diff --git a/backend/.env.production b/backend/.env.production new file mode 100644 index 0000000..7f48b2c --- /dev/null +++ b/backend/.env.production @@ -0,0 +1,327 @@ +#################################################################################################### +###### DIRECTUS #################################################################################### +#################################################################################################### +# +# These values set environment variables which modify core settings of Directus. +# +# Values in square brackets are the default values. +# +# The following options are not all possible options. For more, see +# https://docs.directus.io/self-hosted/config-options/ +# +#################################################################################################### +#################################################################################################### + +### General + +# IP or host the API listens on ["0.0.0.0"] +HOST="0.0.0.0" + +# The port Directus will run on [8055] +PORT=8055 + +# The URL where your API can be reached on the web. It is also used for things like OAuth redirects, +# forgot-password emails, and logos that needs to be publicly available on the internet. ["/"] +# PUBLIC_URL="http://localhost:8055" +PUBLIC_URL="http://admin.dev.civokram.com" + +# What level of detail to log. [info] +# "fatal", "error", "warn", "info", "debug", "trace", "silent" +# LOG_LEVEL="info" + +# Render the logs human readable (pretty) or as JSON (raw), [pretty] +# "pretty", "raw" +# LOG_STYLE="pretty" + +# Controls the maximum request body size. Accepts number of bytes, or human readable string ["1mb"] +# MAX_PAYLOAD_SIZE="1mb" + +# Where to redirect to when navigating to /. Accepts a relative path, absolute URL, or false to disable ["./admin"] +# ROOT_REDIRECT="./admin" + +# Whether or not to serve the Admin App under /admin. [true] +# SERVE_APP=true + +# Whether or not to enable GraphQL Introspection [true] +# GRAPHQL_INTROSPECTION=true + +# The maximum number of items for batch mutations when creating, updating and deleting. ["Infinity"] +# MAX_BATCH_MUTATION="Infinity" + +#################################################################################################### +### Database + +# All DB_* environment variables are passed to the connection configuration of a Knex instance. +# Based on your project's needs, you can extend the DB_* environment variables with any config +# you need to pass to the database instance. + +DB_CLIENT="sqlite3" +DB_FILENAME="/data/data.db" + +## Postgres +# DB_CLIENT="pg" +# DB_HOST="localhost" +# DB_PORT=5432 +# DB_DATABASE="directus" +# DB_USER="postgres" +# DB_PASSWORD="secret" + +## CockroachDB +# DB_CLIENT="cockroachdb" +# DB_HOST="localhost" +# DB_PORT=26257 +# DB_DATABASE="directus" +# DB_USER="root" +# DB_PASSWORD="" + +## MySQL 8 +# DB_CLIENT="mysql" +# DB_HOST="localhost" +# DB_PORT=3306 +# DB_DATABASE="directus" +# DB_USER="root" +# DB_PASSWORD="secret" + +## MariaDB +# DB_CLIENT="mysql" +# DB_HOST="localhost" +# DB_PORT=3306 +# DB_DATABASE="directus" +# DB_USER="root" +# DB_PASSWORD="secret" + +## MS SQL +# DB_CLIENT="mssql" +# DB_HOST="localhost" +# DB_PORT=1343 +# DB_DATABASE="directus" +# DB_USER="sa" +# DB_PASSWORD="Test@123" + +## OracleDB +# DB_CLIENT="oracledb" +# DB_CONNECT_STRING="localhost:1521/XE" +# DB_USER="secretsysuser" +# DB_PASSWORD="secretpassword" + +## SQLite Example +# DB_CLIENT="sqlite3" +# DB_FILENAME="./data.db" + +## MySQL 5.7 +# DB_CLIENT="mysql" +# DB_HOST="localhost" +# DB_PORT=3306 +# DB_DATABASE="directus" +# DB_USER="root" +# DB_PASSWORD="secret" + +#################################################################################################### +### Rate Limiting + +# Whether or not to enable rate limiting on the API [false] +RATE_LIMITER_ENABLED=false + +# Where to store the rate limiter counts [memory] +# memory, redis, memcache +RATE_LIMITER_STORE=memory +# RATE_LIMITER_REDIS="redis://@127.0.0.1:5105" +# RATE_LIMITER_MEMCACHE="localhost:5109" + +# The amount of allowed hits per duration [50] +RATE_LIMITER_POINTS=25 + +# The time window in seconds in