Refactor infra: update n8n, simplify Docker, add knowledge sync

Upgrades n8n to 1.108.2 and simplifies Dockerfile and docker-compose.yml for local and Hugging Face Spaces deployment. Adds scripts for knowledge base sync with Supabase and OpenAI embeddings, and provides a Supabase schema for documents and embeddings. Updates backup/restore scripts for direct Postgres and n8n API usage. Enhances README with ChromaDB setup and clarifies instructions. Adds a knowledge sync workflow blueprint and VSCode spell checker settings.

.vscode/settings.json

@@ -1,3 +1,10 @@
 {
-  "DockerRun.DisableDockerrc": true
+  "DockerRun.DisableDockerrc": true,
+  "spellright.language": [],
+  "spellright.documentTypes": ["markdown", "latex", "plaintext"],
+  "spellright.parserByClass": {
+    "code-runner-output": {
+      "parser": "markdown"
+    }
+  }
 }

README.md

@@ -5,18 +5,21 @@ A comprehensive, production-ready infrastructure setup for deploying n8n automat
 ## 🚀 Features
 
 ### Core Platform
+
 - **n8n v1.17.1**: Self-hosted workflow automation platform
 - **Hugging Face Spaces**: Docker-based deployment with automatic scaling
 - **Supabase PostgreSQL**: SSL-encrypted database with pgvector extension
 - **ChromaDB**: Vector store for embeddings and AI-powered search
 
 ### AI & Automation
+
 - **LangChain Integration**: Advanced AI workflow capabilities
 - **Multi-Model Support**: OpenAI GPT, Anthropic Claude, Google Vertex AI
 - **Vector Knowledge Base**: Automated content ingestion with embeddings
 - **Community Nodes**: Extended functionality with custom AI nodes
 
 ### DevOps & Monitoring
+
 - **GitHub Actions CI/CD**: Automated deployment and maintenance
 - **Automated Backups**: Daily workflow and configuration backups
 - **Knowledge Sync**: Multi-repository content synchronization
@@ -100,13 +103,14 @@ gh workflow run deploy-to-hf.yml
 ### Supabase Configuration
 
 1. **Create Supabase Project**:
+
    ```sql
    -- Enable pgvector extension
    CREATE EXTENSION IF NOT EXISTS vector;
-   
+
    -- Create knowledge base schema
    CREATE SCHEMA IF NOT EXISTS knowledge;
-   
+
    -- Create embeddings table
    CREATE TABLE knowledge.embeddings (
      id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
@@ -118,23 +122,24 @@ gh workflow run deploy-to-hf.yml
      created_at TIMESTAMPTZ DEFAULT NOW(),
      updated_at TIMESTAMPTZ DEFAULT NOW()
    );
-   
+
    -- Create indexes for performance
    CREATE INDEX IF NOT EXISTS idx_embeddings_collection ON knowledge.embeddings(collection_name);
    CREATE INDEX IF NOT EXISTS idx_embeddings_content_id ON knowledge.embeddings(content_id);
-   CREATE INDEX IF NOT EXISTS idx_embeddings_vector ON knowledge.embeddings 
+   CREATE INDEX IF NOT EXISTS idx_embeddings_vector ON knowledge.embeddings
    USING ivfflat (embedding vector_cosine_ops) WITH (lists = 100);
    ```
 
 2. **Configure Row Level Security**:
+
    ```sql
    -- Enable RLS
    ALTER TABLE knowledge.embeddings ENABLE ROW LEVEL SECURITY;
-   
+
    -- Allow authenticated users to read embeddings
    CREATE POLICY "Users can read embeddings" ON knowledge.embeddings
      FOR SELECT TO authenticated USING (true);
-   
+
    -- Allow service role to manage embeddings
    CREATE POLICY "Service role can manage embeddings" ON knowledge.embeddings
      FOR ALL TO service_role USING (true);
@@ -193,7 +198,7 @@ docker-compose -f docker/docker-compose.yml restart n8n
 The system automatically syncs content from these repositories:
 
 - **n8n Knowledge**: `/projects/n8n` - Workflow examples and best practices
-- **Video & Animation**: `/projects/videos-e-animacoes` - Multimedia processing guides  
+- **Video & Animation**: `/projects/videos-e-animacoes` - Multimedia processing guides
 - **Midjourney Prompts**: `/projects/midjorney-prompt` - AI art generation prompts
 
 ### Manual Knowledge Sync
@@ -225,6 +230,7 @@ Query the knowledge base in n8n workflows:
 ### Automated Backups
 
 Daily backups include:
+
 - All n8n workflows (exported as JSON)
 - Encrypted credentials
 - Database schema
@@ -268,12 +274,13 @@ curl http://localhost:8000/api/v1/heartbeat
 ### Performance Tuning
 
 **Database Optimization**:
+
 ```sql
 -- Monitor query performance
-SELECT query, mean_exec_time, calls 
-FROM pg_stat_statements 
-WHERE query LIKE '%n8n%' 
-ORDER BY mean_exec_time DESC 
+SELECT query, mean_exec_time, calls
+FROM pg_stat_statements
+WHERE query LIKE '%n8n%'
+ORDER BY mean_exec_time DESC
 LIMIT 10;
 
 -- Optimize vector searches
@@ -281,6 +288,7 @@ SET ivfflat.probes = 10;
 ```
 
