Main_cloud

.env.example

@@ -1,9 +1,141 @@
-FREESTYLE_API_KEY=...
-ANTHROPIC_API_KEY=...
-DATABASE_URL=postgres://...
-
-NEXT_PUBLIC_STACK_PROJECT_ID=<your-project-id>
-NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY=<your-publishable-client-key>
-STACK_SECRET_SERVER_KEY=<your-secret-server-key>
-
-PREVIEW_DOMAIN=thepreviewdomain.com
+DATABASE_URL="postgresql://erp:erp_password@postgres:5432/erp_db?schema=public"
+REDIS_URL="redis://redis:6379"
+JWT_SECRET="replace_this_with_secure_random"
+PORT=8000
+NODE_ENV=development
+LOG_LEVEL=info
+CORS_ORIGINS="http://localhost:3000
+http://localhost:8000"
+SESSION_SECRET="replace_this_with_secure_random_session_secret"
+EMAIL_HOST="smtp.example.com"
+EMAIL_PORT=587
+EMAIL_USER="
+EMAIL_PASSWORD="
+EMAIL_FROM="
+EMAIL_USE_TLS=true
+EMAIL_USE_SSL=false
+SMTP_TIMEOUT=5000
+API_RATE_LIMIT=100
+API_RATE_LIMIT_WINDOW=15
+FILE_STORAGE_PATH="/var/www/erp/files"
+MAX_FILE_UPLOAD_SIZE=10485760
+ENABLE_FILE_UPLOADS=true
+BACKUP_SCHEDULE="0 2 * * *"
+BACKUP_PATH="/var/backups/erp"
+ENABLE_BACKUPS=true
+MAINTENANCE_MODE=false
+ADMIN_EMAIL="
+ADMIN_PASSWORD="replace_this_with_secure_admin_password"
+SUPPORT_EMAIL="
+SUPPORT_PHONE="+1-800-555-1234"
+DEFAULT_LANGUAGE="en"
+DEFAULT_TIMEZONE="UTC"
+ENABLE_ANALYTICS=true
+ANALYTICS_API_KEY=""
+THIRD_PARTY_API_KEY=""
+THIRD_PARTY_API_SECRET=""
+THIRD_PARTY_API_ENDPOINT="https://api.thirdparty.com"
+FEATURE_FLAG_NEW_DASHBOARD=false
+FEATURE_FLAG_BETA_USERS=true
+LOG_TO_FILE=true
+LOG_FILE_PATH="/var/log/erp/app.log"
+MAX_LOG_FILE_SIZE=10485760
+MAX_LOG_BACKUPS=5
+SESSION_TIMEOUT=3600
+ENABLE_2FA=false
+TWO_FA_ISSUER_NAME="ERP System"
+TWO_FA_DIGITS=6
+TWO_FA_PERIOD=30
+TWO_FA_ALGORITHM="SHA1"
+PAYMENT_GATEWAY_API_KEY=""
+PAYMENT_GATEWAY_API_SECRET=""
+PAYMENT_GATEWAY_ENDPOINT="https://api.paymentgateway.com"
+ENABLE_PAYMENTS=false
+PAYMENT_CURRENCY="USD"
+INVOICE_NUMBER_PREFIX="INV-"
+INVOICE_DUE_DAYS=30
+TAX_RATE=0.075
+SHIPPING_FLAT_RATE=5.00
+ENABLE_SHIPPING_CALCULATOR=true
+SHIPPING_API_KEY=""
+SHIPPING_API_ENDPOINT="https://api.shippingprovider.com"
+ENABLE_EMAIL_NOTIFICATIONS=true
+NOTIFICATION_EMAIL_TEMPLATE_PATH="/var/www/erp/email_templates"
+ENABLE_SMS_NOTIFICATIONS=false
+SMS_API_KEY=""
+SMS_API_ENDPOINT="https://api.smsprovider.com"
+SMS_SENDER_ID="ERPSystem"
+ENABLE_PUSH_NOTIFICATIONS=false
+PUSH_API_KEY=""
+PUSH_API_ENDPOINT="https://api.pushprovider.com"
+PUSH_SENDER_ID="ERPSystem"
+ENABLE_SOCIAL_LOGIN=false
+SOCIAL_LOGIN_GOOGLE_CLIENT_ID=""
+SOCIAL_LOGIN_GOOGLE_CLIENT_SECRET=""
+SOCIAL_LOGIN_FACEBOOK_APP_ID=""
+SOCIAL_LOGIN_FACEBOOK_APP_SECRET=""
+SOCIAL_LOGIN_TWITTER_API_KEY=""
