# ============================================================================== # Maple Open Technologies - Production Infrastructure Configuration Template # ============================================================================== # # INSTRUCTIONS: # 1. Copy this file to .env: cp .env.template .env # 2. Replace all CHANGEME values with your actual infrastructure details # 3. Never commit .env to Git (it's in .gitignore) # 4. Keep .env file permissions secure: chmod 600 .env # # SECURITY WARNING: # This file will contain sensitive information including: # - IP addresses # - API tokens # - Passwords # - Join tokens # Treat it like a password file! # # ============================================================================== # ------------------------------------------------------------------------------ # DigitalOcean API Access # ------------------------------------------------------------------------------ # Get this from: https://cloud.digitalocean.com/account/api/tokens DIGITALOCEAN_TOKEN=CHANGEME # ------------------------------------------------------------------------------ # Infrastructure Region & VPC # ------------------------------------------------------------------------------ # Region where all resources are deployed (e.g., tor1, nyc1, sfo3) SWARM_REGION=CHANGEME # VPC Network name (usually default-[region], e.g., default-tor1) SWARM_VPC_NAME=CHANGEME # VPC Private network subnet in CIDR notation (e.g., 10.116.0.0/16) SWARM_VPC_SUBNET=CHANGEME # ------------------------------------------------------------------------------ # Docker Swarm - Manager Node # ------------------------------------------------------------------------------ SWARM_MANAGER_1_HOSTNAME=maplefile-swarm-manager-1-prod SWARM_MANAGER_1_PUBLIC_IP=CHANGEME SWARM_MANAGER_1_PRIVATE_IP=CHANGEME # ------------------------------------------------------------------------------ # Docker Swarm - Worker Nodes # ------------------------------------------------------------------------------ # Worker 1 SWARM_WORKER_1_HOSTNAME=maplefile-swarm-worker-1-prod SWARM_WORKER_1_PUBLIC_IP=CHANGEME SWARM_WORKER_1_PRIVATE_IP=CHANGEME # Worker 2 (Cassandra Node 1) SWARM_WORKER_2_HOSTNAME=maplefile-swarm-worker-2-prod SWARM_WORKER_2_PUBLIC_IP=CHANGEME SWARM_WORKER_2_PRIVATE_IP=CHANGEME # Worker 3 (Cassandra Node 2) SWARM_WORKER_3_HOSTNAME=maplefile-swarm-worker-3-prod SWARM_WORKER_3_PUBLIC_IP=CHANGEME SWARM_WORKER_3_PRIVATE_IP=CHANGEME # Worker 4 (Cassandra Node 3) SWARM_WORKER_4_HOSTNAME=maplefile-swarm-worker-4-prod SWARM_WORKER_4_PUBLIC_IP=CHANGEME SWARM_WORKER_4_PRIVATE_IP=CHANGEME # Worker 5 (Meilisearch - SHARED by all apps) SWARM_WORKER_5_HOSTNAME=maplefile-swarm-worker-5-prod SWARM_WORKER_5_PUBLIC_IP=CHANGEME SWARM_WORKER_5_PRIVATE_IP=CHANGEME # Worker 6 (MaplePress Backend + Backend Caddy) SWARM_WORKER_6_HOSTNAME=maplefile-swarm-worker-6-prod SWARM_WORKER_6_PUBLIC_IP=CHANGEME SWARM_WORKER_6_PRIVATE_IP=CHANGEME # Worker 7 (MaplePress Frontend + Frontend Caddy) SWARM_WORKER_7_HOSTNAME=maplefile-swarm-worker-7-prod SWARM_WORKER_7_PUBLIC_IP=CHANGEME SWARM_WORKER_7_PRIVATE_IP=CHANGEME # ------------------------------------------------------------------------------ # Docker Swarm - Cluster Configuration # ------------------------------------------------------------------------------ # Join token for adding new worker nodes # Get this from manager: docker swarm join-token worker -q SWARM_JOIN_TOKEN=CHANGEME # ============================================================================== # SHARED INFRASTRUCTURE (Used by ALL Apps) # ============================================================================== # ------------------------------------------------------------------------------ # Cassandra Configuration (3-node cluster) - SHARED # ------------------------------------------------------------------------------ # Cluster settings