d-bis/Sankofa
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
adb48eb76a1759bfcd75cbf8fa23011a94d2a178
Sankofa/portal/.env.example
defiQUG adb48eb76a
Some checks failed
CD Pipeline / Deploy to Staging (push) Failing after 5s
Details
CI Pipeline / Lint and Type Check (push) Failing after 4s
Details
CI Pipeline / Build (push) Has been skipped
Details
CI Pipeline / Test Backend (push) Failing after 29s
Details
CI Pipeline / Test Frontend (push) Failing after 4s
Details
CI Pipeline / Security Scan (push) Failing after 56s
Details
Deploy to Staging / Deploy to Staging (push) Failing after 10s
Details
Portal CI / Portal Lint (push) Failing after 3s
Details
Portal CI / Portal Type Check (push) Failing after 3s
Details
Portal CI / Portal Test (push) Failing after 4s
Details
Portal CI / Portal Build (push) Failing after 4s
Details
Test Suite / frontend-tests (push) Failing after 8s
Details
Test Suite / api-tests (push) Failing after 8s
Details
CD Pipeline / Deploy to Production (push) Has been cancelled
Details
Test Suite / blockchain-tests (push) Has been cancelled
Details
Type Check / type-check (map[directory:api name:api]) (push) Has been cancelled
Details
Type Check / type-check (map[directory:portal name:portal]) (push) Has been cancelled
Details
Type Check / type-check (map[directory:. name:root]) (push) Has been cancelled
Details
feat(portal): IT ops /it console and read API proxy 
- Role-gated /it page with drift summary and refresh
- Server routes /api/it/drift, inventory, refresh (IT_READ_API_* env)
- Propagate credentials user.role into JWT roles for bootstrap
- Dashboard card for IT roles; document env in .env.example

Made-with: Cursor
2026-04-09 01:20:02 -07:00

31 lines
1.5 KiB
Plaintext
Raw Blame History

# Copy to .env.local — never commit .env.local.
# Public origin must match the browser URL (NPM host), not the LAN upstream IP.
# Apex: https://sankofa.nexus — or use https://portal.sankofa.nexus if that is your vhost.
NEXTAUTH_URL=https://sankofa.nexus
NEXTAUTH_SECRET=generate-with-openssl-rand-base64-32
# Keycloak OIDC (optional). All three must be non-empty or the portal uses credentials only.
KEYCLOAK_URL=https://keycloak.sankofa.nexus
KEYCLOAK_REALM=master
KEYCLOAK_CLIENT_ID=sankofa-portal
KEYCLOAK_CLIENT_SECRET=
# Production email/password login when Keycloak client secret is not set (rotate after enabling SSO).
PORTAL_LOCAL_LOGIN_EMAIL=portal@sankofa.nexus
PORTAL_LOCAL_LOGIN_PASSWORD=change-me-strong-password
NEXT_PUBLIC_CROSSPLANE_API=https://crossplane-api.crossplane-system.svc.cluster.local
NEXT_PUBLIC_ARGOCD_URL=https://argocd.sankofa.nexus
NEXT_PUBLIC_GRAFANA_URL=https://grafana.sankofa.nexus
NEXT_PUBLIC_LOKI_URL=https://loki.monitoring.svc.cluster.local:3100
# Cloudflare Turnstile (public site key). When set, unauthenticated Sign In is gated until the widget succeeds.
# Same widget can be paired with dbis_core IRU inquiry (VITE_CLOUDFLARE_TURNSTILE_SITE_KEY there). Not a DNS API key.
# NEXT_PUBLIC_CLOUDFLARE_TURNSTILE_SITE_KEY=
# IT inventory read API (proxmox Phase 0). Server-side only — do not use NEXT_PUBLIC_* for the key.
# Base URL of sankofa-it-read-api (e.g. http://192.168.11.11:8787 or internal NPM upstream).
# IT_READ_API_URL=http://192.168.11.11:8787
# IT_READ_API_KEY=
Reference in New Issue View Git Blame Copy Permalink