+SOCIAL_LOGIN_TWITTER_API_SECRET=""
+ENABLE_LDAP_AUTHENTICATION=false
+LDAP_SERVER_URL="ldap://ldap.example.com"
+LDAP_BASE_DN="dc=example,dc=com"
+LDAP_BIND_DN=""
+LDAP_BIND_PASSWORD=""
+LDAP_USER_FILTER="(uid={0})"
+LDAP_GROUP_FILTER="(member={0})"
+ENABLE_SAML_AUTHENTICATION=false
+SAML_IDP_ENTITY_ID=""
+SAML_IDP_SSO_URL=""
+SAML_IDP_CERTIFICATE=""
+SAML_SP_ENTITY_ID="urn:erp:sp"
+SAML_SP_ACS_URL="https://erp.example.com/saml/acs"
+SAML_SP_CERTIFICATE=""
+SAML_SP_PRIVATE_KEY=""
+ENABLE_OAUTH2_AUTHENTICATION=false
+OAUTH2_PROVIDER_URL=""
+OAUTH2_CLIENT_ID=""
+OAUTH2_CLIENT_SECRET=""
+OAUTH2_REDIRECT_URI="https://erp.example.com/oauth2/callback"
+OAUTH2_SCOPES="openid profile email"
+OAUTH2_USERINFO_ENDPOINT=""
+OAUTH2_JWKS_URI=""
+OAUTH2_TOKEN_ENDPOINT=""
+OAUTH2_AUTHORIZATION_ENDPOINT=""
+OAUTH2_LOGOUT_ENDPOINT=""
+OAUTH2_ENABLE_PKCE=true
+OAUTH2_ENABLE_STATE=true
+OAUTH2_ENABLE_NONCE=true
+OAUTH2_ENABLE_REFRESH_TOKENS=true
+OAUTH2_ENABLE_DEVICE_CODE_FLOW=false
+OAUTH2_ENABLE_CLIENT_CREDENTIALS_FLOW=false
+OAUTH2_ENABLE_AUTHORIZATION_CODE_FLOW=true
+OAUTH2_ENABLE_IMPLICIT_FLOW=false
+OAUTH2_ENABLE_PASSWORD_GRANT_FLOW=false
+OAUTH2_ENABLE_JWT_BEARER_FLOW=false
+OAUTH2_ENABLE_SAML_BEARER_FLOW=false
+OAUTH2_ENABLE_OIDC_FLOW=true
+OAUTH2_ENABLE_CUSTOM_GRANT_FLOW=false
+OAUTH2_CUSTOM_GRANT_TYPE_NAME=""
+OAUTH2_CUSTOM_GRANT_TYPE_HANDLER=""
+OAUTH2_CUSTOM_GRANT_TYPE_SCOPE=""
+OAUTH2_CUSTOM_GRANT_TYPE_AUDIENCE=""
+OAUTH2_CUSTOM_GRANT_TYPE_LIFETIME=3600
+OAUTH2_CUSTOM_GRANT_TYPE_EXTRA_CLAIMS=""
+OAUTH2_CUSTOM_GRANT_TYPE_TOKEN_TYPE="Bearer"
+OAUTH2_CUSTOM_GRANT_TYPE_REFRESHABLE=true
+OAUTH2_CUSTOM_GRANT_TYPE_REVOKABLE=true
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_SIGNING_ALGORITHM="RS256"
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_SIGNING
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_ENCRYPTION_ALGORITHM=""
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_ENCRYPTION_METHOD=""
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_AUDIENCE=""
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_ISSUER=""
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_SUBJECT=""
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_EXPIRATION=3600
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_NOT_BEFORE=0
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_ISSUED_AT=0
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_ID=""
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_CLAIMS=""
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_HEADER=""
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_KEY_ID=""
+OAUTH2_CUSTOM_GRANT_TYPE_JWT_KEY=""

