feat: add workflows for nightly backups, deployment to Hugging Face, and knowledge base sync; include scripts for backup and restore

n8n-infra/.github/workflows/backup-workflows.yml

@@ -0,0 +1,41 @@
+name: Nightly Backups (DB + Workflows)
+
+on:
+  schedule:
+    - cron: '0 3 * * *'  # daily at 03:00 UTC
+  workflow_dispatch: {}
+
+jobs:
+  backup:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install tools
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y --no-install-recommends postgresql-client jq curl
+
+      - name: Run backup script
+        env:
+          DB_POSTGRESDB_HOST: ${{ secrets.DB_POSTGRESDB_HOST }}
+          DB_POSTGRESDB_PORT: ${{ secrets.DB_POSTGRESDB_PORT }}
+          DB_POSTGRESDB_DATABASE: ${{ secrets.DB_POSTGRESDB_DATABASE }}
+          DB_POSTGRESDB_USER: ${{ secrets.DB_POSTGRESDB_USER }}
+          DB_POSTGRESDB_PASSWORD: ${{ secrets.DB_POSTGRESDB_PASSWORD }}
+          N8N_URL: ${{ secrets.N8N_URL }}
+          N8N_API_KEY: ${{ secrets.N8N_API_KEY }}
+        run: |
+          bash n8n-infra/scripts/backup.sh
+
+      - name: Commit and push backups
+        if: ${{ success() }}
+        run: |
+          git config user.email "[email protected]"
+          git config user.name "github-actions[bot]"
+          git add n8n-infra/workflows/backup || true
+          git add n8n-infra/backups || true
+          git commit -m "chore(backups): nightly DB + workflow exports" || echo "No changes to commit"
+          git push
+

n8n-infra/.github/workflows/deploy-to-hf.yml

@@ -0,0 +1,63 @@
+name: Deploy to Hugging Face Space
+
+on:
+  push:
+    branches: [ main ]
+    paths:
+      - 'n8n-infra/docker/Dockerfile'
+      - 'n8n-infra/.github/workflows/deploy-to-hf.yml'
+  workflow_dispatch: {}
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Prepare Space push payload
+        id: prep
+        run: |
+          mkdir -p space_push
+          cp n8n-infra/docker/Dockerfile space_push/Dockerfile
+          echo "# n8n Docker Space" > space_push/README.md
+          echo "Deployed from GitHub via Actions." >> space_push/README.md
+
+      - name: Configure git
+        run: |
+          git config --global user.email "[email protected]"
+          git config --global user.name "github-actions[bot]"
+
+      - name: Push to Hugging Face Space
+        env:
+          HF_TOKEN: ${{ secrets.HF_TOKEN }}
+          HF_SPACE_ID: ${{ secrets.HF_SPACE_ID }}
+        run: |
+          if [ -z "${HF_TOKEN}" ] || [ -z "${HF_SPACE_ID}" ]; then
+            echo "HF_TOKEN or HF_SPACE_ID is not set" >&2
+            exit 1
+          fi
+          cd space_push
+          git init
+          git add .
+          git commit -m "Deploy from GitHub Actions"
+          git branch -M main
+          git remote add origin https://user:${HF_TOKEN}@huggingface.co/spaces/${HF_SPACE_ID}
+          git push -f origin main
+
+      - name: Request Space restart
+        env:
+          HF_TOKEN: ${{ secrets.HF_TOKEN }}
+          HF_SPACE_ID: ${{ secrets.HF_SPACE_ID }}
+        run: |
+          python3 - <<'PY'
+import os
+from huggingface_hub import HfApi
+
+token = os.environ["HF_TOKEN"]
+space = os.environ["HF_SPACE_ID"]
+api = HfApi(token=token)
+api.restart_space(repo_id=space)
+print(f"Restart requested for Space: {space}")
+PY
+

