mirror of
https://github.com/velocitatem/cvfs.git
synced 2026-05-31 08:43:37 +00:00
Prepare repository for public deployment
- Replace ReportLab PDF export with LibreOffice headless for proper DOCX formatting preservation - Add libreoffice-writer + fonts-liberation to backend Dockerfile - Proxy public CV PDFs through frontend (/cv/[slug]) instead of redirecting to MinIO storage directly - Fix docker-compose: route backend/worker to internal MinIO URL (http://cvfs-minio:9000), remove MinIO from public network, parameterize all domain/env vars - Add storage cleanup (MinIO artifact deletion) when a document is deleted - Add docker-compose.standalone.yml for self-deployment without Traefik/dokploy - Update .env.example with comprehensive self-deployment documentation https://claude.ai/code/session_017HGM9VPptZG52asT5pbL6Y
This commit is contained in:
Claude
100
.env.example
100
.env.example
@@ -1,66 +1,58 @@
|
||||
NAME=myproject
|
||||
COMPOSE_PROJECT_NAME=$NAME
|
||||
# Resume Branches — environment configuration
|
||||
# Copy this file to .env and fill in values before running docker compose.
|
||||
# For standalone (no Traefik): docker compose -f docker-compose.standalone.yml up -d
|
||||
# For Traefik-based production: docker compose up -d (edit Traefik labels in docker-compose.yml)
|
||||
|
||||
# Backend
|
||||
BACKEND_MODE=fastapi
|
||||
BACKEND_PORT=9812
|
||||
# ── General ───────────────────────────────────────────────────────────────────
|
||||
NAME=cvfs
|
||||
COMPOSE_PROJECT_NAME=cvfs
|
||||
|
||||
# ── Public URLs ───────────────────────────────────────────────────────────────
|
||||
# The URL users visit to access the app (no trailing slash).
|
||||
# Standalone local: http://localhost:3000
|
||||
# Production with a domain: https://cv.example.com
|
||||
PUBLIC_BASE_URL=http://localhost:3000
|
||||
|
||||
# Domain used to construct published CV links (hostname only, no scheme).
|
||||
CV_PUBLIC_DOMAIN=localhost
|
||||
|
||||
# ── Backend ───────────────────────────────────────────────────────────────────
|
||||
BACKEND_PORT=8080
|
||||
DATABASE_URL=postgresql+asyncpg://postgres:postgres@localhost:5432/resume_branches
|
||||
# Comma-separated list of allowed CORS origins
|
||||
CORS_ORIGINS=http://localhost:3000
|
||||
|
||||
# Ports
|
||||
REDIS_PORT=6378
|
||||
GRAFANA_PORT=3125
|
||||
LOKI_PORT=3142
|
||||
|
||||
# PostgreSQL
|
||||
POSTGRES_PORT=5432
|
||||
POSTGRES_DB=app
|
||||
POSTGRES_USER=postgres
|
||||
# ── PostgreSQL ────────────────────────────────────────────────────────────────
|
||||
POSTGRES_PASSWORD=postgres
|
||||
POSTGRES_HOST=localhost
|
||||
|
||||
# MongoDB
|
||||
MONGO_PORT=27017
|
||||
MONGO_DB=app
|
||||
MONGO_USER=admin
|
||||
MONGO_PASSWORD=admin123
|
||||
MONGO_HOST=localhost
|
||||
# ── Redis ─────────────────────────────────────────────────────────────────────
|
||||
REDIS_URL=redis://localhost:6379/0
|
||||
|
||||
DATABASE_TYPE=postgres
|
||||
|
||||
# Redis
|
||||
REDIS_URL=redis://localhost:$REDIS_PORT
|
||||
|
||||
# Logging
|
||||
LOGDIR="/tmp/logs-$NAME/"
|
||||
|
||||
# Supabase (webapp auth - set NEXT_PUBLIC_REQUIRE_AUTH=true to enable gating)
|
||||
NEXT_PUBLIC_REQUIRE_AUTH=false
|
||||
NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
|
||||
NEXT_PUBLIC_SUPABASE_PUBLISHABLE_KEY=your_supabase_anon_key_here
|
||||
# Server-side proxy target (read by next.config.ts at runtime, not baked into the bundle)
|
||||
API_BASE_URL=http://localhost:9812
|
||||
|
||||
# MinIO Object Storage (used instead of S3)
|
||||
MINIO_ROOT_USER=minioadmin
|
||||
MINIO_ROOT_PASSWORD=minioadmin
|
||||
MINIO_ENDPOINT=http://localhost:9900
|
||||
# ── MinIO object storage ──────────────────────────────────────────────────────
|
||||
# Internal URL used by backend/worker (keep as-is for Docker deployments).
|
||||
MINIO_ENDPOINT=http://localhost:9000
|
||||
MINIO_BUCKET=resume-branches
|
||||
MINIO_REGION=us-east-1
|
||||
MINIO_ROOT_USER=minioadmin
|
||||
MINIO_ROOT_PASSWORD=minioadmin
|
||||
# MinIO admin console port (standalone mode only)
|
||||
MINIO_CONSOLE_PORT=9001
|
||||
|
||||
# ML
|
||||
ML_LATEST_WEIGHTS_PATH=/app/models/weights
|
||||
MLFLOW_TRACKING_URI=http://localhost:5000
|
||||
# ── Frontend port (standalone mode only) ─────────────────────────────────────
|
||||
WEBAPP_PORT=3000
|
||||
|
||||
# AI / Agents
|
||||
ANTHROPIC_API_KEY=sk-ant-...
|
||||
# Auth / Publishing
|
||||
PUBLIC_BASE_URL=https://cv.alves.world
|
||||
CV_PUBLIC_DOMAIN=cv.alves.world
|
||||
# ── Auth — OIDC (optional) ────────────────────────────────────────────────────
|
||||
# Set AUTH_DISABLE_VERIFICATION=false and configure OIDC to require authentication.
|
||||
# Any OIDC-compatible provider works (Authentik, Keycloak, Auth0, Zitadel, etc.).
|
||||
AUTH_DISABLE_VERIFICATION=true
|
||||
# AUTH_OIDC_ISSUER=
|
||||
# AUTH_OIDC_AUDIENCE=
|
||||
# Optional: use Bedrock instead of direct Anthropic API
|
||||
# CLAUDE_CODE_USE_BEDROCK=1
|
||||
# Optional: use Vertex AI
|
||||
# CLAUDE_CODE_USE_VERTEX=1
|
||||
AUTH_OIDC_ISSUER=
|
||||
AUTH_OIDC_AUDIENCE=
|
||||
|
||||
# Frontend OIDC config (baked into the Next.js build — requires rebuild on change)
|
||||
NEXT_PUBLIC_AUTHENTIK_ISSUER=
|
||||
NEXT_PUBLIC_AUTHENTIK_CLIENT_ID=
|
||||
AUTHENTIK_CLIENT_SECRET=
|
||||
|
||||
# ── AI tailoring (optional) ───────────────────────────────────────────────────
|
||||
# Leave blank to use the built-in rule-based tailoring instead of Claude.
|
||||
ANTHROPIC_API_KEY=
|
||||
|
||||
Reference in New Issue
Block a user