Add configuration guide and remove outdated deployment documents
- Introduced a new comprehensive Configuration Guide detailing environment variable setups, domain configurations, and multi-tenancy settings. - Deleted obsolete Deployment Execution Plan and Deployment Plan documents to streamline documentation and reduce redundancy. - Updated related documentation to reflect these changes and ensure clarity for users.
This commit is contained in:
defiQUG
161
docs/ENV_EXAMPLES.md
Normal file
161
docs/ENV_EXAMPLES.md
Normal file
@@ -0,0 +1,161 @@
|
||||
# Environment Variable Examples
|
||||
|
||||
This document provides example environment variable configurations for all components.
|
||||
|
||||
## API (.env)
|
||||
|
||||
```env
|
||||
# Database Configuration
|
||||
DB_HOST=localhost
|
||||
DB_PORT=5432
|
||||
DB_NAME=sankofa
|
||||
DB_USER=postgres
|
||||
DB_PASSWORD=postgres
|
||||
|
||||
# Server Configuration
|
||||
PORT=4000
|
||||
HOST=0.0.0.0
|
||||
NODE_ENV=development
|
||||
|
||||
# JWT Authentication
|
||||
JWT_SECRET=your-secret-key-change-in-production
|
||||
JWT_EXPIRES_IN=7d
|
||||
|
||||
# Sovereign Identity (Keycloak) - NO Azure dependencies
|
||||
KEYCLOAK_URL=https://keycloak.sankofa.nexus
|
||||
KEYCLOAK_REALM=master
|
||||
KEYCLOAK_CLIENT_ID=sankofa-api
|
||||
KEYCLOAK_CLIENT_SECRET=your-keycloak-client-secret
|
||||
KEYCLOAK_MULTI_REALM=true
|
||||
|
||||
# Multi-Tenancy
|
||||
ENABLE_MULTI_TENANT=true
|
||||
DEFAULT_TENANT_ID=
|
||||
BLOCKCHAIN_IDENTITY_ENABLED=true
|
||||
|
||||
# Billing (Superior to Azure Cost Management)
|
||||
BILLING_GRANULARITY=SECOND
|
||||
BLOCKCHAIN_BILLING_ENABLED=true
|
||||
|
||||
# Blockchain Configuration
|
||||
BLOCKCHAIN_RPC_URL=http://localhost:8545
|
||||
BLOCKCHAIN_CHAIN_ID=2024
|
||||
RESOURCE_PROVISIONING_CONTRACT_ADDRESS=
|
||||
BLOCKCHAIN_PRIVATE_KEY=
|
||||
|
||||
# Proxmox Configuration
|
||||
# Proxmox Instance 1 (192.168.11.10)
|
||||
PROXMOX_1_API_URL=https://192.168.11.10:8006
|
||||
PROXMOX_1_USER=root
|
||||
PROXMOX_1_PASS=your-proxmox-password
|
||||
PROXMOX_1_API_TOKEN=
|
||||
PROXMOX_1_INSECURE_SKIP_TLS_VERIFY=false
|
||||
|
||||
# Proxmox Instance 2 (192.168.11.11)
|
||||
PROXMOX_2_API_URL=https://192.168.11.11:8006
|
||||
PROXMOX_2_USER=root
|
||||
PROXMOX_2_PASS=your-proxmox-password
|
||||
PROXMOX_2_API_TOKEN=
|
||||
PROXMOX_2_INSECURE_SKIP_TLS_VERIFY=false
|
||||
|
||||
# Legacy Proxmox Configuration (defaults to Instance 1 for backward compatibility)
|
||||
PROXMOX_API_URL=https://192.168.11.10:8006
|
||||
PROXMOX_API_TOKEN=
|
||||
PROXMOX_USER=root
|
||||
PROXMOX_PASS=your-proxmox-password
|
||||
|
||||
# Kubernetes Configuration
|
||||
KUBECONFIG=
|
||||
PROMETHEUS_URL=http://localhost:9090
|
||||
|
||||
# Cloudflare Configuration
|
||||
CLOUDFLARE_API_TOKEN=
