feat: V2 microservices stack — backend services, gateway, JWT auth
Add full V2 architecture: identity, content, studio (.NET 10) and file, render, notification, gateway (Go) services with vendored deps, plus DB migrations, event/API contracts, and an init-db script. Wire the Next.js frontend to the gateway: server-side JWT auth routes (login/register/refresh/logout/me), gateway fetch helper, and session/ cookie/jwt helpers under src/lib. Containerize the stack via docker-compose.v2.yml and per-service Dockerfiles. Base images resolve through a Nexus mirror (Docker Hub) and MCR directly; npm/NuGet pull from Nexus groups. Self-host fonts via next/font/local to avoid Google Fonts (geo-blocked). Add CI workflow and ignore .env.v2, *.stackdump, and .NET bin/obj. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
soroush.asadi
@@ -0,0 +1,60 @@
|
||||
# FlatRender V2 environment — copy to .env.v2 and fill in secrets
|
||||
# Usage: docker compose -f docker-compose.v2.yml --env-file .env.v2 up -d
|
||||
|
||||
# ── JWT — MUST be >= 32 chars, same value across all services ─────────────────
|
||||
JWT_SECRET=p9Xv7Lm2Qq8Nz4TfKc1Hs6YwRe3Ud0BafwefWEFw324234QEWF
|
||||
|
||||
# ── PostgreSQL ────────────────────────────────────────────────────────────────
|
||||
POSTGRES_USER=postgres
|
||||
POSTGRES_PASSWORD=postgres
|
||||
|
||||
# ── MinIO (S3-compatible object store) ───────────────────────────────────────
|
||||
MINIO_ACCESS_KEY=minioadmin
|
||||
MINIO_SECRET_KEY=minioadmin-secret
|
||||
MINIO_BUCKET=flatrender-exports
|
||||
|
||||
# ── Render farm ───────────────────────────────────────────────────────────────
|
||||
NODE_HMAC_SECRET=node-secret-change-me
|
||||
|
||||
# ── Notification service ─────────────────────────────────────────────────────
|
||||
SERVICE_TOKEN=internal-service-secret
|
||||
|
||||
# ── Frontend CORS origin (passed to studio-svc) ───────────────────────────────
|
||||
CORS_ORIGIN=http://localhost:3000
|
||||
|
||||
# ── API Gateway published host port ──────────────────────────────────────────
|
||||
# The only backend port exposed to the host. Change if 8080 is taken locally.
|
||||
GATEWAY_PORT=8080
|
||||
|
||||
# ── ZarinPal (Iranian payment gateway) ───────────────────────────────────────
|
||||
# Get your merchant ID from https://www.zarinpal.com/
|
||||
ZARINPAL_MERCHANT_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
|
||||
ZARINPAL_CALLBACK_URL=https://yourdomain.com/v1/payments/callback/zarinpal
|
||||
# Set to false in production
|
||||
ZARINPAL_SANDBOX=true
|
||||
|
||||
# ── SnapPay (Iranian payment gateway) ────────────────────────────────────────
|
||||
# Get credentials from https://snappay.ir/
|
||||
SNAPPAY_CLIENT_ID=your-snappay-client-id
|
||||
SNAPPAY_CLIENT_SECRET=your-snappay-client-secret
|
||||
SNAPPAY_BASE_URL=https://api.snappay.ir
|
||||
SNAPPAY_CALLBACK_URL=https://yourdomain.com/v1/payments/callback/snappay
|
||||
|
||||
# ── Tara (Iranian payment gateway) ───────────────────────────────────────────
|
||||
# Get your API key from https://tara.ir/
|
||||
TARA_API_KEY=your-tara-api-key
|
||||
TARA_BASE_URL=https://api.tara.ir
|
||||
TARA_CALLBACK_URL=https://yourdomain.com/v1/payments/callback/tara
|
||||
|
||||
# ── Stripe (international payment gateway) ───────────────────────────────────
|
||||
# Get keys from https://dashboard.stripe.com/apikeys
|
||||
STRIPE_SECRET_KEY=sk_test_...
|
||||
STRIPE_WEBHOOK_SECRET=whsec_...
|
||||
STRIPE_PUBLISHABLE_KEY=pk_test_...
|
||||
|
||||
# ── Next.js frontend (NEXT_PUBLIC_* baked at build time) ─────────────────────
|
||||
NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
|
||||
NEXT_PUBLIC_SUPABASE_ANON_KEY=eyJ...
|
||||
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_test_...
|
||||
NEXT_PUBLIC_SITE_URL=http://localhost:3000
|
||||
SUPABASE_SERVICE_ROLE_KEY=eyJ...
|
||||
Reference in New Issue
Block a user