n8n-infra/.github/workflows/sync-knowledge.yml

@@ -0,0 +1,33 @@
+name: Sync Knowledge Base
+
+on:
+  schedule:
+    - cron: '0 */12 * * *'  # every 12 hours
+  workflow_dispatch: {}
+
+jobs:
+  sync:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install git and rsync
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y --no-install-recommends git rsync curl
+
+      - name: Sync repos and trigger ingestion
+        env:
+          WEBHOOK_URL: ${{ secrets.N8N_INGEST_WEBHOOK_URL }}
+        run: |
+          bash n8n-infra/scripts/sync-knowledge.sh
+
+      - name: Commit and push updated knowledge mirror
+        run: |
+          git config user.email "[email protected]"
+          git config user.name "github-actions[bot]"
+          git add n8n-infra/knowledge || true
+          git commit -m "chore(knowledge): sync mirrors" || echo "No changes to commit"
+          git push
+

n8n-infra/README.md

@@ -0,0 +1,190 @@
+# n8n Infrastructure on Hugging Face Spaces + Supabase
+
+This repository provides infra-as-code, Docker assets, automation scripts, and CI/CD to run a self-hosted n8n instance on Hugging Face Spaces with Supabase (Postgres + SSL) as the database, optional vector store, and knowledge base sync.
+
+## Overview
+
+- Containerization: Docker (pinned n8n version) and Docker Compose
+- Orchestration: Hugging Face Spaces (Docker Space)
+- Database: Supabase Postgres (SSL required)
+- Vector Store: pgvector on Supabase or optional Qdrant service for local dev
+- Integrations: GitHub, Google Cloud CLI, Vertex AI, LangChain community nodes
+- Automation: Backups (DB + workflows), knowledge sync, CI/CD with GitHub Actions
+
+## Repository Structure
+
+```
+n8n-infra/
+  docker/
+    Dockerfile
+    docker-compose.yml
+  config/
+    .env.example
+    credentials/
+  workflows/
+    backup/
+  knowledge/
+    n8n/
+    videos-e-animacoes/
+    midjourney-prompt/
+  scripts/
+    backup.sh
+    restore.sh
+    sync-knowledge.sh
+  .github/
+    workflows/
+      deploy-to-hf.yml
+      backup-workflows.yml
+      sync-knowledge.yml
+  README.md
+```
+
+Notes:
+- CI files are in `.github/workflows` (standard for GitHub Actions).
+- Secrets are provided via repo/Actions secrets or environment variables at runtime.
+
+## Prerequisites
+
+- Supabase project with SSL enabled and (optionally) pgvector extension enabled
+- Hugging Face account with a Docker Space created
+- GitHub repository (this repo) with Actions enabled
+- Local: Docker and Docker Compose installed
+
+## Configuration
+
+1) Copy the env template and fill values:
+
+```
+cp config/.env.example config/.env
+```
+
+Key variables (see `config/.env.example` for full list):
+- N8N_ENCRYPTION_KEY, N8N_USER_MANAGEMENT_JWT_SECRET
+- DB_* for Supabase (host, db, user, password) with `DB_POSTGRESDB_SSL=true`
+- WEBHOOK_URL (public URL for n8n webhooks)
+- HF_TOKEN, GITHUB_TOKEN (for CI/CD & sync jobs)
+- GOOGLE_PROJECT_ID, GOOGLE_CREDENTIALS_PATH (if using Google/Vertex)
+- N8N_API_KEY and N8N_URL for workflow export API
+
+Store any OAuth JSON/keyfiles under `config/credentials/` (keep them out of Git).
+
+Placeholders to populate in `config/.env` (high priority):
+- N8N_ENCRYPTION_KEY=
+- N8N_USER_MANAGEMENT_JWT_SECRET=
+- DB_TYPE=postgresdb
+- DB_POSTGRESDB_HOST=
+- DB_POSTGRESDB_PORT=5432
+- DB_POSTGRESDB_DATABASE=
+- DB_POSTGRESDB_USER=
+- DB_POSTGRESDB_PASSWORD=
+- DB_POSTGRESDB_SSL=true
+- WEBHOOK_URL=
+- HF_TOKEN=
+- GITHUB_TOKEN=
+- GOOGLE_PROJECT_ID=
+- GOOGLE_CREDENTIALS_PATH=
+
+## Local Development with Docker Compose
+
+1) Ensure `config/.env` is present and valid. For local testing you can point to Supabase or a local Postgres; for Supabase, keep SSL enabled.
+
