Fase 0: scaffold monorepo, SvelteKit skeleton, and dev infrastructure
- Turborepo + pnpm workspaces with apps/web and packages/types - SvelteKit app: Tailwind, Paraglide i18n (en/es), keycloak-js, Supabase client, auth/collective stores, PWA service worker skeleton, all route placeholders - packages/types: domain types (User, Collective, ShoppingList, etc.) and database.ts placeholder for generated types - Justfile with dev, db-*, kc-*, build, backup, restore, deploy recipes - infra/docker-compose.dev.yml: Postgres 15, GoTrue, PostgREST, Realtime v2.83, Storage, Kong (port 8001), Studio, Keycloak 24 - infra/docker-compose.prod.yml, kong.yml, db-init scripts, backup/deploy scripts - keycloak/realm-export.json with colectivo realm and 5 dev test users - supabase/config.toml and seed.sql with sample collective and items - GitHub Actions: ci.yml (lint+typecheck+build) and deploy.yml (GHCR + SSH) - .env.example documenting all required variables - Fixed docker-compose issues: Studio image tag, Kong port conflict (8001), internal role passwords init script, Realtime METRICS_JWT_SECRET/APP_NAME Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
70
.env.example
Normal file
70
.env.example
Normal file
@@ -0,0 +1,70 @@
|
||||
# ─────────────────────────────────────────────────────────────────────────────
|
||||
# Colectivo — environment variables
|
||||
# Copy to .env and fill in real values. Never commit .env to version control.
|
||||
# ─────────────────────────────────────────────────────────────────────────────
|
||||
|
||||
# ── Supabase ──────────────────────────────────────────────────────────────────
|
||||
|
||||
# URL of the self-hosted Supabase instance (Kong gateway)
|
||||
PUBLIC_SUPABASE_URL=http://localhost:8001
|
||||
|
||||
# Supabase anon key (public, safe to expose in the browser)
|
||||
# Generated during `supabase start` or set manually in supabase/config.toml
|
||||
PUBLIC_SUPABASE_ANON_KEY=
|
||||
|
||||
# Supabase service role key (private — never expose in the browser)
|
||||
# Used only in Edge Functions or server-side scripts
|
||||
SUPABASE_SERVICE_ROLE_KEY=
|
||||
|
||||
# JWT secret — MUST be set to the Keycloak RS256 public key (PEM format, one line)
|
||||
# Supabase uses this to validate Keycloak-issued JWTs for RLS
|
||||
# Rotate simultaneously with Keycloak signing key rotation
|
||||
SUPABASE_JWT_SECRET=
|
||||
|
||||
# ── Keycloak ──────────────────────────────────────────────────────────────────
|
||||
|
||||
# Public URL of the Keycloak server (used by the browser for OIDC redirects)
|
||||
PUBLIC_KEYCLOAK_URL=http://localhost:8080
|
||||
|
||||
# Keycloak realm name
|
||||
PUBLIC_KEYCLOAK_REALM=colectivo
|
||||
|
||||
# Keycloak client ID (public PKCE client — no secret)
|
||||
PUBLIC_KEYCLOAK_CLIENT_ID=colectivo-web
|
||||
|
||||
# Keycloak admin credentials (used by infra scripts only — never in app code)
|
||||
KEYCLOAK_ADMIN=admin
|
||||
KEYCLOAK_ADMIN_PASSWORD=
|
||||
|
||||
# ── Email (Resend) ────────────────────────────────────────────────────────────
|
||||
|
||||
# Resend API key — used by Edge Functions to send invitation emails
|
||||
RESEND_API_KEY=
|
||||
|
||||
# From address for outgoing emails
|
||||
RESEND_FROM_EMAIL=noreply@yourdomain.com
|
||||
|
||||
# ── Backup (Backblaze B2) ─────────────────────────────────────────────────────
|
||||
|
||||
B2_BUCKET_NAME=colectivo-backups
|
||||
B2_APPLICATION_KEY_ID=
|
||||
B2_APPLICATION_KEY=
|
||||
|
||||
# ── App ───────────────────────────────────────────────────────────────────────
|
||||
|
||||
# Publicly accessible origin of the app (no trailing slash)
|
||||
# Used in Edge Functions to build invitation URLs
|
||||
PUBLIC_APP_URL=http://localhost:5173
|
||||
|
||||
# ── Docker / Infra ────────────────────────────────────────────────────────────
|
||||
|
||||
# Postgres superuser password (used by Supabase internally)
|
||||
POSTGRES_PASSWORD=
|
||||
|
||||
# Supabase dashboard username/password (Studio)
|
||||
DASHBOARD_USERNAME=supabase
|
||||
DASHBOARD_PASSWORD=
|
||||
|
||||
# Production SSH target for deploy script
|
||||
DEPLOY_HOST=user@your-vps-ip
|
||||
DEPLOY_PATH=/opt/colectivo
|
||||
Reference in New Issue
Block a user