2026-04-08 12:54:58 -06:00
|
|
|
# ============================================================
|
|
|
|
|
# REQUIRED — copy this file to .env.production and fill in all values
|
|
|
|
|
# Generate random secrets with: openssl rand -base64 32
|
|
|
|
|
# ============================================================
|
|
|
|
|
|
feat(17-02): Dockerfile three-stage build, .dockerignore, .env.production.example
- Three-stage node:20-slim Dockerfile with --platform=linux/amd64 on all 3 FROM lines
- Non-root nextjs:nodejs user, seeds/ copied for form library, uploads/ dir pre-created
- HEALTHCHECK via wget pointing to /api/health, CMD node server.js
- .dockerignore excludes node_modules, .next, .git, .env*, uploads/, *.md
- .env.production.example with exactly 11 required vars (template, no real secrets, force-added past .env* glob)
2026-04-03 16:56:09 -06:00
|
|
|
# Database
|
2026-04-08 12:54:58 -06:00
|
|
|
# For self-hosted docker-compose: use the internal service name "db"
|
|
|
|
|
# Example: postgresql://postgres:STRONG_PASSWORD@db:5432/teressa
|
|
|
|
|
# (no ?sslmode=require needed for local docker network)
|
|
|
|
|
DATABASE_URL=postgresql://postgres:CHANGE_ME@db:5432/teressa
|
|
|
|
|
|
|
|
|
|
# Authentication secrets (generate with: openssl rand -base64 32)
|
|
|
|
|
SIGNING_JWT_SECRET=CHANGE_ME
|
|
|
|
|
AUTH_SECRET=CHANGE_ME
|
|
|
|
|
AUTH_TRUST_HOST=true
|
feat(17-02): Dockerfile three-stage build, .dockerignore, .env.production.example
- Three-stage node:20-slim Dockerfile with --platform=linux/amd64 on all 3 FROM lines
- Non-root nextjs:nodejs user, seeds/ copied for form library, uploads/ dir pre-created
- HEALTHCHECK via wget pointing to /api/health, CMD node server.js
- .dockerignore excludes node_modules, .next, .git, .env*, uploads/, *.md
- .env.production.example with exactly 11 required vars (template, no real secrets, force-added past .env* glob)
2026-04-03 16:56:09 -06:00
|
|
|
|
2026-04-08 12:54:58 -06:00
|
|
|
# Agent login credentials (what you use to log in to the portal)
|
|
|
|
|
AGENT_EMAIL=your@email.com
|
|
|
|
|
AGENT_PASSWORD=CHANGE_ME
|
feat(17-02): Dockerfile three-stage build, .dockerignore, .env.production.example
- Three-stage node:20-slim Dockerfile with --platform=linux/amd64 on all 3 FROM lines
- Non-root nextjs:nodejs user, seeds/ copied for form library, uploads/ dir pre-created
- HEALTHCHECK via wget pointing to /api/health, CMD node server.js
- .dockerignore excludes node_modules, .next, .git, .env*, uploads/, *.md
- .env.production.example with exactly 11 required vars (template, no real secrets, force-added past .env* glob)
2026-04-03 16:56:09 -06:00
|
|
|
|
2026-04-08 12:54:58 -06:00
|
|
|
# SMTP — email delivery for contact form and document notifications
|
|
|
|
|
# Resend (recommended): host=smtp.resend.com, port=465, user=resend, pass=re_xxxxxxx
|
|
|
|
|
# Gmail: host=smtp.gmail.com, port=587, user=your@gmail.com, pass=app-password
|
feat(17-02): Dockerfile three-stage build, .dockerignore, .env.production.example
- Three-stage node:20-slim Dockerfile with --platform=linux/amd64 on all 3 FROM lines
- Non-root nextjs:nodejs user, seeds/ copied for form library, uploads/ dir pre-created
- HEALTHCHECK via wget pointing to /api/health, CMD node server.js
- .dockerignore excludes node_modules, .next, .git, .env*, uploads/, *.md
- .env.production.example with exactly 11 required vars (template, no real secrets, force-added past .env* glob)
2026-04-03 16:56:09 -06:00
|
|
|
CONTACT_EMAIL_USER=your-smtp-username
|
|
|
|
|
CONTACT_EMAIL_PASS=your-smtp-password
|
|
|
|
|
CONTACT_SMTP_HOST=smtp.example.com
|
2026-04-08 12:54:58 -06:00
|
|
|
CONTACT_SMTP_PORT=587
|
feat(17-02): Dockerfile three-stage build, .dockerignore, .env.production.example
- Three-stage node:20-slim Dockerfile with --platform=linux/amd64 on all 3 FROM lines
- Non-root nextjs:nodejs user, seeds/ copied for form library, uploads/ dir pre-created
- HEALTHCHECK via wget pointing to /api/health, CMD node server.js
- .dockerignore excludes node_modules, .next, .git, .env*, uploads/, *.md
- .env.production.example with exactly 11 required vars (template, no real secrets, force-added past .env* glob)
2026-04-03 16:56:09 -06:00
|
|
|
|
2026-04-08 12:54:58 -06:00
|
|
|
# OpenAI — required for AI-assisted PDF field placement
|
feat(17-02): Dockerfile three-stage build, .dockerignore, .env.production.example
- Three-stage node:20-slim Dockerfile with --platform=linux/amd64 on all 3 FROM lines
- Non-root nextjs:nodejs user, seeds/ copied for form library, uploads/ dir pre-created
- HEALTHCHECK via wget pointing to /api/health, CMD node server.js
- .dockerignore excludes node_modules, .next, .git, .env*, uploads/, *.md
- .env.production.example with exactly 11 required vars (template, no real secrets, force-added past .env* glob)
2026-04-03 16:56:09 -06:00
|
|
|
OPENAI_API_KEY=sk-your-openai-key
|
|
|
|
|
|
2026-04-08 12:54:58 -06:00
|
|
|
# Application public URL (no trailing slash)
|
feat(17-02): Dockerfile three-stage build, .dockerignore, .env.production.example
- Three-stage node:20-slim Dockerfile with --platform=linux/amd64 on all 3 FROM lines
- Non-root nextjs:nodejs user, seeds/ copied for form library, uploads/ dir pre-created
- HEALTHCHECK via wget pointing to /api/health, CMD node server.js
- .dockerignore excludes node_modules, .next, .git, .env*, uploads/, *.md
- .env.production.example with exactly 11 required vars (template, no real secrets, force-added past .env* glob)
2026-04-03 16:56:09 -06:00
|
|
|
APP_BASE_URL=https://yourdomain.com
|
2026-04-08 12:54:58 -06:00
|
|
|
|
|
|
|
|
# Internal postgres password — must match DATABASE_URL above
|
|
|
|
|
# Only used by the db: service in docker-compose.yml
|
|
|
|
|
POSTGRES_PASSWORD=CHANGE_ME
|
