mirror of
https://github.com/velocitatem/cvfs.git
synced 2026-05-31 08:43:37 +00:00
aa419cde0d
- Replace ReportLab PDF export with LibreOffice headless for proper DOCX formatting preservation - Add libreoffice-writer + fonts-liberation to backend Dockerfile - Proxy public CV PDFs through frontend (/cv/[slug]) instead of redirecting to MinIO storage directly - Fix docker-compose: route backend/worker to internal MinIO URL (http://cvfs-minio:9000), remove MinIO from public network, parameterize all domain/env vars - Add storage cleanup (MinIO artifact deletion) when a document is deleted - Add docker-compose.standalone.yml for self-deployment without Traefik/dokploy - Update .env.example with comprehensive self-deployment documentation https://claude.ai/code/session_017HGM9VPptZG52asT5pbL6Y
59 lines
3.4 KiB
Plaintext
59 lines
3.4 KiB
Plaintext
# Resume Branches — environment configuration
|
|
# Copy this file to .env and fill in values before running docker compose.
|
|
# For standalone (no Traefik): docker compose -f docker-compose.standalone.yml up -d
|
|
# For Traefik-based production: docker compose up -d (edit Traefik labels in docker-compose.yml)
|
|
|
|
# ── General ───────────────────────────────────────────────────────────────────
|
|
NAME=cvfs
|
|
COMPOSE_PROJECT_NAME=cvfs
|
|
|
|
# ── Public URLs ───────────────────────────────────────────────────────────────
|
|
# The URL users visit to access the app (no trailing slash).
|
|
# Standalone local: http://localhost:3000
|
|
# Production with a domain: https://cv.example.com
|
|
PUBLIC_BASE_URL=http://localhost:3000
|
|
|
|
# Domain used to construct published CV links (hostname only, no scheme).
|
|
CV_PUBLIC_DOMAIN=localhost
|
|
|
|
# ── Backend ───────────────────────────────────────────────────────────────────
|
|
BACKEND_PORT=8080
|
|
DATABASE_URL=postgresql+asyncpg://postgres:postgres@localhost:5432/resume_branches
|
|
# Comma-separated list of allowed CORS origins
|
|
CORS_ORIGINS=http://localhost:3000
|
|
|
|
# ── PostgreSQL ────────────────────────────────────────────────────────────────
|
|
POSTGRES_PASSWORD=postgres
|
|
|
|
# ── Redis ─────────────────────────────────────────────────────────────────────
|
|
REDIS_URL=redis://localhost:6379/0
|
|
|
|
# ── MinIO object storage ──────────────────────────────────────────────────────
|
|
# Internal URL used by backend/worker (keep as-is for Docker deployments).
|
|
MINIO_ENDPOINT=http://localhost:9000
|
|
MINIO_BUCKET=resume-branches
|
|
MINIO_REGION=us-east-1
|
|
MINIO_ROOT_USER=minioadmin
|
|
MINIO_ROOT_PASSWORD=minioadmin
|
|
# MinIO admin console port (standalone mode only)
|
|
MINIO_CONSOLE_PORT=9001
|
|
|
|
# ── Frontend port (standalone mode only) ─────────────────────────────────────
|
|
WEBAPP_PORT=3000
|
|
|
|
# ── Auth — OIDC (optional) ────────────────────────────────────────────────────
|
|
# Set AUTH_DISABLE_VERIFICATION=false and configure OIDC to require authentication.
|
|
# Any OIDC-compatible provider works (Authentik, Keycloak, Auth0, Zitadel, etc.).
|
|
AUTH_DISABLE_VERIFICATION=true
|
|
AUTH_OIDC_ISSUER=
|
|
AUTH_OIDC_AUDIENCE=
|
|
|
|
# Frontend OIDC config (baked into the Next.js build — requires rebuild on change)
|
|
NEXT_PUBLIC_AUTHENTIK_ISSUER=
|
|
NEXT_PUBLIC_AUTHENTIK_CLIENT_ID=
|
|
AUTHENTIK_CLIENT_SECRET=
|
|
|
|
# ── AI tailoring (optional) ───────────────────────────────────────────────────
|
|
# Leave blank to use the built-in rule-based tailoring instead of Claude.
|
|
ANTHROPIC_API_KEY=
|