π₯ Modern, secure and production-ready API for video processing workflows
- π Secure Authentication with JWT tokens
- πΉ Video Management with approval workflows
- π Pipeline Integration for automated video processing
- π Professional Logging with Winston (container-ready)
- π₯ Health Monitoring with
/healthendpoint - π³ Container Native - ready for Docker, Kubernetes, systemd
- β Comprehensive Testing with 81% code coverage
- π‘οΈ Security Hardened - 0 known vulnerabilities
- Node.js 18+
- npm or yarn
# Clone the repository
git clone https://github.com/freifunk/videoodyssee-api.git
cd videoodyssee-api
# Install dependencies
npm install
# Set up environment variables
cp .env.example .env
# Edit .env with your configuration
# Start development server
npm run devThe API will be available at http://localhost:8000
curl http://localhost:8000/healthCreate a .env file with the following variables:
# Server Configuration
PORT=8000
NODE_ENV=development
# Authentication
EMAIL=admin@videoodyssee.com
PASSWORD=your-admin-password
JWT_SECRET=your-super-secret-jwt-key
# External Services
VOCTOWEB_URL=https://media.ccc.de
ACCESS_KEY=your-pipeline-access-key
API_KEY=your-api-key
PIPELINE_URL=https://videopipeline.freifunk.net/go/api/pipelines/processing-pipeline/schedulePOST /auth/login
Content-Type: application/json
{
"email": "admin@videoodyssee.com",
"password": "your-password"
}# Submit new video
POST /video
Content-Type: application/json
{
"title": "My Video",
"conference": "TestConf2024",
"language": "English",
"date": "2024-01-15",
"url": "https://example.com/video.mp4",
"name": "John Doe",
"email": "john@example.com",
"persons": ["Speaker 1", "Speaker 2"],
"tags": ["tech", "conference"]
}
# List all videos
POST /video/list
# Approve video
POST /video/approve
{
"id": "video-uuid"
}
# Reject video
POST /video/reject
{
"id": "video-uuid"
}POST /pipeline/trigger
Content-Type: application/json
{
"title": "Video Title",
"event": "Conference Name",
"language": "English",
"date": "2024-01-15",
"url": "https://example.com/video.mp4",
"name": "Submitter Name",
"email": "submitter@example.com",
"persons": ["Speaker 1", "Speaker 2"],
"tags": ["tag1", "tag2"]
}GET /health# Development with hot reload & colored logs
npm run dev
# Production mode with JSON logs
npm start
# Run tests
npm test
# Run tests with coverage
npm run test:coverage
# Run tests silently
npm run test:silent
# Debug mode
npm run debug-
Start development server:
npm run dev
-
Run tests in watch mode:
npm test -- --watch -
Check test coverage:
npm run test:coverage
Comprehensive test suite with 26 tests and 81% coverage:
# Run all tests
npm test
# Generate coverage report
npm run test:coverage
# Run tests silently (useful for CI)
npm run test:silent- Unit Tests:
tests/utils/ - Route Tests:
tests/routes/ - Integration Tests: Full API workflow testing
FROM node:18-alpine
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
EXPOSE 8000
CMD ["npm", "start"]Deploy with the provided manifests:
kubectl apply -f deployment/kubernetes/deployment.yamlFeatures:
- 3 replicas for high availability
- Health checks (liveness & readiness probes)
- Resource limits (512Mi memory, 500m CPU)
- Secret management for sensitive data
- ConfigMap for configuration
Install as a system service:
# Copy service file
sudo cp deployment/systemd/videoodyssee-api.service /etc/systemd/system/
# Reload systemd and start service
sudo systemctl daemon-reload
sudo systemctl enable videoodyssee-api
sudo systemctl start videoodyssee-api
# View logs
journalctl -u videoodyssee-api -f# Set production environment
export NODE_ENV=production
# Install production dependencies only
npm ci --only=production
# Start with process manager (PM2)
npm install -g pm2
pm2 start server.js --name videoodyssee-api
# Or use the systemd service
sudo systemctl start videoodyssee-apiProfessional logging with Winston - optimized for modern deployment environments:
- Colored output for easy reading
- All log levels (debug, info, warn, error)
- Timestamps with milliseconds
- Structured JSON for log aggregation
- stdout/stderr output (container-friendly)
- Exception handling built-in
- Minimal output (errors only)
- Can be silenced with
TEST_SILENT=true
logger.error('β Critical error occurred');
logger.warn('β οΈ Warning message');
logger.info('β
Information message');
logger.debug('π Debug information');Perfect for:
- ELK Stack (Elasticsearch, Logstash, Kibana)
- Grafana Loki
- Fluentd/Fluent Bit
- systemd journald
- β 0 vulnerabilities in dependencies
- β JWT authentication with configurable secrets
- β Input validation on all endpoints
- β Error handling without information leakage
- β CORS protection
- β Rate limiting ready (easily extensible)
- Automated updates with Renovate
- Regular security audits with
npm audit - Minimal attack surface with production-only dependencies
NoNewPrivileges=truePrivateTmp=trueProtectSystem=strictProtectHome=true
The project is structured for easy CI/CD integration:
# Example workflow step
- name: Run tests
run: npm test
- name: Check security
run: npm audit
- name: Check coverage
run: npm run test:coveragecurl http://localhost:8000/healthResponse:
{
"status": "healthy",
"timestamp": "2024-01-15T10:30:00.000Z",
"uptime": 3600.123,
"environment": "production"
}- Liveness Probe:
/health(checks if app is running) - Readiness Probe:
/health(checks if app can serve traffic)
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Run tests (
npm test) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the ISC License - see the LICENSE file for details.
- andibraeu - Current maintainer - Modernized and maintained the project
- Vijay Reddy - Original work - @0xVijayReddy
- Express.js community
- Winston logging library
- Jest testing framework
- All contributors and testers
π Ready for production deployment with modern DevOps practices!