Add public demo mode with auto-seeding, hourly reset, and Portainer deploy guide

- DEMO_MODE=true env flag: disables password changes and backup endpoints (403), exposes GET /demo/status for frontend detection - Auto-seed on first startup: creates demo user (demo@mymidas.app / demo123) with 6 months of transactions, investments, budgets, subscriptions, and tax payslips; takes a pg_dump snapshot immediately after for hourly restore - Hourly reset: resetter Alpine container with cron restores DB from snapshot and purges uploaded attachments every hour on the hour - Frontend: amber demo banner on all pages, login page shows credentials, password change disabled with notice, backups section replaced with notice - demo/ directory: self-contained docker-compose.yml (ports 4001/8091), .env.example, reset.sh, and step-by-step Portainer DEPLOY.md Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-23 22:08:24 +00:00 · 2026-04-23 22:08:24 +00:00 · 9897d03d91
commit 9897d03d91
parent afb5e99bb2
17 changed files with 975 additions and 2 deletions
--- a/backend/app/demo/snapshot.py
+++ b/backend/app/demo/snapshot.py
@ -0,0 +1,51 @@
+"""Creates and restores the demo database snapshot used for hourly resets."""
+from __future__ import annotations
+
+import asyncio
+import os
+from pathlib import Path
+
+SNAPSHOT_PATH = Path(os.environ.get("DEMO_SNAPSHOT_PATH", "/app/demo_snapshot.sql.gz"))
+
+
+async def create_snapshot() -> None:
+    """pg_dump the current DB to SNAPSHOT_PATH (gzip compressed)."""
+    db_url = os.environ.get("DATABASE_URL", "")
+    pg_url = db_url.replace("postgresql+asyncpg", "postgresql")
+
+    proc = await asyncio.create_subprocess_shell(
+        f'pg_dump --no-owner --no-acl "{pg_url}" | gzip > "{SNAPSHOT_PATH}"',
+        stderr=asyncio.subprocess.PIPE,
+    )
+    _, err = await proc.communicate()
+    if proc.returncode != 0:
+        raise RuntimeError(f"Snapshot failed: {err.decode()}")
+
+
+async def restore_snapshot() -> None:
+    """Restore DB from SNAPSHOT_PATH, dropping and recreating all user data."""
+    if not SNAPSHOT_PATH.exists():
+        raise FileNotFoundError(f"Snapshot not found: {SNAPSHOT_PATH}")
+
+    db_url = os.environ.get("DATABASE_URL", "")
+    pg_url = db_url.replace("postgresql+asyncpg", "postgresql")
+
+    # Truncate all user-data tables in dependency order, then restore
+    truncate_sql = """
+        TRUNCATE TABLE
+            manual_cgt_disposals, payslips, tax_profiles, tax_rate_configs,
+            investment_transactions, investment_holdings, assets,
+            audit_logs, net_worth_snapshots,
+            transactions, budgets, accounts, categories,
+            sessions, users
+        RESTART IDENTITY CASCADE;
+    """
+
+    proc = await asyncio.create_subprocess_shell(
+        f'gunzip -c "{SNAPSHOT_PATH}" | psql --single-transaction -v ON_ERROR_STOP=1 "{pg_url}"',
+        stderr=asyncio.subprocess.PIPE,
+        stdout=asyncio.subprocess.PIPE,
+    )
+    _, err = await proc.communicate()
+    if proc.returncode != 0:
+        raise RuntimeError(f"Restore failed: {err.decode()}")