 **Container Resources**:
+
 ```yaml
 # docker-compose.yml resource limits
 services:
@@ -288,10 +296,10 @@ services:
     deploy:
       resources:
         limits:
-          cpus: '2.0'
+          cpus: "2.0"
           memory: 4G
         reservations:
-          cpus: '1.0'
+          cpus: "1.0"
           memory: 2G
 ```
 
@@ -327,6 +335,7 @@ chmod 600 config/credentials/*
 ### Common Issues
 
 **Connection Problems**:
+
 ```bash
 # Test database connection
 docker exec n8n-automation psql "$DB_POSTGRESDB_HOST" -U "$DB_POSTGRESDB_USER" -c "\l"
@@ -339,6 +348,7 @@ curl -I "$WEBHOOK_URL/healthz"
 ```
 
 **Deployment Issues**:
+
 ```bash
 # Check Hugging Face Space status
 curl -I "https://huggingface.co/spaces/$HF_USERNAME/$HF_SPACE_NAME"
@@ -349,6 +359,7 @@ gh run view [run-id] --log
 ```
 
 **Knowledge Sync Problems**:
+
 ```bash
 # Manual knowledge sync debug
 ./scripts/sync-knowledge.sh
@@ -366,16 +377,18 @@ with open('knowledge/n8n/n8n_embeddings.json') as f:
 ### Recovery Procedures
 
 **Emergency Restore**:
+
 1. Stop all services: `docker-compose down`
 2. Restore from latest backup: `./scripts/restore.sh [backup-name]`
 3. Restart services: `docker-compose up -d`
 4. Verify functionality: Access web interface
 
 **Database Recovery**:
+
 ```sql
 -- Check database integrity
-SELECT schemaname, tablename, n_tup_ins, n_tup_upd, n_tup_del 
-FROM pg_stat_user_tables 
+SELECT schemaname, tablename, n_tup_ins, n_tup_upd, n_tup_del
+FROM pg_stat_user_tables
 WHERE schemaname = 'public';
 
 -- Rebuild vector indexes if needed
@@ -455,4 +468,28 @@ This project is licensed under the Apache License 2.0 - see the LICENSE file for
 
 ---
 
-*Built with ❤️ for the n8n automation community*
+_Built with ❤️ for the n8n automation community_
+
+### ChromaDB
+
+ChromaDB é utilizado como vector store para armazenar embeddings e permitir buscas semânticas avançadas nos fluxos de trabalho do n8n.
+
+#### Configuração
+
+1. **Obtenha seu token de autenticação (API Key) no painel do Chroma Cloud**.
+2. No arquivo `.env`, adicione as variáveis:
+
+   ```dotenv
+   CHROMA_AUTH_TOKEN=ck-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+   CHROMA_HOST=api.chroma.com
+   CHROMA_PORT=443
+   ```
+
+3. Certifique-se de que o serviço Chroma está acessível e que o token está correto.
+
+4. Para uso local, ajuste `CHROMA_HOST` para `localhost` e `CHROMA_PORT` para a porta configurada.
+
+#### Referências
+
+- [Documentação ChromaDB](https://docs.trychroma.com/)
+- [Como gerar API Key no Chroma Cloud](https://docs.trychroma.com/cloud)

docker/Dockerfile

@@ -1,56 +1,39 @@
-# Production-ready n8n Dockerfile for Hugging Face Spaces
-FROM n8nio/n8n:1.17.1
-
-# Set environment for production
-ENV NODE_ENV=production
-ENV N8N_PORT=7860
-ENV N8N_LISTEN_ADDRESS=0.0.0.0
-ENV N8N_PROTOCOL=https
+# Pin the n8n version for predictable upgrades/rollbacks
+FROM n8nio/n8n:1.108.2
+
+# Hugging Face Spaces injects $PORT; n8n should listen on it
+ENV N8N_PORT=$PORT
+ENV N8N_PROTOCOL=http
+# Public URL (important for webhooks behind HF proxy)
+ENV WEBHOOK_URL=${WEBHOOK_URL}
+
+# Execution & retention (production-friendly defaults)
+ENV EXECUTIONS_MODE=regular
+ENV EXECUTIONS_DATA_SAVE_ON_ERROR=all
+ENV EXECUTIONS_DATA_SAVE_ON_SUCCESS=none
+ENV EXECUTIONS_DATA_PRUNE=true
+ENV EXECUTIONS_DATA_MAX_AGE=336
+ENV QUEUE_BULL_REDIS_DISABLED=true
+
+# Health/metrics
 ENV N8N_METRICS=true
-ENV N8N_LOG_LEVEL=info
-ENV N8N_LOG_OUTPUT=console
-ENV EXECUTIONS_MODE=queue
-ENV N8N_DISABLE_UI=false
-
-# Create app user for security
-USER root
-
-# Install additional dependencies for AI and automation
-RUN apk add --no-cache \
-    curl \
-    git \
-    python3 \
-    py3-pip \
-    postgresql-client \
-    && pip3 install --no-cache-dir \
-    langchain \
-    chromadb \
-    sentence-transformers
-
-# Create necessary directories
-RUN mkdir -p /home/node/.n8n/custom \
-    && mkdir -p /home/node/.n8n/nodes \
-    && mkdir -p /home/node/.n8n/credentials \
-    && mkdir -p /home/node/knowledge
-
-# Copy custom configurations
-COPY config/custom-nodes.json /home/node/.n8n/custom/
-COPY knowledge/ /home/node/knowledge/
-
-# Set proper permissions
-RUN chown -R node:node /home/node/.n8n \
-    && chown -R node:node /home/node/knowledge \
-    && chmod +x /home/node/knowledge/sync-*.sh
-
-# Switch back to node user
-USER node
-
-# Health check
-HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
-  CMD curl -f http://localhost:7860/healthz || exit 1
-
-# Expose port for Hugging Face Spaces
-EXPOSE 7860
-
-# Start n8n
-CMD ["n8n", "start"]
+ENV QUEUE_HEALTH_CHECK_ACTIVE=true
+
+# Database (set via Secrets in HF Space)
+# ENV DB_TYPE=postgresdb
+# ENV DB_POSTGRESDB_HOST=
+# ENV DB_POSTGRESDB_PORT=5432
+# ENV DB_POSTGRESDB_DATABASE=
+# ENV DB_POSTGRESDB_USER=
+# ENV DB_POSTGRESDB_PASSWORD=
+# ENV DB_POSTGRESDB_SCHEMA=public
+# ENV DB_POSTGRESDB_SSL=true
+# ENV DB_POSTGRESDB_SSL_REJECT_UNAUTHORIZED=false
+
+# Security
+# ENV N8N_ENCRYPTION_KEY=
+# ENV N8N_USER_MANAGEMENT_JWT_SECRET=
+# Optional: protect UI with Basic Auth
+# ENV N8N_BASIC_AUTH_ACTIVE=true
+# ENV N8N_BASIC_AUTH_USER=
+# ENV N8N_BASIC_AUTH_PASSWORD=

