Initial commit: Open sourcing all of the Maple Open Technologies code.

cloud/infrastructure/production/.env.template

@@ -0,0 +1,195 @@
+# ==============================================================================
+# Maple Open Technologies - Production Infrastructure Configuration Template
+# ==============================================================================
+#
+# INSTRUCTIONS:
+# 1. Copy this file to .env:     cp .env.template .env
+# 2. Replace all CHANGEME values with your actual infrastructure details
+# 3. Never commit .env to Git (it's in .gitignore)
+# 4. Keep .env file permissions secure:   chmod 600 .env
+#
+# SECURITY WARNING:
+# This file will contain sensitive information including:
+# - IP addresses
+# - API tokens
+# - Passwords
+# - Join tokens
+# Treat it like a password file!
+#
+# ==============================================================================
+
+# ------------------------------------------------------------------------------
+# DigitalOcean API Access
+# ------------------------------------------------------------------------------
+# Get this from: https://cloud.digitalocean.com/account/api/tokens
+DIGITALOCEAN_TOKEN=CHANGEME
+
+# ------------------------------------------------------------------------------
+# Infrastructure Region & VPC
+# ------------------------------------------------------------------------------
+# Region where all resources are deployed (e.g., tor1, nyc1, sfo3)
+SWARM_REGION=CHANGEME
+
+# VPC Network name (usually default-[region], e.g., default-tor1)
+SWARM_VPC_NAME=CHANGEME
+
+# VPC Private network subnet in CIDR notation (e.g., 10.116.0.0/16)
+SWARM_VPC_SUBNET=CHANGEME
+
+# ------------------------------------------------------------------------------
+# Docker Swarm - Manager Node
+# ------------------------------------------------------------------------------
+SWARM_MANAGER_1_HOSTNAME=maplefile-swarm-manager-1-prod
+SWARM_MANAGER_1_PUBLIC_IP=CHANGEME
+SWARM_MANAGER_1_PRIVATE_IP=CHANGEME
+
+# ------------------------------------------------------------------------------
+# Docker Swarm - Worker Nodes
+# ------------------------------------------------------------------------------
+# Worker 1
+SWARM_WORKER_1_HOSTNAME=maplefile-swarm-worker-1-prod
+SWARM_WORKER_1_PUBLIC_IP=CHANGEME
+SWARM_WORKER_1_PRIVATE_IP=CHANGEME
+
+# Worker 2 (Cassandra Node 1)
+SWARM_WORKER_2_HOSTNAME=maplefile-swarm-worker-2-prod
+SWARM_WORKER_2_PUBLIC_IP=CHANGEME
+SWARM_WORKER_2_PRIVATE_IP=CHANGEME
+
+# Worker 3 (Cassandra Node 2)
+SWARM_WORKER_3_HOSTNAME=maplefile-swarm-worker-3-prod
+SWARM_WORKER_3_PUBLIC_IP=CHANGEME
+SWARM_WORKER_3_PRIVATE_IP=CHANGEME
+
+# Worker 4 (Cassandra Node 3)
+SWARM_WORKER_4_HOSTNAME=maplefile-swarm-worker-4-prod
+SWARM_WORKER_4_PUBLIC_IP=CHANGEME
+SWARM_WORKER_4_PRIVATE_IP=CHANGEME
+
+# Worker 5 (Meilisearch - SHARED by all apps)
+SWARM_WORKER_5_HOSTNAME=maplefile-swarm-worker-5-prod
+SWARM_WORKER_5_PUBLIC_IP=CHANGEME
+SWARM_WORKER_5_PRIVATE_IP=CHANGEME
+
+# Worker 6 (MaplePress Backend + Backend Caddy)
+SWARM_WORKER_6_HOSTNAME=maplefile-swarm-worker-6-prod
+SWARM_WORKER_6_PUBLIC_IP=CHANGEME
+SWARM_WORKER_6_PRIVATE_IP=CHANGEME
+
+# Worker 7 (MaplePress Frontend + Frontend Caddy)
+SWARM_WORKER_7_HOSTNAME=maplefile-swarm-worker-7-prod
+SWARM_WORKER_7_PUBLIC_IP=CHANGEME
+SWARM_WORKER_7_PRIVATE_IP=CHANGEME
+
+# ------------------------------------------------------------------------------
+# Docker Swarm - Cluster Configuration
+# ------------------------------------------------------------------------------
+# Join token for adding new worker nodes
+# Get this from manager: docker swarm join-token worker -q
+SWARM_JOIN_TOKEN=CHANGEME
+
+# ==============================================================================
+# SHARED INFRASTRUCTURE (Used by ALL Apps)
+# ==============================================================================
+
+# ------------------------------------------------------------------------------
+# Cassandra Configuration (3-node cluster) - SHARED
