feat: Runtime configuration and Docker deployment improvements

Frontend: - Add runtime configuration service for deployment-time API URL injection - Create docker-entrypoint.sh to generate config.json from environment variables - Update ApiService, ApprovalService, and DocumentViewer to use RuntimeConfigService - Add APP_INITIALIZER to load runtime config before app starts Backend: - Fix init-blockchain.js to properly quote mnemonic phrases in .env file - Improve docker-entrypoint.sh with health checks and better error handling Docker: - Add API_BASE_URL environment variable to frontend container - Update docker-compose.yml with clear documentation for remote deployment - Reorganize .env.example with clear categories (REQUIRED FOR REMOTE, PRODUCTION, AUTO-GENERATED) Workflow fixes: - Fix DepartmentApproval interface to match backend schema - Fix stage transformation for 0-indexed stageOrder - Fix workflow list to show correct stage count from definition.stages Cleanup: - Move development artifacts to .trash directory - Remove root-level package.json (was only for utility scripts) - Add .trash/ to .gitignore
2026-02-08 18:44:05 -04:00
parent 2c10cd5662
commit d9de183e51
171 changed files with 10236 additions and 8386 deletions
--- a/.env.example
+++ b/.env.example
@@ -1,30 +1,70 @@
-# Blockchain Smart Contract Addresses
-# These will be populated after deploying contracts
+# ==============================================================================
+# Goa GEL Platform - Environment Configuration
+# ==============================================================================
+#
+# LOCAL DEV:  No config needed, just run: docker-compose up -d
+# REMOTE/VM:  Set the [REQUIRED FOR REMOTE] values below
+# PRODUCTION: Set ALL security values with strong passwords
+#
+# ==============================================================================
+
+
+# ==============================================================================
+# [REQUIRED FOR REMOTE] External Access URLs
+# ==============================================================================
+# Set these when deploying to a VM, server, or Kubernetes
+# These are the URLs that browsers/external clients use to reach your services
+
+# Public URL where the API is accessible (used by frontend in browser)
+# Examples: http://192.168.1.100:3001, https://api.goagel.gov.in
+API_BASE_URL=http://localhost:3001/api/v1
+
+# Allowed origins for CORS (frontend URL)
+# Examples: http://192.168.1.100:4200, https://goagel.gov.in
+CORS_ORIGIN=http://localhost:4200
+
+
+# ==============================================================================
+# [REQUIRED FOR PRODUCTION] Security Credentials
+# ==============================================================================
+# Change ALL of these for production - do not use defaults!
+
+# JWT secret (minimum 32 characters)
+# Generate: openssl rand -base64 32
+JWT_SECRET=dev_jwt_secret_change_in_production_min32chars
+
+# Database password
+DATABASE_PASSWORD=postgres_dev_password
+
+# MinIO storage credentials
+MINIO_ACCESS_KEY=minioadmin
+MINIO_SECRET_KEY=minio_dev_password
+
+# Blockscout explorer secret
+# Generate: openssl rand -base64 64
+BLOCKSCOUT_SECRET_KEY_BASE=RMgI4C1HSkxsEjdhtGMfwAHfyT6CKWXOgzCboJflfSm4jeAlic52io05KB6mqzc5
+
+
+# ==============================================================================
+# [AUTO-GENERATED] Blockchain Contract Addresses
+# ==============================================================================
+# Populated after deploying smart contracts: cd blockchain && npm run deploy
+
 CONTRACT_ADDRESS_LICENSE_NFT=
 CONTRACT_ADDRESS_APPROVAL_MANAGER=
 CONTRACT_ADDRESS_DEPARTMENT_REGISTRY=
 CONTRACT_ADDRESS_WORKFLOW_REGISTRY=
-
-# Platform Wallet Private Key
-# This will be generated during initial setup
 PLATFORM_WALLET_PRIVATE_KEY=

-# Database Configuration (optional overrides)
-# DATABASE_HOST=postgres
-# DATABASE_PORT=5432
-# DATABASE_NAME=goa_gel_platform
-# DATABASE_USER=postgres
-# DATABASE_PASSWORD=postgres_secure_password

-# Redis Configuration (optional overrides)
-# REDIS_HOST=redis
-# REDIS_PORT=6379
+# ==============================================================================
+# [OPTIONAL] Advanced Settings
+# ==============================================================================

-# MinIO Configuration (optional overrides)
-# MINIO_ENDPOINT=minio
-# MINIO_PORT=9000
-# MINIO_ACCESS_KEY=minioadmin
-# MINIO_SECRET_KEY=minioadmin_secure
+# NODE_ENV=production
+# FORCE_RESEED=false

-# JWT Secret (change in production)
-# JWT_SECRET=your-super-secure-jwt-secret-key-min-32-chars-long
+# External ports (if defaults conflict)
+# API_PORT=3001
+# FRONTEND_PORT=4200
+# BLOCKSCOUT_PORT=4000