73a7b9fc15
- tls-config: allow production HTTP when TERMINATE_TLS_AT_EDGE=1 (matches CT 7800) - websocket: disable perMessageDeflate on graphql-ws server (RSV1 / proxy compatibility) - server: remove unused @fastify/websocket (standalone ws + graphql-ws only) - package: drop @fastify/websocket dependency; refresh lockfile - .env.example: document HOST and TERMINATE_TLS_AT_EDGE for nginx-terminated TLS Made-with: Cursor
39 lines
1.3 KiB
Plaintext
39 lines
1.3 KiB
Plaintext
# Database Configuration
|
|
DB_HOST=localhost
|
|
DB_PORT=5432
|
|
DB_NAME=sankofa
|
|
DB_USER=postgres
|
|
# For development: minimum 8 characters
|
|
# For production: minimum 32 characters with uppercase, lowercase, numbers, and special characters
|
|
DB_PASSWORD=your_secure_password_here
|
|
|
|
# Application Configuration
|
|
NODE_ENV=development
|
|
PORT=4000
|
|
# Behind nginx/NPM: bind Apollo to loopback only (hub proxies to 127.0.0.1:4000).
|
|
# HOST=127.0.0.1
|
|
# When TLS terminates at the edge, production may run without local cert files.
|
|
# TERMINATE_TLS_AT_EDGE=1
|
|
|
|
# Keycloak Configuration (for Identity Service)
|
|
KEYCLOAK_URL=http://localhost:8080
|
|
KEYCLOAK_REALM=master
|
|
KEYCLOAK_CLIENT_ID=sankofa-api
|
|
KEYCLOAK_CLIENT_SECRET=your_keycloak_client_secret
|
|
|
|
# JWT Configuration
|
|
# For production: minimum 64 characters
|
|
JWT_SECRET=your_jwt_secret_here_minimum_64_chars_for_production
|
|
|
|
# Phoenix API Railing (optional — for /api/v1/infra, /api/v1/ve, /api/v1/health proxy)
|
|
# Base URL of Phoenix Deploy API or Phoenix API (e.g. http://phoenix-deploy-api:4001)
|
|
PHOENIX_RAILING_URL=
|
|
# Optional: API key for server-to-server calls when railing requires PHOENIX_PARTNER_KEYS
|
|
PHOENIX_RAILING_API_KEY=
|
|
|
|
# Public URL for GraphQL Playground link (default http://localhost:4000)
|
|
# PUBLIC_URL=https://api.sankofa.nexus
|
|
|
|
# Logging
|
|
LOG_LEVEL=info
|