# Idea Reviewer — Setup

## 1. MySQL

```sql
-- As MySQL root:
CREATE DATABASE idea_hunter CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'idea_hunter_user'@'localhost' IDENTIFIED BY 'IDEA-password13!';
GRANT ALL PRIVILEGES ON idea_hunter.* TO 'idea_hunter_user'@'localhost';
FLUSH PRIVILEGES;

-- Then run the schema:
mysql -u idea_hunter_user -p idea_hunter < reviewer/sql/schema.sql
```

## 2. PHP config

```bash
cp reviewer/config/config.local.php.example reviewer/config/config.local.php
# Edit config.local.php — fill DB credentials and password hash

# Generate password hash:
php -r "echo password_hash('yourpassword', PASSWORD_BCRYPT) . PHP_EOL;"
```

## 3. Apache vhost

Point `DocumentRoot` to `reviewer/public/`. Everything outside `public/` is
unreachable from the web.

```apache
<VirtualHost *:443>
    ServerName reviewer.yourdomain.com
    DocumentRoot /var/www/idea-hunter/reviewer/public

    <Directory /var/www/idea-hunter/reviewer/public>
        AllowOverride All
        Require all granted
    </Directory>

    # PHP files outside public/ are never served
</VirtualHost>
```

## 4. Python pipeline — configure ingest API

No extra packages needed — uses stdlib `urllib` only.

Generate an API key on the web server:
```bash
php -r "echo bin2hex(random_bytes(32)) . PHP_EOL;"
```

Add it to `reviewer/config/config.local.php` on the web server:
```php
define('INGEST_API_KEY', 'your_generated_key_here');
```

Set these env vars on the **scan machine** (in crontab or `.env`):
```
IH_INGEST_URL=https://42.redjeb.com/reviewer/public/api/ingest_idea.php
IH_INGEST_KEY=your_generated_key_here
IH_INGEST_TIMEOUT=10
IH_INGEST_RETRIES=3
```

After this, each nightly run POSTs scored ideas to the reviewer API over HTTPS.
Failures are logged but never block the nightly run.

## 5. One-off migration from existing SQLite data

Run on the scan machine with the env vars above set:

```bash
cd idea_hunter_lite
python3 -c "
from storage.mysql_repository import sync_sqlite_to_api
n = sync_sqlite_to_api()
print(f'Pushed {n} ideas')
"
```

## 6. Access

Open `https://reviewer.yourdomain.com/login.php` on your phone.



<?php
// Copy this file to config.local.php and fill in your real values.
// This file is never served by Apache — keep it outside public/.

define('DB_HOST', 'localhost');
define('DB_PORT', 3306);
define('DB_NAME', 'idea_hunter');
define('DB_USER', 'idea_hunter_user');
define('DB_PASS', 'IDEA-password13!');

define('AUTH_USERNAME', 'reviewer');
// Generate with: php -r "echo password_hash('yourpassword', PASSWORD_BCRYPT);"
define('AUTH_PASS_HASH', '$2y$10$1.9FJEgM9OBMPvLbIJEx6exHZV0cTxjsimdrNETCyvxAP1xGvzi26');

// Shared secret for the Python pipeline ingest endpoint
// Generate with: php -r "echo bin2hex(random_bytes(32));"
define('INGEST_API_KEY', '1add8dacf80b96c2477895523f5308e72288ef53607b682136af2e3ee14dc0a4');