Skip to content

Admin overview

This guide covers deploying, configuring, and maintaining the Cove Backup Audit Reporter. It runs entirely on Cloudflare — there is no separate server to manage.

Architecture at a glance

Component Role
Cloudflare Pages / Worker Serves the app and runs the report pipeline
Cloudflare D1 Stores schedules, recipients, run history, and the M365 token
Workers KV Caches the Cove session token
Browser Rendering Converts the report to PDF
Cron Trigger Fires the monthly job
Cloudflare Access Microsoft 365 SSO in front of the app

One-time setup order

  1. Deploy the app and create its Cloudflare resources.
  2. Create a Cove API user so the app can pull device data.
  3. Register and connect Microsoft 365 so the app can send email.
  4. Configure Access and the config file — SSO, admins, sender mailbox.
  5. Review security & maintenance.

Non-secret settings live in the committed config file; secrets live in Cloudflare, never in the repo.