+2) Start services:
+
+```
+cd n8n-infra/docker
+docker compose --env-file ../config/.env up -d
+```
+
+Services:
+- n8n: http://localhost:5678 (first user registration on first run)
+- Optional vector DB: Qdrant at http://localhost:6333
+
+3) Stop services:
+
+```
+docker compose --env-file ../config/.env down
+```
+
+## Deploy on Hugging Face Spaces (Docker)
+
+1) Create a Space (type: Docker) on Hugging Face.
+
+2) Configure repository secrets in GitHub:
+- `HF_TOKEN`: a write token for the Space
+- `HF_SPACE_ID`: e.g. `org-or-user/space-name`
+
+3) CI/CD: The workflow `deploy-to-hf.yml` pushes a minimal Space repository that contains the Dockerfile. On push to `main` or manual dispatch, it:
+- Copies `n8n-infra/docker/Dockerfile` to a temporary directory
+- Commits and pushes that directory to the Space git repo
+- Requests a Space restart/rebuild
+
+You can customize the pushed contents if you need additional runtime assets.
+
+4) Space Secrets: In the Space settings, define the same environment variables as in `config/.env` for production (e.g., DB_*, N8N_ENCRYPTION_KEY, N8N_USER_MANAGEMENT_JWT_SECRET, WEBHOOK_URL, GOOGLE_*). These are injected at container runtime.
+
+## Supabase Setup
+
+1) Create a Supabase project and note the host, database, user, and password.
+
+2) SSL enforcement:
+- Keep `DB_POSTGRESDB_SSL=true`
+- If Supabase requires, set `DB_POSTGRESDB_SSL_REJECT_UNAUTHORIZED=false`
+
+3) Vector support:
+- Option A (recommended): Enable pgvector on your Supabase Postgres for unified storage of embeddings.
+- Option B: Use an external vector DB (e.g., Qdrant) for local dev or if preferred.
+
+## Backups and Restores
+
+Workflows and DB backups can run locally or via GitHub Actions.
+
+- Backup script:
+  - DB: `pg_dump` with SSL required
+  - Workflows: Export via n8n REST API (`N8N_URL` + `N8N_API_KEY`)
+
+Run locally:
+
+```
+bash n8n-infra/scripts/backup.sh
+```
+
+Restore locally (from a `.sql` dump):
+
+```
+bash n8n-infra/scripts/restore.sh path/to/backup.sql
+```
+
+Nightly backups via Actions: see `.github/workflows/backup-workflows.yml`.
+
+## Knowledge Base Sync
+
+The `sync-knowledge.sh` script pulls the specified GitHub repos into `n8n-infra/knowledge/` and then triggers ingestion (either via an n8n webhook you define or your own ingestion script) into your chosen vector store (pgvector or Qdrant).
+
+Run locally:
+
+```
+bash n8n-infra/scripts/sync-knowledge.sh
+```
+
+Automated: see `.github/workflows/sync-knowledge.yml`.
+
+## LangChain, Agents, and Community Nodes
+
+The Dockerfile enables community nodes and includes a placeholder list via `N8N_COMMUNITY_PACKAGES`. Add or adjust packages for LangChain, Google APIs, Vertex AI, etc. Configure related credentials via environment variables and `config/credentials/`.
+
+Notes for n8n community nodes:
+- Ensure `N8N_ENABLE_COMMUNITY_NODES=true`
+- Set `N8N_COMMUNITY_PACKAGES` to include packages like `n8n-nodes-langchain`, `n8n-nodes-google`, and any Vertex AI integrations you use.
+- After first run, verify nodes appear in the n8n editor.
+
+## Rollback Strategy
+
+- Hugging Face Space: Use the Space’s git history to roll back to a previous commit or re-run a prior successful build.
+- GitHub Actions: Redeploy a previous commit via workflow “Run workflow” (manual dispatch).
+- Database: Restore using `scripts/restore.sh` from a prior `.sql` dump.
+
+## Security Notes
+
+- Never commit real secrets. Use `config/.env` locally and GitHub Actions secrets in CI.
+- Use SSL for DB connections (`DB_POSTGRESDB_SSL=true`). For Supabase, set `DB_POSTGRESDB_SSL_REJECT_UNAUTHORIZED=false` if required.
+- Rotate keys regularly (`N8N_ENCRYPTION_KEY`, `N8N_USER_MANAGEMENT_JWT_SECRET`).

