Update SSL certificate, NGINX configuration, and pgAdmin setup
- Updated the SSL certificate for yuri.phx-erp.de with a new signed certificate. - Added a new NGINX configuration file for pgAdmin reverse proxy under the subpath /pgadmin4. - Enhanced the main NGINX configuration with improved logging, security headers, and real IP handling. - Implemented health check endpoints for both system and worker services with IP whitelisting. - Created a new entrypoint script for pgAdmin to manage .pgpass and servers.json configuration. - Removed the redis.conf file and commented out Redis session caching in the configuration.
This commit is contained in:
48
.env
48
.env
@@ -1,50 +1,40 @@
|
||||
# ===== Enviroment Stage ======
|
||||
ENV_MODE=production
|
||||
NODE_ENV=production
|
||||
# ====== Database Configuration ======
|
||||
POSTGRES_PASSWORD=6MaBQd9ICYeZnCb
|
||||
PGADMIN_DEFAULT_PASSWORD=bET23d76xKArCqf
|
||||
DB_NAME="phoenix"
|
||||
DB_HOST="phoenixDB"
|
||||
DB_PORT=5432
|
||||
DB_USERNAME="postgres"
|
||||
PGADMIN_DEFAULT_EMAIL="info@phx-erp.de"
|
||||
MAIL_SERVER="mail.phx-erp.de"
|
||||
MAIL_PORT=465
|
||||
MAIL_USERNAME="internal@phx-erp.de "
|
||||
MAIL_PASSWORD="8Kb2p4!o1"
|
||||
SECURITY_EMAIL_SENDER="'No Reply PHX <no-reply@phx-erp.de>'"
|
||||
# ====== Phoenix Super Admin Configuration ======
|
||||
SUPER_ADMIN_USER_PASSWORD=zrRzSW5pC4cWwroX976oXcGQU
|
||||
# ====== Redis Configuration ======
|
||||
REDIS_PASSWORD=sBCuVsJkKTSErgF
|
||||
# ====== Worker Configuration ======
|
||||
RUN_JOB_QUEUE=1
|
||||
# ====== Email Configuration ======
|
||||
SMTP_FROM="Yuri Lima <yuri.lima@phx-erp.de>"
|
||||
SMTP_TYPE='smtp'
|
||||
SMTP_NAME='mail.phx-erp.de'
|
||||
SMTP_HOST='mail.phx-erp.de'
|
||||
SMTP_PORT=465
|
||||
SMTP_SECURE='true'
|
||||
SMTP_USER='yuri.lima@phx-erp.de'
|
||||
SMTP_PASS='0rB0@et68'
|
||||
SMTP_LOGGING='true'
|
||||
SMTP_DEBUG='true'
|
||||
SMTP_TLS_REJECT_UNAUTHORIZED='false' # If true will reject self-signed certificates. It will show: Hostname/IP does not match certificate's altnames: Host: mail.phx-erp.de. is not in the cert's altnames: DNS:*.netcup.net, DNS:netcup.net trace
|
||||
SMTP_SECURE_CONNECTION='true' # Not in use
|
||||
# ===== Metris Configuration ======
|
||||
# Loki API URL -> The IP 5.75.153.161 is the Grafana Server where it has a firewall rule to allow the connection. Please, if you change here, need to be change in NGINX too.
|
||||
LOKI_URL=http://grafana.phx-erp.de:3100/loki/api/v1/push
|
||||
LOKI_RETRIES=5
|
||||
LOKI_BATCH_SIZE=500
|
||||
# ===== HTTPS-PORTAL Configuration ======
|
||||
HTTPS_PORTAL_DOMAINS='yuri.phx-erp.de -> phoenix-app'
|
||||
# ====== PHX-SYSTEM Configuration ======
|
||||
PHOENIX_SYSTEM_REPLICAS=1
|
||||
# ======= GraphQl =============
|
||||
GRAPHQL_DEBUG='true'
|
||||
GRAPHQL_TRACING='true'
|
||||
# ======= Integrations =============
|
||||
# Bill Bee
|
||||
BILL_BEE_ACTIVE='true'
|
||||
BILL_BEE_API_KEY='200EEBAD-06E8-4184-B430-3428D6447B92'
|
||||
BILL_BEE_API_USERNAME="yuri.lima"
|
||||
BILL_BEE_API_SECRET='YTB6tgm.dzb0ntf@zqr'
|
||||
BILL_BEE_API_URL='https://api.billbee.io/api/v1'
|
||||
# Channel Pilot Pro
|
||||
CHANNEL_PILOT_PRO_ACTIVE='true'
|
||||
CHANNEL_PILOT_PRO_URL='https://capi.channelpilot.com'
|
||||
CHANNEL_PILOT_PRO_API_MERCHANT_ID=''
|
||||
CHANNEL_PILOT_PRO_API_TOKEN=''
|
||||
CHANNEL_PILOT_PRO_ACCESS_TOKEN=''
|
||||
CHANNEL_PILOT_PRO_EXPIRED_AT=''
|
||||
# Shopify
|
||||
SHOPIFY_ACTIVE='true'
|
||||
SHOPIFY_HOST_NAME='https://phxerpdev.myshopify.com/admin/api/2024-10/graphql.json'
|
||||
SHOPIFY_API_KEY='159142eaee1b747e5cb084cc77564b3e'
|
||||
SHOPIFY_API_SECRET='1be9e99cad669092247f8735da3e0570'
|
||||
SHOPIFY_TOKEN='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'
|
||||
SHOPIFY_HOST_SCHEME='https'
|
||||
SHOPIFY_IS_EMBEDDED_APP='true'
|
||||
|
||||
Reference in New Issue
Block a user