Ditto is a TanStack Start app deployed with Alchemy on Cloudflare Workers. It uses:
- Cloudflare D1 + Drizzle for persistence
- better-auth with GitHub OAuth
- GitHub repo import for projects
@cloudflare/sandboxfor workspace instantiation- R2-backed sandbox backup/restore
- agent runs in the Cloudflare sandbox via the PI harness; the client streams
POST /api/agent/stream(SSE)
- Node.js 22.15+ (22.17 recommended)
- pnpm
- Cloudflare / GitHub credentials for the configured environment
pnpm installpnpm devGenerate migrations after changing src/db/schema.ts:
pnpm db:generatepnpm dev— run the app locally with Alchemypnpm build— production buildpnpm deploy— deploy with Alchemypnpm destroy— tear down Alchemy resourcespnpm check— Biome checkpnpm lint— Biome lintpnpm format— Biome formatpnpm test— Vitest
Set these for local development and deployment:
CLOUDFLARE_ACCOUNT_ID=
R2_ACCESS_KEY_ID=
R2_SECRET_ACCESS_KEY=
USE_LOCAL_BUCKET_BACKUPS=
BETTER_AUTH_SECRET=
BETTER_AUTH_URL=
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=
GITHUB_APP_ID=
GITHUB_APP_PRIVATE_KEY=
VITE_GITHUB_APP_INSTALL_URL=
OPENCODE_API_KEY=BETTER_AUTH_URL defaults to http://localhost:5173 if omitted.
pnpm deployandpnpm destroyare managed through Alchemy.src/server.tsexports the Cloudflare Sandbox binding used by the app.OPENCODE_API_KEYis required for sandbox agent runs (passed into the harness session environment).- Agent harness architecture:
docs/architecture/agent-harness.md - Concurrent agent runs per project are not enforced yet; see the architecture doc for deferred concurrency notes.