soroushdes/flatrender
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
055d8365fefcc0f854f42e70b0dc52bc6f16c1df
flatrender/.env.v2.example
T
soroush.asadi bcc69f0a2e feat: complete node-agent pipeline, TLS proxy, billing cancel, password reset 
Node-agent — full render pipeline (items 1-3):
- render-svc: ClaimedJob now includes aep_download_url (presigned MinIO GET,
  2h TTL, path=templates/{original_project_id}/template.aep)
- render-svc: POST /v1/internal/render/jobs/:id/output-upload-url
  allocates Export row + returns presigned MinIO PUT URL + export_id
- render-svc: db.CreateExportForJob() inserts export row with 30-day retention
- render-svc: InternalHandler now owns minio client (templatesBucket + exportsBucket)
  MINIO_TEMPLATES_BUCKET env var (default flatrender-templates)
- node-agent: runner/download.go — DownloadFile() + UploadFile() (stdlib only)
- node-agent: client.GetOutputUploadURL() + ClaimedJob.AEPDownloadURL field
- node-agent: runJob() full flow: download AEP → render → get upload URL →
  PUT output to MinIO → Complete(export_id)
  All steps are non-fatal with fallback (AEP miss → mock, upload fail → no export)

TLS reverse proxy (item 15):
- Caddyfile: three virtual hosts (DOMAIN, API_DOMAIN, STORAGE_DOMAIN)
  auto-TLS via Let's Encrypt; security headers; 512MB upload limit on API
- docker-compose.v2.yml: caddy:2-alpine service, ports 80/443/443udp,
  caddy_data + caddy_config volumes; env vars DOMAIN/API_DOMAIN/STORAGE_DOMAIN/ACME_EMAIL
- .env.v2.example: new Caddy + MINIO_TEMPLATES_BUCKET entries

Billing portal (item 5):
- Identity: POST /v1/users/me/plan/cancel — sets cancelled_at, auto_renew=false
  (access continues to expiry); 404 when no active plan
- POST /api/billing/cancel — frontend proxy, validates auth
- GET /api/billing/portal — redirects to /dashboard/settings?tab=billing
- SettingsBilling: "Cancel plan" button with confirm dialog + optimistic UI,
  "Change plan" button; becomes "use client" component

Password reset UI (item 7):
- POST /api/auth/password-reset — proxies /v1/auth/password/reset/request
  (always 200, anti-enumeration)
- POST /api/auth/password-reset-confirm — proxies /v1/auth/password/reset/confirm
- AuthPageContent: "Forgot password?" link on sign-in tab opens 2-step reset flow
  (email → OTP+new-password) without leaving the auth page

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-01 16:41:13 +03:30

71 lines
4.2 KiB
Bash
Raw Blame History

# FlatRender V2 environment — copy to .env.v2 and fill in secrets
# Usage: docker compose -f docker-compose.v2.yml --env-file .env.v2 up -d
# ── JWT — MUST be >= 32 chars, same value across all services ─────────────────
JWT_SECRET=p9Xv7Lm2Qq8Nz4TfKc1Hs6YwRe3Ud0BafwefWEFw324234QEWF
# ── PostgreSQL ────────────────────────────────────────────────────────────────
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
# ── MinIO (S3-compatible object store) ───────────────────────────────────────
MINIO_ACCESS_KEY=minioadmin
MINIO_SECRET_KEY=minioadmin-secret
MINIO_BUCKET=flatrender-exports
# ── Render farm ───────────────────────────────────────────────────────────────
NODE_HMAC_SECRET=node-secret-change-me
# ── Notification service ─────────────────────────────────────────────────────
SERVICE_TOKEN=internal-service-secret
# ── Frontend CORS origin (passed to studio-svc) ───────────────────────────────
CORS_ORIGIN=http://localhost:3000
# ── API Gateway published host port ──────────────────────────────────────────
# The only backend port exposed to the host. Change if 8080 is taken locally.
GATEWAY_PORT=8080
# ── Frontend public vars (baked into the Next.js image at build time) ────────
NEXT_PUBLIC_SITE_URL=http://localhost:3000
# Browser-facing gateway URL (host port). Must match GATEWAY_PORT above.
NEXT_PUBLIC_API_URL=http://localhost:8080/v1
NEXT_PUBLIC_TENANT_SLUG=flatrender
# ── ZarinPal (Iranian payment gateway) ───────────────────────────────────────
# Get your merchant ID from https://www.zarinpal.com/
ZARINPAL_MERCHANT_ID=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
ZARINPAL_CALLBACK_URL=https://yourdomain.com/v1/payments/callback/zarinpal
# Set to false in production
ZARINPAL_SANDBOX=true
# ── SnapPay (Iranian payment gateway) ────────────────────────────────────────
# Get credentials from https://snappay.ir/
SNAPPAY_CLIENT_ID=your-snappay-client-id
SNAPPAY_CLIENT_SECRET=your-snappay-client-secret
SNAPPAY_BASE_URL=https://api.snappay.ir
SNAPPAY_CALLBACK_URL=https://yourdomain.com/v1/payments/callback/snappay
# ── Tara (Iranian payment gateway) ───────────────────────────────────────────
# Get your API key from https://tara.ir/
TARA_API_KEY=your-tara-api-key
TARA_BASE_URL=https://api.tara.ir
TARA_CALLBACK_URL=https://yourdomain.com/v1/payments/callback/tara
# ── Stripe (international payment gateway) ───────────────────────────────────
# Get keys from https://dashboard.stripe.com/apikeys
STRIPE_SECRET_KEY=sk_test_...
STRIPE_PUBLISHABLE_KEY=pk_test_...
# ── Caddy TLS reverse proxy ───────────────────────────────────────────────────
# Public-facing domains (Let's Encrypt will provision certs automatically).
# Leave as localhost for local dev (Caddy uses self-signed cert).
DOMAIN=flatrender.io
API_DOMAIN=api.flatrender.io
STORAGE_DOMAIN=storage.flatrender.io
ACME_EMAIL=admin@flatrender.io
# ── MinIO templates bucket ────────────────────────────────────────────────────
# Bucket where .aep template files are stored (uploaded via admin panel).
MINIO_TEMPLATES_BUCKET=flatrender-templates
Reference in New Issue View Git Blame Copy Permalink