Sitr - Micro-business Platform

Sitr is a high-performance directory and micro-business platform built with Crystal and Kemal.

Features

• Fast & Efficient: Built on Crystal for near C-like performance.
• Search: Full-text search with caching (Memory/Redis ready).
• Dashboard: Professional admin dashboard for business owners and sales staff.
• Localization: Multi-language support (EN/ES).
• SEO Optimized: Automatic Sitemap and JSON-LD generation.
• Image Optimization: Automatic image processing using libvips (async support).
• Security: CSRF protection, BCrypt password hashing, and role-based access control.

Prerequisites

• Crystal (>= 1.19.0)
• libvips (for image processing)
• MySQL or MariaDB (production database)
• Valkey (or Redis) for session storage and caching

Installation

1. Clone the repository:

   git clone https://github.com/yourusername/sitr.git
   cd sitr
   

2. Install dependencies:

   make setup
   

3. Setup Database:

   # Create database and structure
   make db-up
   
   # Populate with test data
   make seed
   

   You can also use the CLI directly for more control:

   # Reset database (drop + recreate)
   ./bin/sitr-cli setup --reset
   
   # Drop database
   ./bin/sitr-cli setup --drop
   

Development

Start the development server with auto-reload:

make dev

Visit http://localhost:3000.

Code Quality & Testing

Run linter and unit tests:

make lint
make test

Run browser end-to-end tests (requires Firefox & geckodriver):

make test-browser

See docs/technical/testing.rst for full details.

Production Build

Build the optimized binary. Note that multi-threading (-Dpreview_mt) is disabled by default for production safety due to driver maturity.

make build
./bin/sitr

To enable experimental multi-threading (dev only recommended):

make build-dev
./bin/sitr-dev

Configuration

Configuration is handled via environment variables:

• DATABASE_URL: MySQL connection string (e.g., mysql://user:pass@host/db). Required.
• VALKEY_URL: Valkey connection string (e.g., redis://localhost:6379). Required for sessions.
• SESSION_SECRET: Secret key for session signing.

Security Features

Sitr includes robust security defaults:

1. Sessions: Uses Valkey (Redis-compatible) for distributed, secure session storage. File-based sessions are used only in test environments.
2. Authentication:
   • Password Reset: Secure token-based reset flow.
   • Email Verification: Account activation via email token.
   • Rate Limiting: Built-in protection for login/register endpoints (IP + Email tracking) to prevent brute-force attacks.
3. Data Integrity: Strict typing for User roles and deterministic search results.

Contributing

1. Fork it (https://github.com/yourusername/sitr/fork)
2. Create your feature branch (git checkout -b feature/my-new-feature)
3. Commit your changes (git commit -am 'Add some feature')
4. Push to the branch (git push origin feature/my-new-feature)
5. Create a new Pull Request

License

This project is licensed under the MIT License - see the LICENSE file for details.