> ## Documentation Index
> Fetch the complete documentation index at: https://docs.sertifikasitrainer.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Cloudflare

> Workers, R2, Hyperdrive, dan API token untuk deploy AI Mentor.

Production AI Mentor di-host di **Cloudflare Workers** (`app.sertifikasitrainer.com`). Cloudflare juga menyediakan **R2** (file storage) dan **Hyperdrive** (koneksi Postgres ke Neon).

<Frame>
  <img src="https://www.cloudflare.com/cdn-cgi/image/format=auto/https://www.cloudflare.com/img/logo-web-badges/cf-logo-on-white-bg.svg" alt="Logo Cloudflare" width="200" />
</Frame>

**Dashboard:** [dash.cloudflare.com](https://dash.cloudflare.com)\
**Docs:** [developers.cloudflare.com](https://developers.cloudflare.com)

## Apa yang dipakai di project ini

| Produk         | Fungsi di AI Mentor                  |
| -------------- | ------------------------------------ |
| **Workers**    | API Hono + static web + renderer     |
| **R2**         | Upload dokumen, foto trainer, asset  |
| **Hyperdrive** | Pool koneksi ke Neon Postgres        |
| **DNS**        | `app.`, `docs.`, `assets.` subdomain |

Config Wrangler: `apps/api/wrangler.jsonc`, `apps/web/wrangler.jsonc`

## 1. Buat API token (deploy & CI)

<Steps>
  <Step title="Buka API Tokens">
    Dashboard → **My Profile** → [API Tokens](https://dash.cloudflare.com/profile/api-tokens) → **Create Token**
  </Step>

  <Step title="Pilih template atau custom">
    Untuk deploy script, permission minimal:

    * Account → **Workers Scripts** → Edit
    * Account → **Workers R2 Storage** → Edit
    * Account → **Workers KV** → Edit (jika dipakai)
    * Account → **Hyperdrive** → Edit
    * Zone → **Workers Routes** → Edit (custom domain)
  </Step>

  <Step title="Simpan ke env">
    ```bash theme={null}
    # Untuk ./thub deploy / wrangler lokal
    CLOUDFLARE_API_TOKEN=...
    CLOUDFLARE_ACCOUNT_ID=...   # Dashboard → Workers → Overview (sidebar kanan)
    ```

    Untuk GitHub Actions: simpan sebagai repository secrets (lihat [CI/CD](/guides/ci-cd)).
  </Step>
</Steps>

## 2. Workers & custom domain

Deploy via `./thub deploy` atau `scripts/deploy-prod.sh`:

1. Build frontend (`apps/web`)
2. Deploy worker API + web + renderer
3. Route `app.sertifikasitrainer.com` → worker

<Note>
  URL production (`FRONTEND_URL`, `BETTER_AUTH_URL`, dll.) sudah di `vars` pada `wrangler.jsonc` — bukan secret.
</Note>

## 3. R2 object storage

R2 kompatibel S3. Project memakai AWS SDK dengan endpoint R2.

<Steps>
  <Step title="Aktifkan R2">
    Dashboard → **R2** → **Overview** → buat bucket (mis. `trainerhub`)
  </Step>

  <Step title="Buat API token R2">
    R2 → **Manage R2 API Tokens** → Create token\
    Permission: **Object Read & Write** (scope ke bucket jika perlu)
  </Step>

  <Step title="Isi .env">
    ```bash theme={null}
    AWS_ACCESS_KEY_ID=<Access Key ID dari token>
    AWS_SECRET_ACCESS_KEY=<Secret Access Key>
    AWS_REGION=auto
    AWS_S3_BUCKET=trainerhub
    AWS_S3_ENDPOINT=https://<ACCOUNT_ID>.r2.cloudflarestorage.com
    R2_PUBLIC_URL=https://assets.sertifikasitrainer.com
    ```
  </Step>

  <Step title="Public access (opsional)">
    Jika asset harus diakses browser langsung, aktifkan custom domain R2 atau public bucket policy. Docs: [R2 public buckets](https://developers.cloudflare.com/r2/buckets/public-buckets/).
  </Step>
</Steps>

## 4. Hyperdrive (Neon)

Hyperdrive mem-pool koneksi Postgres dari Worker ke Neon.

<Steps>
  <Step title="Buat Hyperdrive config">
    ```bash theme={null}
    npx wrangler hyperdrive create trainerhub-neon \
      --connection-string="postgresql://user:pass@ep-xxx.neon.tech/db?sslmode=require"
    ```

    Atau lewat Dashboard → **Hyperdrive** → Create configuration.
  </Step>

  <Step title="Binding di wrangler">
    ID Hyperdrive masuk ke `hyperdrive` binding di `apps/api/wrangler.jsonc`.
  </Step>

  <Step title="Sync saat deploy">
    Script deploy dengan `SYNC_HYPERDRIVE=1` (default) mencoba sync connection string dari merged env.
  </Step>
</Steps>

Docs: [Hyperdrive getting started](https://developers.cloudflare.com/hyperdrive/get-started/)

## 5. Wrangler CLI lokal

```bash theme={null}
bun add -g wrangler   # atau npx wrangler
wrangler login        # alternatif: CLOUDFLARE_API_TOKEN
wrangler whoami
```

## Troubleshooting

| Masalah                | Solusi                                                   |
| ---------------------- | -------------------------------------------------------- |
| Deploy 403             | Token kurang permission Workers/R2                       |
| Upload gagal 413       | Nginx/client body limit — backend cap `MAX_FILE_SIZE_MB` |
| DB timeout di Worker   | Cek Hyperdrive binding + `DATABASE_URL` Neon pooled      |
| Secret tidak ke Worker | `./thub secrets push` setelah `./thub env merge --prod`  |
