Update deployment script to ensure persistent data management, enhance backup and restore processes, and improve error handling. Modify .gitignore to exclude sensitive production data and update deployment documentation to reflect changes. Add environment variable loading for production secrets in configuration files.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 48s
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 48s
This commit is contained in:
Torsten Schulz (local)
@@ -1,3 +1,11 @@
|
||||
// Load environment variables from .env (production secrets)
|
||||
try {
|
||||
// eslint-disable-next-line global-require
|
||||
require('dotenv').config({ path: '/var/www/harheimertc/.env' })
|
||||
} catch (_e) {
|
||||
// If dotenv isn't available or .env missing, continue (process.env may be set elsewhere)
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
apps: [{
|
||||
name: 'harheimertc',
|
||||
@@ -10,7 +18,32 @@ module.exports = {
|
||||
max_memory_restart: '1G',
|
||||
env: {
|
||||
NODE_ENV: 'production',
|
||||
PORT: 3100
|
||||
PORT: 3100,
|
||||
// Secrets/Config (loaded from .env above, if present)
|
||||
ENCRYPTION_KEY: process.env.ENCRYPTION_KEY,
|
||||
JWT_SECRET: process.env.JWT_SECRET,
|
||||
SMTP_HOST: process.env.SMTP_HOST,
|
||||
SMTP_PORT: process.env.SMTP_PORT,
|
||||
SMTP_USER: process.env.SMTP_USER,
|
||||
SMTP_PASS: process.env.SMTP_PASS,
|
||||
SMTP_FROM: process.env.SMTP_FROM,
|
||||
SMTP_ADMIN: process.env.SMTP_ADMIN,
|
||||
NUXT_PUBLIC_BASE_URL: process.env.NUXT_PUBLIC_BASE_URL,
|
||||
COOKIE_SECURE: process.env.COOKIE_SECURE,
|
||||
COOKIE_SAMESITE: process.env.COOKIE_SAMESITE,
|
||||
CSP_ENABLED: process.env.CSP_ENABLED,
|
||||
CSP_REPORT_ONLY: process.env.CSP_REPORT_ONLY,
|
||||
CSP_VALUE: process.env.CSP_VALUE,
|
||||
HIBP_ENABLED: process.env.HIBP_ENABLED,
|
||||
HIBP_USER_AGENT: process.env.HIBP_USER_AGENT,
|
||||
HIBP_TIMEOUT_MS: process.env.HIBP_TIMEOUT_MS,
|
||||
HIBP_CACHE_TTL_MS: process.env.HIBP_CACHE_TTL_MS,
|
||||
HIBP_FAIL_CLOSED: process.env.HIBP_FAIL_CLOSED,
|
||||
AUDIT_LOG_ENABLED: process.env.AUDIT_LOG_ENABLED,
|
||||
WEBAUTHN_ORIGIN: process.env.WEBAUTHN_ORIGIN,
|
||||
WEBAUTHN_RP_ID: process.env.WEBAUTHN_RP_ID,
|
||||
WEBAUTHN_RP_NAME: process.env.WEBAUTHN_RP_NAME,
|
||||
WEBAUTHN_REQUIRE_UV: process.env.WEBAUTHN_REQUIRE_UV
|
||||
},
|
||||
error_file: '/var/log/pm2/harheimertc-error.log',
|
||||
out_file: '/var/log/pm2/harheimertc-out.log',
|
||||
|
||||
Reference in New Issue
Block a user