n8n-infra/config/.env.example

@@ -0,0 +1,39 @@
+# n8n core
+N8N_ENCRYPTION_KEY=
+N8N_USER_MANAGEMENT_JWT_SECRET=
+N8N_HOST=localhost
+N8N_PORT=5678
+N8N_PROTOCOL=http
+
+# Database (Supabase Postgres)
+DB_TYPE=postgresdb
+DB_POSTGRESDB_HOST=
+DB_POSTGRESDB_PORT=5432
+DB_POSTGRESDB_DATABASE=
+DB_POSTGRESDB_USER=
+DB_POSTGRESDB_PASSWORD=
+DB_POSTGRESDB_SSL=true
+DB_POSTGRESDB_SSL_REJECT_UNAUTHORIZED=false
+
+# Webhooks
+WEBHOOK_URL=
+
+# Tokens and external integrations
+HF_TOKEN=
+GITHUB_TOKEN=
+
+# Google / Vertex AI
+GOOGLE_PROJECT_ID=
+GOOGLE_CREDENTIALS_PATH=/home/node/.n8n/credentials/google-credentials.json
+
+# Community packages (adjust as needed)
+N8N_ENABLE_COMMUNITY_NODES=true
+N8N_COMMUNITY_PACKAGES=["n8n-nodes-langchain","n8n-nodes-google","n8n-nodes-vertexai"]
+
+# n8n API (for exporting workflows)
+N8N_URL=http://localhost:5678
+N8N_API_KEY=
+
+# Optional Vector DB (local dev)
+QDRANT_URL=http://localhost:6333
+

n8n-infra/config/credentials/.gitkeep

@@ -0,0 +1 @@
+

n8n-infra/docker/Dockerfile

@@ -0,0 +1,31 @@
+# Base: pinned n8n image (do not use latest)
+FROM n8nio/n8n:1.53.1
+
+# Switch to root to install deps
+USER root
+
+# Install OS tools: git, curl, jq, Postgres client, Python, and Google Cloud CLI
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+      git curl jq postgresql-client python3 python3-pip ca-certificates gnupg && \
+    echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | tee /etc/apt/sources.list.d/google-cloud-sdk.list && \
+    curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor -o /usr/share/keyrings/cloud.google.gpg && \
+    apt-get update && apt-get install -y --no-install-recommends google-cloud-cli && \
+    rm -rf /var/lib/apt/lists/*
+
+# Create directories for custom packages and knowledge/workflows mounts
+RUN mkdir -p /home/node/.n8n/custom \
+    && chown -R node:node /home/node/.n8n
+
+# Enable community nodes and declare default packages (adjust as needed)
+ENV N8N_ENABLE_COMMUNITY_NODES=true \
+    N8N_COMMUNITY_PACKAGES='["n8n-nodes-langchain", "n8n-nodes-google", "n8n-nodes-vertexai"]'
+
+# Drop back to the n8n user
+USER node
+
+# Expose default n8n port
+EXPOSE 5678
+
+# n8n entrypoint is provided by the base image
+

n8n-infra/docker/docker-compose.yml

@@ -0,0 +1,46 @@
+version: "3.8"
+
+services:
+  n8n:
+    image: n8nio/n8n:1.53.1
+    container_name: n8n
+    restart: unless-stopped
+    env_file:
+      - ../config/.env
+    ports:
+      - "5678:5678"
+    environment:
+      # Force SSL for DB
+      - DB_POSTGRESDB_SSL=true
+      # Community nodes
+      - N8N_ENABLE_COMMUNITY_NODES=${N8N_ENABLE_COMMUNITY_NODES:-true}
+      - N8N_COMMUNITY_PACKAGES=${N8N_COMMUNITY_PACKAGES:-["n8n-nodes-langchain","n8n-nodes-google","n8n-nodes-vertexai"]}
+      # n8n basics
+      - N8N_HOST=${N8N_HOST:-localhost}
+      - N8N_PORT=${N8N_PORT:-5678}
+      - N8N_PROTOCOL=${N8N_PROTOCOL:-http}
+      - WEBHOOK_URL=${WEBHOOK_URL}
+    volumes:
+      - n8n_data:/home/node/.n8n
+      - ../workflows:/data/workflows:rw
+      - ../knowledge:/data/knowledge:rw
+    healthcheck:
+      test: ["CMD", "curl", "-fsS", "http://localhost:5678/healthz"]
+      interval: 30s
+      timeout: 10s
+      retries: 5
+
+  # Optional vector DB for local development (use Supabase+pgvector in prod)
+  qdrant:
+    image: qdrant/qdrant:v1.9.1
+    container_name: qdrant
+    restart: unless-stopped
+    ports:
+      - "6333:6333"
+    volumes:
+      - qdrant_data:/qdrant/storage
+
+volumes:
+  n8n_data:
+  qdrant_data:
+