docker/docker-compose.yml

@@ -1,101 +1,33 @@
-version: '3.8'
-
+version: "3.9"
 services:
   n8n:
-    build: 
-      context: ..
-      dockerfile: docker/Dockerfile
-    container_name: n8n-automation
-    restart: unless-stopped
+    image: n8nio/n8n:1.108.2
+    container_name: n8n-local
     ports:
-      - "7860:7860"
+      - "5678:5678"
     environment:
-      # Core Configuration
-      - NODE_ENV=production
-      - N8N_PORT=7860
-      - N8N_LISTEN_ADDRESS=0.0.0.0
-      - N8N_PROTOCOL=https
-      - N8N_HOST=${N8N_HOST:-localhost}
-      
-      # Security
-      - N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY}
-      - N8N_USER_MANAGEMENT_JWT_SECRET=${N8N_USER_MANAGEMENT_JWT_SECRET}
-      
-      # Database Configuration
+      - N8N_PORT=5678
+      - N8N_PROTOCOL=http
+      - WEBHOOK_URL=http://localhost:5678/
       - DB_TYPE=postgresdb
-      - DB_POSTGRESDB_HOST=${DB_POSTGRESDB_HOST}
-      - DB_POSTGRESDB_PORT=${DB_POSTGRESDB_PORT:-5432}
-      - DB_POSTGRESDB_DATABASE=${DB_POSTGRESDB_DATABASE}
-      - DB_POSTGRESDB_USER=${DB_POSTGRESDB_USER}
-      - DB_POSTGRESDB_PASSWORD=${DB_POSTGRESDB_PASSWORD}
+      - DB_POSTGRESDB_HOST=${DB_HOST}
+      - DB_POSTGRESDB_PORT=${DB_PORT}
+      - DB_POSTGRESDB_DATABASE=${DB_NAME}
+      - DB_POSTGRESDB_USER=${DB_USER}
+      - DB_POSTGRESDB_PASSWORD=${DB_PASSWORD}
+      - DB_POSTGRESDB_SCHEMA=public
       - DB_POSTGRESDB_SSL=true
-      
-      # Webhooks and External Access
-      - WEBHOOK_URL=${WEBHOOK_URL}
-      - N8N_EDITOR_BASE_URL=${WEBHOOK_URL}
-      
-      # AI and External Integrations
-      - GOOGLE_PROJECT_ID=${GOOGLE_PROJECT_ID}
-      - GOOGLE_CREDENTIALS_PATH=${GOOGLE_CREDENTIALS_PATH}
-      - OPENAI_API_KEY=${OPENAI_API_KEY}
-      - ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
-      
-      # Performance
-      - EXECUTIONS_MODE=queue
+      - DB_POSTGRESDB_SSL_REJECT_UNAUTHORIZED=false
+      - EXECUTIONS_MODE=regular
       - EXECUTIONS_DATA_SAVE_ON_ERROR=all
-      - EXECUTIONS_DATA_SAVE_ON_SUCCESS=all
-      - EXECUTIONS_DATA_SAVE_MANUAL_EXECUTIONS=true
-      
-      # Logging and Monitoring
-      - N8N_LOG_LEVEL=info
-      - N8N_LOG_OUTPUT=console
+      - EXECUTIONS_DATA_SAVE_ON_SUCCESS=none
+      - EXECUTIONS_DATA_PRUNE=true
+      - EXECUTIONS_DATA_MAX_AGE=336
       - N8N_METRICS=true
-      
+      - QUEUE_HEALTH_CHECK_ACTIVE=true
+      - N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY}
+      - N8N_USER_MANAGEMENT_JWT_SECRET=${N8N_USER_MANAGEMENT_JWT_SECRET}
     volumes:
-      - n8n_data:/home/node/.n8n
-      - ./knowledge:/home/node/knowledge:ro
-      - ./config/credentials:/home/node/.n8n/credentials:ro
-      - ./workflows/backup:/home/node/.n8n/backup
-    
-    networks:
-      - n8n-network
-    
-    depends_on:
-      - vector-store
-      - backup-service
-
-  vector-store:
-    image: chromadb/chroma:latest
-    container_name: n8n-vector-store
+      - ./config:/config
+      - ./workflows:/workflows
     restart: unless-stopped
-    ports:
-      - "8000:8000"
-    environment:
-      - CHROMA_SERVER_AUTHN_CREDENTIALS=${CHROMA_AUTH_TOKEN}
-      - CHROMA_SERVER_AUTHN_PROVIDER=chromadb.auth.token.TokenAuthServerProvider
-    volumes:
-      - vector_data:/chroma/chroma
-    networks:
-      - n8n-network
-
-  backup-service:
-    image: alpine:latest
-    container_name: n8n-backup
-    restart: "no"
-    command: /bin/sh -c "while true; do sleep 3600; done"
-    volumes:
-      - n8n_data:/backup/n8n:ro
-      - ./scripts:/scripts:ro
-      - ./workflows/backup:/backup/workflows
-    networks:
-      - n8n-network
-
-volumes:
-  n8n_data:
-    driver: local
-  vector_data:
-    driver: local
-
-networks:
-  n8n-network:
-    driver: bridge