+# ------------------------------------------------------------------------------
+# Cluster settings
+CASSANDRA_CLUSTER_NAME=CHANGEME
+CASSANDRA_DC=CHANGEME
+CASSANDRA_REPLICATION_FACTOR=3
+
+# Node IPs (private IPs from workers 2, 3, 4)
+CASSANDRA_NODE_1_IP=CHANGEME
+CASSANDRA_NODE_2_IP=CHANGEME
+CASSANDRA_NODE_3_IP=CHANGEME
+
+# Connection settings
+CASSANDRA_CONTACT_POINTS=CHANGEME  # Comma-separated: 10.116.0.4,10.116.0.5,10.116.0.6
+CASSANDRA_CQL_PORT=9042
+
+# ------------------------------------------------------------------------------
+# Redis Configuration - SHARED
+# ------------------------------------------------------------------------------
+# Generated in 03_redis.md setup guide
+REDIS_HOST=redis
+REDIS_PORT=6379
+REDIS_PASSWORD=CHANGEME
+
+# ------------------------------------------------------------------------------
+# Meilisearch Configuration - SHARED
+# ------------------------------------------------------------------------------
+# Generated in 04_app_meilisearch.md setup guide
+MEILISEARCH_HOST=meilisearch
+MEILISEARCH_PORT=7700
+MEILISEARCH_MASTER_KEY=CHANGEME
+MEILISEARCH_URL=http://meilisearch:7700
+
+# ------------------------------------------------------------------------------
+# DigitalOcean Spaces (S3-Compatible Object Storage) - SHARED
+# ------------------------------------------------------------------------------
+# Generated in 04.5_spaces.md setup guide
+# Access keys from DigitalOcean dashboard: API → Spaces access keys
+# Note: Each app can have its own bucket, but shares the same access keys
+SPACES_ACCESS_KEY=CHANGEME
+SPACES_SECRET_KEY=CHANGEME
+SPACES_ENDPOINT=CHANGEME  # e.g., nyc3.digitaloceanspaces.com
+SPACES_REGION=CHANGEME    # e.g., nyc3, sfo3, sgp1
+
+# ==============================================================================
+# MAPLEPRESS APPLICATION
+# ==============================================================================
+
+# ------------------------------------------------------------------------------
+# MaplePress Backend Configuration
+# ------------------------------------------------------------------------------
+# Generated in 05_backend.md setup guide
+
+# Domain for backend API
+MAPLEPRESS_BACKEND_DOMAIN=getmaplepress.ca
+
+# Spaces bucket (app-specific)
+MAPLEPRESS_SPACES_BUCKET=maplepress-prod
+
+# JWT Secret (generated via: openssl rand -base64 64 | tr -d '\n')
+# Stored as Docker secret: maplepress_jwt_secret
+MAPLEPRESS_JWT_SECRET=CHANGEME
+
+# IP Encryption Key (generated via: openssl rand -hex 16)
+# Stored as Docker secret: maplepress_ip_encryption_key
+MAPLEPRESS_IP_ENCRYPTION_KEY=CHANGEME
+
+# ------------------------------------------------------------------------------
+# MaplePress Frontend Configuration
+# ------------------------------------------------------------------------------
+# Configured in 07_frontend.md setup guide
+
+# Domain for frontend
+MAPLEPRESS_FRONTEND_DOMAIN=getmaplepress.com
+
+# API endpoint (backend URL)
+MAPLEPRESS_FRONTEND_API_URL=https://getmaplepress.ca
+
+# ==============================================================================
+# MAPLEFILE APPLICATION (Future)
+# ==============================================================================
+
+# ------------------------------------------------------------------------------
+# MapleFile Backend Configuration (Future)
+# ------------------------------------------------------------------------------
+# MAPLEFILE_BACKEND_DOMAIN=maplefile.ca
+# MAPLEFILE_SPACES_BUCKET=maplefile-prod
+# MAPLEFILE_JWT_SECRET=CHANGEME
+# MAPLEFILE_IP_ENCRYPTION_KEY=CHANGEME
+
+# ------------------------------------------------------------------------------
+# MapleFile Frontend Configuration (Future)
+# ------------------------------------------------------------------------------
+# MAPLEFILE_FRONTEND_DOMAIN=maplefile.com
+# MAPLEFILE_FRONTEND_API_URL=https://maplefile.ca
+
+
+# ==============================================================================
+# END OF CONFIGURATION
+# ==============================================================================