# ============================================================================= # Customer Portal - Portainer Environment Variables # ============================================================================= # Copy these into Portainer UI when creating/updating the stack # Replace all placeholder values with your actual secrets # ============================================================================= # ----------------------------------------------------------------------------- # Images & Ports # ----------------------------------------------------------------------------- FRONTEND_IMAGE=portal-frontend BACKEND_IMAGE=portal-backend IMAGE_TAG=latest FRONTEND_PORT=3000 BACKEND_PORT=4000 # ----------------------------------------------------------------------------- # Application # ----------------------------------------------------------------------------- APP_NAME=customer-portal-bff APP_BASE_URL=https://asolutions.jp CORS_ORIGIN=https://asolutions.jp # ----------------------------------------------------------------------------- # Database (PostgreSQL) # ----------------------------------------------------------------------------- POSTGRES_DB=portal_prod POSTGRES_USER=portal POSTGRES_PASSWORD= # ----------------------------------------------------------------------------- # Security & Auth # ----------------------------------------------------------------------------- # Generate with: openssl rand -base64 32 JWT_SECRET= JWT_SECRET_PREVIOUS= JWT_EXPIRES_IN=7d # JWT claim validation (required; must be non-empty strings) # - JWT_ISSUER: who issues tokens (this backend). Use your production origin. # - JWT_AUDIENCE: who the token is intended for (your portal/app). Often same as issuer. # Keep these stable per environment to prevent prod/dev token mix-ups. JWT_ISSUER=https://asolutions.jp JWT_AUDIENCE=https://asolutions.jp BCRYPT_ROUNDS=12 CSRF_SECRET_KEY= # Auth Settings AUTH_ALLOW_REDIS_TOKEN_FAILOPEN=false AUTH_REQUIRE_REDIS_FOR_TOKENS=false AUTH_BLACKLIST_FAIL_CLOSED=false AUTH_MAINTENANCE_MODE=false # Rate Limiting RATE_LIMIT_TTL=60 RATE_LIMIT_LIMIT=100 # ----------------------------------------------------------------------------- # WHMCS Integration # ----------------------------------------------------------------------------- WHMCS_BASE_URL=https://accounts.asolutions.co.jp WHMCS_API_IDENTIFIER= WHMCS_API_SECRET= # ----------------------------------------------------------------------------- # Salesforce Integration # ----------------------------------------------------------------------------- SF_LOGIN_URL=https://asolutions.my.salesforce.com SF_CLIENT_ID= SF_USERNAME= SF_EVENTS_ENABLED=true # Salesforce Private Key (recommended handling) # ----------------------------------------------------------------------------- # IMPORTANT: # - Do NOT paste raw PEM in Portainer env. # - Prefer mounting the key file into the container and setting SF_PRIVATE_KEY_PATH. # - If you must use env, use SF_PRIVATE_KEY_BASE64 (single-line base64) and the container # entrypoint will write it to SF_PRIVATE_KEY_PATH. # # Option A (preferred): mount a file (no env secret) # - Mount host file -> /app/secrets/sf-private.key (read-only) # - Set: # SF_PRIVATE_KEY_PATH=/app/secrets/sf-private.key # - Leave SF_PRIVATE_KEY_BASE64 empty/unset # # Option B: env var (least preferred) # 1) Ensure you have the *private key* PEM (NOT a certificate): # -----BEGIN PRIVATE KEY----- (PKCS8) OR -----BEGIN RSA PRIVATE KEY----- (PKCS1) # 2) Base64 encode into ONE line (Linux): # base64 -w0 sf-private.key # 3) Paste that output into SF_PRIVATE_KEY_BASE64 (no quotes, no newlines) # # NOTE: Never commit real key material into git. Keep only placeholders here. SF_PRIVATE_KEY_BASE64= # ----------------------------------------------------------------------------- # Freebit SIM API # ----------------------------------------------------------------------------- FREEBIT_BASE_URL=https://i1.mvno.net/emptool/api FREEBIT_OEM_ID=PASI FREEBIT_OEM_KEY= # ----------------------------------------------------------------------------- # Email (SendGrid) # ----------------------------------------------------------------------------- EMAIL_ENABLED=true EMAIL_FROM=no-reply@asolutions.jp EMAIL_FROM_NAME=Assist Solutions SENDGRID_API_KEY= # ----------------------------------------------------------------------------- # Salesforce Portal Config # ----------------------------------------------------------------------------- PORTAL_PRICEBOOK_ID= PORTAL_PRICEBOOK_NAME=Portal # ----------------------------------------------------------------------------- # Logging # ----------------------------------------------------------------------------- LOG_LEVEL=info