senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/.env.example
senke 172ff497bf
Some checks failed
Veza CI / Notify on failure (push) Has been cancelled
Details
Veza CI / Frontend (Web) (push) Has been cancelled
Details
Veza CI / Rust (Stream Server) (push) Has been cancelled
Details
Veza CI / Backend (Go) (push) Has been cancelled
Details
Security Scan / Secret Scanning (gitleaks) (push) Has been cancelled
Details
docs(J2): align docs with reality — rewrite CLAUDE.md, fix README, purge chat-server refs 
Completes Day 2 of the v1.0.3 → v1.0.4 cleanup sprint. The documentation
now describes the actual repo layout instead of a fictional one.

CLAUDE.md — complete rewrite
  Old version referenced paths that don't exist and a protocol aimed at
  implementing v0.11.0 (current tag: v1.0.3). The agent was following a
  map for a city that had been rebuilt.
  - backend/        → veza-backend-api/
  - frontend/       → apps/web/
  - ORIGIN/ (root)  → veza-docs/ORIGIN/
  - veza-chat-server → merged into backend-api (v0.502, commit 05d02386d)
  - apps/desktop/   → never existed
  Also refreshed: stack versions (Go 1.25, Vite 5, React 18.2, Axum 0.8),
  commands, conventions, hook bypasses (SKIP_TYPES/SKIP_TESTS/SKIP_E2E),
  scope rules kept as immutable (no AI/ML, no Web3, no gamification, no
  dark patterns, no public popularity metrics).

README.md — targeted fixes
  - "Version cible: v0.101" → "Version courante: v1.0.4"
  - "Development Setup (v0.9.3)" → "Development Setup"
  - Removed Desktop (Electron) section — never implemented
  - Removed veza-chat-server from structure — merged into backend
  - Removed deprecated compose files section (nothing is DEPRECATED now)

k8s runbooks — remove stale chat-server references
  The disaster-recovery runbooks still scaled/restarted a deployment
  that no longer exists. In a real failover these commands would have
  failed silently and blocked the procedure. Files patched:
    - k8s/disaster-recovery/runbooks/cluster-failover.md
    - k8s/disaster-recovery/runbooks/data-restore.md
    - k8s/disaster-recovery/runbooks/database-failover.md
    - k8s/disaster-recovery/runbooks/rollback-procedure.md
    - k8s/network-policies/README.md
    - k8s/secrets/README.md
    - k8s/secrets.yaml.example
  Each reference is replaced by a short inline note pointing to v0.502
  (commit 05d02386d) so future readers understand the history.

.env.example — remove CHAT_JWT_SECRET
  Legacy env var for the deleted chat server. Replaced by an explanatory
  comment.

Not in this commit (user handles on Forgejo):
  - Closing the 5 open dependabot PRs on veza-chat-server/* branches
  - Deleting those 5 remote branches after the PRs are closed

Refs: AUDIT_REPORT.md §5.1, §7.1, §10 P1, §10 P4
2026-04-14 17:23:50 +02:00

79 lines
3 KiB
Text
Raw Blame History

# Veza Environment - Copy to .env and customize
# =============================================
# PORT ISOLATION: Veza uses 15xxx/16xxx ports by default to avoid conflicts
# with other projects (postgres 5432, redis 6379, rabbitmq 5672, backend 8080).
#
# Backend on HOST connects to Docker via these mapped ports.
# Backend in DOCKER uses internal names (postgres:5432, redis:6379, rabbitmq:5672).
# Domain (must match /etc/hosts: 127.0.0.1 veza.fr)
APP_DOMAIN=veza.fr
# Docker Compose - host port mappings (override if needed)
# All application services listen on these ports both locally and in Docker.
PORT_BACKEND=18080
PORT_STREAM=18082
PORT_POSTGRES=15432
PORT_REDIS=16379
PORT_RABBITMQ_AMQP=15672
PORT_RABBITMQ_MGMT=25672
PORT_CLAMAV=13310
PORT_MINIO=19000
PORT_MINIO_CONSOLE=19001
PORT_ELASTICSEARCH=19200
PORT_RTMP=1935
PORT_RTMP_HTTP=18083
PORT_HYPERSWITCH=18081
# Database (used when backend runs on host; matches docker-compose)
DB_USER=veza
DB_PASSWORD=password
DB_NAME=veza
# Frontend URL (OAuth redirect, password reset links, email links)
# Backend reads FRONTEND_URL or VITE_FRONTEND_URL; fallback: http://localhost:5173
FRONTEND_URL=http://veza.fr:5173
# --- JWT (v0.9.1 RS256) ---
# REQUIRED for production: RSA key paths (generate with scripts/generate-jwt-keys.sh)
# JWT_PRIVATE_KEY_PATH=/path/to/jwt-private.pem
# JWT_PUBLIC_KEY_PATH=/path/to/jwt-public.pem
# REQUIRED: JWT_SECRET must be set (no default fallback in docker-compose)
JWT_SECRET=min-32-characters-secret-for-development
# JWT_ISSUER=veza-api
# JWT_AUDIENCE=veza-platform
# OAuth Security (v0.902 Sentinel)
# OAUTH_ENCRYPTION_KEY: 32+ bytes for AES-256-GCM (hex or base64). REQUIRED in production.
# OAUTH_ALLOWED_REDIRECT_DOMAINS: comma-separated whitelist (e.g. https://app.veza.com,https://veza.fr:5173)
# OAUTH_ENCRYPTION_KEY=<32-byte-hex-or-base64-key>
# OAUTH_ALLOWED_REDIRECT_DOMAINS=https://veza.fr:5173,https://app.veza.com
# Chat: merged into backend-api since v0.502 (commit 05d02386d) — no separate CHAT_JWT_SECRET.
# For veza-backend-api/.env (backend on host):
# DATABASE_URL=postgres://veza:password@veza.fr:15432/veza?sslmode=disable
# REDIS_URL=redis://:password@veza.fr:16379
# REDIS_PASSWORD=devpassword
# RABBITMQ_URL=amqp://veza:password@veza.fr:15672/
#
# Stripe Connect (seller payout, optional):
# STRIPE_CONNECT_ENABLED=true
# STRIPE_SECRET_KEY=sk_xxx
# STRIPE_CONNECT_WEBHOOK_SECRET=whsec_xxx
#
# Platform fee rate on marketplace sales (0.10 = 10%)
# PLATFORM_FEE_RATE=0.10
#
# Transfer Retry Worker (v0.701, default: enabled, 3 max retries, 5m interval)
# TRANSFER_RETRY_ENABLED=true
# TRANSFER_RETRY_MAX=3
# TRANSFER_RETRY_INTERVAL=5m
#
# Live Streaming (v0.10.6 F471) — Nginx-RTMP callbacks & HLS URL
# RTMP_CALLBACK_SECRET: shared secret for Nginx-RTMP on_publish/publish_done callbacks
# STREAM_HLS_BASE_URL: base URL for HLS playlists (e.g. http://localhost:18083/live)
# NGINX_RTMP_HOST: host for rtmp_url shown to streamers (e.g. stream.veza.app)
# RTMP_CALLBACK_SECRET=<shared-secret>
# STREAM_HLS_BASE_URL=http://localhost:18083/live
# NGINX_RTMP_HOST=localhost
Reference in a new issue View git blame Copy permalink