n8n-infra/knowledge/midjourney-prompt/.gitkeep

@@ -0,0 +1 @@
+

n8n-infra/knowledge/n8n/.gitkeep

@@ -0,0 +1 @@
+

n8n-infra/knowledge/videos-e-animacoes/.gitkeep

@@ -0,0 +1 @@
+

n8n-infra/scripts/backup.sh

@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+ENV_FILE="$ROOT_DIR/config/.env"
+
+if [ -f "$ENV_FILE" ]; then
+  # shellcheck disable=SC1090
+  source "$ENV_FILE"
+else
+  echo "Env file not found at $ENV_FILE" >&2
+  exit 1
+fi
+
+DATE_STAMP="$(date +%Y%m%d-%H%M%S)"
+BACKUP_DIR_DB="$ROOT_DIR/backups/db"
+BACKUP_DIR_WF="$ROOT_DIR/workflows/backup"
+mkdir -p "$BACKUP_DIR_DB" "$BACKUP_DIR_WF"
+
+echo "==> Backing up Supabase Postgres (SSL required)"
+if [[ -z "${DB_POSTGRESDB_HOST:-}" || -z "${DB_POSTGRESDB_DATABASE:-}" || -z "${DB_POSTGRESDB_USER:-}" || -z "${DB_POSTGRESDB_PASSWORD:-}" ]]; then
+  echo "Database env vars missing. Check config/.env" >&2
+  exit 1
+fi
+
+export PGPASSWORD="$DB_POSTGRESDB_PASSWORD"
+pg_dump \
+  --host="$DB_POSTGRESDB_HOST" \
+  --port="${DB_POSTGRESDB_PORT:-5432}" \
+  --username="$DB_POSTGRESDB_USER" \
+  --dbname="$DB_POSTGRESDB_DATABASE" \
+  --format=plain \
+  --no-owner \
+  --no-privileges \
+  --verbose \
+  --sslmode=require \
+  > "$BACKUP_DIR_DB/db-backup-$DATE_STAMP.sql"
+
+echo "==> Exporting n8n workflows via API"
+if [[ -z "${N8N_URL:-}" || -z "${N8N_API_KEY:-}" ]]; then
+  echo "N8N_URL or N8N_API_KEY missing. Skipping workflows export." >&2
+else
+  # List workflows
+  WF_LIST_JSON="$(curl -fsSL -H "X-N8N-API-KEY: $N8N_API_KEY" "$N8N_URL/rest/workflows")"
+  echo "$WF_LIST_JSON" | jq -c '.data[]' | while read -r wf; do
+    ID="$(echo "$wf" | jq -r '.id')"
+    NAME="$(echo "$wf" | jq -r '.name' | tr ' /' '__')"
+    echo "  - Exporting workflow $ID: $NAME"
+    curl -fsSL -H "X-N8N-API-KEY: $N8N_API_KEY" \
+      "$N8N_URL/rest/workflows/$ID" \
+      | jq '.' > "$BACKUP_DIR_WF/${DATE_STAMP}-${ID}-${NAME}.json"
+  done
+fi
+
+echo "==> Backup completed"
+