package.json

@@ -5,7 +5,7 @@
   "private": true,
   "keywords": [
     "n8n",
-    "workflow-automation", 
+    "workflow-automation",
     "ai-integration",
     "langchain",
     "vector-database",
@@ -14,25 +14,25 @@
     "devops"
   ],
   "scripts": {
-    "dev": "echo 'Docker is not available in WebContainer environment. Please run this project on a system with Docker installed.'",
-    "start": "echo 'Docker is not available in WebContainer environment. Please run this project on a system with Docker installed.'",
-    "stop": "echo 'Docker is not available in WebContainer environment. Please run this project on a system with Docker installed.'",
-    "logs": "echo 'Docker is not available in WebContainer environment. Please run this project on a system with Docker installed.'",
+    "dev": "echo 'Use Docker Compose para rodar o ambiente: docker-compose -f docker/docker-compose.yml up -d'",
+    "start": "echo 'Use Docker Compose para rodar o ambiente: docker-compose -f docker/docker-compose.yml up -d'",
+    "stop": "docker-compose -f docker/docker-compose.yml down",
+    "logs": "docker-compose -f docker/docker-compose.yml logs -f n8n",
     "backup": "bash scripts/backup.sh",
     "restore": "bash scripts/restore.sh",
     "sync-knowledge": "bash scripts/sync-knowledge.sh",
-    "build": "echo 'Docker is not available in WebContainer environment. Please run this project on a system with Docker installed.'",
-    "clean": "echo 'Docker is not available in WebContainer environment. Please run this project on a system with Docker installed.'",
+    "build": "docker-compose -f docker/docker-compose.yml build",
+    "clean": "docker system prune -af",
     "deploy": "gh workflow run deploy-to-hf.yml",
     "test": "bash scripts/test-infrastructure.sh"
   },
   "repository": {
     "type": "git",
-    "url": "https://github.com/your-username/n8n-infra.git"
+    "url": "https://github.com/danilonovaisv/n8n-infra.git"
   },
   "author": {
-    "name": "Your Name",
-    "email": "your-email@example.com"
+    "name": "Danilo Novais",
+    "email": "danilo_novais@yahoo.com.br"
   },
   "license": "Apache-2.0",
   "engines": {
@@ -42,4 +42,4 @@
   "devDependencies": {
     "@types/node": "^20.0.0"
   }
-}
+}

scripts/backup.sh

@@ -1,198 +1,23 @@
-#!/bin/bash
-
-# n8n Infrastructure Backup Script
-# Backs up workflows, credentials, and configurations
-# Usage: ./backup.sh [backup-name]
-
+#!/usr/bin/env bash
 set -euo pipefail
 
