API
+        - Dashboard UI
+        - Providers
+        - Tracing
+        - Guardrails
+        - Vector / RAG
+        - Security / Licensing
+        - Deployment / Operations
+        - Other

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,20 @@
+## Summary
+
+Describe the problem and the change in one or two paragraphs.
+
+## Changes
+
+- 
+
+## Validation
+
+- [ ] `npm run lint`
+- [ ] `npm run test`
+- [ ] `npm run build`
+- [ ] `npm run docs:build`
+
+## Release Notes
+
+- [ ] Docs updated when behavior changed
+- [ ] Security-sensitive changes reviewed
+- [ ] License or policy files updated if repo-facing behavior changed