n8n-infra/scripts/restore.sh

@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+ENV_FILE="$ROOT_DIR/config/.env"
+
+if [ -f "$ENV_FILE" ]; then
+  # shellcheck disable=SC1090
+  source "$ENV_FILE"
+else
+  echo "Env file not found at $ENV_FILE" >&2
+  exit 1
+fi
+
+SQL_FILE="${1:-}"
+if [ -z "$SQL_FILE" ] || [ ! -f "$SQL_FILE" ]; then
+  echo "Usage: $0 path/to/backup.sql" >&2
+  exit 1
+fi
+
+if [[ -z "${DB_POSTGRESDB_HOST:-}" || -z "${DB_POSTGRESDB_DATABASE:-}" || -z "${DB_POSTGRESDB_USER:-}" || -z "${DB_POSTGRESDB_PASSWORD:-}" ]]; then
+  echo "Database env vars missing. Check config/.env" >&2
+  exit 1
+fi
+
+echo "==> Restoring database from $SQL_FILE"
+export PGPASSWORD="$DB_POSTGRESDB_PASSWORD"
+psql \
+  --host="$DB_POSTGRESDB_HOST" \
+  --port="${DB_POSTGRESDB_PORT:-5432}" \
+  --username="$DB_POSTGRESDB_USER" \
+  --dbname="$DB_POSTGRESDB_DATABASE" \
+  --set ON_ERROR_STOP=on \
+  --set sslmode=require \
+  --file "$SQL_FILE"
+
+echo "==> Restore completed"
+

n8n-infra/scripts/sync-knowledge.sh

@@ -0,0 +1,66 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+KNOW_DIR="$ROOT_DIR/knowledge"
+ENV_FILE="$ROOT_DIR/config/.env"
+
+if [ -f "$ENV_FILE" ]; then
+  # shellcheck disable=SC1090
+  source "$ENV_FILE"
+fi
+
+declare -A REPOS=(
+  ["n8n"]="https://github.com/danilonovaisv/CHATGPT-knowledge-base.git#projects/n8n"
+  ["videos-e-animacoes"]="https://github.com/danilonovaisv/CHATGPT-knowledge-base.git#projects/videos-e-animacoes"
+  ["midjourney-prompt"]="https://github.com/danilonovaisv/CHATGPT-knowledge-base.git#projects/midjorney-prompt"
+)
+
+clone_or_update() {
+  local target_subdir="$1"; shift
+  local url_ref="$1"; shift
+
+  local url="${url_ref%%#*}"
+  local ref="${url_ref#*#}"
+
+  local target_dir="$KNOW_DIR/$target_subdir"
+  mkdir -p "$target_dir"
+
+  if [ ! -d "$target_dir/.git" ]; then
+    echo "==> Cloning $url into $target_dir"
+    git clone --depth 1 "$url" "$target_dir"
+  else
+    echo "==> Updating $target_dir"
+    (cd "$target_dir" && git fetch --depth 1 origin && git reset --hard origin/HEAD)
+  fi
+
+  # If a subfolder ref is provided, mirror its content to the subdir root
+  if [ -n "$ref" ] && [ -d "$target_dir/$ref" ]; then
+    echo "==> Mirroring subfolder $ref into $target_dir"
+    rsync -a --delete "$target_dir/$ref/" "$target_dir/"
+    # Optionally, remove the rest of the cloned repo (keeping only desired content)
+    find "$target_dir" -mindepth 1 -maxdepth 1 -not -name "$(basename "$ref")" -not -name ".git" -exec rm -rf {} + || true
+  fi
+}
+
+for key in "${!REPOS[@]}"; do
+  clone_or_update "$key" "${REPOS[$key]}"
+done
+
+echo "==> Knowledge repos synced"
+
+# Ingestion: choose one of the strategies below.
+
+# Strategy A: Trigger an n8n ingestion workflow via webhook.
+# Requires WEBHOOK_URL to point to a workflow expecting payload with paths.
+if [[ -n "${WEBHOOK_URL:-}" ]]; then
+  echo "==> Triggering n8n webhook for ingestion"
+  curl -fsSL -X POST "$WEBHOOK_URL" \
+    -H "Content-Type: application/json" \
+    -d "{\n      \"paths\": [\"$KNOW_DIR/n8n\", \"$KNOW_DIR/videos-e-animacoes\", \"$KNOW_DIR/midjourney-prompt\"],\n      \"vector_target\": \"${QDRANT_URL:-pgvector}\"\n    }" >/dev/null || true
+else
+  echo "==> No WEBHOOK_URL set. Skipping ingestion trigger."
+fi
+
+echo "==> Sync completed"
+

n8n-infra/workflows/backup/.gitkeep

@@ -0,0 +1 @@
+