-# Configuration
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
-BACKUP_DIR="$PROJECT_ROOT/workflows/backup"
-TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
-BACKUP_NAME="${1:-n8n_backup_$TIMESTAMP}"
-
-# Colors for output
-RED='\033[0;31m'
-GREEN='\033[0;32m'
-YELLOW='\033[1;33m'
-NC='\033[0m' # No Color
-
-log_info() {
-    echo -e "${GREEN}[INFO]${NC} $1"
-}
-
-log_warn() {
-    echo -e "${YELLOW}[WARN]${NC} $1"
-}
-
-log_error() {
-    echo -e "${RED}[ERROR]${NC} $1"
-}
-
-# Check if Docker is running
-check_docker() {
-    if ! docker ps > /dev/null 2>&1; then
-        log_error "Docker is not running or accessible"
-        exit 1
-    fi
-}
-
-# Create backup directory
-create_backup_dir() {
-    local backup_path="$BACKUP_DIR/$BACKUP_NAME"
-    mkdir -p "$backup_path"
-    echo "$backup_path"
-}
-
-# Backup n8n workflows via API
-backup_workflows() {
-    local backup_path="$1"
-    local container_name="n8n-automation"
-    
-    log_info "Backing up n8n workflows..."
-    
-    if docker ps --format '{{.Names}}' | grep -q "^$container_name$"; then
-        # Export workflows using n8n CLI inside container
-        docker exec "$container_name" n8n export:workflow --all --output="/home/node/.n8n/backup/workflows_$TIMESTAMP.json" || {
-            log_warn "Failed to export workflows via CLI, trying API approach"
-            return 1
-        }
-        
-        # Copy exported file to backup directory
-        docker cp "$container_name:/home/node/.n8n/backup/workflows_$TIMESTAMP.json" "$backup_path/"
-        log_info "Workflows backed up successfully"
-    else
-        log_error "n8n container not found or not running"
-        return 1
-    fi
-}
-
-# Backup credentials (encrypted)
-backup_credentials() {
-    local backup_path="$1"
-    local container_name="n8n-automation"
-    
-    log_info "Backing up encrypted credentials..."
-    
-    if docker ps --format '{{.Names}}' | grep -q "^$container_name$"; then
-        docker cp "$container_name:/home/node/.n8n/credentials" "$backup_path/" 2>/dev/null || {
-            log_warn "No credentials found or access denied"
-        }
-    fi
-}
-
-# Backup database schema and essential data
-backup_database() {
-    local backup_path="$1"
-    
-    log_info "Backing up database schema..."
-    
-    if [[ -n "${DB_POSTGRESDB_PASSWORD:-}" ]]; then
-        export PGPASSWORD="$DB_POSTGRESDB_PASSWORD"
-        
-        pg_dump \
-            --host="${DB_POSTGRESDB_HOST}" \
-            --port="${DB_POSTGRESDB_PORT:-5432}" \
-            --username="${DB_POSTGRESDB_USER}" \
-            --dbname="${DB_POSTGRESDB_DATABASE}" \
-            --schema-only \
-            --no-owner \
-            --no-privileges \
-            > "$backup_path/schema_$TIMESTAMP.sql" || {
-            log_error "Database backup failed"
-            return 1
-        }
-        
-        log_info "Database schema backed up successfully"
-    else
-        log_warn "Database credentials not available, skipping database backup"
-    fi
-}
-
-# Backup knowledge base content
-backup_knowledge() {
-    local backup_path="$1"
-    
-    log_info "Backing up knowledge base..."
-    
-    if [[ -d "$PROJECT_ROOT/knowledge" ]]; then
-        cp -r "$PROJECT_ROOT/knowledge" "$backup_path/"
-        log_info "Knowledge base backed up successfully"
-    else
-        log_warn "Knowledge base directory not found"
-    fi
-}
+: "${DB_HOST?Missing DB_HOST}"
+: "${DB_PORT:=5432}"
+: "${DB_NAME?Missing DB_NAME}"
+: "${DB_USER?Missing DB_USER}"
+: "${DB_PASSWORD?Missing DB_PASSWORD}"
+: "${N8N_BASE_URL?Missing N8N_BASE_URL}"
+: "${N8N_API_KEY?Missing N8N_API_KEY}"
 
-# Create backup metadata
-create_metadata() {
-    local backup_path="$1"
-    
-    cat > "$backup_path/backup_metadata.json" << EOF
-{
-  "backup_name": "$BACKUP_NAME",
-  "timestamp": "$TIMESTAMP",
-  "created_at": "$(date -Iseconds)",
-  "n8n_version": "$(docker exec n8n-automation n8n --version 2>/dev/null || echo 'unknown')",
-  "backup_type": "full",
-  "components": [
-    "workflows",
-    "credentials",
-    "database_schema",
-    "knowledge_base"
-  ],
-  "notes": "Automated backup created by backup.sh script"
-}
-EOF
-}
+TS=$(date +%Y%m%d-%H%M%S)
+OUTDIR="workflows/backup/${TS}"
+mkdir -p "$OUTDIR"
 
-# Cleanup old backups
-cleanup_old_backups() {
-    local retention_days="${BACKUP_RETENTION_DAYS:-30}"
-    
-    log_info "Cleaning up backups older than $retention_days days..."
-    
-    find "$BACKUP_DIR" -type d -name "n8n_backup_*" -mtime "+$retention_days" -exec rm -rf {} + 2>/dev/null || true
-}
+echo "==> Dumping Postgres (Supabase) ..."
+export PGPASSWORD="${DB_PASSWORD}"
+pg_dump -h "${DB_HOST}" -p "${DB_PORT}" -U "${DB_USER}" -d "${DB_NAME}" -F c -Z 5 -f "${OUTDIR}/db.dump"
 
-# Main backup process
-main() {
-    log_info "Starting n8n infrastructure backup: $BACKUP_NAME"
-    
-    # Preliminary checks
-    check_docker
-    
-    # Load environment variables
-    if [[ -f "$PROJECT_ROOT/.env" ]]; then
-        source "$PROJECT_ROOT/.env"
-    fi
-    
-    # Create backup directory
-    local backup_path=$(create_backup_dir)
-    log_info "Backup directory created: $backup_path"
-    
-    # Perform backups
-    backup_workflows "$backup_path" || log_warn "Workflow backup incomplete"
-    backup_credentials "$backup_path" || log_warn "Credentials backup incomplete"
-    backup_database "$backup_path" || log_warn "Database backup incomplete"
-    backup_knowledge "$backup_path" || log_warn "Knowledge base backup incomplete"
-    
-    # Create metadata
-    create_metadata "$backup_path"
-    
-    # Cleanup old backups
-    cleanup_old_backups
-    
-    log_info "Backup completed successfully: $backup_path"
-    
-    # Optional: Create compressed archive
-    if command -v tar > /dev/null; then
-        local archive_name="$BACKUP_DIR/${BACKUP_NAME}.tar.gz"
-        tar -czf "$archive_name" -C "$BACKUP_DIR" "$BACKUP_NAME"
-        log_info "Compressed backup created: $archive_name"
-    fi
-}
+echo "==> Exporting n8n workflows ..."
+curl -sS -H "X-N8N-API-KEY: ${N8N_API_KEY}"       "${N8N_BASE_URL}/rest/workflows" > "${OUTDIR}/workflows.json"
 
