A self-hostable comment system for static websites — Astro, Hugo, Next.js, and any site that accepts HTML.
Features: Google sign-in · threaded replies · spam/moderation dashboard · site teams & roles · shadow DOM widget · origin allowlisting
# 1. Install
pnpm install
# 2. Configure
cp .env.example .env
# Fill in GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET, AUTH_SECRET, WIDGET_JWT_SECRET
# 3. Database
pnpm db:migrate
pnpm db:seed # optional demo data
# 4. Run (also builds widget + generates Prisma client)
pnpm devOpen http://localhost:3000 — sign in with Google to access the dashboard.
<!-- Paste anywhere in your post template -->
<div
data-open-remark
data-site-key="YOUR_SITE_KEY"
data-slug="/posts/your-post-slug"
></div>
<script async src="https://your-domain.com/embed.js"></script>Get your site key from Dashboard → Sites → Install.
See docs/architecture.md for system design, request flows, and scaling path.
| Layer | Tech |
|---|---|
| Framework | Next.js 16 App Router |
| Database | PostgreSQL (Prisma) |
| ORM | Prisma |
| Admin auth | Auth.js v5 (Google OAuth) |
| Widget auth | Widget JWT (jose) |
| UI | shadcn/ui + Tailwind v4 |
| Validation | Zod |
| Widget | Vanilla TS → esbuild |
| Variable | Description |
|---|---|
DATABASE_URL |
PostgreSQL connection string (e.g. postgresql://user:pass@localhost:5432/zeon) |
AUTH_SECRET |
Auth.js secret (run openssl rand -base64 32) |
GOOGLE_CLIENT_ID |
Google OAuth client ID |
GOOGLE_CLIENT_SECRET |
Google OAuth client secret |
WIDGET_JWT_SECRET |
JWT secret for widget visitor tokens |
NEXT_PUBLIC_APP_URL |
Public app URL (used in embed snippets) |
This project is maintained by Zeon Studio