.github/workflows/.yml

@@ -0,0 +1,97 @@
+name: Create/Delete Branch for Pull Request
+
+on:
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - closed
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+
+jobs:
+  setup:
+    name: Setup
+    outputs:
+      branch: ${{ steps.branch_name.outputs.current_branch }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get branch name
+        id: branch_name
+        uses: tj-actions/branch-names@v8
+
+  create_neon_branch:
+    name: Create Neon Branch
+    outputs:
+      db_url: ${{ steps.create_neon_branch_encode.outputs.db_url }}
+      db_url_with_pooler: ${{ steps.create_neon_branch_encode.outputs.db_url_with_pooler }}
+    needs: setup
+    if: |
+      github.event_name == 'pull_request' && (
+      github.event.action == 'synchronize'
+      || github.event.action == 'opened'
+      || github.event.action == 'reopened')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get branch expiration date as an env variable (2 weeks from now)
+        id: get_expiration_date
+        run: echo "EXPIRES_AT=$(date -u --date '+14 days' +'%Y-%m-%dT%H:%M:%SZ')" >> "$GITHUB_ENV"
+      - name: Create Neon Branch
+        id: create_neon_branch
+        uses: neondatabase/create-branch-action@v6
+        with:
+          project_id: ${{ vars.NEON_PROJECT_ID }}
+          branch_name: preview/pr-${{ github.event.number }}-${{ needs.setup.outputs.branch }}
+          api_key: ${{ secrets.NEON_API_KEYAI_GATEWAY_API_KEY=vck_5EcqBoT7w6yTnBLkQS3kChwrAzE0umNQAi7pIDTRWhURQjst6H3OWqWA }}
+          expires_at: ${{ env.EXPIRES_AT }}
+
+# The step above creates a new Neon branch.
+# You may want to do something with the new branch, such as run migrations, run tests
+# on it, or send the connection details to a hosting platform environment.
+# The branch DATABASE_URL is available to you via:
+# "${{ steps.create_neon_branch.outputs.db_url_with_pooler }}".
+# It's important you don't log the DATABASE_URL as output as it contains a username and
+# password for your database.
+# For example, you can uncomment the lines below to run a database migration command:
+#      - name: Run Migrations
+#        run: npm run db:migrate
+#        env:
+#          # to use pooled connection
+#          DATABASE_URL: "${{ steps.create_neon_branch.outputs.db_url_with_pooler }}"
+#          # OR to use unpooled connection
+#          # DATABASE_URL: "${{ steps.create_neon_branch.outputs.db_url }}"
+
+# Following the step above, which runs database migrations, you may want to check
+# for schema changes in your database. We recommend using the following action to
+# post a comment to your pull request with the schema diff. For this action to work,
+# you also need to give permissions to the workflow job to be able to post comments
+# and read your repository contents. Add the following permissions to the workflow job:
+#
+# permissions:
+#   contents: read
+#   pull-requests: write
+#
+# You can also check out https://github.com/neondatabase/schema-diff-action for more
+# information on how to use the schema diff action.
+# You can uncomment the lines below to enable the schema diff action.
+#      - name: Post Schema Diff Comment to PR
+#        uses: neondatabase/schema-diff-action@v1
+#        with:
+#          project_id: ${{ vars.NEON_PROJECT_ID }}
+#          compare_branch: preview/pr-${{ github.event.number }}-${{ needs.setup.outputs.branch }}
+#          api_key: ${{ secrets.NEON_API_KEY }}
+
+  delete_neon_branch:
+    name: Delete Neon Branch
+    needs: setup
+    if: github.event_name == 'pull_request' && github.event.action == 'closed'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Delete Neon Branch
+        uses: neondatabase/delete-branch-action@v3
+        with:
+          project_id: ${{ vars.NEON_PROJECT_ID }}
+          branch: preview/pr-${{ github.event.number }}-${{ needs.setup.outputs.branch }}
+          api_key: ${{ secrets.NEON_API_KEY }}

.github/workflows/ci.yml

@@ -0,0 +1,40 @@
+name: CI
+
+on:
+  push:
+    branches: [ main, 'erp/*' ]
+  pull_request:
+
+jobs:
+  backend-tests:
+    runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres:15
+        env:
+          POSTGRES_USER: erp
+          POSTGRES_PASSWORD: erp_password
+          POSTGRES_DB: erp_test
+        ports: ['5432:5432']
+        options: >-
+          --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - name: Install backend deps
+        run: |
+          cd backend
+          npm ci
+      - name: Generate Prisma client & migrate
+        run: |
+          cd backend
+          npx prisma generate
+          npx prisma migrate deploy || true
+      - name: Run tests
+        run: |
+          cd backend
+          npm test