-# Run main function
-main "$@"
+echo "==> Done. Artifacts at ${OUTDIR}"

scripts/restore.sh

@@ -1,204 +1,14 @@
-#!/bin/bash
-
-# n8n Infrastructure Restore Script
-# Restores workflows, credentials, and configurations from backup
-# Usage: ./restore.sh <backup-name>
-
+#!/usr/bin/env bash
 set -euo pipefail
 
-# Configuration
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-PROJECT_ROOT="$(dirname "$SCRIPT_DIR")"
-BACKUP_DIR="$PROJECT_ROOT/workflows/backup"
-
-# Colors for output
-RED='\033[0;31m'
-GREEN='\033[0;32m'
-YELLOW='\033[1;33m'
-NC='\033[0m' # No Color
-
-log_info() {
-    echo -e "${GREEN}[INFO]${NC} $1"
-}
-
-log_warn() {
-    echo -e "${YELLOW}[WARN]${NC} $1"
-}
-
-log_error() {
-    echo -e "${RED}[ERROR]${NC} $1"
-}
-
-# Validate backup name argument
-if [[ $# -eq 0 ]]; then
-    log_error "Usage: $0 <backup-name>"
-    log_info "Available backups:"
-    ls -1 "$BACKUP_DIR" | grep -E "^n8n_backup_" | head -10
-    exit 1
-fi
-
-BACKUP_NAME="$1"
-BACKUP_PATH="$BACKUP_DIR/$BACKUP_NAME"
-
-# Check if backup exists
-if [[ ! -d "$BACKUP_PATH" ]]; then
-    # Try with .tar.gz extension
-    if [[ -f "$BACKUP_DIR/$BACKUP_NAME.tar.gz" ]]; then
-        log_info "Found compressed backup, extracting..."
-        tar -xzf "$BACKUP_DIR/$BACKUP_NAME.tar.gz" -C "$BACKUP_DIR"
-    else
-        log_error "Backup not found: $BACKUP_NAME"
-        exit 1
-    fi
-fi
-
-# Verify backup integrity
-verify_backup() {
-    local metadata_file="$BACKUP_PATH/backup_metadata.json"
-    
-    if [[ ! -f "$metadata_file" ]]; then
-        log_warn "Backup metadata not found, proceeding with caution"
-        return 0
-    fi
-    
-    log_info "Backup verification:"
-    cat "$metadata_file" | jq -r '.backup_name, .created_at, .backup_type'
-}
-
-# Restore workflows
-restore_workflows() {
-    local container_name="n8n-automation"
-    
-    log_info "Restoring workflows..."
-    
-    if ! docker ps --format '{{.Names}}' | grep -q "^$container_name$"; then
-        log_error "n8n container not running. Start the container first."
-        return 1
-    fi
-    
-    # Find workflow backup file
-    local workflow_file=$(find "$BACKUP_PATH" -name "workflows_*.json" | head -1)
-    
-    if [[ -n "$workflow_file" ]]; then
-        # Copy workflow file to container
-        docker cp "$workflow_file" "$container_name:/tmp/workflows_restore.json"
-        
-        # Import workflows
-        docker exec "$container_name" n8n import:workflow --input="/tmp/workflows_restore.json" || {
-            log_error "Failed to import workflows"
-            return 1
-        }
-        
-        log_info "Workflows restored successfully"
-    else
-        log_warn "No workflow backup file found"
-    fi
-}
-
-# Restore credentials
-restore_credentials() {
-    local container_name="n8n-automation"
-    
-    log_info "Restoring credentials..."
-    
-    if [[ -d "$BACKUP_PATH/credentials" ]]; then
-        docker cp "$BACKUP_PATH/credentials/." "$container_name:/home/node/.n8n/credentials/"
-        log_info "Credentials restored successfully"
-    else
-        log_warn "No credentials backup found"
-    fi
-}
-
-# Restore database (schema only, data should be preserved)
-restore_database() {
-    log_info "Restoring database schema..."
-    
-    local schema_file=$(find "$BACKUP_PATH" -name "schema_*.sql" | head -1)
-    
-    if [[ -n "$schema_file" && -n "${DB_POSTGRESDB_PASSWORD:-}" ]]; then
-        export PGPASSWORD="$DB_POSTGRESDB_PASSWORD"
-        
-        log_warn "This will update database schema. Proceed? (y/N)"
-        read -r response
-        if [[ "$response" =~ ^[Yy]$ ]]; then
-            psql \
-                --host="${DB_POSTGRESDB_HOST}" \
-                --port="${DB_POSTGRESDB_PORT:-5432}" \
-                --username="${DB_POSTGRESDB_USER}" \
-                --dbname="${DB_POSTGRESDB_DATABASE}" \
-                --file="$schema_file" || {
-                log_error "Database restore failed"
-                return 1
-            }
-            log_info "Database schema restored successfully"
-        else
-            log_info "Database restore skipped"
-        fi
-    else
-        log_warn "No database backup found or credentials missing"
-    fi
-}
-
-# Restart services after restore
-restart_services() {
-    log_info "Restarting n8n services..."
-    
-    docker-compose -f "$PROJECT_ROOT/docker/docker-compose.yml" restart n8n
-    
-    # Wait for service to be ready
-    local max_attempts=30
-    local attempt=1
-    
-    while [[ $attempt -le $max_attempts ]]; do
-        if curl -f http://localhost:7860/healthz > /dev/null 2>&1; then
-            log_info "n8n service is ready"
-            break
-        fi
-        
-        log_info "Waiting for n8n to start... ($attempt/$max_attempts)"
-        sleep 10
-        ((attempt++))
-    done
-    
-    if [[ $attempt -gt $max_attempts ]]; then
-        log_error "n8n failed to start after restore"
-        return 1
-    fi
-}
-
-# Main restore process
-main() {
-    log_info "Starting n8n infrastructure restore: $BACKUP_NAME"
-    
-    # Load environment variables
-    if [[ -f "$PROJECT_ROOT/.env" ]]; then
-        source "$PROJECT_ROOT/.env"
-    fi
-    
-    # Verify backup
-    verify_backup
-    
-    # Confirm restore operation
-    log_warn "This will restore n8n configuration from backup: $BACKUP_NAME"
-    log_warn "Current workflows and credentials may be overwritten. Continue? (y/N)"
-    read -r response
-    
-    if [[ ! "$response" =~ ^[Yy]$ ]]; then
-        log_info "Restore operation cancelled"
-        exit 0
-    fi
-    
-    # Perform restore operations
-    restore_workflows || log_warn "Workflow restore incomplete"
-    restore_credentials || log_warn "Credentials restore incomplete"
-    restore_database || log_warn "Database restore incomplete"
-    
-    # Restart services
-    restart_services
-    
-    log_info "Restore completed successfully"
-    log_info "Access your n8n instance at: ${WEBHOOK_URL:-http://localhost:7860}"
-}
-
-# Run main function
-main "$@"
+: "${DB_HOST?Missing DB_HOST}"
+: "${DB_PORT:=5432}"
+: "${DB_NAME?Missing DB_NAME}"
+: "${DB_USER?Missing DB_USER}"
+: "${DB_PASSWORD?Missing DB_PASSWORD}"
+: "${DUMP_PATH?Usage: DUMP_PATH=/path/to/db.dump ./scripts/restore.sh}"
+
+echo "==> Restoring Postgres from ${DUMP_PATH} ..."
+export PGPASSWORD="${DB_PASSWORD}"
+pg_restore -h "${DB_HOST}" -p "${DB_PORT}" -U "${DB_USER}" -d "${DB_NAME}" --clean --if-exists "${DUMP_PATH}"
+echo "==> Done."

