01 — Someli-admin-api setup¶
You've finished ../00-workstation-setup.md. Now stand up Someli-admin-api.
1. Clone¶
cd ~/src/someli
git clone git@github.com:Someli-ai/Someli-admin-api.git
cd Someli-admin-api
git checkout dev # plain dev/uat/main convention here
Verify with the team which is currently the development branch.
2. Install¶
Lockfile is package-lock.json. Both managers work. ~3 minutes first time.
3. The .env file¶
The repo does not ship a .env.example. Ask the team for the dev .env.
The file lives at the project root: Someli-admin-api/.env. Loaded via dotenv from conf.js (49 lines).
Variables you need at minimum¶
# Database
host=...
user=...
password=...
database=someli
dbPort=3306
connectionLimit=10
# Server
port=5004 # IMPORTANT — see "port collision" below
# JWT / token
JWT_SECRET_KEY=...
TOKEN_HEADER_KEY=Token
# Session
# (express-session secret is HARDCODED in source — known finding — not env-driven)
Variables you need as soon as you exercise real features¶
| Feature | Vars |
|---|---|
SENDGRID_API_KEY, FROM |
|
| AWS S3 (two buckets, two regions) | AWS_ACCESS_KEY, AWS_SECRET_ACCESS_KEY, S3_Bucket_Name, S3_Region, S3_Path, S3_Bucket_Name2, S3_Region2, S3_Path2, S3_Bucket_Url2, S3_Path_RAG |
| OpenAI | OPENAI_API_KEY |
| Stock images | PEXELS_API_KEY, PIXABAY_API_KEY |
| AWS Bedrock | AWS_BEDROCK_KEY, AWS_BEDROCK_SECRET, AWS_BEDROCK_MODEL, AWS_BEDROCK_REGION |
| Google APIs | GOOGLE_API_KEY |
| Paddle (prod + sandbox) | PADDLE_API_KEY, PADDLE_WEBHOOK_KEY, PADDLE_API_DOMAIN, PADDLE_ENV, PADDLE_TEST_* |
| Chaskiq | CHASKIQ_SECRET |
| Leonardo AI | LEONARDO_KEY |
| LinkedIn (likely vestigial) | LINKEDIN_CLIENT_ID, LINKEDIN_CLIENT_SECRET |
| Misc | PUBLISH_KEY, NOTIFY_URL, APP_URL, API_URL, SUPPORT_URL_EXPIRY_MIN |
Note: the surface is similar to
someli-api(since they share lineage), but admin-api has no Passport, no OAuth strategies, no Stripe handler implementations — even if some env vars suggest otherwise.
See ../../audit/Someli-admin-api/configuration.md.
4. Port collision¶
server.js:5 reads process.env.port || conf.port || 5002 — same default as someli-api and designer-api. Set a non-colliding port:
The admin FE expects this API at VITE_API_URL in admin_console_R/.env.
5. Database¶
Shared with all other backends (same MySQL instance in production). See ../someli-api/01-setup.md §4.
6. Start the server¶
Expected output:
If Something Went Wrong! — MySQL unreachable.
7. Smoke test¶
Like designer-api, Someli-admin-api does not have a /health endpoint. Try:
curl -i http://localhost:5004/authenticate -X POST \
-H 'Content-Type: application/json' \
-d '{"email":"admin@someli.ai","password":"changeme"}'
A 400 / 401 means the server is up but rejecting your credentials. A 200 with a token in the response body means you're in.
8. conf/credentials.json¶
The repo has conf/credentials.json, likely a Google service-account JSON. Verify whether it is committed in .gitignore and obtain a dev copy from the team.
9. You're done¶
If yarn start runs on a non-colliding port and you can hit /authenticate, you are ready.
Next: 02-stack.md.
Troubleshooting¶
| Symptom | Likely cause |
|---|---|
EADDRINUSE :::5002 |
Port collision — set port=5004 in .env |
Something Went Wrong! |
MySQL unreachable |
JWT_SECRET_KEY undefined error |
Set JWT_SECRET_KEY and TOKEN_HEADER_KEY in .env |
| 404 on a webhook path | The repo has the JSON-bodyparser exemption for /stripe_webhooks and /paddle_*_webhooks paths but no handlers for them. Vestigial or planned. |
| 401 on every authenticated request | Inspect the request Token header; was it decrypted successfully? Use a known dev token. |