|
||||
CLOUDFLARE_ACCOUNT_ID=
|
||||
|
||||
# Error Tracking (Optional)
|
||||
SENTRY_DSN=
|
||||
ERROR_TRACKING_ENABLED=false
|
||||
ERROR_TRACKING_ENDPOINT=https://errors.sankofa.nexus/api/errors
|
||||
ERROR_TRACKING_API_KEY=
|
||||
|
||||
# Logging
|
||||
LOG_LEVEL=info
|
||||
LOG_FILE_PATH=
|
||||
ERROR_LOG_FILE_PATH=
|
||||
```
|
||||
|
||||
## Portal (.env.local)
|
||||
|
||||
```env
|
||||
# Keycloak Authentication
|
||||
KEYCLOAK_URL=https://keycloak.sankofa.nexus
|
||||
KEYCLOAK_REALM=sankofa
|
||||
KEYCLOAK_CLIENT_ID=portal-client
|
||||
KEYCLOAK_CLIENT_SECRET=your-client-secret
|
||||
|
||||
# NextAuth Configuration
|
||||
NEXTAUTH_URL=http://localhost:3000
|
||||
NEXTAUTH_SECRET=your-nextauth-secret-change-in-production
|
||||
|
||||
# API Endpoints
|
||||
NEXT_PUBLIC_GRAPHQL_ENDPOINT=http://localhost:4000/graphql
|
||||
NEXT_PUBLIC_GRAPHQL_WS_ENDPOINT=ws://localhost:4000/graphql-ws
|
||||
|
||||
# Infrastructure Services
|
||||
NEXT_PUBLIC_CROSSPLANE_API=https://crossplane.sankofa.nexus
|
||||
NEXT_PUBLIC_ARGOCD_URL=https://argocd.sankofa.nexus
|
||||
NEXT_PUBLIC_GRAFANA_URL=https://grafana.sankofa.nexus
|
||||
NEXT_PUBLIC_LOKI_URL=https://loki.sankofa.nexus:3100
|
||||
NEXT_PUBLIC_KUBERNETES_API=http://localhost:8001
|
||||
|
||||
# Node Environment
|
||||
NODE_ENV=development
|
||||
```
|
||||
|
||||
## Blockchain (.env)
|
||||
|
||||
```env
|
||||
# Hyperledger Besu Configuration
|
||||
BESU_RPC_URL=http://localhost:8545
|
||||
|
||||
# Hardhat Configuration
|
||||
PRIVATE_KEY=your-private-key-for-deployment
|
||||
|
||||
# Network Configuration
|
||||
NETWORK_ID=2024
|
||||
|
||||
# Contract Addresses (Set after deployment)
|
||||
RESOURCE_PROVISIONING_CONTRACT_ADDRESS=
|
||||
IDENTITY_MANAGEMENT_CONTRACT_ADDRESS=
|
||||
BILLING_CONTRACT_ADDRESS=
|
||||
COMPLIANCE_CONTRACT_ADDRESS=
|
||||
```
|
||||
|
||||
## Root (docker-compose .env)
|
||||
|
||||
```env
|
||||
# Database
|
||||
POSTGRES_USER=postgres
|
||||
POSTGRES_PASSWORD=postgres
|
||||
POSTGRES_DB=sankofa
|
||||
|
||||
# API
|
||||
JWT_SECRET=dev-secret-change-in-production
|
||||
NODE_ENV=development
|
||||
|
||||
# Frontend
|
||||
NEXT_PUBLIC_GRAPHQL_ENDPOINT=http://localhost:4000/graphql
|
||||
NEXT_PUBLIC_APP_URL=http://localhost:3000
|
||||
|
||||
# Blockchain
|
||||
BLOCKCHAIN_RPC_URL=http://localhost:8545
|
||||
```
|
||||
|
||||
## Production Notes
|
||||
|
||||
1. **Never commit .env files** - Add to .gitignore
|
||||
2. **Use secrets management** - Kubernetes secrets, Vault, etc.
|
||||
3. **Rotate secrets regularly** - Especially JWT_SECRET
|
||||
4. **Use different secrets per environment** - Dev, staging, production
|
||||
5. **Validate secrets on startup** - The API now validates required secrets
|
||||
|
||||
Reference in New Issue
Block a user