scripts/sync-knowledge.mjs

@@ -0,0 +1,95 @@
+// Node 20 script: sync knowledge repos into Supabase with embeddings
+// Requires: OPENAI_API_KEY, SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY, KNOWLEDGE_REPO_URL, KNOWLEDGE_DIRS
+import { createClient } from '@supabase/supabase-js';
+import crypto from 'node:crypto';
+import { execSync } from 'node:child_process';
+import fs from 'node:fs';
+import path from 'node:path';
+import process from 'node:process';
+import OpenAI from 'openai';
+
+const {
+  OPENAI_API_KEY,
+  SUPABASE_URL,
+  SUPABASE_SERVICE_ROLE_KEY,
+  KNOWLEDGE_REPO_URL,
+  KNOWLEDGE_DIRS = 'projects/n8n,projects/videos-e-animacoes,projects/midjorney-prompt',
+} = process.env;
+
+if (!SUPABASE_URL || !SUPABASE_SERVICE_ROLE_KEY || !KNOWLEDGE_REPO_URL) {
+  console.error('Missing env SUPABASE_URL or SUPABASE_SERVICE_ROLE_KEY or KNOWLEDGE_REPO_URL');
+  process.exit(1);
+}
+
+const openai = OPENAI_API_KEY ? new OpenAI({ apiKey: OPENAI_API_KEY }) : null;
+const supabase = createClient(SUPABASE_URL, SUPABASE_SERVICE_ROLE_KEY);
+
+const workdir = path.resolve('knowledge');
+if (!fs.existsSync(workdir)) fs.mkdirSync(workdir, { recursive: true });
+
+const repoDir = path.join(workdir, 'CHATGPT-knowledge-base');
+if (!fs.existsSync(repoDir)) {
+  console.log('Cloning KB repo...');
+  execSync(`git clone --depth 1 ${KNOWLEDGE_REPO_URL} ${repoDir}`, { stdio: 'inherit' });
+} else {
+  console.log('Pulling KB repo...');
+  execSync(`git -C ${repoDir} pull`, { stdio: 'inherit' });
+}
+
+const dirs = KNOWLEDGE_DIRS.split(',').map(s => s.trim());
+
+function sha256(s){ return crypto.createHash('sha256').update(s).digest('hex'); }
+
+async function upsertDoc(pth, content) {
+  const title = path.basename(pth);
+  const hash = sha256(content);
+
+  // Upsert document
+  const { data: doc, error: docErr } = await supabase
+    .from('knowledge.documents')
+    .upsert({ path: pth, title, content, hash }, { onConflict: 'path' })
+    .select()
+    .single();
+  if (docErr) throw docErr;
+
+  if (openai) {
+    // Embedding
+    const input = content.slice(0, 12000); // truncate
+    const emb = await openai.embeddings.create({
+      model: 'text-embedding-3-large',
+      input
+    });
+    const vector = emb.data[0].embedding;
+
+    const { error: embErr } = await supabase
+      .from('knowledge.embeddings')
+      .upsert({ doc_id: doc.id, embedding: vector, model: 'text-embedding-3-large' });
+    if (embErr) throw embErr;
+  } else {
+    console.warn('OPENAI_API_KEY not set, skipping embeddings for', pth);
+  }
+}
+
+async function main() {
+  for (const rel of dirs) {
+    const abs = path.join(repoDir, rel);
+    if (!fs.existsSync(abs)) {
+      console.warn('Skip missing dir:', rel);
+      continue;
+    }
+    const entries = await fs.promises.readdir(abs, { withFileTypes: true });
+    for (const ent of entries) {
+      const full = path.join(abs, ent.name);
+      if (ent.isDirectory()) continue;
+      if (!/\.(md|markdown|json|txt)$/i.test(ent.name)) continue;
+
+      const content = await fs.promises.readFile(full, 'utf8');
+      const repoRelPath = path.relative(repoDir, full);
+      console.log('Ingest:', repoRelPath);
+      await upsertDoc(repoRelPath, content);
+    }
+  }
+  console.log('Sync complete');
+}
+
+main().catch(err => { console.error(err); process.exit(1); });

