# ───────────────────────────────────────────────────────────────────────────── # Meezi — environment template # Copy to .env and fill in values. NEVER commit .env to git. # # For production: put the full contents in Gitea → Settings → Secrets → ENV_FILE # ───────────────────────────────────────────────────────────────────────────── # ── Environment ─────────────────────────────────────────────────────────────── ASPNETCORE_ENVIRONMENT=Production # ── Database ────────────────────────────────────────────────────────────────── DB_PASSWORD=change-me-strong-password DB_CONNECTION_STRING=Host=postgres;Port=5432;Database=meezi;Username=meezi;Password=change-me-strong-password # ── JWT ─────────────────────────────────────────────────────────────────────── # openssl rand -hex 32 JWT_KEY=change-me-64-char-random-string-use-openssl-rand-hex-32-output # ── TODAY: IP-based access (no domain yet) ─────────────────────────────────── # Replace 171.22.25.73 with your actual server IP. # Note: NEXT_PUBLIC_* are baked into Next.js images at build time. # When you switch to a domain tomorrow, update these AND re-run CI (to rebuild). NEXT_PUBLIC_API_URL=http://171.22.25.73:5080 NEXT_PUBLIC_ADMIN_API_URL=http://171.22.25.73:5081 # Public site origin — MUST be the real domain in prod (used for canonical URLs, # sitemap, robots, OG tags). A wrong value here de-indexes the whole site in GSC. NEXT_PUBLIC_SITE_URL=https://meezi.ir NEXT_PUBLIC_KOJA_URL=https://koja.meezi.ir APP_QR_BASE_URL=http://171.22.25.73:3101 BILLING_DASHBOARD_URL=http://171.22.25.73:3101 CORS_ORIGIN_0=http://171.22.25.73:3101 CORS_ORIGIN_1=http://171.22.25.73:3010 CORS_ORIGIN_2=http://171.22.25.73:3103 CORS_ADMIN_ORIGIN_0=http://171.22.25.73:3102 # Host ports (what gets exposed on the server) API_PORT=5080 ADMIN_API_PORT=5081 WEB_PORT=3101 ADMIN_WEB_PORT=3102 WEBSITE_PORT=3010 KOJA_PORT=3103 POSTGRES_PORT=5434 REDIS_PORT=6381 # ── TOMORROW: domain + Caddy (comment out IP section above, use this) ───────── # DOMAIN=meezi.ir # ACME_EMAIL=you@example.com # # NEXT_PUBLIC_API_URL=https://api.meezi.ir # NEXT_PUBLIC_ADMIN_API_URL=https://admin-api.meezi.ir # NEXT_PUBLIC_SITE_URL=https://meezi.ir # NEXT_PUBLIC_KOJA_URL=https://koja.meezi.ir # # APP_QR_BASE_URL=https://app.meezi.ir # BILLING_DASHBOARD_URL=https://app.meezi.ir # # CORS_ORIGIN_0=https://app.meezi.ir # CORS_ORIGIN_1=https://meezi.ir # CORS_ORIGIN_2=https://koja.meezi.ir # CORS_ADMIN_ORIGIN_0=https://admin.meezi.ir # # Then run CI once to rebuild images with the new URLs baked in. # DNS required: meezi.ir, app.meezi.ir, api.meezi.ir, # koja.meezi.ir, admin.meezi.ir, admin-api.meezi.ir → server IP # ── Migrations ──────────────────────────────────────────────────────────────── RUN_MIGRATIONS=true # ── System admin seed (admin panel login) ───────────────────────────────────── # On every boot the seeder ensures this admin exists with these credentials. # Username defaults to "admin" if not set. Password is required to enable # password login — leave blank to force OTP-only login. SEED_ADMIN_PHONE=09190345606 SEED_ADMIN_USERNAME=admin SEED_ADMIN_PASSWORD=change-me-strong-admin-password # ── Payment: ZarinPal ───────────────────────────────────────────────────────── # Get your merchant ID from: https://panel.zarinpal.com → API → MerchantID ZARINPAL_MERCHANT_ID= ZARINPAL_SANDBOX=false # ── SMS: Kavenegar ──────────────────────────────────────────────────────────── # Empty = OTP is logged to API console (fine for dev, not for production) KAVENEGAR_API_KEY=4C30786935496261332B41685870444E47657A5367453369374F6E2F43334672576B526F5A4B4B795665493D # ── Snappfood webhook ───────────────────────────────────────────────────────── SNAPPFOOD_WEBHOOK_SECRET=change-me-snappfood-secret # ── Docker image overrides (if direct MCR pull fails) ──────────────────────── # DOTNET_SDK_IMAGE=mirror.soroushasadi.com/dotnet/sdk:10.0 # DOTNET_ASPNET_IMAGE=mirror.soroushasadi.com/dotnet/aspnet:10.0