soroush.asadi
255695e8ae
CI/CD / CI · API (dotnet build + test) (push) Successful in 47s
CI/CD / CI · Admin API (dotnet build) (push) Successful in 43s
CI/CD / CI · Dashboard (tsc) (push) Successful in 1m5s
CI/CD / CI · Admin Web (tsc) (push) Successful in 35s
CI/CD / CI · Website (tsc) (push) Successful in 46s
CI/CD / CI · Koja (tsc) (push) Successful in 48s
CI/CD / Deploy · all services (push) Successful in 3m36s
- docker-compose.admin.yml: RUN_MIGRATIONS was hardcoded false → now
uses ${RUN_MIGRATIONS:-true} so migrations run automatically on deploy
- Both compose files: expose Seed__SystemAdminPhone/Username/Password
env vars so the seeder sets admin credentials without manual SQL
- .env.example: document SEED_ADMIN_* variables
On next deploy: migrations run, Username='admin' is patched on the
existing admin, and password is hashed from SEED_ADMIN_PASSWORD.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
94 lines
5.1 KiB
Bash
94 lines
5.1 KiB
Bash
# ─────────────────────────────────────────────────────────────────────────────
|
|
# Meezi — environment template
|
|
# Copy to .env and fill in values. NEVER commit .env to git.
|
|
#
|
|
# For production: put the full contents in Gitea → Settings → Secrets → ENV_FILE
|
|
# ─────────────────────────────────────────────────────────────────────────────
|
|
|
|
# ── Environment ───────────────────────────────────────────────────────────────
|
|
ASPNETCORE_ENVIRONMENT=Production
|
|
|
|
# ── Database ──────────────────────────────────────────────────────────────────
|
|
DB_PASSWORD=change-me-strong-password
|
|
DB_CONNECTION_STRING=Host=postgres;Port=5432;Database=meezi;Username=meezi;Password=change-me-strong-password
|
|
|
|
# ── JWT ───────────────────────────────────────────────────────────────────────
|
|
# openssl rand -hex 32
|
|
JWT_KEY=change-me-64-char-random-string-use-openssl-rand-hex-32-output
|
|
|
|
# ── TODAY: IP-based access (no domain yet) ───────────────────────────────────
|
|
# Replace 171.22.25.73 with your actual server IP.
|
|
# Note: NEXT_PUBLIC_* are baked into Next.js images at build time.
|
|
# When you switch to a domain tomorrow, update these AND re-run CI (to rebuild).
|
|
|
|
NEXT_PUBLIC_API_URL=http://171.22.25.73:5080
|
|
NEXT_PUBLIC_ADMIN_API_URL=http://171.22.25.73:5081
|
|
NEXT_PUBLIC_SITE_URL=http://171.22.25.73:3010
|
|
NEXT_PUBLIC_KOJA_URL=http://171.22.25.73:3103
|
|
|
|
APP_QR_BASE_URL=http://171.22.25.73:3101
|
|
BILLING_DASHBOARD_URL=http://171.22.25.73:3101
|
|
|
|
CORS_ORIGIN_0=http://171.22.25.73:3101
|
|
CORS_ORIGIN_1=http://171.22.25.73:3010
|
|
CORS_ORIGIN_2=http://171.22.25.73:3103
|
|
CORS_ADMIN_ORIGIN_0=http://171.22.25.73:3102
|
|
|
|
# Host ports (what gets exposed on the server)
|
|
API_PORT=5080
|
|
ADMIN_API_PORT=5081
|
|
WEB_PORT=3101
|
|
ADMIN_WEB_PORT=3102
|
|
WEBSITE_PORT=3010
|
|
KOJA_PORT=3103
|
|
POSTGRES_PORT=5434
|
|
REDIS_PORT=6381
|
|
|
|
# ── TOMORROW: domain + Caddy (comment out IP section above, use this) ─────────
|
|
# DOMAIN=meezi.ir
|
|
# ACME_EMAIL=you@example.com
|
|
#
|
|
# NEXT_PUBLIC_API_URL=https://api.meezi.ir
|
|
# NEXT_PUBLIC_ADMIN_API_URL=https://admin-api.meezi.ir
|
|
# NEXT_PUBLIC_SITE_URL=https://meezi.ir
|
|
# NEXT_PUBLIC_KOJA_URL=https://koja.meezi.ir
|
|
#
|
|
# APP_QR_BASE_URL=https://app.meezi.ir
|
|
# BILLING_DASHBOARD_URL=https://app.meezi.ir
|
|
#
|
|
# CORS_ORIGIN_0=https://app.meezi.ir
|
|
# CORS_ORIGIN_1=https://meezi.ir
|
|
# CORS_ORIGIN_2=https://koja.meezi.ir
|
|
# CORS_ADMIN_ORIGIN_0=https://admin.meezi.ir
|
|
#
|
|
# Then run CI once to rebuild images with the new URLs baked in.
|
|
# DNS required: meezi.ir, app.meezi.ir, api.meezi.ir,
|
|
# koja.meezi.ir, admin.meezi.ir, admin-api.meezi.ir → server IP
|
|
|
|
# ── Migrations ────────────────────────────────────────────────────────────────
|
|
RUN_MIGRATIONS=true
|
|
|
|
# ── System admin seed (admin panel login) ─────────────────────────────────────
|
|
# On every boot the seeder ensures this admin exists with these credentials.
|
|
# Username defaults to "admin" if not set. Password is required to enable
|
|
# password login — leave blank to force OTP-only login.
|
|
SEED_ADMIN_PHONE=09190345606
|
|
SEED_ADMIN_USERNAME=admin
|
|
SEED_ADMIN_PASSWORD=change-me-strong-admin-password
|
|
|
|
# ── Payment: ZarinPal ─────────────────────────────────────────────────────────
|
|
# Get your merchant ID from: https://panel.zarinpal.com → API → MerchantID
|
|
ZARINPAL_MERCHANT_ID=
|
|
ZARINPAL_SANDBOX=false
|
|
|
|
# ── SMS: Kavenegar ────────────────────────────────────────────────────────────
|
|
# Empty = OTP is logged to API console (fine for dev, not for production)
|
|
KAVENEGAR_API_KEY=4C30786935496261332B41685870444E47657A5367453369374F6E2F43334672576B526F5A4B4B795665493D
|
|
|
|
# ── Snappfood webhook ─────────────────────────────────────────────────────────
|
|
SNAPPFOOD_WEBHOOK_SECRET=change-me-snappfood-secret
|
|
|
|
# ── Docker image overrides (if direct MCR pull fails) ────────────────────────
|
|
# DOTNET_SDK_IMAGE=mirror.soroushasadi.com/dotnet/sdk:10.0
|
|
# DOTNET_ASPNET_IMAGE=mirror.soroushasadi.com/dotnet/aspnet:10.0
|