supabase/schema.sql

@@ -0,0 +1,32 @@
+-- Enable pgvector (Supabase: run as superuser/migration)
+create extension if not exists vector;
+
+-- Schema
+create schema if not exists knowledge;
+
+-- Documents table
+create table if not exists knowledge.documents (
+  id uuid primary key default gen_random_uuid(),
+  path text unique not null,
+  title text,
+  content text,
+  source_url text,
+  hash text not null,
+  updated_at timestamptz not null default now()
+);
+
+-- Embeddings table (OpenAI text-embedding-3-large: 3072 dims; adjust if needed)
+create table if not exists knowledge.embeddings (
+  doc_id uuid primary key references knowledge.documents(id) on delete cascade,
+  embedding vector(3072) not null,
+  model text default 'text-embedding-3-large'
+);
+
+-- Vector index (IVFFLAT)
+create index if not exists idx_embeddings_ivfflat on knowledge.embeddings using ivfflat (embedding vector_l2_ops) with (lists = 100);
+
+-- Helpful view
+create or replace view knowledge.searchable as
+  select d.id, d.title, d.path, d.source_url, d.updated_at
+  from knowledge.documents d
+  order by d.updated_at desc;

workflows/examples/knowledge-sync-blueprint.json

@@ -0,0 +1,76 @@
+{
+  "name": "Knowledge Sync (Webhook \u2192 Postgres)",
+  "nodes": [
+    {
+      "parameters": {},
+      "id": "Start",
+      "name": "Webhook Trigger",
+      "type": "n8n-nodes-base.webhook",
+      "typeVersion": 1,
+      "position": [
+        -460,
+        0
+      ],
+      "webhookId": "replace-with-your-id",
+      "path": "knowledge-sync",
+      "httpMethod": "POST",
+      "responseMode": "onReceived",
+      "responseData": "allEntries"
+    },
+    {
+      "parameters": {
+        "functionCode": "items = items.map(item => ({ json: {\n  path: item.json.path,\n  title: item.json.title || item.json.path.split('/').pop(),\n  content: item.json.content,\n  hash: item.json.hash\n}}));\nreturn items;"
+      },
+      "id": "Map",
+      "name": "Map Fields",
+      "type": "n8n-nodes-base.function",
+      "typeVersion": 2,
+      "position": [
+        -200,
+        0
+      ]
+    },
+    {
+      "parameters": {
+        "operation": "executeQuery",
+        "query": "INSERT INTO knowledge.documents(path, title, content, hash)\nVALUES(:path, :title, :content, :hash)\nON CONFLICT (path) DO UPDATE SET\n  title=EXCLUDED.title,\n  content=EXCLUDED.content,\n  hash=EXCLUDED.hash,\n  updated_at=now()\nRETURNING id;"
+      },
+      "id": "Postgres",
+      "name": "Postgres Upsert",
+      "type": "n8n-nodes-base.postgres",
+      "typeVersion": 1,
+      "position": [
+        60,
+        0
+      ],
+      "credentials": {
+        "postgres": "REPLACE_WITH_YOUR_CREDENTIAL"
+      }
+    }
+  ],
+  "connections": {
+    "Webhook Trigger": {
+      "main": [
+        [
+          {
+            "node": "Map Fields",
+            "type": "main",
+            "index": 0
+          }
+        ]
+      ]
+    },
+    "Map Fields": {
+      "main": [
+        [
+          {
+            "node": "Postgres Upsert",
+            "type": "main",
+            "index": 0
+          }
+        ]
+      ]
+    }
+  },
+  "active": false
+}