Initial production deployment setup

- Production docker-compose with nginx support - Nginx configuration for portal.monacousa.org - Deployment script with backup/restore - Gitea CI/CD workflow - Fix CountryFlag reactivity for dropdown flags Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-25 02:19:49 +01:00
commit e7338d1a70
457 changed files with 54912 additions and 0 deletions
--- a/.env.example
+++ b/.env.example
@@ -0,0 +1,89 @@
+# Monaco USA Portal - Docker Environment Configuration
+# ===================================================
+# Copy this file to .env and configure your values
+
+# ===========================================
+# POSTGRES DATABASE
+# ===========================================
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=change-this-to-a-secure-password
+POSTGRES_DB=postgres
+POSTGRES_PORT=5435
+
+# ===========================================
+# JWT CONFIGURATION
+# ===========================================
+# IMPORTANT: Generate a new secret for production!
+# Use: openssl rand -base64 32
+JWT_SECRET=generate-a-new-secret-at-least-32-characters
+JWT_EXPIRY=3600
+
+# ===========================================
+# API KEYS
+# ===========================================
+# Generate these at: https://supabase.com/docs/guides/self-hosting#api-keys
+# They must be signed with your JWT_SECRET
+
+# Anonymous key - for public access (limited permissions)
+ANON_KEY=your-generated-anon-key
+
+# Service role key - for admin access (full permissions, keep secret!)
+SERVICE_ROLE_KEY=your-generated-service-role-key
+
+# ===========================================
+# URLS & PORTS
+# ===========================================
+KONG_HTTP_PORT=7455
+KONG_HTTPS_PORT=7456
+STUDIO_PORT=7454
+PORTAL_PORT=7453
+
+SITE_URL=http://localhost:7453
+API_EXTERNAL_URL=http://localhost:7455
+SUPABASE_PUBLIC_URL=http://localhost:7455
+
+PUBLIC_SUPABASE_URL=http://localhost:7455
+PUBLIC_SUPABASE_ANON_KEY=same-as-anon-key-above
+
+# Service role key for admin operations (server-side only)
+SUPABASE_SERVICE_ROLE_KEY=same-as-service-role-key-above
+
+# ===========================================
+# AUTH CONFIGURATION
+# ===========================================
+DISABLE_SIGNUP=false
+ENABLE_EMAIL_AUTOCONFIRM=true
+ADDITIONAL_REDIRECT_URLS=http://localhost:7453/auth/callback
+
+# ===========================================
+# SMTP EMAIL (Optional)
+# ===========================================
+SMTP_HOST=
+SMTP_PORT=587
+SMTP_USER=
+SMTP_PASS=
+SMTP_ADMIN_EMAIL=noreply@example.org
+SMTP_SENDER_NAME=Monaco USA
+
+MAILER_URLPATHS_INVITE=/auth/verify
+MAILER_URLPATHS_CONFIRMATION=/auth/verify
+MAILER_URLPATHS_RECOVERY=/auth/verify
+MAILER_URLPATHS_EMAIL_CHANGE=/auth/verify
+RATE_LIMIT_EMAIL_SENT=100
+
+# ===========================================
+# REALTIME
+# ===========================================
+SECRET_KEY_BASE=generate-a-new-secret-key-base
+
+# ===========================================
+# POSTGREST
+# ===========================================
+PGRST_DB_SCHEMAS=public,storage,graphql_public
+
+# ===========================================
+# SVELTEKIT CONFIGURATION
+# ===========================================
+# Body size limit for file uploads (avatars, documents)
+# 50MB = 52428800 bytes
+BODY_SIZE_LIMIT=52428800