Add standalone production deployment package
All checks were successful
Build and Push Docker Image / build (push) Successful in 1m46s
All checks were successful
Build and Push Docker Image / build (push) Successful in 1m46s
- docker-compose.yml: Standalone compose with Traefik, Supabase, portal - init.sql: Combined database schema + all 16 migrations - kong.yml.template: Kong config with API key placeholders - setup.sh: Auto-generates secrets (JWT, passwords, API keys) - .env.example: Comprehensive environment template - README.md: Complete deployment guide No source code cloning required - just copy files and run setup.sh Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
129
deploy/.env.example
Normal file
129
deploy/.env.example
Normal file
@@ -0,0 +1,129 @@
|
||||
# ============================================
|
||||
# Monaco USA Portal - Production Configuration
|
||||
# ============================================
|
||||
# Copy this file to .env and configure the values below.
|
||||
# Then run ./setup.sh to generate secrets and kong.yml.
|
||||
#
|
||||
# Variables marked [AUTO-GENERATED] will be created by setup.sh
|
||||
# if left empty or containing placeholder text.
|
||||
# ============================================
|
||||
|
||||
# ============================================
|
||||
# DOMAIN CONFIGURATION (Required)
|
||||
# ============================================
|
||||
# Your domain name (without https://)
|
||||
DOMAIN=portal.monacousa.org
|
||||
|
||||
# Email for Let's Encrypt SSL certificates
|
||||
ACME_EMAIL=admin@monacousa.org
|
||||
|
||||
# ============================================
|
||||
# DATABASE CONFIGURATION
|
||||
# ============================================
|
||||
# PostgreSQL settings
|
||||
POSTGRES_USER=postgres
|
||||
POSTGRES_DB=postgres
|
||||
|
||||
# [AUTO-GENERATED] Database password - leave as placeholder for auto-generation
|
||||
# To generate manually: openssl rand -base64 32
|
||||
POSTGRES_PASSWORD=CHANGE_ME_RUN_SETUP_SH
|
||||
|
||||
# ============================================
|
||||
# JWT CONFIGURATION
|
||||
# ============================================
|
||||
# [AUTO-GENERATED] JWT secret for Supabase auth - leave as placeholder
|
||||
# To generate manually: openssl rand -base64 32
|
||||
JWT_SECRET=CHANGE_ME_RUN_SETUP_SH
|
||||
|
||||
# JWT token expiry in seconds (default: 1 hour)
|
||||
JWT_EXPIRY=3600
|
||||
|
||||
# [AUTO-GENERATED] Anonymous API key - leave as placeholder
|
||||
# This is a JWT signed with JWT_SECRET with role=anon
|
||||
ANON_KEY=your-anon-key-will-be-generated
|
||||
|
||||
# [AUTO-GENERATED] Service role API key - leave as placeholder
|
||||
# This is a JWT signed with JWT_SECRET with role=service_role
|
||||
SERVICE_ROLE_KEY=your-service-role-key-will-be-generated
|
||||
|
||||
# These are aliases used by the portal app
|
||||
PUBLIC_SUPABASE_ANON_KEY=${ANON_KEY}
|
||||
SUPABASE_SERVICE_ROLE_KEY=${SERVICE_ROLE_KEY}
|
||||
|
||||
# ============================================
|
||||
# REALTIME CONFIGURATION
|
||||
# ============================================
|
||||
# [AUTO-GENERATED] Secret key for realtime service
|
||||
# To generate manually: openssl rand -base64 64
|
||||
SECRET_KEY_BASE=generate-a-64-char-secret-key-run-setup-sh
|
||||
|
||||
# ============================================
|
||||
# EMAIL CONFIGURATION (Optional but Recommended)
|
||||
# ============================================
|
||||
# SMTP settings for sending emails (password resets, invitations, etc.)
|
||||
# Leave empty to disable email functionality (users won't receive confirmation emails)
|
||||
SMTP_HOST=smtp.gmail.com
|
||||
SMTP_PORT=587
|
||||
SMTP_USER=
|
||||
SMTP_PASS=
|
||||
SMTP_ADMIN_EMAIL=noreply@monacousa.org
|
||||
SMTP_SENDER_NAME=Monaco USA
|
||||
|
||||
# Set to true to auto-confirm emails (not recommended for production)
|
||||
ENABLE_EMAIL_AUTOCONFIRM=false
|
||||
|
||||
# Rate limit for emails sent per hour
|
||||
RATE_LIMIT_EMAIL_SENT=100
|
||||
|
||||
# ============================================
|
||||
# PORTAL APPLICATION CONFIGURATION
|
||||
# ============================================
|
||||
# Docker image for the portal app
|
||||
# Change this to use a different registry or version
|
||||
PORTAL_IMAGE=code.letsbe.solutions/letsbe/monacousa-portal:latest
|
||||
|
||||
# Maximum file upload size in bytes (default: 50MB)
|
||||
BODY_SIZE_LIMIT=52428800
|
||||
|
||||
# Disable public signup (true = only admin can create accounts)
|
||||
DISABLE_SIGNUP=false
|
||||
|
||||
# Additional redirect URLs for OAuth (comma-separated)
|
||||
ADDITIONAL_REDIRECT_URLS=
|
||||
|
||||
# ============================================
|
||||
# POSTGREST CONFIGURATION
|
||||
# ============================================
|
||||
# Database schemas exposed via REST API
|
||||
PGRST_DB_SCHEMAS=public,storage,graphql_public
|
||||
|
||||
# ============================================
|
||||
# SECURITY - DASHBOARD ACCESS (Optional)
|
||||
# ============================================
|
||||
# Basic auth for Traefik dashboard (format: user:password-hash)
|
||||
# Generate with: htpasswd -nB admin
|
||||
# Example: admin:$apr1$xyz...
|
||||
TRAEFIK_DASHBOARD_AUTH=
|
||||
|
||||
# Basic auth for Supabase Studio (format: user:password-hash)
|
||||
# Generate with: htpasswd -nB admin
|
||||
STUDIO_AUTH=
|
||||
|
||||
# ============================================
|
||||
# NOTES
|
||||
# ============================================
|
||||
# 1. After configuring this file, run: ./setup.sh
|
||||
# This will:
|
||||
# - Generate any missing secrets
|
||||
# - Create kong.yml from template
|
||||
# - Validate your configuration
|
||||
#
|
||||
# 2. Start the services: docker compose up -d
|
||||
#
|
||||
# 3. Check status: docker compose ps
|
||||
#
|
||||
# 4. View logs: docker compose logs -f
|
||||
#
|
||||
# 5. First visit to https://DOMAIN will redirect to /setup
|
||||
# to create the initial admin account.
|
||||
# ============================================
|
||||
Reference in New Issue
Block a user