CASSANDRA_CLUSTER_NAME=CHANGEME CASSANDRA_DC=CHANGEME CASSANDRA_REPLICATION_FACTOR=3 # Node IPs (private IPs from workers 2, 3, 4) CASSANDRA_NODE_1_IP=CHANGEME CASSANDRA_NODE_2_IP=CHANGEME CASSANDRA_NODE_3_IP=CHANGEME # Connection settings CASSANDRA_CONTACT_POINTS=CHANGEME # Comma-separated: 10.116.0.4,10.116.0.5,10.116.0.6 CASSANDRA_CQL_PORT=9042 # ------------------------------------------------------------------------------ # Redis Configuration - SHARED # ------------------------------------------------------------------------------ # Generated in 03_redis.md setup guide REDIS_HOST=redis REDIS_PORT=6379 REDIS_PASSWORD=CHANGEME # ------------------------------------------------------------------------------ # Meilisearch Configuration - SHARED # ------------------------------------------------------------------------------ # Generated in 04_app_meilisearch.md setup guide MEILISEARCH_HOST=meilisearch MEILISEARCH_PORT=7700 MEILISEARCH_MASTER_KEY=CHANGEME MEILISEARCH_URL=http://meilisearch:7700 # ------------------------------------------------------------------------------ # DigitalOcean Spaces (S3-Compatible Object Storage) - SHARED # ------------------------------------------------------------------------------ # Generated in 04.5_spaces.md setup guide # Access keys from DigitalOcean dashboard: API → Spaces access keys # Note: Each app can have its own bucket, but shares the same access keys SPACES_ACCESS_KEY=CHANGEME SPACES_SECRET_KEY=CHANGEME SPACES_ENDPOINT=CHANGEME # e.g., nyc3.digitaloceanspaces.com SPACES_REGION=CHANGEME # e.g., nyc3, sfo3, sgp1 # ============================================================================== # MAPLEPRESS APPLICATION # ============================================================================== # ------------------------------------------------------------------------------ # MaplePress Backend Configuration # ------------------------------------------------------------------------------ # Generated in 05_backend.md setup guide # Domain for backend API MAPLEPRESS_BACKEND_DOMAIN=getmaplepress.ca # Spaces bucket (app-specific) MAPLEPRESS_SPACES_BUCKET=maplepress-prod # JWT Secret (generated via: openssl rand -base64 64 | tr -d '\n') # Stored as Docker secret: maplepress_jwt_secret MAPLEPRESS_JWT_SECRET=CHANGEME # IP Encryption Key (generated via: openssl rand -hex 16) # Stored as Docker secret: maplepress_ip_encryption_key MAPLEPRESS_IP_ENCRYPTION_KEY=CHANGEME # ------------------------------------------------------------------------------ # MaplePress Frontend Configuration # ------------------------------------------------------------------------------ # Configured in 07_frontend.md setup guide # Domain for frontend MAPLEPRESS_FRONTEND_DOMAIN=getmaplepress.com # API endpoint (backend URL) MAPLEPRESS_FRONTEND_API_URL=https://getmaplepress.ca # ============================================================================== # MAPLEFILE APPLICATION (Future) # ============================================================================== # ------------------------------------------------------------------------------ # MapleFile Backend Configuration (Future) # ------------------------------------------------------------------------------ # MAPLEFILE_BACKEND_DOMAIN=maplefile.ca # MAPLEFILE_SPACES_BUCKET=maplefile-prod # MAPLEFILE_JWT_SECRET=CHANGEME # MAPLEFILE_IP_ENCRYPTION_KEY=CHANGEME # ------------------------------------------------------------------------------ # MapleFile Frontend Configuration (Future) # ------------------------------------------------------------------------------ # MAPLEFILE_FRONTEND_DOMAIN=maplefile.com # MAPLEFILE_FRONTEND_API_URL=https://maplefile.ca # ============================================================================== # END OF CONFIGURATION # ==============================================================================