which the hits are counted [1] +RATE_LIMITER_DURATION=1 + +#################################################################################################### +### Caching + +# Whether or not caching is enabled. [false] +CACHE_ENABLED=false + +# How long the cache is persisted ["5m"] +# CACHE_TTL="30m" + +# How to scope the cache data ["directus-cache"] +# CACHE_NAMESPACE="directus-cache" + +# Automatically purge the cache on create, update, and delete actions. [false] +# CACHE_AUTO_PURGE=true + +# memory | redis | memcache +CACHE_STORE=memory + +# How long assets will be cached for in the browser. Sets the max-age value of the Cache-Control header ["30d"] +ASSETS_CACHE_TTL="30d" + +# CACHE_REDIS="redis://@127.0.0.1:5105" +# CACHE_MEMCACHE="localhost:5109" + +#################################################################################################### +### File Storage + +# A CSV of storage locations (eg: local,digitalocean,amazon) to use. You can use any names you'd like for these keys ["local"] +STORAGE_LOCATIONS="local" +STORAGE_LOCAL_DRIVER="local" +STORAGE_LOCAL_ROOT="/data/uploads" + +## S3 Example (location name: DigitalOcean) +# STORAGE_DIGITALOCEAN_DRIVER="s3" +# STORAGE_DIGITALOCEAN_KEY="abcdef" +# STORAGE_DIGITALOCEAN_SECRET="ghijkl" +# STORAGE_DIGITALOCEAN_ENDPOINT="https://ams3.digitaloceanspaces.com" +# STORAGE_DIGITALOCEAN_BUCKET="my-files" +# STORAGE_DIGITALOCEAN_REGION="ams3" + +## Google Cloud Storage Example (location name: Google) +# STORAGE_GOOGLE_DRIVER="gcs" +# STORAGE_GOOGLE_KEY_FILENAME="abcdef" +# STORAGE_GOOGLE_BUCKET="my-files" + +## A comma-separated list of metadata keys to collect during file upload. Use * for all +# Extracting all metadata might cause memory issues when the file has an unusually large set of metadata +# [ifd0.Make,ifd0.Model,exif.FNumber,exif.ExposureTime,exif.FocalLength,exif.ISO] +# FILE_METADATA_ALLOW_LIST= + +#################################################################################################### +### Security + +# Unique identifier for the project +# KEY="xxxxxxx-xxxxxx-xxxxxxxx-xxxxxxxxxx" +KEY="78457793-f4ea-4057-a9ae-87d0f6d32cc8" + +# Secret string for the project +# SECRET="abcdef" +SECRET="cJweH2dRpkM515hQJZSR64jiYCb6QJrZ" + +# The duration that the access token is valid ["15m"] +ACCESS_TOKEN_TTL="15m" + +# The duration that the refresh token is valid, and also how long users stay logged-in to the App ["7d"] +REFRESH_TOKEN_TTL="7d" + +# Whether or not to use a secure cookie for the refresh token in cookie mode [false] +REFRESH_TOKEN_COOKIE_SECURE=false + +# Value for sameSite in the refresh token cookie when in cookie mode ["lax"] +REFRESH_TOKEN_COOKIE_SAME_SITE="lax" + +# Name of refresh token cookie ["directus_refresh_token"] +REFRESH_TOKEN_COOKIE_NAME="directus_refresh_token" + +# Which domain to use for the refresh cookie. Useful for development mode. +# REFRESH_TOKEN_COOKIE_DOMAIN + +# The duration in milliseconds that a login request will be stalled for, +# and it should be greater than the time taken for a login request with an invalid password [500] +# LOGIN_STALL_TIME=500 + +# Whether or not to enable the CORS headers [false] +CORS_ENABLED=true + +# Value for the Access-Control-Allow-Origin header. Use true to match the Origin header, or provide a domain or a CSV of domains for specific access [false] +CORS_ORIGIN=true + +# Value for the Access-Control-Allow-Methods header [GET,POST,PATCH,DELETE] +CORS_METHODS=GET,POST,PATCH,DELETE + +# Value for the Access-Control-Allow-Headers header [Content-Type,Authorization] +CORS_ALLOWED_HEADERS=Content-Type,Authorization + +# Value for the Access-Control-Expose-Headers header [Content-Range] +CORS_EXPOSED_HEADERS=Content-Range + +# Whether or not to send the Access-Control-Allow-Credentials header [true] +CORS_CREDENTIALS=true + +# Value for the Access-Control-Max-Age header [18000] +CORS_MAX_AGE=18000 + +#################################################################################################### +### Argon2 + +# How much memory to use when generating hashes, in KiB [4096] +# HASH_MEMORY_COST=81920 + +# The length of the hash function output in bytes [32] +# HASH_HASH_LENGTH=32 + +# The amount of passes (iterations) used by the hash function. It increases hash strength at the cost of time required to compute [3] +# HASH_TIME_COST=10 + +# The amount of threads to compute the hash on. Each thread has a memory pool with HASH_MEMORY_COST size [1] +# HASH_PARALLELISM=2 + +# The variant of the hash function (0: argon2d, 1: argon2i, or 2: argon2id) [2] +# HASH_TYPE=2 + +# An extra and optional non-secret value. The value will be included B64 encoded in the parameters portion of the digest [] +# HASH_ASSOCIATED_DATA=foo + +#################################################################################################### +### Auth Providers + +# A comma-separated list of auth providers [] +AUTH_PROVIDERS="" +# AUTH_PROVIDERS="github" + +# AUTH_GITHUB_DRIVER="oauth2" +# AUTH_GITHUB_CLIENT_ID="73e...4b" +# AUTH_GITHUB_CLIENT_SECRET="b9...98" +# AUTH_GITHUB_AUTHORIZE_URL="https://github.com/login/oauth/authorize" +# AUTH_GITHUB_ACCESS_URL="https://github.com/login/oauth/access_token" +# AUTH_GITHUB_PROFILE_URL="https://api.github.com/user" +# AUTH_GITHUB_ALLOW_PUBLIC_REGISTRATION=true +# AUTH_GITHUB_DEFAULT_ROLE_ID="82424427-c9d4-4289-8bc5-ed1bf8422c90" +# AUTH_GITHUB_ICON="github" +# AUTH_GITHUB_LABEL="GitHub" +# AUTH_GITHUB_EMAIL_KEY="email" +# AUTH_GITHUB_IDENTIFIER_KEY="login" + +#################################################################################################### +### Extensions + +# Path to your local extensions folder ["./extensions"] +EXTENSIONS_PATH="./extensions" + +# Automatically reload extensions when they have changed [false] +EXTENSIONS_AUTO_RELOAD=false + +#################################################################################################### +### Email + +# Email address from which emails are sent ["no-reply@directus.io"] +EMAIL_FROM="no-reply@directus.io" + +# What to use to send emails. One of +# sendmail, smtp, mailgun, sendgrid, ses. +EMAIL_TRANSPORT="sendmail" +EMAIL_SENDMAIL_NEW_LINE="unix" +EMAIL_SENDMAIL_PATH="/usr/sbin/sendmail" + +## Email (Sendmail Transport) + +# What new line style to use in sendmail ["unix"] +# EMAIL_SENDMAIL_NEW_LINE="unix" + +# Path to your sendmail executable ["/usr/sbin/sendmail"] +# EMAIL_SENDMAIL_PATH="/usr/sbin/sendmail" + +## Email (SMTP Transport) +# EMAIL_SMTP_HOST="localhost" + +# Use SMTP pooling +# EMAIL_SMTP_POOL=true +# EMAIL_SMTP_PORT=465 +# EMAIL_SMTP_SECURE=false # Use TLS +# EMAIL_SMTP_IGNORE_TLS=false +# EMAIL_SMTP_USER="username" +# EMAIL_SMTP_PASSWORD="password" + +## Email (Mailgun Transport) +# EMAIL_MAILGUN_API_KEY="key-1234123412341234" +# EMAIL_MAILGUN_DOMAIN="a domain name from https://app.mailgun.com/app/sending/domains" + +## Email (SendGrid Transport) +# EMAIL_SENDGRID_API_KEY="key-1234123412341234" diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..decf44a --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,41 @@ +version: '3' + +networks: + main: + external: true + +services: + backend: + image: node:lts-bookworm + container_name: backend + restart: unless-stopped + env_file: ./backend/.env.production + networks: + - main + ports: + - '18055:8055' + volumes: + - ./backend:/app + - ./data:/data + labels: + caddy: admin.pca-pijac.dev.civokram.com + caddy.reverse_proxy: '{{upstreams 18055}}' + command: sh -c "npm i -g pnpm && cd /app && pnpm install --production && pnpm run start" + + frontend: + image: node:lts-bookworm + container_name: frontend + restart: unless-stopped + env_file: ./frontend/.env.production + depends_on: + - backend + networks: + - main + ports: + - '13000:3000' + volumes: + - ./frontend:/app + labels: + caddy: pca-pijac.dev.civokram.com + caddy.reverse_proxy: '{{upstreams 13000}}' + command: sh -c "npm i -g pnpm && cd /app && pnpm install --production && sleep 10 && pnpm run build && pnpm run start" diff --git a/frontend/.env.production b/frontend/.env.production new file mode 100644 index 0000000..8bc9766 --- /dev/null +++ b/frontend/.env.production @@ -0,0 +1,4 @@ + +# The URL where your API can be reached on the web. +NEXT_PUBLIC_DIRECTUS_API_URL="https://pca-pijac.dev.civokram.com" +NEXT_PUBLIC_GLOBALS_ID="4f8d9e66-ec95-4bdd-a5e7-34df8ea68a45"